hope you are also blacklisting google's project zero, and practically every other major player in the vulnerability reporting space, as all use roughly the same bog standard 90+30 policy.

this was a failure of the kernel security team, and their stance on communicating security issues with their downstreams.

What are they blacklisted from exactly? The benefit you get from them forcing vendors to make their software more secure?

Same. They do become famous, but not in a wholly positive way.

Researchers are under no obligation to engage in coordinated disclosure and are free to sell 0day for profit. Just fyi. Be glad it was disclosed at all. Be glad a patch was available prior to release.

Yes, exactly. Name and shame.

Same. I did not know who they were, but now they have been named and shamed. Not every publicity is good.