Comment by gher-shyu3i
4 years ago
> The thread then gets down to business and starts coordinating revert patches for everything committed by University of Minnesota email addresses.
What's preventing those bad actors from not using a UMN email address?
Nothing. However if they can't claim ownership of the drama they have caused it's not useful for research that's publishable so it does nix these idiots from causing further drama while working at this institution. For now.
They don't need to claim ownership of the drama to write the paper, in fact, my first thought was that they would specifically try to avoid taking ownership and instead write a paper "discovering" the vulnerability(ies).
> What's preventing those bad actors from not using a UMN email address?
Technically none, but by banning UMN submissions, the kernel team have sent an unambiguous message that their original behaviour is not cool. UMN's name has also been dragged through the mud, as it should be.
Prof Lu exercised poor judgement by getting people to submit malicious patches. To use further subterfuge knowing that you've been already been called out on it would be monumentally bad.
I don't know how far Greg has taken this issue up with the university, but I would expect that any reasonable university would give Lu a strong talking-to.
If they submit them from personal or anonymous email the patches may have come under more sucutiny.
They gain some trust comming from university email addresses
Exactly. Users contributing from the University addresses were borrowing against the reputation of the institution. That reputation is now destroyed and each individual contributor must build their own reputation to earn trust.
I can't understand this. Why would a university be more trustworthy? Foreign actors have been known to plant students, for malicious intent.
edit: Reference to combat the downvote: https://www.nbcnews.com/news/china/american-universities-are...
Nothing. I think the idea is 60% deterrence via collective punishment - "if we punish the whole university, people will be less likely to do this in future" - and 40% "we must do something, and this is something, therefore we must do it".
see https://lore.kernel.org/linux-nfs/YIAmy0zgrQW%2F44Hz@kroah.c...
If they just want to be jerks, yes. But they can't then use that type of "hiding" to get away with claiming it was done for a University research project as that's even more unethical than what they are doing now.
Were all of the commits from UMN emails GPG signed with countersigned/trusted keys?
How would you catch those?
Literally nothing. Instead of actual actions to improve the process it's only feel-good actions without any actual benefit to the kernel's security.
The point is to make it very obviously not worth it to conduct this kind of unethical research. I don't think UMN is going to be eager to have this kind of attention again. People could always submit bogus patches from random email addresses - this removes the ability to do it under the auspices of a university.
The ethical aspect is separate from the practical aspect that is kernel security.
Sabotage is a very real risk but we're discussing ethics of demonstrating the risk instead of potential remediation, that's dangerous and foolish.
> this removes the ability to do it under the auspices of a university
It really doesn't though. You can claim ownership of that email address in the published manuscript. For that matter, you could even publish the academic article under a pen name if you wanted to. But after seeing how the maintainers responded here, you'd better make sure that any "real" contributions you make aren't associated with the activity in any way.
I think you're getting heavily downvoted with your comments on this submission because you seem to be missing a critical sociological dimension of assumed trust. If you submit a patch from a real name email, you get an extra dimension of human trust and likewise an extra dimension of human repercussions if your actions are deemed to be malicious.
You're criticizing the process, but the truth is that without a real name email and an actual human being's "social credit" to be burned, there's no proof these researchers would have achieved the same findings. The more interesting question to me is if they had used anonymous emails, would they have achieved the same results? If so, there might be some substance to your contrarian views that the process itself is flawed. But as it stands, I'm not sure that's the case.
Why? Well, look at what happened. The maintainers found out and blanket banned bad actors. Going to be a little hard to reproduce that research now, isn't it? Arbitraging societal trust for research doesn't just bring ethical challenges but /practical/ ones involving US law and standards for academic research.
> actual human being's "social credit" to be burned
How are kernel maintainers competent in detecting a real person vs. fake real person? Why is there any inherit trust?
It's clear the system is fallible, but at least now people are humbled enough to not instantly dismiss the risk.
> The maintainers found out and blanket banned bad actors.
With collateral damage.
8 replies →
You keep posting all over this discussion about how the Linux maintainers are making a poor choice and shooting the messenger.
What would you like them to do instead or in addition to this?
Indeed the situation is bad, nothing can be done. At the very least as long as they can make unintentional vulnerabilities, they are defenseless against intentional ones, and fixing only the former is already a very big deal.
> What would you like them to do instead or in addition to this?
Update the processes and tools to try and catch such malicious infiltrators. Lynching researchers isn't fixing the actual issue right now.
6 replies →
Well, it seems unlikely that any other universities will fund or support copy cat studies. And I don't mean in the top-down institutional sense I mean in the self-selecting sense. Students will not see messing with the linux kernel as being a viable research opportunity and will not do it. That doesn't seem to be 'feel-good without any actual benefit to the kernel's security'. Sounds like it could function as an effective deterent.