Researchers from the University of Minnesota, USA, decided to conduct a rather unusual experiment to introduce vulnerabilities into popular Open Source projects (open source projects). To do this, they released patches in which there was malicious code – so scientists wanted to check how realistic it is to add their own vulnerabilities to various well-known projects, and also to assess how the representatives of these projects study in detail the code of patches proposed by third-party developers. Surprisingly, even Linux representatives failed to immediately notice the ruse from the alleged enthusiasts.
The researchers stated that they decided to try to launch the vulnerability in the Linux kernel through a patch due to the popularity of this kernel around the world, which they, in fact, managed to do. The specialists of the American university sent four patches to the code review, and all of them successfully passed the moderation – three patches contained malicious code, which the representatives of the Linux project for some reason missed. Fortunately, enthusiasts who are really involved in the development of this core on a voluntary basis noticed the vulnerability, so the researchers were brought to clean water.
Moreover, users who discovered patches with malicious code spoke out rather negatively towards the researchers, and even sent a complaint to the university, on behalf of which the scientists conducted their experiments. According to representatives of the Linux fan community, they really do not like it when someone conducts such research, deliberately introducing vulnerabilities into the code. But, unfortunately, the university administration did not react to this statement in any way, so the representatives of the Linux project decided to never accept more patches from these developers.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
