undefined | Better HN

0 pointsyjftsjthsd-h3mo ago0 comments

> 3. Some of these patches are accepted

> 4. They intervene at this point and reveal that the patches are malicious

> 5. The patches are then not merged

It's not clear to me that they revealed anything, just that they did fix the problems:

> In their paper, Lu and Wu claimed that none of their bugs had actually made it to the Linux kernel — in all of their test cases, they’d eventually pulled their bad patches and provided real ones. Kroah-Hartman, of the Linux Foundation, contests this — he told The Verge that one patch from the study did make it into repositories, though he notes it didn’t end up causing any harm.

(I'm only working from this article, though, so feel free to correct me)

0 comments

jovial_cavalier3mo ago

I don't believe they revealed that they were hypocrite commits at the time of their acceptance, that was only revealed when the paper was put on a preprint server. But they did point out the problems to maintainers before the changes were mainlined.

arjie3mo ago

You know there's a lot of he-said she-said here. The truth is that I was repeating there what they claimed in the paper which is that they intervened prior to merge to mainline.

yjftsjthsd-hOP3mo ago

My point was that (the article claims that) they didn't "reveal that the patches are malicious" at that point. Revert yes, reveal no.

worthless-trash3mo ago

IIRC one of them actually introduced a memory corrupting problem. I don't know if it got accepted or not. I remember seeing the issue and rejecting the patch for rhel.

arjie3mo ago

Man, what a mess.

j / k navigate · click thread line to collapse

0 comments

jovial_cavalier3mo ago

arjie3mo ago

You know there's a lot of he-said she-said here. The truth is that I was repeating there what they claimed in the paper which is that they intervened prior to merge to mainline.

yjftsjthsd-hOP3mo ago

My point was that (the article claims that) they didn't "reveal that the patches are malicious" at that point. Revert yes, reveal no.

worthless-trash3mo ago

IIRC one of them actually introduced a memory corrupting problem. I don't know if it got accepted or not. I remember seeing the issue and rejecting the patch for rhel.

arjie3mo ago

Man, what a mess.

j / k navigate · click thread line to collapse