I find myself in agreement with John and Ross. And I think think there is a wide gulf between what most members think LOPSA _should_ be (and I'm not agreeing or disagreeing with anyone's ideas of what LOPSA _should_ be), and what LOPSA actually is. (And I hope this is not going to start a flame war...just open a frank discussion...)
LOPSA is simply not positioned to have any dominion over issues surrounding WikiLeaks. And there are a number of reasons, some of which include a lack of identity, a lack of exclusivity, and a lack of mandated and controlled peer review and ratification procedures. Lack of identity: ---------------------- Who comprises the LOPSA membership? Is it comprised of system administrators? Is it comprised of network engineers? How do you know? For all you know, I could be a teenage script-kiddie leeching bandwidth from my middle school's poorly secured wireless connection. There's no application for membership. There's no background check nor even a simple (and easily spoofed) reference check. I'm not suggesting that members of LOPSA should be vetted in some way. I'm only stating the fact that members _aren't_ vetted in any way. So if we can't be certain that our membership is soley comprised of industry practitioners who have an informed opinion on the issue, how can we certify that we, as an organization, are expressing an informed opinion on the issue? LOPSA does not have a strong enough identity, short of: "Hey! Look! We have 'System Administrators' in our name!", to qualify LOPSA as an authoritative source on the practice of system administration. In fact, we can't even certify that we're comprised of professionals! (And to re-iterate, I'm _not_ suggesting that members should be required to prove their identity either as professional system administrators, engineers, researchers or whatever. I'm just trying to reconcile the views of what individual members think LOPSA should be, in the future, and what it is, now. If we believe it should be something more in the future, that's fine. We can plan for how to get there. But that still doesn't change the reality of what LOPSA is right now.) Lack of exclusivity: --------------------------- There is only one qualification for membership to LOPSA: the check has to clear. There is no requirement for minimum education level. There is no requirement for minimum years of professional experience. There is no requirement for examination. There are no requirements for industry or governmental licensure or certification. There are no requirements for members to complete any form of continuing education. The only qualification for membership are either a sufficiently funded checking account or a valid credit card with sufficient credit remaining. Again, I'm not suggesting that there should be one or more minimum qualifications for membership. I'm only saying that there currently is not a minimum qualification for membership, other than the ability to pay dues...at least not as far as I am aware. Because we lack this guarantee of exclusivity in our member base, then we cannot irreproachably claim to offer an _expert_ opinion regarding the practice of system administration. Lack of mandated and controlled peer review and ratification procedures: ------------------------------------- (At least I'm not aware of any...) Without a clear process by which any opinion, recommendation or best practice can be reviewed with a sufficient comment period, and subsequently ratified by the members, we simply do not speak with a unified voice. Sure, we might discuss stuff on a mailing list, and maybe ask a board member to throw something together and try to push an opinion out there. But honestly, that press release wouldn't be much different than a bunch of users discussing a current issue in a chat forum, maybe on slashdot or 4chan, and then releasing their "opinion" to the press. And I fear that it would lack the same credibility. Worse, trying to stretch LOPSA's credibility too soon might even damage it's _future_ reputation. LOPSA certainly _can_ grow to become an activist organization, if that is what all of us want. But there are a lot of wrinkles that need to be ironed out. Among other things, with whom will LOPSA be competing? ITSM already publishes a body of Best Practices: ITIL. Gartner and others already provide research on IT industry trends. CERT, SAN, and others already publish alerts and security recommendations. Where is the gap that we want LOPSA to cover? We also need to decide what we, as members, are willing to accept...because we still would need to address the lack of identity and the lack of exclusivity that might hurt the credibility of any opinion or recommendation we were to publish. How do we vet each other, and how do we vet new members? Where do we set the bar on whom we appoint within our membership to initially contribute and draft these opinions and recommendations? What minimum qualifications are acceptable for these deliberative bodies? ...And most importantly, do we _really_ want to go down this path? Are we all firmly committed to that goal? Is that really what we seek? Or are we more comfortable with knowledge sharing, organizing educational seminars to benefit others in our profession, and leave the task of attempting to provide some direct benefit for the public to other more activist organizations. I'm really not trying to rain on anyone's parade. I'm just saying I really don't think LOPSA is "there", yet...nor am I even certain the membership really wants to go down that path, at all. (I believe it is going to be a significantly uphill climb for us to find our niche and position ourselves, since we are probably arriving at least 10 years late to that game.) But I firmly believe we are not ready to try to voice any sort of authoritative, unified opinion, right now. Several of our individual members are certainly positioned to offer expert opinions. But LOPSA, as a whole, is not. ...But then, I could still be that script-kiddie leeching my middle-school's WiFi. So I won't claim that I offer an authoritative opinion on what LOPSA is or isn't ready for, either. --Aaron McCaleb On Thu, Dec 9, 2010 at 13:25, Trey Darley <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Quoth John Jasen [12/09/2010 08:15 PM] : >> I think, on a professional level, that LOPSA should just sit on the >> sidelines and watch. > > While you're sitting on the sidelines watching I would point out (to > those not already on NANOG) that this Wikileaks topic has been largely > dominating The North American Network Operators Group list for the past > couple of weeks. If you're interested in the technical, legal, ethical, > and/or political aspects of this case and you're a sysadmin you should > probably hop on over to NANOG and start lurking. > > Cheers, > - --Trey > ++----------------------------------------------------------------------------++ > Trey Darley - Brussels > twitter: @treyka > ++----------------------------------------------------------------------------++ > Quis custodiet ipsos custodes? > ++----------------------------------------------------------------------------++ > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk0BLTQACgkQQXaSM49tivDR8ACeLXDzcBjn2gul5A2RghL/M/ZT > ySQAn37NKtddiJLFcHypezOnXDZ3N/w+ > =YQ1F > -----END PGP SIGNATURE----- > _______________________________________________ > Discuss mailing list > [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ > _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
