Don't people get paid to look for security vulnerabilities in pretty much any engineering field? There are people who work full-time on thinking up ways that a terrorist could potentially rig a chemical plant to release deadly gases, for example.
Would you feel more comfortable if a few smart people figured out the same things and didn't tell anyone about it, but instead used it for profit or to cause harm to innocent people?
