Academic security research is constitutionally bad because academia as an environment selects people with a “hacker mentality” out at the freshman stage.
It’s inherently biased towards rule-followers. That’s not a bad thing, but it means it’s bad at some things. Such as computer security research.