A previous article proposed a model for when disclosure helps or hurts security, and provided reasons why computer security is often different in this respect than physical security. This paper provides a general approach for describing the incentives of actors to disclose about their software...