[conspire] (forw) [Felton LUG] University Banned From Contributing To Linux Kernel For Intentionally Inserting Bugs - Phoronix

Rick Moen rick at linuxmafia.com
Mon Apr 26 14:18:24 PDT 2021 

Money shot:

   Greg Kroah-Hartman has banned a US university from trying to mainline
   Linux kernel patches over intentionally submitting questionable code
   with security implications and other "experiments" in the name of
   research. 

   Stemming from this research paper where researchers from the University
   of Minnesota intentionally worked to stealthy introduce vulnerabilities
   into the mainline Linux kernel. They intentionally introduced
   use-after-free bugs into the kernel covertly for their research paper. 

   But even after this paper, there has been a new round of patches from
   University of Minnesota researchers that claim to come from "a new
   static analyzer" but without any real value to the patches. These new,
   questionable patches don't appear to have any real value -- for good or
   bad -- and at the very least are just wasting time by upstream
   developers. This has led Greg to calling them out and "banning" them
   from trying to contribute to the Linux kernel in the future. 

The ban appears to be aimed specifically at one Aditya Pakki
<pakki001 at umn.edu> , and by implication collaborators Qiushi Wu and
Kangjie Lu, the authors of the cheeky research paper "On the Feasibility
of Stealthily Introducing Vulnerabilities in Open-Source Software via
hypocrite Commits".  

I doubt that Greg blames the _entire_ University of Minnesota for these
miscreants.  From coverage at LWN (https://lwn.net/Articles/854401/), it
appears that Greg caught UMN's attention with a letter from Linux
Foundation to the university, demanding action before anyone from UMN
will be allowed access again.  (Greg's letter appears to be private.)

We & Lu's research paper _claims_ that their project to mess with the
Linux kernel got advance approval from UMN's Institutional Review Board
(IRB).

We shall see.


----- Forwarded message from Wayne <Wayne at TradeTimer.com> -----

Date: Mon, 26 Apr 2021 10:49:23 -0700
From: Wayne <Wayne at TradeTimer.com>
To: Felton Linux Users Group LUG <felton-lug at googlegroups.com>
Subject: [Felton LUG] University Banned From Contributing To Linux Kernel For
	Intentionally Inserting Bugs - Phoronix
Reply-To: felton-lug at googlegroups.com

https://www.phoronix.com/scan.php?page=news_item&px=University-Ban-From-Linux-Dev

-- 
You received this message because you are subscribed to the Google Groups "Felton LUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to felton-lug+unsubscribe at googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/felton-lug/51dfb5fb-f56d-6b62-01e0-e38d791a51b0%40TradeTimer.com.

----- End forwarded message -----

More information about the conspire mailing list