|
Grex > Coop8 > #10: Web-Page Building on Grex |  |
|
| Author |
Message |
| 25 new of 382 responses total. |
adbarr
|
|
response 250 of 382:
| 
Jan 27 01:19 UTC 1996 |
Curious. Would it change things if kerouac had said " I think its _wrong_
for staff . . .", instead of "I think it is _unethical_ for staff . . . "?
It seemed an unfortunate choice of words. I'd have to review all this
first to be sure, but my impression was that kerouac was trying to make
a sincere point - that a policy is needed. For sure we all should have
all our facts straight before making bold statements, but (with some
rare execptions) it is an error made by almost all of us. The important
point, to me, is whether Grex should develop a stated policy? We have the
same problem at HVCN -- it is not easy to define this stuff. One of our
lawyers (we have dozens on retainer :-) ) and I were politely discussing
this today. I tend to believe, from experience, that srw's concept of
dealing with the likihood of restrictive laws makes sense in today's political
climate and defying the enemy when they have machine gun and we have
flags and banners is dangerous. It is ok to do it if you are willing
to accept the consequences and if you explain the consequences to others
you may be affecting by your stand. Is it a cop out to consider the
wider community of Grex?
|
arthurp
|
|
response 251 of 382:
|
Jan 27 01:48 UTC 1996 |
We are trying to make a policy.
|
kerouac
|
|
response 252 of 382:
|
Jan 27 02:47 UTC 1996 |
Okay I admit the word "if " isnt in my previous response but what I
wrote was out of sincere concern for what I think is a recurring problem
around here, which is that too much policy is not spelled out. I was not
making a personal attack or even a general attack on any staff member, but
speaking hypothetically about about situations that might have or could occurr
at any time because staff doesnt have a great many guidelines to go by.
What results is that you have staff, mostly with good intentions, effecting
a lot of unofficial policy that noone else noone about or that few know about.
There's this huge loophole in the bylaws about "security" which I believe is
there solely
|
kerouac
|
|
response 253 of 382:
|
Jan 27 03:12 UTC 1996 |
(continuation of #252)///solely to allow staff to circumvent to supposed
democratic rules of this system. Maybe this is good. I dont know. But
there shouldnt be so much that requires discussing "behind closed doors"
If someone hadnt brought up the idle time problems, popcorn might'nt
even have mentioned that she'd requested a copy of mnet's idle timer program
from jfk to install here. Or that staff as an unoffical policy was killing
idle logins over whatever seems like a reasonable amount of time.
This is a great board and grex is lucky to have staff members who care so
much for it, but lets not get full of ourselves and assume this is so perfect
that it is beyond changing (I've heard some of the people involved in writing
the bylaws say they were meant to be changed, but to hear some staff, it is
easier to move mountains than to get one line changed) For instance why
are there term limits for board members and not staff members? Are staff
members subject to reappointment and then only a limited number of
reappointments? Maybe this is the case but its not in the bylaws? These
things should be written out. The more grex grows, the more people become
involved in it, the more this will be necessary. Staff feels comfortable
now because everyone involved knows each other and its like a club. But if
grows larger you are going to get strangers involved. You are going to get
to the point where you want rules that are spelled out clearly enough taht'
er...that you feel safe enough to give root access to strangers.
I am not a conspiracist or anything of the sort, what I am is a cynic, and
too many of you know each other too well to accept that the problems I speak
if could happen here. I've been on other boards and I've seen it happen, and
if I didnt care about Grex I wouldnt be wasting my typing skills and making
a spectacle of myself.
What I propose is that staff appoint a committee to review the bylaws and
made clarifications and additions relevant to staff responsiblities so
that these things are spelled out. It is not enough that the minutes of one
meeting or another where this or that is discussed is stored. Maybe this
sseems like a lot of extra bureacractic nonsense, but when we are talking
about the future of grex and issues like censorship, its only fair that no
actions, thoughts or intentions of the staff or board are hidden from the
user population of grex. This is about avoiding misunderstandings.
|
janc
|
|
response 254 of 382:
|
Jan 27 04:49 UTC 1996 |
Please be clearer in distinguishing between "staff" and "board". I know you
don't mean "staff" when you talk about changing the bylaws, because that would
be the board's job. Why in blazes would we have term limits for staff? When
we have people like Marcus or Greg or Steve willing to do work for Grex for
free, we'd be crazy to say "no, you've already helped us for two years, you
have to stop for a while and let someone else have a chance to patch the
kernal and rebuild the password file security."
Sure, staff make decisions by a basically non-democratic process. The people
on the front-line always have to. But they aren't the ultimate decision-
makers on Grex. Board can always rewrite the rules staff must work under,
and can remove any staff members they like.
If the staff were demented enough to appoint a committee to review the bylaws,
I would hope and expect that the board would fire the lot of us for mutiny.
|
scg
|
|
response 255 of 382:
|
Jan 27 05:43 UTC 1996 |
I don't think there is any system under which we could feel comfortable
handing root access to strangers. No matter how many complex and cumbersome
rules we adopted for what staff can do, these strangers you're suggesting
giving root access to could just go ignore them, while the staff that we know
and trust would have their job being made impossible. That's crazy.
Kerouac, I agree with you that a lot of decisions need to be made in the open.
But, there is a limit. How far do you want to go? If we find a major
security hole that lets anybody who knows about it get root, should staff fix
it, or should they just enter a Coop item about it?
|
robh
|
|
response 256 of 382:
|
Jan 27 05:59 UTC 1996 |
Re 254 - A greater man than I once commented, "There are no
statues in honor of committees."
|
scg
|
|
response 257 of 382:
|
Jan 27 06:08 UTC 1996 |
Didn't Rodin do one?
set drift=off
|
tsty
|
|
response 258 of 382:
|
Jan 27 06:46 UTC 1996 |
If ..... <note the word> the excellence of resp #243 had been entered,
oh, say ..... a couple hundred responses age, this would be a
significantly shorter item with *much* clearer descri8ptions.
And i've said just about the same thing < excellent response, waaaaaay
too late to fend off criticism> several times. What is it about the
excellence of the response and the validity of the actions(s) that
requires all the furor FIRST?
Is someone trying to find out if we are awake out here? We are.
|
janc
|
|
response 259 of 382:
|
Jan 27 07:15 UTC 1996 |
I totally do not understand #258. Why should response #243 have been made
earlier? What sense does it make to tell you that staff didn't remove
the file (in fact, didn't even ask arthurp to remove the file), until somebody
had accused us of removing the file? There are lots of files on Grex that
the staff hasn't removed, and a rich and colorful assortment of other
scurrilous acts we have not performed. But we decline to deny them each
individually until *after* you accuse us of them. We feel that to do other-
wise would discourage the healthy exercise of the imaginations of our
beloved users.
|
adbarr
|
|
response 260 of 382:
|
Jan 27 12:44 UTC 1996 |
Re: committees and statues. Perhaps, but the Declaration of Independence,
the Constitution, and the Bill of Rights were all the product of committees.
Of course, now we have the CDA also a product of committee. Perhaps we need
to be more careful in the selection of the members of the committees? <and
dare not anyone mention RRO! :-) )
|
chelsea
|
|
response 261 of 382:
|
Jan 27 13:06 UTC 1996 |
I don't always agree with how things are handled by staff but I never
doubt they mean well and being very generous with their time and
expertise. I wouldn't be so generous with my time and that's the honest
truth. Besides, 9/10 of the time they do a stellar job and that counts
for a whole lot.
But, I am starting to see a valley here between staff and users. I've seen
this develop before, elsewhere, and I think it can be minimized by a
couple of little changes. Maybe.
(And this is where I get flamed) ;-)
The staff conference was meant to be for discussion of security issues.
That's how it was initially drawn and why it was considered necessary
it be a private conference. It shouldn't really be a place where
policy is pre-discussed (with non-staff Board members present) before
giving it a whirl before the users. It shouldn't be a place where
staff discusses *anything* but system security matters. Period. So I'd
propose the private staff conference be renamed the security
conference, only staff have access (not non-staff Board members)
and that the prompt which normally states, "Ok to enter this item?"
is replaced by, "Is this a security issue?".
Now, there is a whole lot of other non-security stuff that staff
needs to communicate, and I suggest that go into a staff conference
that is either totally public or at least readable by the public.
I don't suspect too many people are going to want to keep up on a
"What I did" staff log, but who knows? Anyhow, that way the users
can see what staff does with all their hard work. There is less
of a question of what staff does in private. There won't be an
appearance of secrecy. And maybe, just maybe, we'll head-off some
of the slowly growing sense of division between staff and users.
I wish we'd set it up like this from the first.
|
chelsea
|
|
response 262 of 382:
|
Jan 27 13:08 UTC 1996 |
RRO.
(Nyah, nyah.)
|
tsty
|
|
response 263 of 382:
|
Jan 27 18:02 UTC 1996 |
thankxx chelsea, that's an idea i can live with rather well.
any other takers?
|
janc
|
|
response 264 of 382:
|
Jan 27 19:00 UTC 1996 |
I need to think about it. I've been campaigning (mildly) for some kind of
public staff conference for a while. I see a need for several kinds of
things:
- A completely private place to discuss security issues.
- A place where only staff can post. We maintain a "What I did" item in
the staff conference where we post descriptions of about every little
thing we did to the system. Most of it is really boring, but it is
helpful for staff to know what other staff are doing. Keeps us from
stepping on each other's toes too much. If we tried to do that in a
public conference where anyone can post, however, I'm afraid that very
quickly some little "What I did" topic would spin off into some huge
discussion, and swamp out the "What I did" item completely (we have
small bursts of that as it is). This could badly undermine the
usefulness for such items in the communication between staff.
- A public place where specific technical issues on Grex hardware and
software can be opened to general discussion, with all welcome to
participate.
But though I see these three different catagories of items, I think three
conferences would be one too many. I'd be inclined to stick with just
two, and leave things like the "What I did" item in the private conference.
This isn't ideal, but I think it may be the next thing to try.
|
popcorn
|
|
response 265 of 382:
|
Jan 27 20:00 UTC 1996 |
Historically, overall, I'd say the staff does very well at minimizing the
discussions about non-security things in the staff conference, and keeping
those discussions here, in co-op, where they belong. Lots of topics briefly
crop up in the staff conf, and end abruptly, after very few responses, when
someone says, "This really belongs in co-op." At that point, the discussion
moves to co-op and is discontinued in the staff conference.
However, in the last 6 months or so, I've seen a steady increase in comments
like, "I should enter this in co-op but it's not a very important issue and
I fear it will be flamed to death there by some of our, um, more vocal users."
In other words, some of our regular co-op conspiracy theorists are scaring
off the very types of discussions they'd like to see in the open. This
worries me. I'd really rather see those discussions held here.
(Also in the last 6 months or so, we've gotten a bunch of new staffers, some
of whom have entered items that might better have been better put elsewhere
than in staff. They'll learn.)
One other concern I'd like to see addressed is privacy issues. For example,
if a user manages to need 7 password resets in a row, or botches a .login
file, or does some other boneheaded thing, should that be posted in public?
I dunno. I don't think I'd personally mind having it announced if I needed
my password reset 7 times in a row, but I could see where other people might
not want that kind of information posted publically.
|
srw
|
|
response 266 of 382:
|
Jan 28 01:57 UTC 1996 |
I definitely think that the "what I did" item belongs private. It names all
kinds of users names and it would serve no purpose to make it public.
On the other hand, I just entered an item in the staff conference about
progress on the terminal server (now that we might make some progress there)
and while it might have a few security issues around the edges, is mostly
material that would do no harm to be viewed publicly. It would be great to let
the public see that item, but how can I do that? I can't afford to have
it be anywhere that non-staffers can post, so until we implement a
conference that can be read-only to the public I don't see how to do that.
We have been filling in the public on the Sun-4 in a separate item in coop
rather than providing access to the staff item, because we need that item to
communicate among ourselves. I think staff does a bad enough job of
communicating amongst itself that anything which is detrimental to that would
do this system a disservice.
We have really drifted this item badly, by now. Should we try to get back on
the topic, or give up and talk about staff conspiracies.
Regarding my objections to the Brandy story. I would not feel comfortable
handing out that story to little children on streetcorners. I never asked
arthurp to remove it specifically because we did not have a policy.
I think we need a policy.
a board member, I
|
kerouac
|
|
response 267 of 382:
|
Jan 28 02:30 UTC 1996 |
prevoius message...SRW, what do you mean it would do no harm for the
public to see the item you refer to, but it would do harm if they
posted their thoughts? I dont know what purpose security wise a read-only
open staff related conf could serve? If this is information that
is safe to show publicly if edited right, what harm does it do to you,
grex or the issues involved if people are allowed to post their own
comments about it? A read only conf to display such items would be a
silly act of paranoia...
|
kerouac
|
|
response 268 of 382:
|
Jan 28 02:34 UTC 1996 |
Also there's no point to having a read only conf, for the purpose of
posting items but preventing discussion, because anything posted there
worth discussing would be brought up in one of the other confs.
|
popcorn
|
|
response 269 of 382:
|
Jan 28 03:49 UTC 1996 |
Ja, I could definitely see putting the terminal server item in co-op,
or possibly in some new conference like what Jan suggested elsewhere,
where technical details about the system are discussed. A regular
conference that everyone can participate in.
|
ajax
|
|
response 270 of 382:
|
Jan 28 07:03 UTC 1996 |
Kerouac, the idea behind the "what I did" item being read-only is just
to keep drift down. If people wanted to make separate items to discuss
issues raised there, that would be fine; it wouldn't detract from the
function of the "what I did" item.
*If* the item were made publicly read-only (and I doubt it will be),
a companion item to publicly discuss the first item could be entered.
Speaking of drift, I think we've completely lost sight of shore! :-)
|
srw
|
|
response 271 of 382:
|
Jan 28 08:04 UTC 1996 |
The harm comes from the staff's need to communicate with each other.
We use the staff conference to help coordinate our activities. I don't care
if people want to read some of that stuff. I certainly don't mind my
communications with Scott and others regarding the terminal server being seen
publicly. We're working on figuring out when we can meet. This does not
require limited visibility. It would fail to function as a way for staff to
coordinate if it filled up with comments from non-staffers.
It's very simple. We'd resort to mail if that happened, and we'd lose another
useful tool. I have no objection to someone copying out what's there. I'm not
trying to hide anything, but I've got work to do and resent impediments to
getting it done.
AFAIC the "what I did" item is way off limits for public view.
So is linking items with the staff conference.
(I'm feeling grouchy, I guess.)
|
robh
|
|
response 272 of 382:
|
Jan 28 16:43 UTC 1996 |
No, I'm definitely in agreement on the "What I Did" item being
kept private, simply because of the embarassment factor involved.
I know I'd feel horrible telling a staff person that I'd forgotten
my password if I knew that this fact was going to end up in an
item in Co-op. "Hey, robh forgot his password AGAIN! HA ha!"
Or that I'd accidentally deleted a file, or messed up my .login so
I couldn't log in, etc.
|
carson
|
|
response 273 of 382:
|
Jan 28 17:06 UTC 1996 |
yeah. I wouldn't want anyone to know about the time I stuck too
many people into my party filter as set in my .profile such that
I couldn't log in. That'd be real embarrassing.
oops.
|
janc
|
|
response 274 of 382:
|
Jan 28 17:17 UTC 1996 |
I have started co-op item #149 to continue this discussion about the
staff conference. Most of the relevant discussion from this item has
been moved there. Please post your responses in item #149.
|