Skip to content
  • Home Home Home, current page.
  • Moments Moments Moments, current page.

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @
  • Language: English
    • Bahasa Indonesia
    • Bahasa Melayu
    • Català
    • Čeština
    • Dansk
    • Deutsch
    • English UK
    • Español
    • Filipino
    • Français
    • Hrvatski
    • Italiano
    • Magyar
    • Nederlands
    • Norsk
    • Polski
    • Português
    • Română
    • Slovenčina
    • Suomi
    • Svenska
    • Tiếng Việt
    • Türkçe
    • Ελληνικά
    • Български език
    • Русский
    • Српски
    • Українська мова
    • עִבְרִית
    • العربية
    • فارسی
    • मराठी
    • हिन्दी
    • বাংলা
    • ગુજરાતી
    • தமிழ்
    • ಕನ್ನಡ
    • ภาษาไทย
    • 한국어
    • 日本語
    • 简体中文
    • 繁體中文
  • Have an account? Log in
    Have an account?
    · Forgot password?

    New to Twitter?
    Sign up
SarahJamieLewis's profile
Sarah Jamie Lewis
Sarah Jamie Lewis
Sarah Jamie Lewis
@SarahJamieLewis

Tweets

Sarah Jamie Lewis

@SarahJamieLewis

Executive Director @OpenPriv. Enforcing Consent & Resisting Surveillance with Cryptography. Vegan Lesbian, Queer Anarchist. Donate: https://openprivacy.ca 

Unceded territories of the xwməθkwəy̓əm (Musqueam), Skwxwú7mesh (Squamish), Stó:lō and Səl̓ílwətaʔ/Selilwitulh (Tsleil- Waututh) People
sarahjamielewis.com
Joined July 2007

Tweets

  • © 2021 Twitter
  • About
  • Help Center
  • Terms
  • Privacy policy
  • Cookies
  • Ads info
Dismiss
Previous
Next

Go to a person's profile

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @

Promote this Tweet

Block

  • Tweet with a location

    You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more

    Your lists

    Create a new list


    Under 100 characters, optional

    Privacy

    Copy link to Tweet

    Embed this Tweet

    Embed this Video

    Add this Tweet to your website by copying the code below. Learn more

    Add this video to your website by copying the code below. Learn more

    Hmm, there was a problem reaching the server.

    By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy.

    Preview

    Why you're seeing this ad

    Log in to Twitter

    · Forgot password?
    Don't have an account? Sign up »

    Sign up for Twitter

    Not on Twitter? Sign up, tune into the things you care about, and get updates as they happen.

    Sign up
    Have an account? Log in »

    Two-way (sending and receiving) short codes:

    Country Code For customers of
    United States 40404 (any)
    Canada 21212 (any)
    United Kingdom 86444 Vodafone, Orange, 3, O2
    Brazil 40404 Nextel, TIM
    Haiti 40404 Digicel, Voila
    Ireland 51210 Vodafone, O2
    India 53000 Bharti Airtel, Videocon, Reliance
    Indonesia 89887 AXIS, 3, Telkomsel, Indosat, XL Axiata
    Italy 4880804 Wind
    3424486444 Vodafone
    » See SMS short codes for other countries

    Confirmation

     

    Welcome home!

    This timeline is where you’ll spend most of your time, getting instant updates about what matters to you.

    Tweets not working for you?

    Hover over the profile pic and click the Following button to unfollow any account.

    Say a lot with a little

    When you see a Tweet you love, tap the heart — it lets the person who wrote it know you shared the love.

    Spread the word

    The fastest way to share someone else’s Tweet with your followers is with a Retweet. Tap the icon to send it instantly.

    Join the conversation

    Add your thoughts about any Tweet with a Reply. Find a topic you’re passionate about, and jump right in.

    Learn the latest

    Get instant insight into what people are talking about now.

    Get more of what you love

    Follow more accounts to get instant updates about topics you care about.

    Find what's happening

    See the latest conversations about any topic instantly.

    Never miss a Moment

    Catch up instantly on the best stories happening as they unfold.

    Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

    Sarah Jamie Lewis Retweeted

    Experiments on human subjects without informed consent or even a review by an ethics board...academic computer science has still yet to learn the lessons of the 1970s. https://twitter.com/kengiter/status/1330209964812607494 …

    Sarah Jamie Lewis added,

    This Tweet is unavailable.
    1:07 PM - 22 Nov 2020
    • 97 Retweets
    • 288 Likes
    • Pamela Liou Justin Antonio Salazar Cardozo david doll Mihai Christodorescu A2nkF | Ilias Fenreliania Matt Corallo jmce 🌸🏴‍☠️🐺
    9 replies 97 retweets 288 likes
      1. New conversation
      2. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        Just because you mediate communication via the internet doesn't make it less an experiment involving human subjects - with all the duty of care that should involve.

        2 replies 4 retweets 82 likes
        Show this thread
      3. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        I must say it is something to occupy maintainer time (were they compensated for participation?) by surreptitiously introducing vulnerabilities to OSS projects and then in your abstract to urge those maintainer to do a better job.

        2 replies 6 retweets 84 likes
        Show this thread
      4. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        Hard to tell without the paper, but looking through patch history it seems that at least some of these attempts were submitted via their institutional email so it seems clear that to mitigate this issue you should disregard patches originating from universities.

        1 reply 0 retweets 40 likes
        Show this thread
      5. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        Are malicious patches an issue? Of course. But much like corporate infosec hacks running phishing tests on accounting the solution isn't training or blaming individuals - it's building tooling and infrastructure such that the damn ecosystem less vulnerable to individual error.

        2 replies 1 retweet 37 likes
        Show this thread
      6. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        Well now I'm just confused. Which is it?pic.twitter.com/wVmWM7yOBm

        5 replies 3 retweets 38 likes
        Show this thread
      7. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        Again...whatever way you want to interpret "we successfully introduced multiple exploitable use-after-free into the latest linux kernel" - still an experiment involving human subjects that should have gone through ethics review and required a consent and opt-out process.

        2 replies 2 retweets 49 likes
        Show this thread
      8. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        "What if people submit code that has bugs in it, and the maintainers don't catch it!....... but intentionally"

        2 replies 0 retweets 32 likes
        Show this thread
      9. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        For their next paper I suggest they become a maintainer of a kernel module and then deliberately start merging bad code we can call it "BLAME Attack (Backdoor Linux by Acquiring Maintainer Escalation" and give it a cool logo.

        2 replies 3 retweets 77 likes
        Show this thread
      10. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        Would that be academically novel enough IEEESP?

        2 replies 0 retweets 22 likes
        Show this thread
      11. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        The original tweet has been deleted because "it created...confusions", so to avoid confusion here is a screenshot and an archive of the shared first page of the paper.pic.twitter.com/96bIH7gKsN

        1 reply 11 retweets 58 likes
        Show this thread
      12. Sarah Jamie Lewis‏ @SarahJamieLewis 22 Nov 2020

        Given that the purpose of abstracts is to accurately summarize the research seems like a weird thing to do...to take down a screenshot of your paper that was accepted at a major conference...because it "created confusion"

        2 replies 0 retweets 35 likes
        Show this thread
      13. End of conversation

    Loading seems to be taking a while.

    Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

      Promoted Tweet

      false

      • © 2021 Twitter
      • About
      • Help Center
      • Terms
      • Privacy policy
      • Cookies
      • Ads info