Talk:IEEE Symposium on Security and Privacy

Latest comment: 3 months ago by CursedWithTheAbilityToDoTheMath in topic GA Review
Good articleIEEE Symposium on Security and Privacy has been listed as one of the Engineering and technology good articles under the good article criteria. If you can improve it further, please do so. If it no longer meets these criteria, you can reassess it.
Article milestones
DateProcessResult
August 22, 2024Good article nomineeNot listed
August 25, 2024Good article nomineeListed
Did You Know
A fact from this article appeared on Wikipedia's Main Page in the "Did you know?" column on June 8, 2024.
The text of the entry was: Did you know ... that researchers submitting to the IEEE Symposium on Security and Privacy intentionally introduced security bugs into Linux?
Current status: Good article

Did you know nomination

edit
The following is an archived discussion of the DYK nomination of the article below. Please do not modify this page. Subsequent comments should be made on the appropriate discussion page (such as this nomination's talk page, the article's talk page or Wikipedia talk:Did you know), unless there is consensus to re-open the discussion at this page. No further edits should be made to this page.

The result was: promoted by PrimalMustelid talk 03:15, 30 May 2024 (UTC)Reply

5x expanded by Sohom Datta (talk). Number of QPQs required: 1. Nominator has 8 past nominations.

sohom@enwiki 18:16, 12 May 2024 (UTC).Reply

  •   Article is new enough (5x expansion began on May 6) and long enough (4450 characters). Sourcing is fine; there are several sources that are independent of IEEE Symposium on Security and Privacy, like Ars Technica and ZDNet. Spot check of sources suggests copyvio unlikely. Article is presentable. Hook cites reliable source. Hook is interesting; made me click and the payoff was a story I wasn't expecting. No images. QPQ has been done. Good to go. Cielquiparle (talk) 09:42, 18 May 2024 (UTC)Reply

GA Review

edit

The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.


GA toolbox
Reviewing
This review is transcluded from Talk:IEEE Symposium on Security and Privacy/GA1. The edit link for this section can be used to add comments to the review.

Nominator: Sohom Datta (talk · contribs) 19:21, 12 May 2024 (UTC)Reply

Reviewer: CursedWithTheAbilityToDoTheMath (talk · contribs) 07:15, 22 August 2024 (UTC)Reply


Rate Attribute Review Comment
1. Well-written:
  1a. the prose is clear, concise, and understandable to an appropriately broad audience; spelling and grammar are correct. "The conference, initially conceived by researchers Stan Ames and George Davida in 1980 as a small workshop for discussing computer security and privacy, gradually evolved into a larger gathering within the field."

I feel like this sentence could be split into two as it feels a bit long.

There are some terms and sentences that I feel require a bit more explanation to be understood by a broad audience. I highlighted these sections in 3a. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC)Reply

  1b. it complies with the Manual of Style guidelines for lead sections, layout, words to watch, fiction, and list incorporation. The lede seems quite short. I feel like it could be expanded to talk more about what happens at the conference. Some of the information from the rest of the article could be incorporated into the lede as well. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC)Reply
2. Verifiable with no original research, as shown by a source spot-check:
  2a. it contains a list of all references (sources of information), presented in accordance with the layout style guideline. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC)Reply
  2b. reliable sources are cited inline. All content that could reasonably be challenged, except for plot summaries and that which summarizes cited content elsewhere in the article, must be cited no later than the end of the paragraph (or line if the content is not in prose). "In 2021, researchers from the University of Minnesota submitted a paper titled "On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits" to the 42nd iteration of a conference."

The source given doesn't say that the paper was released in 2021 or that it was submitted to the 42nd iteration of a conference.

"They aimed to highlight vulnerabilities in the review process of Linux kernel patches, and the paper was accepted for presentation in 2021."

The source provided doesn't talk about what the paper aimed to do

" Despite undergoing review by the conference, this breach of ethical responsibilities was not detected during the paper's review process. This sparked significant criticism from the Linux community and broader cybersecurity circles."

The source provided did not back up this claim.

I was able to access and verify all other sources. CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC)Reply

  2c. it contains no original research. per above. CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC)Reply
  2d. it contains no copyright violations or plagiarism. CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC)Reply
3. Broad in its coverage:
  3a. it addresses the main aspects of the topic. "The conference uses a single-track model for its conference proceedings, deviating from the multi-track format common in many similar conferences focused on security and privacy"

Would it be possible to expand a bit one what a single track model is? The next sentence does expand on the topic a bit but I still don't understand what single vs multi track is.

"IEEE Symposium on Security and Privacy considers papers from a wide range of topics related to computer security and privacy."

Could you expand on what topics are discussed?

"They aimed to highlight vulnerabilities in the review process of Linux kernel patches, and the paper was accepted for presentation in 2021. However, their methods involved writing patches for existing trivial bugs in the Linux kernel in ways such that they intentionally introduced security bugs into the kernel."

Could you explain a bit more about what the aims of this study were and how they introduced security bugs? Also the average reader most likely doesn't know what the linux kernel is and I believe this should be expanded on. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC)Reply

"In 2022, a study conducted by Ananta Soneji et al. showed that review processes of top security conferences, including the IEEE Symposium on Security and Privacy were exploitable. They identified a lack of objective criteria for paper evaluation and noted a degree of randomness among reviews provided by conference reviewers as the major weaknesses of the peer review process used by the conferences."

The paper mentioned went into a lot more detail on how the review process was exploitable, I feel as though you could also go into more detail about what exactly made the process easy to exploit. CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC)Reply

  3b. it stays focused on the topic without going into unnecessary detail (see summary style). CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC)Reply
  4. Neutral: it represents viewpoints fairly and without editorial bias, giving due weight to each. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC)Reply
  5. Stable: it does not change significantly from day to day because of an ongoing edit war or content dispute. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC)Reply
6. Illustrated, if possible, by media such as images, video, or audio:
  6a. media are tagged with their copyright statuses, and valid non-free use rationales are provided for non-free content. Couldn't find any free images online so not having a photo is appropriate here. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC)Reply
  6b. media are relevant to the topic, and have suitable captions. Per above. CursedWithTheAbilityToDoTheMath (talk) 07:15, 22 August 2024 (UTC)Reply
  7. Overall assessment. I found several parts of the article that were not backed by sources. The article also needs to be expanded a bit so that the average reader can understand all of the terms used. Several of the sources provided go into more detail that I feel could be incorporated into the article. I did find a few grammar issues so the article could probably benefit from being put through some type of grammar checker. Overall I think the article has a strong foundation it just needs to be built upon. I originally had some sections marked as on hold but because I found quite a few issues I feel as though these issues may need more work hence why I changed them to fail. Good work to those who wrote the article as it did a good job of giving a balanced overview of the topic without bias. CursedWithTheAbilityToDoTheMath (talk) 20:18, 22 August 2024 (UTC)Reply
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

GA Review

edit

The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.


GA toolbox
Reviewing
This review is transcluded from Talk:IEEE Symposium on Security and Privacy/GA2. The edit link for this section can be used to add comments to the review.

Nominator: Sohom Datta (talk · contribs) 01:19, 25 August 2024 (UTC)Reply

Reviewer: CursedWithTheAbilityToDoTheMath (talk · contribs) 04:10, 25 August 2024 (UTC)Reply

Rate Attribute Review Comment
1. Well-written:
  1a. the prose is clear, concise, and understandable to an appropriately broad audience; spelling and grammar are correct. "The reviewers interviewed 21 reviewers about the criteria they used to judge papers during the review process. Among these reviewers, 19 identified novelty—whether the paper advanced the research problem or the state of the art—as their primary criterion. Nine reviewers also emphasized the importance of technical soundness in the implementation, while seven mentioned the need for a self-contained and complete evaluation, ensuring all identified areas were thoroughly explored. Additionally, six reviewers highlighted the importance of clear and effective writing in their assessments."

You use the term reviewers to refer to both those reviewing papers for the conference and the people conduction this study. This is kind of confusing. I would recommend changing it to "Ananta Soneji and others running the study interviewed 21 of the reviewers for the conference" or something along those lines to make it clear who you are referring to. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply

  Fixed, this was a typo, I meant "researchers". Sohom (talk) 15:26, 25 August 2024 (UTC)Reply

"the major weaknesses of the peer review process used by the conferences."

I'm assuming you just meant this conference here so I would change this to conference singular instead of conferences but I wanted to double check that is what you meant. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply

  Fixed Sohom (talk) 15:26, 25 August 2024 (UTC)Reply
  1b. it complies with the Manual of Style guidelines for lead sections, layout, words to watch, fiction, and list incorporation. Great job at expanding the lede! CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC)Reply
2. Verifiable with no original research, as shown by a source spot-check:
  2a. it contains a list of all references (sources of information), presented in accordance with the layout style guideline. CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC)Reply
  2b. reliable sources are cited inline. All content that could reasonably be challenged, except for plot summaries and that which summarizes cited content elsewhere in the article, must be cited no later than the end of the paragraph (or line if the content is not in prose). CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply
  2c. it contains no original research. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply
  2d. it contains no copyright violations or plagiarism. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply
3. Broad in its coverage:
  3a. it addresses the main aspects of the topic. "The conference has a single track and follows a double-blind review process to ensure fairness during peer review." (from the lede)

I think it would be a good idea to define what single track and double blind means within the lede. Both of these terms are used throughout the article and the average reader may not know what they mean. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply

  Done Sohom (talk) 15:26, 25 August 2024 (UTC)Reply

"The conference has a low acceptance rate due to it having only a single track." (from lede)

Again I would define what single track is either here or earlier in the lede. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply

  Done Sohom (talk) 15:26, 25 August 2024 (UTC)Reply

I do see that you defined single track later in the article which is very appreciated however I would recommend moving that explanation into the lede as a good portion of readers only ever read the lede. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply

"EEE Symposium on Security and Privacy considers papers from a wide range of topics related to computer security and privacy. Every year, a list of topics of interest is published by the program chairs of the conference which changes based on the trends in the field."

Is it possible that you could find the list of topics from one of their older meetings and incorporate that into the article? Something like "in past meetings they have discussed topics such as xyz". This would give the reader a better understanding of the goal of the meetings. I would just caution you to be careful with using overly technical terminology here and purposely select topics that most people would be more familiar with. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply

  DoneI've added a few topics from the 2023 conference. Sohom (talk) 15:26, 25 August 2024 (UTC)Reply

You use the term "Linus kernel" quite a bit throughout the article. I do see that you gave a basic description of it in the lede which is good however I would suggest explaining it a bit more in the controversy section. ref 7 [1] goes a little more into depth about the Linux kernel and I feel like you could incorporate some of their explanation into the article. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply

  Done Sohom (talk) 15:26, 25 August 2024 (UTC)Reply
  3b. it stays focused on the topic without going into unnecessary detail (see summary style). CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply
  4. Neutral: it represents viewpoints fairly and without editorial bias, giving due weight to each. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply
  5. Stable: it does not change significantly from day to day because of an ongoing edit war or content dispute. CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC)Reply
6. Illustrated, if possible, by media such as images, video, or audio:
  6a. media are tagged with their copyright statuses, and valid non-free use rationales are provided for non-free content. CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC)Reply
  6b. media are relevant to the topic, and have suitable captions. CursedWithTheAbilityToDoTheMath (talk) 04:10, 25 August 2024 (UTC)Reply
  7. Overall assessment. Overall this article has significantly improved since my last review. It's clear that a lot of hard work was put into making this article. There are a couple of very minor issues mostly to do with making the article understandable to a broad audience. Once @Sohom Datta: addresses those issues I believe the article will pass. All of the content was backed up by sources. The lede is at an appropriate length. Everything is put into the writers own words. CursedWithTheAbilityToDoTheMath (talk) 14:12, 25 August 2024 (UTC)Reply

Seeing as all the issues have been addressed I am going to pass this article! CursedWithTheAbilityToDoTheMath (talk) 22:06, 25 August 2024 (UTC)Reply

The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.