undefined | Better HN

0 pointsMetacelsus4y ago0 comments

Yikes, and what are they hoping to accomplish with this "research"?

0 comments

Macuyiko4y ago

What any researcher needs to accomplish: more publications

DangerousPie4y ago

What journal is going to accept a study like this if they haven't obtained proper consent?

dd824y ago

IEEE, see the publications list at https://www-users.cs.umn.edu/~kjlu/

>>>On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits Qiushi Wu, and Kangjie Lu. To appear in Proceedings of the 42nd IEEE Symposium on Security and Privacy (Oakland'21). Virtual conference, May 2021.

1 more reply

timkam4y ago

My guess is: a journal that does not focus on studies of human behavior and whose editors are a) not aware of the ethical problems or b) happy to ignore ethics concerns if the publication is prone to receive much attention (which it is).

JustFinishedBSG4y ago

The IEEE apparently. It is a clear breach of ethics but apparently they don't care

1 more reply

vbezhenar4y ago

That might be an interesting topic for research LoL

Ma8ee4y ago

That’s about as useful as to answer the question “what is this company doing?” with “trying to make money”.

xwolfi4y ago

But that question is as deep and important to answer as yours :D What can anyone hope to accomplish by doing fake research ? Progress, wealth, peer approval, mating, pleasure ?

So answering that they hope to get more material for papers, which is the only goal of researchers (and their main KPI), is quite deeper an answer than the question required.

1 more reply

voxadam4y ago

It's a near perfect example of the dangers 'publish or perish'.

pikzel4y ago

Why don't you read the article to find out? https://github.com/QiushiWu/QiushiWu.github.io/blob/main/pap...

1 more reply

jedimastert4y ago

They apparently made a tool to find vulnerabilities that could later lead to bugs is a different patch was introduced.

And for some insane reason, they decided to test if these kinds of bugs would be caught by inventing some and just submitting the patches, without informing anyone beforehand.

https://www-users.cs.umn.edu/~kjlu/papers/clarifications-hc....

mariuolo4y ago

Perhaps they wish to improve kernel security by pushing reviewers to be more careful.

Or to prove its overall insecurity.

j / k navigate · click thread line to collapse

0 comments

Macuyiko4y ago

What any researcher needs to accomplish: more publications

DangerousPie4y ago

What journal is going to accept a study like this if they haven't obtained proper consent?

dd824y ago

IEEE, see the publications list at https://www-users.cs.umn.edu/~kjlu/

1 more reply

timkam4y ago

JustFinishedBSG4y ago

The IEEE apparently. It is a clear breach of ethics but apparently they don't care

1 more reply

vbezhenar4y ago

That might be an interesting topic for research LoL

Ma8ee4y ago

That’s about as useful as to answer the question “what is this company doing?” with “trying to make money”.

xwolfi4y ago

But that question is as deep and important to answer as yours :D What can anyone hope to accomplish by doing fake research ? Progress, wealth, peer approval, mating, pleasure ?

So answering that they hope to get more material for papers, which is the only goal of researchers (and their main KPI), is quite deeper an answer than the question required.

1 more reply

voxadam4y ago

It's a near perfect example of the dangers 'publish or perish'.

pikzel4y ago

Why don't you read the article to find out? https://github.com/QiushiWu/QiushiWu.github.io/blob/main/pap...

1 more reply

jedimastert4y ago

They apparently made a tool to find vulnerabilities that could later lead to bugs is a different patch was introduced.

And for some insane reason, they decided to test if these kinds of bugs would be caught by inventing some and just submitting the patches, without informing anyone beforehand.

https://www-users.cs.umn.edu/~kjlu/papers/clarifications-hc....

mariuolo4y ago

Perhaps they wish to improve kernel security by pushing reviewers to be more careful.

Or to prove its overall insecurity.

j / k navigate · click thread line to collapse