Comment by spullara
4 years ago
Ironically, one of their attempts were submitting changes that were allegedly recommended by a static analysis tool.
4 years ago
Ironically, one of their attempts were submitting changes that were allegedly recommended by a static analysis tool.
It's possible that they are developing a static analysis tool that is designed to find places where vulnerabilities can be inserted without looking suspicious. That's kind of scary.
Have they submitted patches to any projects other than the kernel?
Guess we have to wait for their next paper to find out.