Comment by sida
4 years ago
Let me play devil's advocate here though. This is absolutely necessary and shows the process in the kernel is vulnerable.
Sure, this is "just" a university research project this time. And sure, this is done in bad taste.
But there are legitimately malicious national actors (well, including the US govt and the various 3 letter agencies) that absolutely do this. And the national actors are likely even far more sophisticated than a couple of PhD students. They have the time, resources and energy to do this over a very long period of time.
I think on the whole, this is very net positive in that it reveals the vulnerability of open source kernel development. Despite, how shitty it feels.
Let me pile on top of that and note that if Linus had listened to his elders and used a Microkernel instead of the monolith, the kernel would be small enough that this kind of thing wouldn't be happening.
You are free to use Minix or Hurd, not sure if a modern browser will even run, but if you want a microkernel so badly...
So if only Linus would have listened we would have Linux as microkernel equally feature rich and widespread? Stupid Linus /s
https://www.minix3.org/
https://www.gnu.org/software/hurd/