Talk:IEEE Symposium on Security and Privacy
IEEE Symposium on Security and Privacy has been listed as one of the Engineering and technology good articles under the good article criteria. If you can improve it further, please do so. If it no longer meets these criteria, you can reassess it. | |||||||||||||
| |||||||||||||
A fact from this article appeared on Wikipedia's Main Page in the "Did you know?" column on June 8, 2024. The text of the entry was: Did you know ... that researchers submitting to the IEEE Symposium on Security and Privacy intentionally introduced security bugs into Linux? | |||||||||||||
Current status: Good article |
This article must adhere to the biographies of living persons (BLP) policy, even if it is not a biography, because it contains material about living persons. Contentious material about living persons that is unsourced or poorly sourced must be removed immediately from the article and its talk page, especially if potentially libellous. If such material is repeatedly inserted, or if you have other concerns, please report the issue to this noticeboard.If you are a subject of this article, or acting on behalf of one, and you need help, please see this help page. |
This article is rated GA-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||||||
|
Did you know nomination
[edit]- The following is an archived discussion of the DYK nomination of the article below. Please do not modify this page. Subsequent comments should be made on the appropriate discussion page (such as this nomination's talk page, the article's talk page or Wikipedia talk:Did you know), unless there is consensus to re-open the discussion at this page. No further edits should be made to this page.
The result was: promoted by PrimalMustelid talk 03:15, 30 May 2024 (UTC)
- ... that researchers submitting to IEEE Symposium on Security and Privacy intentionally introduced security bugs into Linux, the operating system?
sohom@enwiki 18:16, 12 May 2024 (UTC).
- Article is new enough (5x expansion began on May 6) and long enough (4450 characters). Sourcing is fine; there are several sources that are independent of IEEE Symposium on Security and Privacy, like Ars Technica and ZDNet. Spot check of sources suggests copyvio unlikely. Article is presentable. Hook cites reliable source. Hook is interesting; made me click and the payoff was a story I wasn't expecting. No images. QPQ has been done. Good to go. Cielquiparle (talk) 09:42, 18 May 2024 (UTC)
GA Review
[edit]The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
GA toolbox |
---|
Reviewing |
- This review is transcluded from Talk:IEEE Symposium on Security and Privacy/GA1. The edit link for this section can be used to add comments to the review.
Nominator: Sohom Datta (talk · contribs) 19:21, 12 May 2024 (UTC)
Reviewer: CursedWithTheAbilityToDoTheMath (talk · contribs) 07:15, 22 August 2024 (UTC)
Rate | Attribute | Review Comment |
---|---|---|
1. Well-written: | ||
1a. the prose is clear, concise, and understandable to an appropriately broad audience; spelling and grammar are correct. | "The conference, initially conceived by researchers Stan Ames and George Davida in 1980 as a small workshop for discussing computer security and privacy, gradually evolved into a larger gathering within the field."
I feel like this sentence could be split into two as it feels a bit long. There are some terms and sentences that I feel require a bit more explanation to be understood by a broad audience. I highlighted these sections in 3a. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC) | |
1b. it complies with the Manual of Style guidelines for lead sections, layout, words to watch, fiction, and list incorporation. | The lede seems quite short. I feel like it could be expanded to talk more about what happens at the conference. Some of the information from the rest of the article could be incorporated into the lede as well. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC) | |
2. Verifiable with no original research, as shown by a source spot-check: | ||
2a. it contains a list of all references (sources of information), presented in accordance with the layout style guideline. | CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC) | |
2b. reliable sources are cited inline. All content that could reasonably be challenged, except for plot summaries and that which summarizes cited content elsewhere in the article, must be cited no later than the end of the paragraph (or line if the content is not in prose). | "In 2021, researchers from the University of Minnesota submitted a paper titled "On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits" to the 42nd iteration of a conference."
The source given doesn't say that the paper was released in 2021 or that it was submitted to the 42nd iteration of a conference. "They aimed to highlight vulnerabilities in the review process of Linux kernel patches, and the paper was accepted for presentation in 2021." The source provided doesn't talk about what the paper aimed to do " Despite undergoing review by the conference, this breach of ethical responsibilities was not detected during the paper's review process. This sparked significant criticism from the Linux community and broader cybersecurity circles." The source provided did not back up this claim. I was able to access and verify all other sources. CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC) | |
2c. it contains no original research. | per above. CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC) | |
2d. it contains no copyright violations or plagiarism. | CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC) | |
3. Broad in its coverage: | ||
3a. it addresses the main aspects of the topic. | "The conference uses a single-track model for its conference proceedings, deviating from the multi-track format common in many similar conferences focused on security and privacy"
Would it be possible to expand a bit one what a single track model is? The next sentence does expand on the topic a bit but I still don't understand what single vs multi track is. "IEEE Symposium on Security and Privacy considers papers from a wide range of topics related to computer security and privacy." Could you expand on what topics are discussed? "They aimed to highlight vulnerabilities in the review process of Linux kernel patches, and the paper was accepted for presentation in 2021. However, their methods involved writing patches for existing trivial bugs in the Linux kernel in ways such that they intentionally introduced security bugs into the kernel." Could you explain a bit more about what the aims of this study were and how they introduced security bugs? Also the average reader most likely doesn't know what the linux kernel is and I believe this should be expanded on. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC) "In 2022, a study conducted by Ananta Soneji et al. showed that review processes of top security conferences, including the IEEE Symposium on Security and Privacy were exploitable. They identified a lack of objective criteria for paper evaluation and noted a degree of randomness among reviews provided by conference reviewers as the major weaknesses of the peer review process used by the conferences." The paper mentioned went into a lot more detail on how the review process was exploitable, I feel as though you could also go into more detail about what exactly made the process easy to exploit. CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC) | |
3b. it stays focused on the topic without going into unnecessary detail (see summary style). | CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC) | |
4. Neutral: it represents viewpoints fairly and without editorial bias, giving due weight to each. | CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC) | |
5. Stable: it does not change significantly from day to day because of an ongoing edit war or content dispute. | CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC) | |
6. Illustrated, if possible, by media such as images, video, or audio: | ||
6a. media are tagged with their copyright statuses, and valid non-free use rationales are provided for non-free content. | Couldn't find any free images online so not having a photo is appropriate here. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC) | |
6b. media are relevant to the topic, and have suitable captions. | Per above. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC) | |
7. Overall assessment. | I found several parts of the article that were not backed by sources. The article also needs to be expanded a bit so that the average reader can understand all of the terms used. Several of the sources provided go into more detail that I feel could be incorporated into the article. I did find a few grammar issues so the article could probably benefit from being put through some type of grammar checker. Overall I think the article has a strong foundation it just needs to be built upon. I originally had some sections marked as on hold but because I found quite a few issues I feel as though these issues may need more work hence why I changed them to fail. Good work to those who wrote the article as it did a good job of giving a balanced overview of the topic without bias. CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC) |
GA Review
[edit]The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
GA toolbox |
---|
Reviewing |
- This review is transcluded from Talk:IEEE Symposium on Security and Privacy/GA2. The edit link for this section can be used to add comments to the review.
Nominator: Sohom Datta (talk · contribs) 01:19, 25 August 2024 (UTC)
Reviewer: CursedWithTheAbilityToDoTheMath (talk · contribs) 04:10, 25 August 2024 (UTC)
Rate | Attribute | Review Comment |
---|---|---|
1. Well-written: | ||
1a. the prose is clear, concise, and understandable to an appropriately broad audience; spelling and grammar are correct. | "The reviewers interviewed 21 reviewers about the criteria they used to judge papers during the review process. Among these reviewers, 19 identified novelty—whether the paper advanced the research problem or the state of the art—as their primary criterion. Nine reviewers also emphasized the importance of technical soundness in the implementation, while seven mentioned the need for a self-contained and complete evaluation, ensuring all identified areas were thoroughly explored. Additionally, six reviewers highlighted the importance of clear and effective writing in their assessments."
You use the term reviewers to refer to both those reviewing papers for the conference and the people conduction this study. This is kind of confusing. I would recommend changing it to "Ananta Soneji and others running the study interviewed 21 of the reviewers for the conference" or something along those lines to make it clear who you are referring to. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)
"the major weaknesses of the peer review process used by the conferences." I'm assuming you just meant this conference here so I would change this to conference singular instead of conferences but I wanted to double check that is what you meant. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)
| |
1b. it complies with the Manual of Style guidelines for lead sections, layout, words to watch, fiction, and list incorporation. | Great job at expanding the lede! CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC) | |
2. Verifiable with no original research, as shown by a source spot-check: | ||
2a. it contains a list of all references (sources of information), presented in accordance with the layout style guideline. | CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC) | |
2b. reliable sources are cited inline. All content that could reasonably be challenged, except for plot summaries and that which summarizes cited content elsewhere in the article, must be cited no later than the end of the paragraph (or line if the content is not in prose). | CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC) | |
2c. it contains no original research. | CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC) | |
2d. it contains no copyright violations or plagiarism. | CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC) | |
3. Broad in its coverage: | ||
3a. it addresses the main aspects of the topic. | "The conference has a single track and follows a double-blind review process to ensure fairness during peer review." (from the lede)
I think it would be a good idea to define what single track and double blind means within the lede. Both of these terms are used throughout the article and the average reader may not know what they mean. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)
"The conference has a low acceptance rate due to it having only a single track." (from lede) Again I would define what single track is either here or earlier in the lede. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)
I do see that you defined single track later in the article which is very appreciated however I would recommend moving that explanation into the lede as a good portion of readers only ever read the lede. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC) "EEE Symposium on Security and Privacy considers papers from a wide range of topics related to computer security and privacy. Every year, a list of topics of interest is published by the program chairs of the conference which changes based on the trends in the field." Is it possible that you could find the list of topics from one of their older meetings and incorporate that into the article? Something like "in past meetings they have discussed topics such as xyz". This would give the reader a better understanding of the goal of the meetings. I would just caution you to be careful with using overly technical terminology here and purposely select topics that most people would be more familiar with. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)
You use the term "Linus kernel" quite a bit throughout the article. I do see that you gave a basic description of it in the lede which is good however I would suggest explaining it a bit more in the controversy section. ref 7 [1] goes a little more into depth about the Linux kernel and I feel like you could incorporate some of their explanation into the article. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)
| |
3b. it stays focused on the topic without going into unnecessary detail (see summary style). | CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC) | |
4. Neutral: it represents viewpoints fairly and without editorial bias, giving due weight to each. | CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC) | |
5. Stable: it does not change significantly from day to day because of an ongoing edit war or content dispute. | CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC) | |
6. Illustrated, if possible, by media such as images, video, or audio: | ||
6a. media are tagged with their copyright statuses, and valid non-free use rationales are provided for non-free content. | CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC) | |
6b. media are relevant to the topic, and have suitable captions. | CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC) | |
7. Overall assessment. | Overall this article has significantly improved since my last review. It's clear that a lot of hard work was put into making this article. There are a couple of very minor issues mostly to do with making the article understandable to a broad audience. Once @Sohom Datta: addresses those issues I believe the article will pass. All of the content was backed up by sources. The lede is at an appropriate length. Everything is put into the writers own words. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)
Seeing as all the issues have been addressed I am going to pass this article! CursedWithTheAbilityToDoTheMath (talk) 22:06, 25 August 2024 (UTC) |
- Wikipedia good articles
- Engineering and technology good articles
- Wikipedia Did you know articles that are good articles
- Biography articles of living people
- GA-Class Computer Security articles
- Mid-importance Computer Security articles
- GA-Class Computer Security articles of Mid-importance
- GA-Class Computing articles
- Mid-importance Computing articles
- All Computing articles
- All Computer Security articles
- GA-Class Computer science articles
- Low-importance Computer science articles
- WikiProject Computer science articles
- GA-Class Academic Journal articles
- WikiProject Academic Journal articles