At the conference, [Jon King] talked about vulnerabilities in Medeco locks and presented his ... have no perceived obligation to patch their install base… even if they’ve known it was broken ...