We're talking about a breach of a major distribution. It's the job of someone in charge to do the analysis, not every single end user. To them, it is easy.
And I'm talking about looking at a 20 byte function; you could figure it out if you wanted.
Read my analogy again (despite it's flaws). It isn't mainline kernel development has been breached. It is more like *Ubuntu accidentally set `APT::Get::AllowUnauthenticated "true";` and then thousands of users upgraded from a tainted mirror[1]. Regardless of how you lay blame, Canonical would have a responsibility to undo that action.
[1] I don't use Ubuntu so maybe it doesn't fully apply here. On Arch using pacman, the list of mirrors/caches is mostly commented out so that people can choose their own. They are "trustworthy" essentially until they're not, but we have signature checking to fall back on. In the physical world we don't have this, thus the setup of my (again, flawed) analogy.
Any more involved than that and it's missing the spirit of what I was trying to say, but I admit that the disassembler response made me chuckle.
I'm not sure what your objection is to my post. If Ubuntu sets AllowUnauthenticated, then it's Ubuntu's job to check the server logs and at least attempt to analyze what the kernel module actually does. If they find out it's two lines of code and is completely harmless, they can tell all their users that.
The point is that you're using 'binary blob' to sound scarier than it is. With a statue there's no reason to fear it (for reasons explained in other posts). With an image displayer an expert can poke it and then announce there's no reason to fear it.
You're telling me I should be ready to wipe my disks then and there, even though it's just an image displayer, but that's an overreaction. Your analogy just strengthens the point that the park shouldn't panic.
And I'm talking about looking at a 20 byte function; you could figure it out if you wanted.