Whether it was botched or not (from the position of this article) is based on whether you think it was important that FreeBSD have been notified ahead of time. Obviously the FreeBSD devs think they should have been notified. Since this basically affects everyone that runs x86 code, and not everyone could be notified ahead of time and still keep any form of secrecy, some groups will need to be notified and others not.
I think a case can be made that as operating systems go, FreeBSD is at a much lower threat level than Linux, MacOS/iOS, Windows (i.e. desktops that run unvetted code) and the VPS platforms that run host operating systems that need to worry about guests breaking isolation (Google, Amazon, others).
Given all that, while it wasn't done perfectly (it was leaked a few days early and some cloud providers had little warning, especially Joyent which also runs a different OS), I'm not sure I would call it botched entirely since it is also likely the largest exploit in history. Others disagree with some or all of this.
I read somewhere (didn't verify, wasn't obviously substantiated) that the OpenBSD folks were beside themselves with anger, and that in turn others shot back that they had demonstrated a very poor track record with respecting embargoes in the past and had let slip “seven of the last five” major vulnerabilities they had been pre-warned of.
I think a case can be made that as operating systems go, FreeBSD is at a much lower threat level than Linux, MacOS/iOS, Windows (i.e. desktops that run unvetted code) and the VPS platforms that run host operating systems that need to worry about guests breaking isolation (Google, Amazon, others).
Given all that, while it wasn't done perfectly (it was leaked a few days early and some cloud providers had little warning, especially Joyent which also runs a different OS), I'm not sure I would call it botched entirely since it is also likely the largest exploit in history. Others disagree with some or all of this.