Write a Code of Conduct for Tails
Tails is a growing project, and we need even more contributors. Having a clear inclusivity policy lets people know that they are welcome, and what behaviours are not welcome. It’s particularly important because we’re about to have our first public meeting in a few months.
Exemples with specifics do/dont:
I set myself as assignee because I want to make this happen, and I’ll propose something in the incoming days/weeks, but you’re more than welcome to contribute with ressources, feedback etc
#4 Updated by BitingBird 2014-06-13 19:00:10
#7 Updated by sajolida 2014-06-21 09:53:22
> T though making a CoC for both physical and non-physical interractions, but intri started working on a anti-harrassment policy for the hackfest - they might be complementary.
I really like the CoC that has been drafted based on the one from Django
and I think it applies to both online and offline interactions. Apart for:
« - Recording, photographing or filming other persons without their
consent. Seek consent before recording. Also ask people who may be
seen or heard in the background. »
An online equivalent could be not to forward private conversations
publicly without consent.
« If you believe someone is violating this policy, we ask that you
report it by contacting the emergency response team: [XXX: who, where,
But we could have a different contact information for online interactions.
#8 Updated by intrigeri 2014-06-21 10:03:37
> I really like the CoC that has been drafted based on the one from Django
> and I think it applies to both online and offline interactions.
> Apart for: […]
The original text was better suited for online interactions. I believe that the shortest path to getting this back would be to partially revert commit 9b29a8c (in internal Git repo).
#9 Updated by sajolida 2014-06-21 14:45:43
> The original text was better suited for online interactions. I
> believe that the shortest path to getting this back would be to
> partially revert commit 9b29a8c (in internal Git repo).
Apart from the contact address and the definition of the context (“This
policy is meant for the Tails HackFest”) I couldn’t find any changes in
that commit that are making it less suited for online use. For example,
the change of “post” into “exhibiting” and “publishing” makes it more
generic and is good anyway.
So I propose that we review it after the hackfest and discuss its
adoption as a global code of conduct.
#10 Updated by BitingBird 2014-07-01 01:11:49
Additional ressource: http://geekfeminism.wikia.com/wiki/Community_anti-harassment/Policy
#15 Updated by sajolida 2014-09-22 03:36:08
- Type of work changed from Discuss to Documentation
Discussed during September 2014 online meeting: https://tails.boum.org/contribute/meetings/201409/
#19 Updated by cnd 2015-01-22 00:02:17
> what behaviours are not welcome…
Everything about Tails flies in the face of the purpose of NSA, GCHQ, ASD, CSEC, and GCSB (aka 5-eyes), not to mention the 100+ foreign agencies tasked with the same job. America alone has 55,000+ of the nations smartest geeks spending more than $50,000,000,000 per year to “watch you”.
The one thing you can be absolutely certain about, is that one or more of your “contributors” works for these guys, and has more money than you do to spend on this, and if they’re not smarter than you, they certainly have access to hundreds of experts who are.
There should be NO “Code of Conduct” for Tails. It will instill an absolutely false sense of “security” into people, which by the nature of your product is impossible to attain for as long as more than 1 person is involved.
Bad people do not follow rules, nor do government agencies (or worse; they’ve got their own rules permitting them to not follow ours).
Better to spend your energy on ways to hamper subversion and evil, than wasting time asking people (who don’t listen) not to.
Here’s a fun 5-minute hack that will show you some of the places where your security has already been subverted: as you know, all security relies on strong random numbers. As you possibly don’t know, some “random” is in fact “pseudorandom” (looks random, but it’s really a repeatable sequence based on the starting key, known as a “seed”). So, in a fully secure product, do you think it could ever be reasonable for anything to “seed” the random pool, so as to generate predictable fake random numbers? IMHO: hell no! So, do this - put some warning statements into all the random seed code in Tails, re-build, and watch in horror as you see all your favorite tools generating predicable numbers, instead of real random ones. Oops! Or even better - hack the random code so it always returns random, irrespective of seeds etc, and watch all the build tests fail. (and have fun trying to explain why it’s so important that the products you’re shipping need to know that their predictable pseudorandom generators are all functioning… predictably…)
#20 Updated by intrigeri 2015-01-22 11:53:24
> There should be NO “Code of Conduct” for Tails. It will instill an absolutely false sense of “security” into people, which by the nature of your product is impossible to attain for as long as more than 1 person is involved.
The purpose of having a CoC for Tails is not to improve security.