TORIENTATION AND SECURITY FOR NEW MEMBERS (Recommendations coming out of 2/29/16 discussion group) Methodology – some combination of: Incorporated by Gunner’s into opening remarks Personal mentoring

  • Pair each new person with a mentor if they didn’t come with one (tailored to their kind of work)
  • Have a backstop, orientation point person
  • Post a short, basic newcomer orientation sheet (or add to tordev mtg wiki)

Convey basic community and security do’s and don’ts: To the newbie:

  • No photos without consent (may need to be added to tordev mtg wiki as some people begin taking photos before opening plenary)
  • Respect identities
  • Proceed with caution
  • Ask before do
  • Get in the habit of being security minded – e.g. re how you use and secure your computer and phone (both fosters and reflects good habits)

To the established member:

  • Be inclusive, not exclusive
  • Assume newbie is well intentioned
  • Teach before condemn
  • Spell things out to; don’t make assumptions about knowledge level

Practical Security

  • Respect not just your own security but other people’s
  • Don’t assume your level of security is good enough for others
  • People are doing different kinds of work with different threat models
  • Just because you’re paranoid doesn’t mean they aren’t out to get you
  • But be real: just because you don’t protect against the 1 in 1 billion risk doesn’t make you risky
  • Try to avoid either understanding or overstating risks
  • Avoid creating false senses of security in any particular tech app
Last modified 3 years ago Last modified on Mar 10, 2016, 8:17:10 PM