Opened 5 years ago

Closed 5 years ago

#16618 closed task (fixed)

List to quickly evaluate incoming Tor attacks

Reported by: ailanthus Owned by:
Priority: Medium Milestone:
Component: Internal Services/Service - lists Version:
Severity: Keywords: Attack, team, media, researchers
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


  • What is the list name? Attack-Research
  • What is the email address of the list maintainer?     kate@…  and arma@… (Part of Boston Meeting Plan)

Lists default to being public and archived. If you would prefer something else then you'll need to change its configuration in Mailman.

Members of tor-internal@ do not require approval for their lists. Non-members will need signoff of Damian, Karsten, or Andrew.

One sentence summary: List of internal and external researchers to quickly evaluate incoming attacks, leaks, and papers for media requests (typically to meet a deadline within a few hours or a day).

Child Tickets

Change History (8)

comment:1 Changed 5 years ago by ailanthus

Keywords: media researchers added

comment:2 Changed 5 years ago by karsten

Status: newneeds_information

I wonder if this list would be too special-purpose. We already have tor-security@ which is described as "Point of contact concerning Tor security issues." And we probably have the press@ alias for discussing, among other things, how to handle the media aspect of security issues and attack research papers.

Can you give us a better idea how this list is supposed to be used? You pasted the wiki text "Lists default to being public and archived", but this list won't be public and archived, right? What kind of people will be on it? Will anybody be able to send to this list, or just members of this list?

comment:3 Changed 5 years ago by nickm

Let me suggest the name "research-response@", since it's more broad and more narrow than described above.

We need a small group that can prioritize fast evaluation of research claims. That's different from press@, since lots of people who don't want to handle press queries are exactly the right people to read papers and pore through press releases. And it's different from tor-security@, since tor-security's job to actually solve security problems, whereas this list is supposed to be generally dedicating to analyzing research (including non-attack research) from the POV of assessing the right way to talk about it with the press and making sure we stay accurate.

(I would suggest this ought to be a non-public, archived, members only list, since arguing candidly about possibly bad research and possibly misleading claims is the kind of thing that presents diplomacy issues.)

comment:4 Changed 5 years ago by karsten

Okay. Created #16658 for the sysadmin part. Once the list exists, I'll configure it. Give it a few days.

comment:5 Changed 5 years ago by arma

Thanks. I like the research-response@ name.

comment:6 Changed 5 years ago by karsten

Resolution: fixed
Status: needs_informationclosed

The list now exists and is configured with ailanthus and arma as owners. Please go to and select the link "research-response administrative interface" at the bottom to add list members and make more configuration changes.

comment:7 Changed 5 years ago by ailanthus

Resolution: fixed
Status: closedreopened

How does one obtain the administrative password? - Thanks, ailanthus

Last edited 5 years ago by ailanthus (previous) (diff)

comment:8 Changed 5 years ago by karsten

Resolution: fixed
Status: reopenedclosed

You should have received passwords from Mailman via email, but I also just re-sent them to you in encrypted email. Closing.

Note: See TracTickets for help on using tickets.