[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] German University signs up 24 tor relays

"l.m" <ter.one.leeboi@hush.com> writes:

> You should be grateful for their work, not self-righteous. What the
> hell do you think? The university pays for the relays and doesn't have
> a code of conduct for student activity using university resource? That
> code of conduct somehow doesn't apply to this graduate or their
> mentor? Exactly how much work have you done with a university because
> it sounds like none.

CS/IT/EE programs have largely not yet adapted to the reality that research
on a public network is research on human beings,
as much as medicine or psychology or even behavioral economics research is.
Those fields subject their researchers to institutional review boards.
It'd be nice to think that all security research that operates
on public networks will get rigorous institutional review board and
legal scrutiny at the home institution, as well as result in the creation
of open access data and results. But none of these things are true at present.

As gparpamp says, it's a fine line. Obviously if a real vulnerability
or possible improvement to Tor results from this research
*and* we get to read about it (that all-important open access piece),
that would be an excellent outcome. However none of these things are guaranteed
from current [lack of] oversight of academic security research,
which still bills itself as research on machines and not on their users.

tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to