You probably have a point - that is, attacking something well-intentioned might be counterproductive, in general, even if that something were useless in practice.
However, problems with OIN exist (why the **** do they cover only the client library of MySQL???), as pointed out also in this part  of the current comment thread (which I maybe previously missed).
As he points out here , the companies which decide what is part of "the Linux system" could freely exclude a product from protection if it were a competitor. Say, IBM could exclude MySQL from protection because it is a treat to DB2. I believe that it want, if there's no policy change - but we know that's an unreliable guarantee.
You know, a seat belt which does not do its job 100% of times is not that useful - it tries to help, but maybe he does more harm than good because it makes you feel safe while you shouldn't. Possibly, same with OIN.