Compared to what a fully malicious group could have done, this is quite benign. They published the list of email addresses that they used to make the commits and announced what they’d done. They also weren’t trying to introduce any actual vulnerabilities. Even though I don’t agree with the way they did it (especially not telling anyone first), hopefully the fact that they managed to do this will act as a wake up call for the Linux kernel (and other open source projects).
I feel like the fact that a handful of students could cause so much trouble kind of proves the point they were making
Ruining a good system to show that it could theoretically be ruined.
Compared to what a fully malicious group could have done, this is quite benign. They published the list of email addresses that they used to make the commits and announced what they’d done. They also weren’t trying to introduce any actual vulnerabilities. Even though I don’t agree with the way they did it (especially not telling anyone first), hopefully the fact that they managed to do this will act as a wake up call for the Linux kernel (and other open source projects).
Based on what I read, they tries to introduce vulnerabilities, but the code was accidentally correct. Which is quite funny.
Nobody listens otherwise. Source: I work in “enterprise” IT.