- 瑞典旅游-伤心之旅 [2018/09]
- 从张成泽被处决的事情看,有三个方面的意义 [2013/12]
- 鞋子落下来了;MD安德森谢教授不光是裸照 [2018/10]
- --从温家宝家族贪污传闻想起赵紫阳儿子倒彩电 ZT [2012/11]
- 加入混战 【少儿不宜】 [2011/02]
- 终于知道了一点艾未未 [2011/04]
- 男性更年期的臭事 [2013/05]
- 牢骚 多了 [2014/03]
- 庄则栋的故事中俺看到的日本 [2013/02]
- 体味和口臭 [2014/09]
- 雾霾的原因: 风力发电 [2016/12]
- 明大LINUX事件的反思(1)小P点燃导火线 [2021/04]
- 无稽之谈之芦花鸡 [2011/11]
- 铊毒案 后面的评论 ZT [2011/02]
- 瞎说几句薛峰的事情 [2010/07]
- 韩寒 方舟子 和解滨 [2012/01]
- 『自己做事(Do it yourself)可真难啊』学习体会--running title 我的一个星期六 [2010/12]
- 少吃饭、多买名牌 [2011/12]
- 和谐的线; 顺便和稀泥 [2012/01]
- 拿到桌子上 [2012/05]
- 家有闺女初长成 [2011/10]
- 好男人的标准 [2012/06]
- 俺父亲节这一天 [2012/06]
- 为夫为妇当如63 [2011/06]
- 不是一般地高 [2011/03]
- 能说会道 多么美妙 [2011/09]
- 鸡蛋碰石头 [2010/10]
周三4/21 下午1点,官方声明出来了。估计系主任和卢老师开了一上午会。
发了声明说的大意, 领导今天才刚了解详情细节,对此十分重视,等我回头找几只替罪羔羊出来, 给大家一个交代,有必要的话, 会杀现在的鸡儆未来的猴, blah blah
https://twitter.com/UMNComputerSci/status/1384948683821694976?s=20Leadership in the University of Minnesota Department of Computer Science & Engineering learned today about the details of research being conducted by one of its faculty members and graduate students into the security of the Linux Kernel. 明大计算机科技系今天了解到一老师和研究生们对Linux内核安全性研究的详情The research method used raised serious concerns in the Linux Kernel community and, as of today, this has resulted in the University being banned from contributing to the Linux Kernel. 研究方法在内核社区引起了严重关切,导致了社区禁止明大提交补丁。We take this situation extremely seriously. We have immediately suspended this line of research. We will investigate the research method & the process by which this research method was approved, determine appropriate remedial action, & safeguard against future issues, if needed. 我们会严肃对待。首先已经马上停止这些研究。将调查研究方法和研究批准程序,补救措施,和确保不产生问题的方法We will report our findings back to the community as soon as practical. 我们会尽快向社区汇报我们的发现。Sincerely,Mats Heimdahl, Department HeadLoren Terveen, Associate Department Head
底下回复的有的义愤填膺,有的冷嘲热讽。 都关注在道德问题。
------------------------------------------------------------------------分割: 发酵和评论----------------------------------
------------------------------------------------------------------------分割: 发酵和评论----------------------------------
------------------------------------------------------------------------分割: 发酵和评论----------------------------------
周三下午系里发声明; 周四周五(4/22 4/23)多种语言的技术新闻都关注。 卢老师估计在静心写检查。 期间linux基金会给明大发了一封要求信。
多数的评论是道德缺失。 太多了。 移民对这种评论的重量常常估计不足。 我看了是不能忍受之重,一般人会被压垮。 开头卢老师还拿学术道德委员会(IRB)批准了,有些中文也强调这个, 但是很多情况它们反手就可以找出鸡毛蒜皮,说你谎报,瞒报, 没有把所有的事情申报上来。 反手扣锅实在不能更容易了。
我来看看少数的观点。 不光是这两天的
——————————Linus Torvalds,技术上不算什么事情,但毁了别人对你的信任——————————
Linux creator Linus Torvalds says that while the submission of known buggy patches to the kernel team is not a huge deal, it is obviously a breach of trust. Linux的原作者LINUS TORVALDS说,提交一个有问题的补丁技术上来讲,不是什么大事,但会惹怒一些人,滥用了别人对你的信任
"I don't really know what to say, I think the email thread is likely the most relevant information," Torvalds told iTWire in response to a query.
"I don't think it has been a huge deal _technically_, but people are pissed off, and it's obviously a breach of trust." (https://itwire.com/open-source/torvalds-says-submitting-known-buggy-patches-is-a-breach-of-trust.html)
---------____________________________-老中会不会故意的搞破坏? 还是华人的骄傲---------------------------
推特上少数人怀疑
LiYaoshi说 (http://www.mitbbs.com/article_t/Military/60205423.html)
明明是华人之光硬是被洋diao疯 骂成间谍对安全p都不懂 一个个觉得自己是专家比宇宙最牛安全会议的reviewer都牛
----------卢老师和小吴微信上的澄清--------------------------------
有位看上去像小吴的同学发了类似的种族指责,后来删帖。我自己留下一张图
---————————这个要怪IRB Review Board-----------------------
http://www.mitbbs.com/article_t/Programming/31594525.htmlhci (海螺子), :这种研究,本质是用人做实验,必须要通过IRB Approval。他们去申请了IRB Exempt,居然还过了,这说明其实是明大IRB Review Board的问题。不知道是些什么人在上面,太不靠谱了。所以Linux把明大ban了算是轻的,应该继续追责。
--------——--说皇帝没有穿衣的小孩; 有道德,高尚且勇敢---------------------
https://lore.kernel.org/lkml/20210427145347.00003846@tesio.it/
https://itwire.com/open-source/submitting-known-buggy-linux-patches-ethical,-noble-and-brave.html
"Damn kids, they're all alike" http://phrack.org/issues/7/3.htmlDear Kangjie Lu, Qiushi Wu, and Aditya Pakki,Since nobody is doing so, I want to thank you for your hacks.All the livor and drama that followed your research proves that the Linux Foundation failed to learn the lessons of Heartbleed.At the end of the day, this is a valuable discovery for all of us.You are the kids laughing loud that "the emperor has no clothes". More precisely, that the emperor STILL has no clothes.Ten year later.The corporations behind the Linux kernel didn't take it well (you wasted their time and money! you outsmarted them! how dare!), but the hypocrisy in your commits is not the one you revealed.Pretending that such kind of attack didn't succeded before, pretending that the problem is you, is way worse.I've read that> The Linux Foundation's Technical Advisory Board submitted a letter on Friday to your University outlining the specific actions which need to happen in order for your group, and your University, to be able to work to regain the trust of the Linux kernel community.But any programmer with a grain of salt, knows that they are just tring to distract everybody from their own operational failures.They blame you and your University just to avoid to be held accountable.It's neither you nor your University that need to regain trust.It's not you that proved to not deserve it.Your crime is that of curiosity.How sad it is to see a project born "just for fun", turned into this!But since I care more about cyber-security than about OSS marketing, I thank you for what you did. I hope that more of such kind of hacks and experiments will happen in the future, both in the Linux Kernel and in many other projects.All without ANYBODY aware of them, because otherwise they would prevent such epic failures to be discovered and publicly exposed, again and again.What you did was not just ethical, but noble and brave.Thanks.Giacomo
------------Greg is Bully ------------------
有位于Greg过去有过节,在twitter上说你们群殴三位年轻人没意思;