Page MenuHomePhabricator

Volunteer NDA for Daimona
Closed, ResolvedPublic

Description

While working on AbuseFilter bugs, due to the nature of the tool, it's relatively common to come across hidden tasks or pastes: see for instance T193894#4203586 or T202095#4510133. There are also some security reports for which I'd like to help, but of course I cannot do much without seing them. For instance, I had to be added to T210329, T208907 and T207085. I'd also like to have logstash access, in order to both see exception details etc. and the slow filters log, which also helps with debugging abuse filters on-wiki; I'm not requesting it now, but IIUC I'd need an NDA (and a separate request) for that. As a final note - I don't know if that's relevant - I also signed the old confidentiality agreement.
I talked with @MusikAnimal about this, and he supports my request.


Progress checklist (from Wikitech)

  • At least one comment of support from a Wikimedia Foundation employee, explaining why it is a good idea to accept your request.
  • A comment of approval from one Wikimedia Foundation manager (usually the manager of an employee supporting you).
  • Have someone with access double-check which mediawiki.org account that the manager's Phabricator account is linked to, where the SUL account was created, and how it was created on that wiki.
  • Make Daimona a member of WMF-NDA-Requests so they can sign {L2}.
  • {L2} signed.
  • Verify the signature.
  • Get sign off by a C-level staff of the Wikimedia Foundation.
  • Add Daimona to WMF-NDA

Event Timeline

Daimona created this task.Dec 3 2018, 6:37 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 3 2018, 6:37 PM

I think you should also ask for Security access given that this is where all private AbuseFilter tasks are likely to be hosted (info).

I support this application nonetheless. Daimona has been tirelessly good working in AbuseFilter and having access would benefit his work (and our AbuseFilter experience).

@MarcoAurelio Thanks for the support! Yeah, security bugs are the ones I'd like to see. The linked guide links to this one on wikitech, which I followed to open the request.

@Daimona: I've added you to https://phabricator.wikimedia.org/project/members/974/ so you should be able to access and sign L2.

For access to Sec tasks see https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Policy/Access_To_Security_Issues . Note that'll require setting up 2FA for Phab.

@Aklapper Thanks, I just signed L2, and also enabled 2FA for my account. Is it correct that I should then go on with (5.), i.e. creating an access request on Security?

👍 to for access to Security tasks and logstash. I echo MarcoAurelio in saying Daimona has been an invaluable help in AbuseFilter development for quite some time now. The privileged access will greatly assist his work.

Daimona updated the task description. (Show Details)Dec 4 2018, 9:31 AM

@MarcoAurelio I think that should have been done before adding me to WMF-NDA-Requests per wikitech. Anyway, I'd like to ask whether I have to open two separate tasks for logstash (actually, the nda LDAP group) and security bugs. And BTW, thanks for the support!

@MarcoAurelio I think that should have been done before adding me to WMF-NDA-Requests per wikitech.

If you for some reason think that the order of steps matters, feel free to explain why on the talkpage

@Aklapper I do not :-) However, to be nit-picky, the checklist on wikitech does:

  • [...] support from a Wikimedia Foundation employee [...]
  • [...] approval from one Wikimedia Foundation manager [...]
  • [...]
  • After that, ask in the Phabricator task to make you a member of the "WMF-NDA-Requests" project. This will allow you to sign the Non-Disclosure Agreement online.

Again, I think it's the same, but maybe that fourth point should be reworded then.

I guess @aezell is @MusikAnimal's magager per https://meta.wikimedia.org?oldid=18624969#Team ? (required for step 2)

I shall ask him about this, though I will say AbuseFilter isn't within Community Tech's scope. I'm not sure what c-levels to poke that are familiar with Daimona's work... maybe @kaldari ?

Bawolff added a subscriber: Bawolff.Dec 8 2018, 9:27 PM

I'm happy to provide the manager approval, but you'll still need a C-level sign-off.

I'm happy to provide the manager approval, but you'll still need a C-level sign-off.

Let's ping @VColeman for this.

MusikAnimal updated the task description. (Show Details)Dec 9 2018, 7:12 PM

@RStallman-legalteam Are volunteer NDAs the same process we follow for example for the WMDE employees?

Dzahn changed the status of subtask T211962: LDAP nda access request for Daimona from Open to Stalled.Dec 14 2018, 8:00 PM

@Dzahn Yes. I will need the full name, a physical address and email address for the user. They can email with this directly at rstallman@wikimedia.org and then I'll set up the NDA for signatures and add them to the tracking spreadsheet plus ping the ticket when it's done.

@RStallman-legalteam Thank you! @Daimona please mail Rachel, see above. thanks

@RStallman-legalteam I just emailed you with the requested information. I guess this is for the other NDA (LDAP group), though?

Dzahn updated the task description. (Show Details)Dec 18 2018, 3:33 PM

I verified signature is on L2. Also Legal verified on T211962#4831370 that NDA is on file. I sent a mail for c-level approval to complete both tickets.

herron added a subscriber: herron.Jan 4 2019, 3:37 PM

Hello -- a friendly reminder that this request is awaiting c-level review/approval

Mentioning @MusikAnimal here as well for the same reasons as in T211962#4855958.

MusikAnimal updated the task description. (Show Details)Jan 7 2019, 11:00 PM
Dzahn updated the task description. (Show Details)Jan 8 2019, 4:10 AM
Dzahn closed this task as Resolved.Jan 8 2019, 4:12 AM
Dzahn claimed this task.

Thanks @VColeman

@Daimona, i added you to WMF-NDA. You should now be able to see tickets like that.

Thanks everyone :-)