Page MenuHomePhabricator
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Mar 24 2022

JBennett added a comment to T297791: Authentication and Authorization Experiment.

Mostly exploratory/discovery work at this point but as part of discovery we are looking at what it might take to decouple authentication from MediaWIki.

Mar 24 2022, 1:32 PM · Authentication-Experiments-2022, SecTeam-Processed, Foundational Technology Requests, Security, Security-Team
JBennett renamed T304600: Authentication changes from {Name the Problem/Opportunity} to Authentication changes.
Mar 24 2022, 1:27 PM · Authentication-Experiments-2022, tech-decision-forum
JBennett created T304600: Authentication changes.
Mar 24 2022, 1:25 PM · Authentication-Experiments-2022, tech-decision-forum

Mar 4 2022

JBennett created T303055: US Department of Homeland Security (DHS) IP blocks.
Mar 4 2022, 3:23 PM · SRE, SecTeam-Processed, Traffic, Security, Security-Team

Feb 28 2022

JBennett added a comment to T301659: Requesting access to analytics-privatedata-users for Damiendf.

Approved

Feb 28 2022, 11:51 PM · SRE, SRE-Access-Requests
JBennett added a comment to T301679: Requesting access to analytics-privatedata for Tom Magerlein.

Approved

Feb 28 2022, 11:50 PM · SRE, SRE-Access-Requests

Feb 17 2022

JBennett added a comment to T301782: Requesting access to analytics-privatedata-users for Michael.hay.

approved

Feb 17 2022, 4:32 PM · SRE, SRE-Access-Requests
JBennett added a comment to T301581: Requesting access to analytics-privatedata for Skye Berghel.

Approved.

Feb 17 2022, 4:31 PM · SRE, SRE-Access-Requests

Feb 2 2022

JBennett added a comment to T218618: Add no-transform to Cache-Control header.

I'm not aware of prior management decisions or risk assessments to prohibit no-transform and I'm only seeing an upside to making this change. Seems like the evidence we have suggests performance issues are negligible, increased analytics in areas where we are seeking growth and we have improved security and privacy by not proxying and this feels like a relatively easy fix. I'm supportive of making this change happy to discuss other options but in the interest of mitigating immediate concerns and risks this seems like a good fit so can we go ahead and add no-transform?

Feb 2 2022, 10:26 PM · Patch-For-Review, Traffic, WMF-Legal, Privacy

Dec 15 2021

JBennett created T297791: Authentication and Authorization Experiment.
Dec 15 2021, 2:42 PM · Authentication-Experiments-2022, SecTeam-Processed, Foundational Technology Requests, Security, Security-Team

Oct 27 2021

JBennett added a comment to T289607: <Security Initiative> Improving Captcha.

More documentation

Oct 27 2021, 8:20 PM · Foundational Technology Requests

Oct 14 2021

JBennett renamed T293365: Code governance policy from {Name the Problem/Opportunity} to Code governance policy.
Oct 14 2021, 1:39 PM · tech-decision-forum
JBennett created T293365: Code governance policy.
Oct 14 2021, 1:35 PM · tech-decision-forum

Oct 13 2021

JBennett added a comment to T289899: Security Review For Mailman3 / lists.wikimedia.org.
In T289899#7403249, @Legoktm wrote:

I'd still like to get this reviewed somehow, given how much private information is passing through it.

Oct 13 2021, 5:31 PM · SecTeam-Processed, secscrum, Security, Application Security Reviews

Jun 2 2021

JBennett added a comment to T283368: Requesting access to production analytics data and cluster for htriedman.

Approved from my end.

Jun 2 2021, 3:59 PM · Analytics, SRE, SRE-Access-Requests

May 21 2021

JBennett created T283351: Access request for Hal Tredman.
May 21 2021, 12:54 PM · SRE, SRE-Access-Requests

Apr 29 2021

JBennett added a member for Security-Team: Mstyles.
Apr 29 2021, 4:09 PM

Apr 8 2021

JBennett closed T269517: Security Readiness Review For WatchSubpages, a subtask of T237809: Install Extension:WatchSubpages on frwiktionary, as Declined.
Apr 8 2021, 3:56 PM · Wikimedia-extension-review-queue, Wikimedia-Extension-setup, MediaWiki-extensions-WatchSubpages, Community-consensus-needed, Wikimedia-Site-requests, Wiktionary-fr
JBennett closed T269517: Security Readiness Review For WatchSubpages as Declined.

The Security team is updating their readiness review SOP to reflect a new change that any request that has aged 90 days without being in a reviewable state will be declined. We do this to help keep our work area current, accurate and reflective of actual work. If the status of your project changes please re-tag us and we will get this work scheduled.

Apr 8 2021, 3:55 PM · Application Security Reviews, secscrum, MediaWiki-extensions-WatchSubpages
JBennett closed T275402: Security Readiness Review For UseResource, a subtask of T275403: Deploy 'UseResource' extension on MediaWiki wikis, as Declined.
Apr 8 2021, 3:54 PM · MediaWiki-extensions-UseResource, Wikimedia-extension-review-queue, Wikimedia-Extension-setup
JBennett closed T275402: Security Readiness Review For UseResource as Declined.

The Security team is updating their readiness review SOP to reflect a new change that any request that has aged 90 days without being in a reviewable state will be declined. We do this to help keep our work area current, accurate and reflective of actual work. If the status of your project changes please re-tag us and we will get this work scheduled.

Apr 8 2021, 3:54 PM · secscrum, Application Security Reviews, MediaWiki-extensions-UseResource, Security
JBennett closed T258306: Security Readiness Review For Suggestor as Declined.

The Security team is updating their readiness review SOP to reflect a new change that any request that has aged 90 days without being in a reviewable state will be declined. We do this to help keep our work area current, accurate and reflective of actual work. If the status of your project changes please re-tag us and we will get this work scheduled.

Apr 8 2021, 3:53 PM · secscrum, Application Security Reviews, Tor, Suggestor, Security
JBennett closed T258306: Security Readiness Review For Suggestor, a subtask of T258302: Rollout Suggestor, as Declined.
Apr 8 2021, 3:53 PM · WMF-Legal, Tor, Suggestor
JBennett closed T211489: Security review of bjeavons/zxcvbn-php as Declined.

The Security team is updating their readiness review SOP to reflect a new change that any request that has aged 90 days without being in a reviewable state will be declined. We do this to help keep our work area current, accurate and reflective of actual work. If the status of your project changes please re-tag us and we will get this work scheduled.

Apr 8 2021, 3:53 PM · Application Security Reviews, secscrum, MediaWiki-Vendor, MediaWiki-User-login-and-signup
JBennett closed T211489: Security review of bjeavons/zxcvbn-php, a subtask of T32574: Display a password strength bar, as Declined.
Apr 8 2021, 3:52 PM · Patch-Needs-Improvement, User-Tgr, MediaWiki-User-login-and-signup, MediaWiki-Core-Preferences

Apr 6 2021

JBennett added a member for acl*security_team: Htriedman.
Apr 6 2021, 9:10 PM

Mar 5 2021

JBennett added a member for Security-Team: sguebo_WMF.
Mar 5 2021, 4:24 PM

Feb 11 2021

JBennett added a comment to T257579: Security Readiness Review For WVUI and Vector dependencies needed for Vue.js search.

I'm going to chime in here:

Feb 11 2021, 9:13 PM · Application Security Reviews, WVUI, Web-Team-Backlog (Kanbanana-FY-2020-21), user-sbassett, secscrum, Security, Design-Systems-team-20200324-20220422 (Vue.js Search Experience (Vector modern))

Feb 9 2021

JBennett moved T261248: Security review request for IRCCloud from Back Orders to Our Part Is Done on the secscrum board.
Feb 9 2021, 4:54 PM · WMF-General-or-Unknown, Security

Oct 23 2020

JBennett added a comment to T265121: Check home/HDFS leftovers of rush.

Nothing we need to keep, good to cleanup, thanks!

Oct 23 2020, 1:11 PM · Analytics

Oct 9 2020

JBennett updated the task description for T265147: Offboard Chase Pettet from Security Team.
Oct 9 2020, 6:37 PM · SRE, Security-Team
JBennett updated the task description for T265147: Offboard Chase Pettet from Security Team.
Oct 9 2020, 6:35 PM · SRE, Security-Team

Feb 20 2020

sbassett awarded Blog Post: Changes to Security Team Workflow a Like token.
Feb 20 2020, 6:18 PM

Feb 3 2020

JBennett published Blog Post: Changes to Security Team Workflow.
Feb 3 2020, 8:08 PM

Jan 28 2020

chasemp awarded Blog Post: Changes to Security Team Workflow a Yellow Medal token.
Jan 28 2020, 5:25 PM

Jan 16 2020

JBennett added a comment to T238547: Security issue access for darthmon_wmde .

approved

Jan 16 2020, 8:26 PM · Security, Security-Team

Jan 2 2020

JBennett closed T240492: Create generic security-team request for service intake mechanism, a subtask of T240490: Revamping Security-Team Work Intake and Flows, as Resolved.
Jan 2 2020, 8:49 PM · PM, Epic, Security-Team
JBennett closed T240492: Create generic security-team request for service intake mechanism as Resolved.

Looks good, thanks!

Jan 2 2020, 8:49 PM · Phabricator, Security-Team

Dec 4 2019

JBennett added a comment to T238546: Security issue access for Tobi_WMDE_SW .

Approved

Dec 4 2019, 4:32 PM · Security, Security-Team

Dec 2 2019

JBennett added a comment to T238545: Security issue access for @WMDE-leszek.

approved

Dec 2 2019, 8:56 PM · Security, Security-Team

Nov 13 2019

JBennett created T238222: Request creation of BishopFox VPS project.
Nov 13 2019, 3:14 PM · Cloud-VPS (Project-requests)

Oct 28 2019

JBennett added a comment to T233213: XSS in Wikidata Query Service UI, DATATYPE_MATHML - CVE-2019-19329.

How is the patch coming along? When do we expect this to be deployed?

Oct 28 2019, 2:04 PM · Security, Discovery-Search (Current work), User-Addshore, Wikidata-Campsite (Wikidata-Campsite-Iteration-∞ (On Hold)), Vuln-XSS, Wikidata, Wikidata Query UI

Oct 4 2019

JBennett moved T222665: Code Stewardship Review: iegreview from Incoming to Watching on the Security-Team board.
Oct 4 2019, 4:45 PM · Security, Wikimedia-IEG-grant-review, Code-Stewardship-Reviews
JBennett moved T214423: Certain wikitech auth-related logging information is not being sent to logstash and mwlog from Incoming to Watching on the Security-Team board.
Oct 4 2019, 4:43 PM · Security, wikitech.wikimedia.org, User-herron, Security-Team
JBennett moved T214489: Improve LDAP logging from Incoming to Watching on the Security-Team board.
Oct 4 2019, 4:34 PM · Infrastructure-Foundations, Observability-Logging, Infrastructure Security, LDAP
JBennett triaged T221576: Password length requirement error shown twice as Medium priority.
Oct 4 2019, 4:20 PM · TestMe, MediaWiki-User-login-and-signup
JBennett moved T221576: Password length requirement error shown twice from Incoming to Watching on the Security-Team board.
Oct 4 2019, 4:20 PM · TestMe, MediaWiki-User-login-and-signup

Aug 30 2019

JBennett closed T231265: Document Security Council on-wiki as Resolved.
Aug 30 2019, 4:27 PM · Documentation, Security-Team
JBennett closed T218091: Security Team quarterly check in for April - June 2019, a subtask of T216416: Goal: Making life hard for the people who want to do harm to our sites or the people that use them., as Resolved.
Aug 30 2019, 4:15 PM · Security-Team, Goal
JBennett closed T218091: Security Team quarterly check in for April - June 2019 as Resolved.
Aug 30 2019, 4:15 PM · Security-Team

Aug 27 2019

JBennett added a comment to T231265: Document Security Council on-wiki.

Sure, charter is at https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Council

Aug 27 2019, 2:32 PM · Documentation, Security-Team

Jul 18 2019

JBennett added a watcher for deprecated-security-team-reviews: JBennett.
Jul 18 2019, 8:30 PM

Jul 17 2019

JBennett awarded T228247: +2 nomination for Daimona in mediawiki/* a Like token.
Jul 17 2019, 1:54 PM · MediaWiki-Gerrit-Group-Requests

May 21 2019

JBennett added a comment to T222910: Requesting access to deployment and analytics-privatedata-users for jfishback.

Approved

May 21 2019, 3:01 PM · User-greg, SRE-Access-Requests, SRE, Security-Team

Apr 24 2019

JBennett added a comment to T219831: Security Review For Kask.

@Eevans @Clarakosi This one is a bit out of our wheelhouse and something we can provide only a cursory review of. I'd like to propose the following: The Security team can perform a basic security review of this but I would recommend a secondary review by our 3rd party partners at BishopFox. That said, the 2nd review would incur some cost but I'm not sure how much. Do you have any budget available for something like that??

Apr 24 2019, 5:19 PM · secscrum, Application Security Reviews, user-sbassett, Services (watching), Platform Team Legacy (Watching / External), Platform Engineering (Session Management Service (CDP2)), User-Clarakosi, User-Eevans

Mar 26 2019

JBennett created T219277: Wikitech password reset flow.
Mar 26 2019, 1:17 PM · Security, wikitech.wikimedia.org, MediaWiki-General, Restricted Project

Mar 20 2019

JBennett added a member for acl*security: Fjalapeno.
Mar 20 2019, 4:04 PM

Mar 17 2019

JBennett added a comment to T218472: gerrit.wikimedia.org is down.

Todays updates sent to wikitech-l https://lists.wikimedia.org/pipermail/wikitech-l/2019-March/091769.html

Mar 17 2019, 4:27 PM · User-greg, SRE, Release-Engineering-Team, Gerrit

Jan 18 2019

JBennett added a comment to T214130: Requesting access to production for dsharpe.

Approved

Jan 18 2019, 3:13 PM · SRE, SRE-Access-Requests

Dec 12 2018

JBennett added a comment to T210667: Can exfat be used in WMF production?.
In T210667#4812704, @Legoktm wrote:
In T210667#4795435, @JBennett wrote:

Thanks everyone of for their thoughtful consideration. I have no issues nor do I see a conflict with temporarily allowing the use of this so we can complete our work with our 3rd party partners.

Thanks for commenting. To clarify, are you saying that there is no free filesystem software that will meet our needs? Given that @Platonides offered a decent amount of alternatives in T210667#4789273, it would be helpful if it could be explained why none of those alternatives are sufficient. That will help me when I reach out to various free software upstreams so they can improve their software so it will meet our needs - a goal that I think we all share.

Dec 12 2018, 1:10 PM · Analytics-Radar, Security-Team, Software-Licensing, WMF-Legal, SRE

Dec 11 2018

JBennett added a comment to T151011: Add password generator to account creation / password change form.
In T151011#4808817, @Tgr wrote:

There are two types of good password generation:

  1. A medium-length string of random uppercase/lowercase/numbers (say 12 or 16 characters), with easily confusable characters removed from the pool.
  2. A long human-readable text of space-separated random dictionary words (probably 5 or 6 words), e.g. diceware.

I'm not sure the first is worth doing as the only sane way to use such passwords is a password manager and that can generate random passwords just fine. (Maybe there are less technical users who have problems with password managers and just write the passwords down, but those are better served by diceware style passwords anyway since words are easier to type.) OTOH it is very trivial to implement.

The second is good for people who need to memorize the password for some reason, or need to type it in often (ie. often log in on foreign machines). The best library I have seen for it is grempe/diceware (test page), which has support for ~20 languages (of course it would be fairly trivial to add more). Word lists are around 100K which is a bit large but they don't exactly make an effort to reduce the size, which could be done pretty easily.

Dec 11 2018, 3:40 PM · Security, User-Tgr, MediaWiki-User-login-and-signup

Dec 7 2018

JBennett added a comment to T208246: Change password length requirement and ensure enforcement for privileged users (from 8 to 10).
In T208246#4804686, @Tgr wrote:

This feels a bit rushed. Maybe I am just not aware that the preparations already happened, in which case apologies in advance, but otherwise I would recommend pushing out the date by a month or so and doing more groundwork.

Dec 7 2018, 2:48 PM · Patch-For-Review, MW-1.33-notes (1.33.0-wmf.9; 2018-12-18), Anti-Harassment (AHT Sprint 35), MediaWiki-User-login-and-signup

Dec 4 2018

JBennett added a comment to T151425: Enlarge Popular Password File to 100,000 entries and enforce the new minimum in the config.
In T151425#4796448, @Reedy wrote:
In T151425#4795744, @TBolliger wrote:

I'm fairly confident the plan is for all new passwords to be outside 100,000. This is based on this permissioned Google Doc authored by @JBennett. It was last edited Nov. 1 so other decisions/discussions may supercede this.

Ping @JBennett! 🛎

Well, WMF != MW. But if the intention is to make these changes for all users and help "harden" MW core at the same time, I'm fine with making that change in MW core too

Dec 4 2018, 4:06 PM · User-notice-archive, MW-1.34-notes (1.34.0-wmf.22; 2019-09-10), Patch-For-Review, Security-team-backlog, MediaWiki-User-login-and-signup

Dec 3 2018

JBennett added a comment to T210667: Can exfat be used in WMF production?.
  1. With respect to the WMF charter and the values and manifestation thereof, it seems the exception process and/or the bar for each use case is at the discretion of WMF leadership and probably specifically most informed by WMF technical leadership. I'll defer to @JBennett who has more information.
Dec 3 2018, 8:07 PM · Analytics-Radar, Security-Team, Software-Licensing, WMF-Legal, SRE

Nov 30 2018

JBennett added a project to T189641: Service for checking the Pwned Passwords database: WMF-Legal.
Nov 30 2018, 7:37 PM · SecTeam-Processed, Security, Platform Team Legacy (Watching / External), Services (watching), User-Tgr, WMF-Legal, MediaWiki-User-login-and-signup, MediaWiki-Core-AuthManager
JBennett added a comment to T189641: Service for checking the Pwned Passwords database.
In T189641#4789805, @Tgr wrote:
In T189641#4789786, @chasemp wrote:

Adding @JBennett as I see he raised concern with the ihaveibeenpwned work in related https://phabricator.wikimedia.org/T210192#4786955

I think that was meant for using it for email lookup, not passwords? If your password hash is in the dump, the applicability of that is pretty clear.

Nov 30 2018, 7:36 PM · SecTeam-Processed, Security, Platform Team Legacy (Watching / External), Services (watching), User-Tgr, WMF-Legal, MediaWiki-User-login-and-signup, MediaWiki-Core-AuthManager

Nov 27 2018

JBennett added a comment to T208441: 👩‍👦‍👦 AHT password strengthing work, 2018/19.
In T208441#4711167, @TBolliger wrote:
In T208441#4710847, @Framawiki wrote:

Related: T197577: Increase password policies for the 'steward' group and others

Yeah, good catch. Makes sense to bump this one up too. I forget, though... do Stewarts also need 2FA? If so, the length is less of an issue.

Nov 27 2018, 1:46 PM · Anti-Harassment (Vav — ו)

Nov 26 2018

JBennett added a comment to T150826: Remove unblockself right on wikimedia wikis (but allow blocked admins to block their blocker).

I'm in favor of removing unblock self. It's overly permissive to allow admins to unlock themselves and we should follow some level of separation of duties to ensure proper governance. Let's go ahead and make this change.

Nov 26 2018, 6:10 PM · User-notice-archive, MW-1.33-notes (1.33.0-wmf.8; 2018-12-11), MediaWiki-User-management, Community-consensus-needed, Wikimedia-Site-requests

Nov 1 2018

ToBeFree awarded Blog Post: Details of dictionary attack from May 2018 a Grey Medal token.
Nov 1 2018, 12:29 PM · Security-Team

Oct 29 2018

JBennett added a comment to T207852: Requesting access to deployment and analytics-privatedata-users for sbassett.

+1 from me

Oct 29 2018, 3:14 PM · User-jijiki, SRE-Access-Requests, SRE

Oct 26 2018

JBennett added a comment to T208008: Consumer owner-only oauth proposals should require reauth.

I'm not 100% sure who should be claiming this task. Could one of you please claim it in support of this recent security incident?

Oct 26 2018, 7:45 PM · Patch-Needs-Improvement, Sustainability (Incident Followup), Security, MediaWiki-extensions-OAuth

Oct 10 2018

JBennett published Blog Post: translatewiki.net security incident.
Oct 10 2018, 8:14 PM

Sep 27 2018

JBennett created Blog Post: translatewiki.net security incident.
Sep 27 2018, 11:21 PM

Sep 17 2018

xSavitar awarded Blog Post: Details of dictionary attack from May 2018 a Love token.
Sep 17 2018, 6:05 PM · Security-Team

Sep 13 2018

JBennett added a comment to T150605: Publish an analysis of the OurMine hack.

Our process around security incident response is evolving and something the security team is working to improve. We're not there yet but we are definatley making improvements.

Sep 13 2018, 1:49 PM · Sustainability (Incident Followup), Security-Team

Sep 11 2018

JBennett added a comment to Blog Post: Additional details on OurMine.

This 1st round is really to address changes to our wiki password policy. Phase 2 is being planned and will address 2FA for privileged users.

Sep 11 2018, 11:53 AM · Security-Team

Sep 7 2018

Halfak awarded Blog Post: Additional details on OurMine a Like token.
Sep 7 2018, 6:51 PM · Security-Team
Halfak awarded Blog Post: Details of dictionary attack from May 2018 a Like token.
Sep 7 2018, 6:49 PM · Security-Team
JBennett published Blog Post: Additional details on OurMine.
Sep 7 2018, 6:37 PM · Security-Team
JBennett published Blog Post: Details of dictionary attack from May 2018.
Sep 7 2018, 6:37 PM · Security-Team

Sep 4 2018

JBennett moved T118750: Document and test security response process from Incoming to In Progress on the Security-Team board.
Sep 4 2018, 3:02 PM · PM, Documentation, Security-Team
JBennett claimed T118750: Document and test security response process.

In progress

Sep 4 2018, 3:01 PM · PM, Documentation, Security-Team
JBennett assigned T116305: Followup assessment for analytics cluster to chasemp.
Sep 4 2018, 2:53 PM · Security-Team
JBennett edited projects for T111820: Set default CSP header in service template to "default-src 'none'", added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 2:47 PM · Platform Team Legacy (Later), Services (later), service-template-node, RESTBase
JBennett removed a project from T110620: Make User::newFromId(0) not return current user's IP: Security-Team.
Sep 4 2018, 2:44 PM · Platform Team Workboards (MW Expedition), Sustainability (Incident Followup), Privacy, MediaWiki-User-management
JBennett edited projects for T110249: Allow OAuth applications to be granted rights the user doesn't have, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 2:42 PM · MediaWiki-extensions-OAuth
JBennett edited projects for T109726: Privacy review of graphite and grafana data sets, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 2:38 PM · Privacy Engineering, Privacy
JBennett closed T109524: DFIR process documented on officewiki as Invalid.
Sep 4 2018, 2:37 PM · Security-Team
JBennett closed T109102: Investigate / test hardware tokens for WMF identity key as Declined.
Sep 4 2018, 2:34 PM · Security-Team
JBennett closed T109102: Investigate / test hardware tokens for WMF identity key, a subtask of T109083: Goal: Support legal during rollout of email encryption initiative, as Declined.
Sep 4 2018, 2:33 PM · Goal, Security-Team
JBennett closed T76158: Pitfalls checklist for software using AGPL as Resolved.
Sep 4 2018, 2:27 PM · Software-Licensing, MediaWiki-General, WMF-Legal
JBennett closed T76158: Pitfalls checklist for software using AGPL, a subtask of T78212: Determine license for RESTBase code, as Resolved.
Sep 4 2018, 2:27 PM · Software-Licensing, RESTBase
JBennett edited projects for T86738: mw.message.parse() accepts javascript: protocol in wikilinks (CVE-2020-25814), added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 2:25 PM · Security, Security-Team, Patch-For-Review, Vuln-XSS, MediaWiki-Internationalization, JavaScript
JBennett edited projects for T75574: Host crossdomain.xml master policy file, added: Security-team-backlog; removed Security-Team, Security-Other.
Sep 4 2018, 2:23 PM · SecTeam-Processed, SRE, Security, Security-Team
JBennett removed a project from T67848: [SpamBlacklist] Do not include '(?:https?:)?\/\/+[a-z0-9_\-.]*' in whitelist regex: Security-Team.
Sep 4 2018, 2:21 PM · Security, SpamBlacklist
JBennett removed a project from T103912: [Task] Ex:WikibaseQualityExternalValidation - performance review of Special:CrossCheck: Security-Team.
Sep 4 2018, 2:19 PM · Wikibase-Quality-External-Validation, Wikidata, Wikibase-Quality
JBennett closed T90033: Support 1password for login as Declined.
Sep 4 2018, 2:17 PM · OKR-Work, Security-Team, Wikipedia-iOS-App-Backlog
JBennett closed T75953: RFC: MediaWiki HTTPS policy as Resolved.
Sep 4 2018, 2:16 PM · TechCom-RFC (TechCom-RFC-Closed), MediaWiki-Configuration, Security-Team

Aug 13 2018

JBennett removed a member for acl*security_team: debt.
Aug 13 2018, 7:00 PM
JBennett added a member for acl*security_team: debt.
Aug 13 2018, 6:28 PM
Next
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL