Comment by NotEvil
4 years ago
Because of the nature of the research an argument can be made that it was like a bug bounty (not defending them just putting my argument) but they should have come clean when the patched was merged and told the community about the research or at least submitted the right patch.
Intentionally having bugs in kernel only you know about is very bad.
The primary difference being the organization being tested explicitly sets up a bug bounty with terms, as opposed to this.
I'll take People Who Don't Understand Consent for $400, Alex.
This is the rare HN joke that not only is hilarious, but susinctly makes the core point that is being disagreed about clear
This is a disturbingly frequent thing occurrence here.