Why Nostr? What is Njump?
2024-03-30 20:03:14

Kevin Beaumont on Nostr: If anybody is wondering if there’s been academic research about deliberately ...

If anybody is wondering if there’s been academic research about deliberately submitting vulnerabilities into open source - yes.

“On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits” was a multi year research study by people at the University of Minnesota where they submitted exploitable vulnerabilities into the Linux kernel.

PDF: https://linuxreviews.org/images/d/d9/OpenSourceInsecurity.pdf
Author Public Key
npub176rs4lx7gjqwepgg75psfpv7zjj3xz0lyj4n7rux93ftm390sars6fkwlw