Originally posted by oiaohm
View Post
Announcement
Collapse
No announcement yet.
University Banned From Contributing To Linux Kernel For Intentionally Inserting Bugs
Collapse
X
-
Originally posted by bug77 View Post
Can you imagine the shitstorm heading GKH's way if some of the banned researchers are in some sort of minority...
- Likes 1
Comment
-
Originally posted by User42 View PostIt's just like saying "let's not try to break AES because people depend on it".
Everyone knows some of the bugs will remain in the kernel for extremely long periods before they get detected/fixed.
Unless they really intended to flood the kernel with bugs (to get statistically meaningful results), what new does this "research" teach us?
- Likes 2
Comment
-
This is a very interesting issue. Is it ethical? Probably not. Does it expose pretty much what Steve Ballmer screamed about at Microsoft for years? 100% Yes!
The question is how do you validate contributor's trustworthiness in a community that champions total freedom of contribution? In closed source everyone contributing can be 100% managed and vetted.
I wonder how many of these bugs have been introduced by external forces that did not write papers about it?
Now... should this university be banned? Probably, but I would say not for this paper... but rather the other extraneous spamming they are apparently doing by generating and adding patches of absolutely no value.
Something like this though should really have the whole Linux community re-evaluate how "trustworthiness" is defined, monitored and enforced in key projects like the Kernel.
Linux at least has a huge body of resources to help with this.Something like this is probably a much bigger issue/warning to groups like FreeBSD that are used in a few critical infrastructure pieces, but do not have as many resources to ensure "trustworthiness" in their code.
- Likes 1
Comment
-
Originally posted by drjohnnyfever View PostThis is definitely not Treason in the United States.
With those bring up China same stunt in china is treason always what is vastly worse results to anyone who attempts it.Last edited by oiaohm; 21 April 2021, 01:46 PM.
- Likes 1
Comment
-
Originally posted by zexelon View PostThe question is how do you validate contributor's trustworthiness in a community that champions total freedom of contribution? In closed source everyone contributing can be 100% managed and vetted.The latest news and commentary on workplace and employment. Find free resources on labor insights, working conditions, and people management software labor efficiency and helping your teams achieve success.
What you have stated here is a false idea. In closed source you can still have your sabotaging parties that can be very hard to find.
https://en.wikipedia.org/wiki/The_Mo...alian_season_1)
Over the years there have been a lot of experiments with internal sabotage even when you know it there finding the right party is very hard.
The Linux kernel with git history is keeping a very detailed log for who added what. Microsoft with windows is using git internally because their prior solution did not have enough tracking information to find internal sabotage.
How do you validate trustworthiness of code is a very hard problem. Does not need parties messing about.
- Likes 5
Comment
-
Originally posted by oiaohm View PostUSA its sabotage but can come Treason if the exploit you have added by the sabotage gets classed as giving aid to a enemy to attack USA government systems. So sorry you are wrong its not definitely not Treason.. USA its definitely sabotage with possibility of a treason prosecution depending on the results of the sabotage. You have to remember the Linux kernel is used is critical government systems so things can take a very big turn for the worse legally very quickly.
With those bring up China same stunt in china is treason always what is vastly worse results to anyone who attempts it.
For clarity, in the US treason is specifically 'limited to levying war against the US, or adhering to their enemies, giving them aid and comfort.'
Comment
-
Originally posted by drjohnnyfever View PostThe last time someone was convicted of Treason in the United States was 1952 over events that happened in World War II, and eventually the sentence was commuted. If your interpretations of Treason law were at all reasonable one would expect there to be a at least a single historical example.
Reason for the lack of recent historic examples treason examples in USA is lack of clear define enemy. Something to remember a code modification might sit in place with a flaw for a decade+ before being found by then the USA could be at war with a party that is a clear define enemy and could be in the mood again to use the Treason change. Remember the Linux kernel has kept detail records of who submitted what. So being noticed and removed is technically saving their hide against future risk.
- Likes 1
Comment
Comment