University Banned From Contributing To Linux Kernel For Intentionally Inserting Bugs

Wow, that’s really “low.” This seems to be a minor incident, but who knows the extent thing like this could go to? Sure, as you guys discussed before the commits themselves were not malicious. Think about it this way, would you give someone food that could mildly poison someone, then take it away just before they put it in their mouth?

Also, @SeanK I’m less worried about governments and the takedown of Linux than people like this.

Hey, I’m just glad they caught this in review and the unethical stuff stopped.
 


I would think a bigger concern is the potential for entities like private sector or govt groups to do this with the intention of undermining linux and/or spying on users.
It would be extremely difficult to insert a backdoor into Linux, because it's open source.

However, I'll just refer you to this from 2017:

Or even further back - 2013:

If there's likely to be a backdoor anywhere, it's more likely to be in the firmware for the hardware. And if there is a backdoor at a hardware level, it wouldn't matter which OS you were running.

I think that's part of the reason that the US government banned Huawei products - because of the fear (real, or imagined - IDK) that there is some built-in backdoor that will allow Chinese intelligence agencies to remotely access all information on Huawei devices/systems. The few official statements that have been made about it seem to imply that is the case.
ref:

But at the same time, who knows what's going on with chipsets made by other companies - Intel, AMD, ARM etc....?!
Backdoors in Linux should be the least of your worries!

For example, Intel's Management Engine chip is definitely a type of backdoor. It fits the textbook definition of of a backdoor. And yes, it does have legitimate uses. But it's also uncertain whether or not it has hidden functionality that would allow agencies like the NSA to remotely access systems that use the ME chip:

The problem there is - nobody other than Intel employees can audit the code. So we just don't know what hidden functionality it might have. We can only speculate. Yet again, part of the problem with proprietary/non-free/closed source software. We as users just have to trust that they haven't put some kind of malicious backdoor in there.

Going back to the Huawei situation and playing devils advocate a little. It would be deliciously ironic, if the US government had banned Huawei devices was because they DIDN'T have a backdoor in them. Ha ha!
 

Members online


Top