f********1
发帖数: 1601 | 1 https://www.neowin.net/news/linux-bans-university-of-minnesota-for-sending-
buggy-patches-in-the-name-of-research/
The UMN had worked on a research paper dubbed "On the Feasibility of
Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite
Commits". Obviously, the "Open-Source Software" (OSS) here is indicating
the Linux kernel and the University had stealthily introduced Use-After-Free
(UAF) vulnerability to test the susceptibility of Linux. So far so good
perhaps as one can see it as ethical experimenting.
https://github.com/QiushiWu/QiushiWu.github.io/blob/main/papers/
OpenSourceInsecurity.pdf
公开的research
反倒是明大三哥的patch问题大
三哥声称 We are not experts in the linux kernel然后提交patch让别人帮他测试。
。。
然后Greg(Linus的副手)就发飙了:
A few minutes with anyone with the semblance of knowledge of C can see that
your submissions do NOT do anything at all, so to think that a tool created
them, and then that you thought they were a valid "fix" is totally negligent
on your part, not ours. You are the one at fault, it is not our job to be
the test subjects of a tool you create.
倒不一定是恶意,自己能力不及还懒 | o*****k
发帖数: 101 | 2 搞不懂卢老师为何领着全团队道歉。去年的事情,去年已经了结了。今年的事情,小P
上载好几个漏洞补丁和写了一封邮件,如果卢教授都过目了,他有责任,和小P一起道
歉。如果没看过,让小P一个人道歉就可以了。然后他道歉对学生管理不严。至少小W没
有必要再为此事卷入。这下自己把事情搞大,看看自己怎么收场。 | S*********e
发帖数: 6 | | h******k
发帖数: 810 | 4 那位三哥,coding不论,说话那官威,俨然像马内基训斥小弟。 |
|
