I trust them more than you and more than anyone attempting to commit hypocrite patches to the Linux kernel.
lore.kernel.org/linux-nfs/YH+z
Conversation
Again, the patches involved in that study were submitted from Gmail addresses. The study is a past event. You're linking a recent patch from a student not involved in it. It's misinformation and is dishonest. It is making Linux look increasingly bad in this situation, not better.
2
1
The "past event" taints everything going forward and for obvious good reason.
1
Kernel maintainers being consistently dishonest taints the project. Misrepresenting what happened and making unjustified accusations against good faith contributions from students isn't a good look.
Slandering students there for something they didn't do really doesn't look good.
2
1
Saying the student submitted a do-nothing patch (at best) isn't slander
1
Huge difference between stating that you think the study was unethical (I fully agree) and attacking students that weren't involved in it and who have engaged in making substantial good faith and usually helpful contributions as part of these efforts.
1
2
Criticizing the study for unethical human experimentation makes sense. Attacking these students and spreading misinformation in a misguided attempt to defend the kernel's reputation is worse than what the study actually did. Kernel maintainers did most of the harm themselves...
1
2
I think their unethical study demonstrated something important and useful. Maybe I'll fund similar work. Maybe we won't tell them we did it like they did in this study. If that's a problem, well, that's the point. It's clear to a lot of us it's unworkable, but to most it isn't.
1
1
"I should do that unethical thing those guys did" isn't helping me see you or your argument in a better light.
1
It's not a literal statement. It's an explanation of why this is a problem. Depending on trusting that everyone in the world won't do this is a problem. The study was unethical, not malicious. Plenty of people have malicious intent. Someone could do it simply as trolling...
It's a problem because the kernel is really complicated code written in a really unsafe language.
Making the problem harder doesn't help anyone.
"It's possible to submit malicious code to open source projects" isn't a revelation by any metric.
1
1
It being possible to submit code is a lot different than it being possible to land malicious code.
The kernel being entirely written in a very unsafe language is part of the problem. That doesn't imply being able to so easily succeed in landing vulnerabilities in a project.
1
1
Show replies
I also don't think what they did is inherently unethical if they weren't as sloppy and were smarter about how they did it.
What's unethical is using random low-level maintainers as test subjects for a study and making those people look bad when the issues are systemic problems.
1
Yeah, no.
Wasting people's time on "research" that at the end of the day is nothing but a prank is inherently unethical.