Comment by jnxx
4 years ago
I feel somewhat similar. Since I am using Linux, they ultimately were trying to break the security of my computers. If I do that with any company without their consent, I can easily end up in jail.
4 years ago
I feel somewhat similar. Since I am using Linux, they ultimately were trying to break the security of my computers. If I do that with any company without their consent, I can easily end up in jail.
It's more than that, if there is no consequences for this kind of action, we are going to get a wave of "security researcher" wannabes trying to pull similar bullshit.
Ps: I have put security researcher in quotes because this kind of thing is not security research, it's a publicity stunt.
>they ultimately were trying to break the security of my computers.
No they weren't. They made sure the bad code never made it in. They are only guilty of wasting peoples time.
Except, from that email chain, it turns out that some of the bad code did make it into the stable branch. Clearly, they weren't keeping very close tabs on their bad code's progress through the system.
At minimum, the argument could be made that they were grossly negligent in how they conducted the experiment.
How dare they highlight the vulnerability that exists in the process! The blasphemy!
How about you think about what they just proved, about the actors that *actually* try to break the security of the kernel.