Re: Dumb Question : If I found a security flaw with a major bitcoin company ..
2 - You didn't find that link directly on Google, you found someone that was scraping or whatever then linking to it, show me that screenshot of where you found it because I'm willing to bet you found it on a scraper using the allintext operator.
Just go to page 2 of google and search for "https://instawallet.org/w/xoZ1YqOtD6ycsyk1DaiNelUAbOhagbT0g" and you will see it: https://www.google.dk/#q=allintext:instawallet.org/w/&hl=da&start=10(how do you think google found "your" links vs how google found "my" links?)
=== The link in Google that you showed me didn't show any instawallet addresses, however they did show a bunch of pastebin crap with instawallet URL's in there (including the one you displayed above), it's not the same thing, not even close. Those URL's didn't come from Instawallet in Google's index, they came from pastebin
3 - Someone trusts their bitcoins to instawallet, and instawallet's structure allows someone to steal those coins, how is that not a security problem? Please enlighten me.
omfg - instawallet url = private key = "username + password". Give me your hotmail username and password and I can "hack hotmail" 
=== In this case you're saying "I want your username and password" instead I just want to google your e-mail address and automatically log into your account. I don't want your username and password, in your example google has the username and passwords included in the click though url.