Re: Report on University of Minnesota Breach-of-Trust Incident
From: Pavel Machek
Date: Thu May 06 2021 - 04:26:31 EST
Hi!
> Report on University of Minnesota Breach-of-Trust Incident
>
> or
>
> "An emergency re-review of kernel commits authored by members of the
> University of Minnesota, due to the Hypocrite Commits research paper."
>
> May 5, 2021
Thanks for doing this. I believe short summary is that there was some
deception from UMN researches in 2020:
> 2020 August:
> - "Hypocrite Commits" patches from UMN researchers sent to kernel developers
> under false identities:
> - Aug 4 13:36-0500
> https://lore.kernel.org/lkml/20200804183650.4024-1-jameslouisebond@xxxxxxxxx
> - Aug 9 17:14-0500
> https://lore.kernel.org/lkml/20200809221453.10235-1-jameslouisebond@xxxxxxxxx
> - Aug 20 22:12-0500
> https://lore.kernel.org/lkml/20200821031209.21279-1-acostag.ubuntu@xxxxxxxxx
> - Aug 20 22:44-0500
> https://lore.kernel.org/lkml/20200821034458.22472-1-acostag.ubuntu@xxxxxxxxx
> - Aug 21 02:05-0500
> https://lore.kernel.org/lkml/20200821070537.30317-1-jameslouisebond@xxxxxxxxx
But there was no deception from UMN in 2021. Yet, we were
spreading... let's say inaccurate information as late as this:
> 2021 April 29:
> - Greg posts an update on the re-review along with some more reverts.
> https://lore.kernel.org/lkml/20210429130811.3353369-1-gregkh@xxxxxxxxxxxxxxxxxxx
# Commits from @umn.edu addresses have been found to be submitted in "bad
# faith" to try to test the kernel community's ability to review "known
# malicious" changes.
UMN apologized. Our reaction to their apology was:
https://lore.kernel.org/lkml/YIV+pLR0nt94q0xQ@xxxxxxxxx/#t
Do we owe them apology, too?
Best regards,
Pavel
--
http://www.livejournal.com/~pavelmachek
Attachment:
signature.asc
Description: PGP signature