lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e932f9db-b06d-b4bb-d1ca-755cc54347c2@labbott.name>
Date:   Thu, 12 Mar 2020 18:58:47 -0400
From:   Laura Abbott <laura@...bott.name>
To:     "Bird, Tim" <Tim.Bird@...y.com>,
        Laurent Pinchart <laurent.pinchart@...asonboard.com>
Cc:     "ksummit-discuss@...ts.linuxfoundation.org" 
        <ksummit-discuss@...ts.linuxfoundation.org>,
        "tech-board-discuss@...ts.linuxfoundation.org" 
        <tech-board-discuss@...ts.linuxfoundation.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [Ksummit-discuss] Linux Foundation Technical Advisory Board
 Elections -- Change to charter



On 3/12/20 5:28 PM, Bird, Tim wrote:
>> -----Original Message-----
>> From:  Laurent Pinchart
>>
>> Hi Laura,
>>
>> On Wed, Mar 11, 2020 at 08:19:46PM -0400, Laura Abbott wrote:
>>> On behalf of the Linux Foundation Technical Advisory Board (TAB), I
>>> would like to announce the following changes to our charter, available
>>> at https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.linuxfoundation.org_tab_start&d=DwICAg&c=fP4tf--
>> 1dS0biCFlB0saz0I0kjO5v7-GLPtvShAo4cc&r=rUvFawR4KzgZu1gSN5tuozUn7iTTP0Y-INWqfY8MsF0&m=rEcpcrRVZ-R-
>> msxXCoATt2eqeJ0slEmwjZvSIsW2FnA&s=uCuhAV3NJJQ8ZD7FRbWtcW1p_3-DDKj2EsqssXv_hm0&e=
>>>
>>> - Line 2b that previously read "All members shall be elected by a vote
>>> amongst all invitees of the Linux Kernel Summit." is changed to "All
>>> members shall be elected by a vote amongst all attendees of the Linux
>>> Kernel Summit."
>>>
>>> This clarifies that kernel summit is no longer invite only.
>>
>> This is a good clarification, no issue with it.
>>
>>> - Under meetings and membership, the following line is added
>>> "The TAB, at its discretion, may set criteria to allow for absentee
>>> voting for those who are unable to attend the Linux Kernel Summit."
>>
>> This is however a bit more problematic. I understand the intent, which I
>> believe is good, but it would make ballot stuffing very easy. At the
>> same time I understood it will not be an easy task to set clear written
>> rules that wouldn't be over complex and would still allow reaching the
>> end goal of expanding the election to the whole community through
>> electronic voting. I'm afraid I don't have a solution to propose to this
>> problem at this time.
> 
> I agree with Laurent.  I'm not sure how to solve this problem, but
> I think you need something to indicate the voter approval policy
> besides "the TAB will decide it, and can change it when they like".
> 
> I suppose the pool of voters has been decided historically by the Kernel
> Summit invitation committee.  Some randomness was introduced by
> allowing voting by attendees from whatever event the Linux Foundation
> co-located with the Kernel Summit.  I think in practical terms,
> this means that recently the voting pool was self-selected (somewhat), but
> was skewed towards people who could travel, or had employer support.
> But in any event, the selection of the voting pool was done by people outside
> the TAB (or at least not necessarily inside the TAB), and without any eye towards
> skewing the election results.  That is, I don't think the kernel summit invitation
> committee, or the LF event staff, ever considered TAB voting in their KS attendee
> selection or event pairing choices.
> 
> I don't think that the current TAB would do anything wacky here.  And I suspect
> it's probably not a huge concern even for future TABs whose constitution we don't
> know yet. I do think, however, it would be better to have a written policy
> for the voting eligibility, that the TAB members can't change on a whim.
>   -- Tim
>   

(my own opinion again)

We intentionally wanted to keep it vague to avoid having to change the
charter every time we wanted to tweak the absentee voting requirements.
This is because while everyone is in favor of absentee voting in theory
there were concerns about trying to get the numbers right.

I'd argue that the way the charter is currently written the TAB
members can really change the election on a whim. The wording "All
members shall be elected by a vote amongst all invitees of the Linux
Kernel Summit" basically says nothing about how the vote is conducted.
The TAB does run the election and the community has trusted that we
set up proctors who aren't up for election and that we are using a
voting procedure that is actually fair as opposed to, say, voting
proportional to lines of code removed last year. I don't think this
is necessarily a _good_ situation since it could be easily abused
but I also think that absentee voting falls into the same category
of trusting the TAB to not come up with some arbitrary voting method
designed to get the outcome they want.

Maybe the real question is if the community would rather see all
election procedures specified explicitly rather than just placing
trust in the TAB.

Thanks,
Laura

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ