None of which is "On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits".
So what? The UMN "group" is assistant professor Lu, 5 PhD students, 3 master's, and one undergrad. Aditya Pakki and Qiushi Wu, whose name IS on the paper, share the same damn office.
There is absolutely nothing inaccurate about GregKH saying they are in the same "group". You have to be severely mentally challenged to believe otherwise.
He said as much, but you have your fingers in your ears.
LOL! Fingers in my ears? Your head so far up your ass you have to peer through your navel to see anything at all, and your ears are so clogged with your own shit you can't hear a damn thing.
But let's say Pakki is in a different "group" than Lu's. That would mean 2 different groups from the same university knowingly submitted vulnerabilities into the kernel pipeline, without prior notice to anyone, months apart. Thanks for making the case that UMN deserved to be plonked.
Industry does not in general train kernel developers
More proof you have no idea what you're talking about. You're just making shit up. Virtually all the major corporate contributors to the Linux kernel have training, support, mentoring, and oversight for their kernel developers.
the vast majority are hired straight out of school
Your bullshit just never stops flowing. Tell you what, cite a source that supports your claim that the vast majority of corporate Linux contributors are hired straight out of school and are "generally" not given any training. Prove to us that you didn't pull that directly out of your ass.
having learned their kernel skills under enthusiasts like Kangjie Lu.
That's pretty damn funny, considering the fact that Aditya Pakki, who has been studying for his PhD in Computer Science under Lu since 2017, and has been studying CS in a university setting since 2007, claimed "We are not experts in the linux kernel". LOL, who do you think Pakki's "We" refers to? Everybody in his "group"? Including professor Lu?
Somehow after over 13 years of CS study in higher ed, Pakki is still a "newbie". Apparently Lu's kernel development expertise never made it into Pakki's head after over three years. Neither did any kernel development expertise enter Pakki's head in the ten years at university prior to studying under Lu. Is this the kind of person you say industry hires straight out of school to be a kernel developer that requires no training? Sure bud, whatever you say.
Neither industry nor the Linux kernel community can afford to burn bridges with the academic institutions of the world.
Christ. Your reality is upside down and inside out. If anything, it is UMN who burned the bridge with the Linux community. Kernel developers/maintainers will absolutely be better off without selfish twats who knowingly submit vulnerabilities as part of some ill conceived, ill advised, and shoddily conducted experiment.
Here is the statement from the UMN CS Department heads on the matter, the first sentence of which reads:
Leadership in the University of Minnesota Department of Computer Science & Engineering learned today about the details of research being conducted by one of its faculty members and graduate students into the security of the Linux Kernel.
UMN department heads were unaware of the details of what Lu's GROUP was doing, and have "immediately suspended this line of research." Looks like the UMN CS department heads have joined the "mob" hounding Pakki.
[sniffle] Poor poor pitiful Pakki. It's all soooo unfair! [sob]
Go ahead and continue defending these clowns. But you might want to use some facts for your defense instead of just making shit up.