Some researchers from the University of Minnesota tried to slip bad patches into the Linux kernel as a "test." When they kept trying, Greg Kroah-Hartman, the Linux kernel maintainer for the stable branch, put an end to their efforts by banning their university from Linux development.
In the latest sign of the growing influence of open source software, the Linux Foundation has announced that it is creating a new research unit to provide greater insight into open-source technology, as well as the people creating it. Among the group’s priorities are examining diversity and security.
Microsoft is open-sourcing the CodeQL queries that it used to investigate the impact of Sunburst or Solarigate malware planted in the SolarWinds Orion software updates, enabling other organizations to use the queries to perform a similar analysis. Mike Hanley, CSO of GitHub, says CodeQL provides, "key guardrails that help developers avoid incidents and shipping vulnerabilities".