Okay, and?
The root CAUSE is still the unethical study.
Linux kernel maintainers are, imo, doing the right thing giving UMN the stink-eye, based on the org's past history.
Conversation
You may think it's justified, but it doesn't change that they're spreading misinformation, being dishonest and harming the reputation of the project.
An unethical study doesn't justify further and more drastic unethical behavior. Their ~4 test patches hardly caused actual harm.
2
1
"This patch looks like the nonsense UMN tried to land before" isn't spreading misinformation, though.
And it's not dishonest, if the patch isn't up to snuff (which apparently the few recent ones weren't).
And auditing work coming from UMN after UMN was naughty isn't unethical.
2
It is nonsense. They didn't submit those patches from university email addresses. It doesn't look like them. The behavior isn't the same, since in each of those threads they quickly questioned why the patch had been approved.
That's also not the extent of what is being done.
1
So you're saying they should trust patches from UMN addresses now because the unethical-originated patches were submitted using disguised addresses????
1
They never did anything maliciously and didn't cause more harm than wasting a tiny amount of time. The patches should be judged on their merits, like anything else.
They could simply start submitting their ongoing patches from Gmail addresses to bypass collective punishments.
1
The NATURE of the study was inherently malicious.
It's goal was to erode trust in the Linux kernel and kernel developers in a public way.
Obviously, for you, based on what you say you do professionally now, that's useful.
For me it's not.
1
I'm not sure how trying to demonstrate problems with the kernel is malicious. It's clearly an effort to improve the kernel alongside their other projects. They saw a problem and wanted to draw attention to it in order to get it fixed.
2
How does this study's result improve the quality of code in the kernel?
Be specific.
How can the problem be fixed?
1
And what new attention have they brought to the problem that wasn't already there?
1
They've brought attention to these serious systemic issues to a lot of people outside of the information security bubble.
It's definitely not something that's widely known, agreed upon and security researchers, etc. largely aren't the people with the power to make things better.