Re: Place your bets...
It's worth remembering that this "Volunteer organisation" is maintaining code used to run the server (and other) infrastructure of many of the largest corporations and government departments in the world. It's also likely used in most of the hardware providing internet and network connectivity to those companies and consumers. It's important that good security practices are used, and that those practices are tested.
It's not good enough to only accept submissions from certain email domains. You don't know if the servers running email on those domains have been compromised in any way. You might think you are getting good code from john.smith@ibm.com, but john.smith@ibm.com might be some hacker from some country that has a major grievance with you..
Is this experiment ethical? I don't know. It's certainly not good for the people conducting the experiment to offend the test subjects.
However, I think the reaction is over the top and slightly concerning. Yes, the changes introduced were relatively harmless, so the maintainers probably do feel their time was wasted. However, one, or more of the changes could have been malicious. Checking code for security reasons is, IMO, never a waste of time even if you find no security issues.
Biting the hand that feeds IT
