This is a fine line now. Personally if a given end user owns the system in question and is breaking no laws by disabling a feature which is now being used against them by in this case Supra I would have no problem telling them how to defeat it, if I knew, provided I also knew all of the preceding to be true. I would explain to them (the end user) the extent to which disabling said feature would weaken their (the end users) security if in fact it would at all. If disabling the feature in question would render the system so weak as to be practically useless then I might have a problem with disseminating the information but if that were the case the whole point would likely be moot since the result to the end user would be essentially the same as scrapping the system and using nothing. That really isn't the case here though. I can think of many instances in which security is intentionally weakened for added convenience. It's done all the time.