General > General Technical Chat

University of Minnesota Linux code security issues; banned and to be removed

<< < (6/23) > >>

rstofer:
In the FPGA universe, it is common to build test benches to verify component behavior.  I don't know that program code gets this level of testing.  Maybe...

If builders built buildings like programmers write programs, the first woodpecker to come along would destroy civilization.

tunk:
The "Call For Papers" for this symposium is below; all submitted papers
are reviewed (no description of what this means). This paper was accepted,
so the review process can't be very rigorous. And maybe IEEE should
reconsider the acceptance?

https://www.ieee-security.org/TC/SP2021/cfpapers.html

ataradov:

--- Quote from: rstofer on April 24, 2021, 07:57:03 pm ---In the FPGA universe, it is common to build test benches to verify component behavior.

--- End quote ---
And the review in this case was focused on the component. The issues are introduced in the integration part.

If FPGA process was so good, we would not have erratas. Yet there are pages of them for simplest of the MCUs.

And buildings also experience issues that need fixing occasionally. Get off your high horse and don't assume you are somehow better than everyone else.

Ed.Kloonk:
From the earliest days, the Kernel devs have made it clear that you must not waste their time with submitting code that does not work as advertised. Anyone with even an outer-orbit involvement of the Linux kernel knows this.

The uni scrambled to put together a statement so as to avoid getting sued. If that had happened to a tech company, not a community as such, the uni would be getting sued back into the stone age. Notice the difference if your were to 'test' the IT infrastructure of a govt department. Someone's ass would be heading for jail.

The uni dept heads are culpable because they should have peer-reviewed code sent up stream and thus been aware of the malicious intent. Either that or they are lying about knowing.

Greg KH's response is justified.

DrG:
There is being an asshole and there is being an asshole who has done something tangibly wrong in a moral, ethical and legal sense, that you can prove.

There has to be a sound and clearly stated reason to be punitive and the degree of punishment needs to at least appear to be commensurate with the wrongdoing.

So, what, if anything, do you do to this fellow and his supervisor if you are the University?

I believe the author has admitted wasting their time and apologized. Some rationale about not knowing how else to demonstrate what he wanted to demonstrate.  Looks like there is no big argument here, but how much punishment can be meted out for that?

Let's say the University can and does withdraw the paper - they need to have some sound reasons to do that, if they already approved the submission (passively or actively). The question becomes, what new information has come to light since then that can justify that action?

Let's say the proceedings folks cancel it - same situation...if it was accepted, what has changed?

IOW, would either party say....well we screwed up and did not know what we were clearing.....whoa.

Let's say it is determined that the IRB should not have granted a human use waiver, or, if it is in their jurisdiction, should have found it be unethical. If they now say that it constitutes human use, there is a whole shitload of ramifications. If they now decide it is unethical, what changed?

So, trying to un-ring the bell has some serious problems. Adding new regs....added agreements, signed promises, however you want to say it - yeah, that can certainly be done.

Somebody want to start litigation of some kind - ok, now show damages.

We all know that we put more checks and balances in place than the resources to manage, let alone, enforce them

There may be a lot of poor judgement here, especially by the author, and I would not want to be in that fellow's shoes or his supervisor....but I don't see that something very severe will be done...and I may find out otherwise as it is story that is unfolding.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

There was an error while thanking
Thanking...
Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod