Tails

#4 Updated by BitingBird 2014-06-13 19:00:10

See also http://www.ashedryden.com/blog/codes-of-conduct-101-faq

#5 Updated by sajolida 2014-06-18 10:14:16

Thanks for taking over that important initiative.

Many of the links you provided are primarily targeted at conferences. Do you plan to work on a document only for our physical meetings, or with a broader scope, or maybe two different documents?

#6 Updated by BitingBird 2014-06-20 13:16:16

T though making a CoC for both physical and non-physical interractions, but intri started working on a anti-harrassment policy for the hackfest - they might be complementary.

#7 Updated by sajolida 2014-06-21 09:53:22

> T though making a CoC for both physical and non-physical interractions, but intri started working on a anti-harrassment policy for the hackfest - they might be complementary.

I really like the CoC that has been drafted based on the one from Django
and I think it applies to both online and offline interactions. Apart for:

« - Recording, photographing or filming other persons without their
consent. Seek consent before recording. Also ask people who may be
seen or heard in the background. »

An online equivalent could be not to forward private conversations
publicly without consent.

« If you believe someone is violating this policy, we ask that you
report it by contacting the emergency response team: [XXX: who, where,
how]. »

But we could have a different contact information for online interactions.

#8 Updated by intrigeri 2014-06-21 10:03:37

> I really like the CoC that has been drafted based on the one from Django
> and I think it applies to both online and offline interactions.
> Apart for: […]

The original text was better suited for online interactions. I believe that the shortest path to getting this back would be to partially revert commit 9b29a8c (in internal Git repo).

#9 Updated by sajolida 2014-06-21 14:45:43

> The original text was better suited for online interactions. I
> believe that the shortest path to getting this back would be to
> partially revert commit 9b29a8c (in internal Git repo).

Apart from the contact address and the definition of the context (“This
policy is meant for the Tails HackFest”) I couldn’t find any changes in
that commit that are making it less suited for online use. For example,
the change of “post” into “exhibiting” and “publishing” makes it more
generic and is good anyway.

So I propose that we review it after the hackfest and discuss its
adoption as a global code of conduct.

#10 Updated by BitingBird 2014-07-01 01:11:49

Additional ressource: http://geekfeminism.wikia.com/wiki/Community_anti-harassment/Policy

#13 Updated by intrigeri 2014-08-12 09:04:43

BitingBird wrote:
> It could be discussed to adopt the hackfest’policy as a CoC as-is.

Care to start the discussion on -project@?

#19 Updated by cnd 2015-01-22 00:02:17

BitingBird wrote:
> what behaviours are not welcome…

Everything about Tails flies in the face of the purpose of NSA, GCHQ, ASD, CSEC, and GCSB (aka 5-eyes), not to mention the 100+ foreign agencies tasked with the same job. America alone has 55,000+ of the nations smartest geeks spending more than $50,000,000,000 per year to “watch you”.

The one thing you can be absolutely certain about, is that one or more of your “contributors” works for these guys, and has more money than you do to spend on this, and if they’re not smarter than you, they certainly have access to hundreds of experts who are.

There should be NO “Code of Conduct” for Tails. It will instill an absolutely false sense of “security” into people, which by the nature of your product is impossible to attain for as long as more than 1 person is involved.

Bad people do not follow rules, nor do government agencies (or worse; they’ve got their own rules permitting them to not follow ours).

Better to spend your energy on ways to hamper subversion and evil, than wasting time asking people (who don’t listen) not to.

Here’s a fun 5-minute hack that will show you some of the places where your security has already been subverted: as you know, all security relies on strong random numbers. As you possibly don’t know, some “random” is in fact “pseudorandom” (looks random, but it’s really a repeatable sequence based on the starting key, known as a “seed”). So, in a fully secure product, do you think it could ever be reasonable for anything to “seed” the random pool, so as to generate predictable fake random numbers? IMHO: hell no! So, do this - put some warning statements into all the random seed code in Tails, re-build, and watch in horror as you see all your favorite tools generating predicable numbers, instead of real random ones. Oops! Or even better - hack the random code so it always returns random, irrespective of seeds etc, and watch all the build tests fail. (and have fun trying to explain why it’s so important that the products you’re shipping need to know that their predictable pseudorandom generators are all functioning… predictably…)

#20 Updated by intrigeri 2015-01-22 11:53:24

> There should be NO “Code of Conduct” for Tails. It will instill an absolutely false sense of “security” into people, which by the nature of your product is impossible to attain for as long as more than 1 person is involved.

The purpose of having a CoC for Tails is not to improve security.