In reviewing some of the emails in the list there were statements that "A lot of these have already reached the stable trees. I can send you revert patches for stable by the end of today "
Not being a coder I am not sure what "stable tree" means, but it could mean that some of this malicious code made it in. If so, the thesis of the paper is confirmed. If they had submitted only one patch and it had been written with more skill, would damage have been done? I am not supporting the UMN approach, but it does appear to me that the behavior of the kernel group has changed as a result, not just in their dealings with the UMN people. -Denis On Wed, Apr 21, 2021 at 8:03 PM Russell Senior <[email protected]> wrote: > The paper includes this line: "IRB [...] determined this is not human > research. We obtained a formal IRB-exempt letter" > > IRB stands for Institutional Review Board and any research institution > is going to have one. Here's the wikipedia page about IRBs in general: > https://en.wikipedia.org/wiki/Institutional_review_board > > On Wed, Apr 21, 2021 at 5:06 PM Jason Barbier <[email protected]> wrote: > > > > On Wed, Apr 21, 2021, at 5:02 PM, Denis Heidtmann wrote: > > > PSU has a policy that requires admin. review of any experiments to be > > > conducted on humans. That got some people in trouble for testing > > > publications' response to submitted articles using bogus stuff. I > wonder > > > if the UNM has such a requirement, and, if so, I wonder if it was > followed. > > > > > > -Denis > > > > The answer is yes, and they have an ethics review board which was posted > on that email thread for GKH to toss an email to and let them know whats up. > > > > > > > > On Wed, Apr 21, 2021 at 8:31 AM Ben Koenig <[email protected]> > wrote: > > > > > > > On Wed, Apr 21, 2021, 7:32 AM Ben Koenig <[email protected]> > wrote: > > > > > > > > > > > > > > > > > > > On Wed, Apr 21, 2021, 7:19 AM Jason Barbier <[email protected]> > wrote: > > > > > > > > > >> > > > > >> > > > > >> > > > > >> On Wed, Apr 21, 2021, at 7:02 AM, Paul Heinlein wrote: > > > > >> > On Wed, 21 Apr 2021, Russell Senior wrote: > > > > >> > > > > > >> > > > https://lore.kernel.org/linux-nfs/yh%2ffm%[email protected]/ > > > > >> > > > > > > >> > > > > > https://github.com/QiushiWu/QiushiWu.github.io/blob/main/papers/OpenSourceInsecurity.pdf > > > > >> > > > > > > >> > > Holy crap, way to step on it with golf shoes! > > > > >> > > > > > >> > I wonder if anyone has ever written anything on the subject of > > > > >> > Patterns of Abuse and Criminality. This looks like a version of > > > > >> > gaslighting, but in a tech-community context. > > > > >> > > > > > >> > -- > > > > >> > Paul Heinlein > > > > >> > [email protected] <mailto:heinlein%40madboa.com> > > > > >> > 45.38° N, 122.59° W > > > > >> > _______________________________________________ > > > > >> > PLUG: https://pdxlinux.org > > > > >> > PLUG mailing list > > > > >> > [email protected] <mailto:PLUG%40pdxlinux.org> > > > > >> > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > >> > > > > > >> > > > > >> To be fair reading the whole response from the umn address it > reads more > > > > >> like "Fuuuuuuuuuuu, the subject caught me and is blowing up my > doctoral > > > > >> thesis how do I save it! > > > > > > > > > > > > > > > By accepting the test results for what they are? > > > > > > > > > > He set out to prove a theory that OSS is inherently insecure. He > tested > > > > > that theory. > > > > > > > > > > Test results came back negative. The OSS community protected > itself from > > > > > malicious actors. > > > > > > > > > > > > > > Heyyy the pdf works when downloaded and viewed directly! > > > > > > > > But I still have trouble reading it. Maybe the CS team at UMN should > have a > > > > language arts major clean up the grammar before they start > recommending > > > > changes to the linux coc. > > > > > > > > > > > > It IS a serious college project after all. > > > > -Ben > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > >> PLUG: https://pdxlinux.org > > > > >> PLUG mailing list > > > > >> [email protected] > > > > >> http://lists.pdxlinux.org/mailman/listinfo/plugi > > > > >> > > > > > > > > > _______________________________________________ > > > > PLUG: https://pdxlinux.org > > > > PLUG mailing list > > > > [email protected] > > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > > _______________________________________________ > > > PLUG: https://pdxlinux.org > > > PLUG mailing list > > > [email protected] > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > _______________________________________________ > > PLUG: https://pdxlinux.org > > PLUG mailing list > > [email protected] > > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ > PLUG: https://pdxlinux.org > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG: https://pdxlinux.org PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
