Conversation

Halvar Flake
@halvarflake
Bugdooring the Linux Kernel to get a paper into Oakland shows tremendously poor judgement. I mean, I can imagine situations in which trying to backdoor the Linux kernel could be worth it, but ... a paper? "I will demolish the Sphinx because someone promised a Snickers bar."
11
122
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@kwilczynski
and
@halvarflake
They appear to have submitted the intentionally bad faith patches from sockpuppet accounts at Gmail rather than their own addresses so reverting patches from the university isn't accomplishing what it appears to be doing.
3
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@kwilczynski
and
@halvarflake
It's not as if the kernel doesn't have an abundance of use-after-free vulnerabilities, etc. already. It's only as serious as it's being made out to be if we pretend that these issues were not incredibly common and incorrect patches introducing these bugs were not very common.
1
3
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@kwilczynski
and
@halvarflake
A lot of the good faith patches submitted from there have mistakes, just like patches from elsewhere. I don't know what else would be expected from students attempting to fix reports from static analysis tools. You would find the same from submissions from elsewhere.
1
3
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@kwilczynski
and
@halvarflake
You could simply review fixes in general and find a bunch of incorrect fixes or fixes for non-existent problems. It's not something unique to the work their students were doing. Their research was unethical but so is framing good faith work from those students as being malicious.
1
3
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@kwilczynski
and
@halvarflake
This has turned from some professors doing an unethical study to demonstrate something valuable into Linux kernel maintainers spreading misinformation and behaving unethically themselves. The first made the university and Linux look bad but the latter only makes Linux look worse.
2
6