I mean, to put this another way, the kernel devs are arguing that they should knowingly lie about the impact of bugs.
People are asking you to stop lying. How could anyone argue that this is a bad position?
If people incorrectly think that Linux is safer than it is, then it will get used in more places; people will depend on it to keep them safe when, if the devs were being truthful, they wouldn't. This is an advantage to the Linux devs, increased job security, with a direct disadvantage to the people being lied to.
Lying to take advantage of people is wrong, full stop. In this context, in the modern world, they could die because of this deception. Short of actively inserting vulnerabilities themselves, there is probably nothing more ethically wrong that any coder could do.
That's all that's being asked here: stop lying. Nothing more. Stop actively hiding the impact of your bugs. You don't have to go out of your way to figure out what those impacts are, but if you KNOW a bug is security related, tell the truth.
People are asking you to tell the truth, and you guys are shouting "NO FUCKING WAY!"
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds