As a sysadmin myself, I'd have to agree with the extra scrutiny for digital assets. I don't see it as a personal attack on anyone that regarding this scrutiny, we've spent the past three years fine tuning this virtual space to what it is now. Our virtual space is not like our physical space at all, you can't walk in to 48 South Summit and accidentally burn the whole building down with a typo or wrong command with ease, but that is MUCH easier to do on our virtual space.
I've been involved with Synhak since Torrie's garage and in all this time, I have decided not to get involved with the AWS instances for this reason since I typo alot, instead I applied my talents elsewhere. Although, it would be nice if anyone who wanted to try their hand at improving our AWS instance or "Virtual Space" had sudo access to a sandbox duplicate, then we can only commit changes to the live instance that are proven to work while only providing read only access to the live instance. Keep in mind that the "Virtual Space" you are talking about does not just contain the website, as I understand it, Spiff is also on AWS, which handles, among other things, our membership database. Let's please try to keep admin rights to this on a "need to know" basis. I feel the term "positive control" (I know I use it alot) applies well in this scenario. On Mon, Mar 17, 2014 at 7:50 PM, Torrie Fischer <[email protected]>wrote: > On Monday, March 17, 2014 18:22:38 Justin Herman wrote: > > NOTE: Chris and Torrie were able to decrypt it with their private key's. > > > > In order to avoid extra noise and virtual conflict I have opted to answer > > any questions during our meeting. I will be available to answer any > > questions during that time. This is equivalent in conditions met to > acquire > > a Physical Space key. > > Noise implies useless information. I'm certain that SYNHAK would find > someone's reason for wanting access to AWS and all of our servers to be > useful > and even important information. > > I'm concerned about this "virtual conflict" you perceive. Why would you > think > that an open discussion about security would create conflict? > > You're also aware that meeting in person during a meeting aren't the > conditions for getting a key, right? It involves a proposal for Consensus. > There's also the fact that a physical door key is completely different from > having administrative access to synhak.org. > > I will block any proposal to grant you AWS access on the grounds that you > haven't demonstrated why I should trust you, and that you're currently > demonstrating some interesting interpretations of protocols. > > > > > On Mon, Mar 17, 2014 at 6:10 PM, Torrie Fischer > <[email protected]>wrote: > > > On Monday, March 17, 2014 17:05:56 Justin Herman wrote: > > > > SOME KIND OF BLOB > > > > > > Ok. Right. > > > > > > You sent a SSH key signed with a PGP key that I have not verified. The > > > signed > > > key was encrypted with my public key, meaning that only I could decrypt > > > it. > > > > > > Justin, are you aware that we are also asking you questions and not > just > > > asking for an SSH key? I'll copy them again: > > > > > > VVVV QUESTIONS VVVV > > > > > > 1.) What is your primary purpose for requesting access to AWS? > > > 2.) What problems with the current website and online infrastructure do > > > you > > > currently see that require AWS root and sudo access to solve? > > > 3.) What improvements can you offer to the overall infrastructure? > > > 4.) Are you familiar with Ansible, the configuration-management > software > > > used > > > to configure, deploy and maintain servers? If not, do you intend to > learn > > > about it? > > > > > > ^^^^ QUESTIONS ^^^^ > > > > > > In case they kept getting lost in the noise of this thread, I've also > > > trimmed > > > out the rest of the inline quotes. > > > > > > There seems to be a pattern of not answering any questions when > directly > > > asked. Would you prefer that I ask them in private instead of on > discuss@? > > > I'm > > > often at the space, so I can handle either e-mail or in person. I would > > > still > > > need to relay the answers to a public forum such as noc@ to preserve > > > transparency about our site security and keep everyone else up to date > > > with > > > who has unlimited and absolute power over synhak.org. > > > > > > If you're not able to make this work, then I can't really give you > access. > > _______________________________________________ > Discuss mailing list > [email protected] > https://synhak.org/mailman/listinfo/discuss >
_______________________________________________ Discuss mailing list [email protected] https://synhak.org/mailman/listinfo/discuss
