Linux kernel team rejects University of Minnesota researchers’ apology

UMN researchers probed for weaknesses in patch approval—Greg K-H wasn’t amused.

A penguin stares menacingly at us.

Enlarge / Do not anger the penguin, for it is long of memory and slow to forgive. (credit: DJRPhoto36 / Flickr)

Last week, senior Linux kernel developer Greg Kroah-Hartman announced that all Linux patches coming from the University of Minnesota would be summarily rejected by default.

This policy change came as a result of three University of Minnesota researchers—Qiushi Wu, Kangjie Lu, and Aditya Pakki—embarking on a program to test the Linux kernel dev community's resistance to what the group called "Hypocrite Commits."

Testing the Linux kernel community

The trio's scheme involved first finding three easy-to-fix, low-priority bugs in the Linux kernel and then fixing them—but fixing them in such a way as to complete what the UMN researchers called an "immature vulnerability":

Read 8 remaining paragraphs | Comments

Apple releases iOS 14.5, the biggest update since iOS 14 first launched

Read for screenshots, update notes, and changes aplenty.

Apple's 2020 iPad Air.

Enlarge / Apple's 2020 iPad Air. (credit: Samuel Axon)

Today is the day: Apple has finally released iOS 14.5 and iPadOS 14.5 worldwide after a longer-than-usual beta period. If you're using a supported device, you should be able to find the update on the software update page in the iPhone, iPad, or iPod touch's Settings app.

This is arguably the biggest update of the iOS 14 cycle that began with iOS 14.0 and iPadOS 14.0 on September 16 of last year. The most consequential change for many is App Tracking Transparency, a new policy whereby app developers are required to get user opt-in to track users between apps.

But iOS 14 and iPadOS 14.5 also introduce a long-needed workaround for using Face ID when wearing a mask, support for the new AirTag accessory, several changes aimed at making experiences within the software more inclusive for a diverse user base, new Siri features and voices, and changes to the Reminders, News, Music, and Podcasts apps, among other things.

Read 26 remaining paragraphs | Comments

Pentagon explains odd transfer of 175 million IP addresses to obscure company

Something weird happened minutes before Trump left—US says it was security research.

Illustration of Internet data, with long strings of numbers laid out on a grid.

Enlarge (credit: Getty Images | Andriy Onufriyenko)

The US Department of Defense puzzled Internet experts by apparently transferring control of tens of millions of dormant IP addresses to an obscure Florida company just before President Donald Trump left the White House, but the Pentagon has finally offered a partial explanation for why it happened. The Defense Department says it still owns the addresses but that it is using a third-party company in a "pilot" project to conduct security research.

"Minutes before Trump left office, millions of the Pentagon's dormant IP addresses sprang to life" was the title of a Washington Post article on Saturday. Literally three minutes before Joe Biden became president, a company called Global Resource Systems LLC "discreetly announced to the world's computer networks a startling development: It now was managing a huge unused swath of the Internet that, for several decades, had been owned by the US military," the Post said.

The number of Pentagon-owned IP addresses announced by the company rose to 56 million by late January and 175 million by April, making it the world's largest announcer of IP addresses in the IPv4 global routing table.

Read 20 remaining paragraphs | Comments