Hacker News new | past | comments | ask | show | jobs | submit login




Here's the research article linked there, for those interested: https://github.com/QiushiWu/QiushiWu.github.io/blob/main/pap...


Please correct me if I'm wrong. So he (PhD student) was introducing bad code as part of research? And publishes a paper to show how he successfully introduced bad code.


It seems that Aditya Pakki was the one introducing shady code to the kernel and was caught. He is listed as an author on several other very similar papers (https://scholar.google.com/citations?user=O9WEZuoAAAAJ&hl=en) with authors Wu and Lu about automatically detecting "missing-check bugs" and other security issues which they purport to want to fix but this research paper explicitly discusses submitting "fixes" that have latent security bugs in them.


Merging them now...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: