Comment by WrtCdEvrydy
4 years ago
> A real malicious actor
They introduced a real vulnerability in a codebase that lowers world-wide cybersecurity used by billions so they could jerk themselves off over a research paper.
They are a real malicious actor and I hope they hit by the CFAA.
There is a specific subsection of the CFAA that applies to this situation (deployment of unauthorized code that makes its way into non consenting systems).
This was a bold and unwise exercise, especially if you’re an academic in country on a revocable visa who participated.
Others would call it stupid to submit the patches and it would be fine if there were further consequences to deter others.
Was attempting politeness. You’re not wrong.