They've said on numerous occasions that this is never going to happen. It just encourages witch-hunts by overzealous fans and gives people a bad impression of the company. If you suspect that a site is nulled, then just report it and move on - it's not your job or responsibility to be IPS' copyright police - they have people for that.
No forum has this feature. They can subscribe people to all new topics, but not once have I ever seen a forum that allows you to force subscribe individuals to every single reply. Mostly because that's a fast track to a Spamhaus listing.
This is the sort of thing best left to hooks, not the base product.
Just don't be surprised if the price goes up. Astronomically. To do video chat, you'd need server infrastructure running Flash Media Server or similar (at hideous expense) and the bandwidth use would be MASSIVE.
For what it's worth, I eventually gave up on this feature and have New Relic monitor the content instead. But it still would be good to have this feature working for those who don't want to pay $100/mo per server for monitoring.
I really don't see the problem with providing access. It's very easy to create an FTP and ACP user with no direct access to harmful tools or directories - on my own server, the (usually disabled) IPS Support account can only access and modify files in the IP.Board root directory (I'm too lazy to work out how to root the FTP access to a specific directory in IIS FTP) and only from a very limited pool of IPs to ensure that even if the details are disclosed, they are useless to any other user. In the ACP, the account is also usually disabled as well to ensure that the ACP details are useless if compromised too.
You're essentially asking them to fix your issue with both hands tied behind their back. The fact that they try and help you at all under those circumstances is nothing short of miraculous - with most of the enterprise vendors I have to work with, if the answer to "let's do a WebEx and we'll look at your system" is "no", then they simply outright refuse support. Just to point out as well, according to the standards of service (Terms of Sale) IPS has the right to refuse support if you won't provide access as well.
Well, for a start, companies like Google and Mozilla do not actually pay for bugs - they pay a bounty on critical security flaws - and we have no evidence to suggest that IPS does or does not pay a bounty on those privately. It's entirely possible that they do, but don't make a big deal about it.
But pay for bugs? Won't happen. Ever. No company pays for bugs.
The way you describe it is how Kayako at least does this, and I much prefer it this way (little niggles like this are why I disable the support functionality in Nexus).
Mark, ideally the way it'll work is that the department itself has an incoming and outgoing email. When the ticket is replied to by a staff member, then the email comes from the outbound email address of the department the ticket is currently assigned to. When a ticket reply is received via email from the customer, it is appended to the existing ticket (the email it is sent to is actually ignored). I haven't tested recently, but I think that if the ticket is closed then it simply creates a new ticket.