Hm, I don’t really see the sneer. They wrote a nasty bug, got notified and had a patch out for it within 36h. The remediations look reasonable too: better privacy, less firebase, actual security audits; even the bounty program is probably the right call (but they result in so many shit reports, it’s probably a wash).
I gotta admit I’m kind of partial to them and their browser? It’s the non-Brave one that ships with an Adblocker by default, has much nicer UI than the existing ones, and the sync thing isn’t half bad (if it doesn’t sync security badness to all your instances, ouch). Sure they sound like a cult but I guess that’s how browser dev gets funded since the 1990s.
Cold fusion only needs another 10 years to bake, but then it’ll be awesome.