You say, "go directly to the companies that actually have a reward program in place" while Ramses says, "when you work for a company that serves more than 800 million people every month, you take network and user security very seriously." Ramses would probably prefer you not to discourage vulnerability reporting in the way that you have. But more importantly, his tone is entirely different. He doesn't mention the term "entitled" once, and he doesn't imply that the original report was somehow deficient.
I said "If you are looking to make a living off of finding bugs, go directly to the companies that actually have a reward program in place." which is a little different. I encourage reporting bugs at any capacity. If your motives are aligned differently, then why would someone get mad at not receiving what they think they should be getting? My tone is different because I am expressing my opinion on how there seems to be a sense of entitlement out there lately - at least that is how I perceive it. I don't want to discourage the reporting aspect, I want to discourage the way people are behaving when their bug report doesn't meet certain standards, or where even a thank you rubs them the wrong way.
