> You do not submit a patch for the Linux kernel. Instead, an exploit is released, with a lot of fanfare indeed.
wow, lots of accusations there. let's see.
first of all, i didn't release let alone write this exploit, spender did, so you'll have to take that up with him, not me.
second, since you're seemingly unfamiliar with the Linux kernel development process, let me explain the situation briefly. your first task is to read Documentation/SubmittingPatches which is a file in the kernel source tree. in there you will find something called the Developer's Certificate of Origin (in section 12 as of .31). careful reading will reveal the following bits:
| then you just add a line saying
| Signed-off-by: Random J Developer <email@example.com>
| using your real name (sorry, no pseudonyms or anonymous contributions.)
notice that anonymous contributions are explicitly not allowed (those words were actually added because of a patch of mine a few years ago). so there is the answer to your accusation.
> Selectively quoting Linus about the greatness of shame is not going to convince people that it is Linux security you are after.
why was that selective again? but more to the point, it seemingly works and makes people take a second look and tell something closer to the truth in turn. that can only be good for security, or do you believe that covering up security bugs is better?
> In fact, I am not even so convinced anymore that you are just plugging your own software at the expense of someone else's.
did you even read what i responded to? it was a suggestion about releasing our own security fixes as an alternative to the so-called 'stable' series (apparently that implies neither timely nor honest). obviously when we've already done that work for many years now, i'll not withhold the fact. as for the expense part, it sounds like as if you didn't like the taste of your own medicine.