Comment by mrleinad
4 years ago
You misunderstood me. I said the ones who tried to "see if the bugs would be detected or not in new submitted patches" are the lazy ones who instead of analyzing the existing code and existing bugs, attempted to submit new ones. Actually working on analyzing existing data would require more work than they were willing to do for their paper.
They had no intent to find vulnerability in the code they intended to find/proof vulnerability in the review process, totally different things.
They could do that by using all the existing patches and reported bugs already in the codebase. But that would've required them to work more than if they submitted new code with new bugs. They chose to effectively waste other people's time instead of putting in the work needed to obtain the analysis they wanted.
You are misinformed. They did use existing bugs they did wrote real patches for it and then submitted a flawed patch first and the real patch after the review was "successful". There is very little additional review needed because obviously the real patch and the flawed are almost identical. Plus the reviewer could actually profit from this. Its only a waste of time because their ego was hurt and they simply decide to throw away all the actual useful work.
Your suggested "wrongdoing by being lazy" is completely made-up nonsense.