The article isn't really clear, but the alleged activities were attributed to SEI, which is not at all the same thing as CMU, although they are obviously related.
Lots of room for discussion about these activities but it probably should be done in the context of expectations for a Federally Funded Research and Development Center (and one funded by the Department of Defense) and not in the context of expectations for a private university.
> The article isn't really clear, but the alleged activities were attributed to SEI, which is not at all the same thing as CMU, although they are obviously related.
Looks to me like SEI reports directly to the CMU Provost.
Glad to see someone pointed this out. It's a pretty meaningful distinction. To provide some additional context for other readers, the SEI is in the same category as Lincoln Labs & Los Alamos : managed by a University, but operated largely independently and funded by the federal government.
when you are a subdomain on cmu.edu, I am going to hold cmu.edu responsible for your actions (regardless of the formal legal relationship between the two)
Why? Should bit.ly be held responsible for the actions of the Libyan government? Should customers of heroku be held responsible for Heroku's corporate actions (customer.herokuapp.com)?
The domain hierarchy doesn't actually tell you much about the relationships between entities and certainly doesn't tell you enough on its own to discern culpability between entities.
reporting: http://www.post-gazette.com/business/technology/2014/07/31/2...
About SEI: http://www.sei.cmu.edu/about/organization/workingwithanFFRDC...
Lots of room for discussion about these activities but it probably should be done in the context of expectations for a Federally Funded Research and Development Center (and one funded by the Department of Defense) and not in the context of expectations for a private university.