[tor-bugs] #2671 [Tor Relay]: Better communication for authority operators, core developers in emergency situations

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Mar 10 22:47:26 UTC 2011 

#2671: Better communication for authority operators, core developers in emergency
situations
-----------------------+----------------------------------------------------
 Reporter:  nickm      |          Owner:       
     Type:  task       |         Status:  new  
 Priority:  normal     |      Milestone:       
Component:  Tor Relay  |        Version:       
 Keywords:             |         Parent:  #2664
   Points:             |   Actualpoints:       
-----------------------+----------------------------------------------------

Comment(by nickm):

 Replying to [comment:2 arma]:
 > My preference would be to handle more of our "emergency" issues
 transparently in the open. In my opinion many of the security things we've
 dealt with over the past year did not need to be done secretly with
 pairwise OTR conversations, or even with sekrit lists of pgp-encrypted
 mails. They are issues, we can solve them relatively quickly, the odds
 that somebody will lurk around waiting to find a vulnerability and then
 leap on the opportunity are low. By being more open we will involve more
 of the community, and _create_ more people who can help out in future
 cases. Talking amongst a small closed community doesn't scale as you say,
 and worse it doesn't fix the scaling problem. Plus it takes more energy
 and coordination amongst those trying to keep the secret, and we don't
 have enough people to waste time on that.
 >
 > I don't mean to say that no event is so serious that it needs to be kept
 private until after it's resolved. But I think we're being too
 conservative on too many issues, and it's impacting both our productivity
 and our community growth.

 I agree that we're being too conservative; I'd guess at least 60% of the
 encrypted email I get never actually needed to be encrypted.

 In my opinion, it would actually help us be more transparent if we came up
 with some rough guidelines here.  A description of how to handle what is
 not only a guideline for what is too sensitive to divulge before it's
 fixed, but also a guideline for what is ''not'' that sensitive, and
 therefore good to do in public.  If as you think we are being too
 conservative, then coming to a good agreement about the boundaries here
 will make us less so.  Let's talk about that, perhaps on one of the more
 public mailing lists.

 But sometimes, honestly, there will be stuff that we ought not to disclose
 until it's fixed.   And sometimes, there will be stuff that we need to
 triage to make sure it is safe to disclose before it's fixed.   When that
 that happens-- and it will from time to time-- having a good means to talk
 about it will help us triage faster and fix stuff faster, thereby actually
 moving us out of the "ninjas and superspies" phase even faster.

 So I take your point as implying that  we should not take a better means
 of secure communication as license to do more things in private.  And I
 agree!  But that doesn't mean that secure communication is needless, and
 it doesn't mean we shouldn't do it better-- and I don't think you mean
 that, either.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2671#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list