Page MenuHomePhabricator

Dsharpe (Dsharpe)
UserAdministrator

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Thursday

  • Clear sailing ahead.

User Details

User Since
Jan 14 2019, 7:34 PM (58 w, 21 h)
Roles
Administrator
Availability
Available
LDAP User
Dsharpe
MediaWiki User
DSharpe (WMF) [ Global Accounts ]

Recent Activity

Mon, Feb 10

Dsharpe created T244792: Determine any impacts to SRE from OIT's planned move to JumpCloud for LDAP.
Mon, Feb 10, 9:50 PM · User-jbond, Security-Team, Operations

Mon, Feb 3

Dsharpe added a comment to T242857: ProdPasteBot uses deprecated certificate auth.

Is there any update on this one? I ask because it is blocking "Update WMF run
bots using certificate auth (Phaste Bot and bzimport) to use token auth" action item in incident https://docs.google.com/document/d/1tXV7eKaKPz4Qh5CH0VdVspeCvTef6jafVWkVrQt-lZQ/edit#, which is blocking "Invalidate / rotate credentials stored in phabricator". Is there anything that I can do to help move this one forward? Thank you!

Mon, Feb 3, 3:21 PM · Operations

Jan 22 2020

Dsharpe added a comment to T243247: Need to force users to reset their phabricator TOTP auth factor.

Your planned schedule is far better. I just didn't want to rush anyone.

Jan 22 2020, 6:14 PM · Security, Phabricator (2020-01-23), Release-Engineering-Team (Development services), Release-Engineering-Team-TODO (2020-01 to 2020-03 (Q3)), Security-Team
Dsharpe added a comment to T243247: Need to force users to reset their phabricator TOTP auth factor.

I would suggest stepping around/over All Hands, in case anything goes wrong.

Jan 22 2020, 1:56 AM · Security, Phabricator (2020-01-23), Release-Engineering-Team (Development services), Release-Engineering-Team-TODO (2020-01 to 2020-03 (Q3)), Security-Team

Jan 20 2020

Dsharpe added a comment to T243247: Need to force users to reset their phabricator TOTP auth factor.

@MarcoAurelio Yes, you can do it on your own manually. The best way seems to be to first create a third auth factor in Phab, then delete the old one in Phab. If you leave both there, you will have 3FA and have to use both until the old one is removed. And please don't remove anything from your phone's authenticator app until you after are done in Phab.

Jan 20 2020, 10:32 PM · Security, Phabricator (2020-01-23), Release-Engineering-Team (Development services), Release-Engineering-Team-TODO (2020-01 to 2020-03 (Q3)), Security-Team

Jan 16 2020

Dsharpe created Blog Post: 14 January 2020 security incident on Phabricator.
Jan 16 2020, 10:20 PM

Jan 9 2020

Dsharpe added a comment to T242113: Please grant dsharpe temporary access to mendelevium.eqiad.wmnet.

The investigation is now 100% done. Please remove my (dsharpe) access from server mendelevium.eqiad.wmnet. Thank you so much!!!

Jan 9 2020, 12:49 AM · Security, SRE-Access-Requests, Operations

Jan 8 2020

Dsharpe closed T242236: Problem connecting to database from stat1007.eqiad.wmnet as Resolved.

I am all set now. Thanks!

Jan 8 2020, 5:46 PM · Analytics
Dsharpe created T242244: Kerberos credentials for dsharpe.
Jan 8 2020, 5:22 PM · Analytics
Dsharpe created T242236: Problem connecting to database from stat1007.eqiad.wmnet.
Jan 8 2020, 4:49 PM · Analytics

Jan 7 2020

Dsharpe added a watcher for Security Readiness Reviews: Dsharpe.
Jan 7 2020, 4:59 PM
Dsharpe created T242113: Please grant dsharpe temporary access to mendelevium.eqiad.wmnet.
Jan 7 2020, 2:59 PM · Security, SRE-Access-Requests, Operations
Dsharpe added a comment to T242049: Add security-team@wikimedia.org as recipient of any abuse@ emails.

@Dzahn - Perfect! Thank you!

Jan 7 2020, 2:16 AM · Mail, Operations

Jan 6 2020

Dsharpe renamed T242049: Add security-team@wikimedia.org as recipient of any abuse@ emails from Add security-team@wikimedia.org as recipient any abuse@ emails to Add security-team@wikimedia.org as recipient of any abuse@ emails.
Jan 6 2020, 11:11 PM · Mail, Operations
Dsharpe created T242049: Add security-team@wikimedia.org as recipient of any abuse@ emails.
Jan 6 2020, 11:04 PM · Mail, Operations

Dec 18 2019

Dsharpe added a comment to T241078: Add security-team@wikimedia.org as recipient of abuse@wikimedia.org emails.

I assume abuse@ is managed by SRE, so I was hoping this would magically get routed to the right person. What else do I need to add to move this along? Thank you!

Dec 18 2019, 6:06 PM · Mail, Operations
Dsharpe updated the task description for T241078: Add security-team@wikimedia.org as recipient of abuse@wikimedia.org emails.
Dec 18 2019, 5:49 PM · Mail, Operations
Dsharpe created T241078: Add security-team@wikimedia.org as recipient of abuse@wikimedia.org emails.
Dec 18 2019, 5:45 PM · Mail, Operations

Sep 23 2019

Dsharpe added a comment to T218109: Security Issue Access Request for EvanProdromou.

I added @eprodromou as a member of https://phabricator.wikimedia.org/project/members/30/. Is that all that needed to be done?

Sep 23 2019, 7:53 PM · Security, Security-Team
Dsharpe removed a member for acl*security: mmarble.
Sep 23 2019, 7:44 PM
Dsharpe added a member for acl*security: eprodromou.
Sep 23 2019, 7:44 PM
Dsharpe removed a member for acl*security: charlotteportero.
Sep 23 2019, 7:42 PM
Dsharpe moved T221133: Create or update 3 security policies (Q4 2019) from Incoming to Our Part Is Done on the Security-Team board.
Sep 23 2019, 4:51 PM · Security-Team
Dsharpe closed T221133: Create or update 3 security policies (Q4 2019) as Resolved.

Complete. The rest of the policies owed will be at least in draft form by 31 Dec 2019.

Sep 23 2019, 4:40 PM · Security-Team

Sep 3 2019

Dsharpe added a watcher for Security-Team: Dsharpe.
Sep 3 2019, 4:09 PM
Dsharpe added a watcher for acl*security: Dsharpe.
Sep 3 2019, 4:09 AM

Aug 26 2019

Dsharpe closed T221664: Create incident play by play dashboard as Declined.
Aug 26 2019, 7:29 AM · Security-Team

Aug 8 2019

Dsharpe closed T221642: Create an Acceptable Use Policy as Resolved.

The AUP was approved and is in effect.

Aug 8 2019, 2:45 PM · Security-Team
Dsharpe closed T221659: Provide a training session for the new Acceptable Use Policy, once it is approved as Resolved.

The AUP was approved and is in effect. The AUP training session is set for the first Security Awareness Sessions meeting, (specific date TBD but likely mid to late August 2019)

Aug 8 2019, 2:45 PM · Security-Team
Dsharpe closed T221662: Finalize and test our Security Incident Response documentation as Resolved.

Security Incident Response Policy is complete, and set for annual reviews. SIRP training is done for 2019.

Aug 8 2019, 2:43 PM · Security-Team
Dsharpe closed T221663: Perform 1 large scale tabletop exercise in fiscal 4Q 2019 as Resolved.

4Q 2019 tabletop completed on 20 June 2019.

Aug 8 2019, 2:42 PM · Security-Team
Dsharpe added a comment to T221639: Establish Foundation's Security Council.

That document lives in Google doc form for now. It was intended to plan how the new Foundation (internal) Security Council concept should work. I'll check with John when he returns to see if it can be moved elsewhere. It has links to a couple other internal documents.

Aug 8 2019, 12:59 PM · Security-Team
Dsharpe closed T221639: Establish Foundation's Security Council as Resolved.

All prep work was completed, and the monthly Security Council meetings are happening (two already done, I forgot to close this task).

Aug 8 2019, 1:39 AM · Security-Team

May 21 2019

Dsharpe created T224059: Should https://meta.wikimedia.org/wiki/Special:Contact/Stewards require a login.
May 21 2019, 8:09 PM · Security, MediaWiki-extensions-ContactPage, Stewards-and-global-tools

Apr 23 2019

Dsharpe updated the task description for T218091: Security Team quarterly check in for April - June 2019.
Apr 23 2019, 4:19 PM · Security-Team
Dsharpe created T221664: Create incident play by play dashboard.
Apr 23 2019, 4:19 PM · Security-Team
Dsharpe updated the task description for T218091: Security Team quarterly check in for April - June 2019.
Apr 23 2019, 4:18 PM · Security-Team
Dsharpe created T221663: Perform 1 large scale tabletop exercise in fiscal 4Q 2019.
Apr 23 2019, 4:17 PM · Security-Team
Dsharpe updated the task description for T218091: Security Team quarterly check in for April - June 2019.
Apr 23 2019, 4:15 PM · Security-Team
Dsharpe created T221662: Finalize and test our Security Incident Response documentation.
Apr 23 2019, 4:14 PM · Security-Team
Dsharpe added a project to T221659: Provide a training session for the new Acceptable Use Policy, once it is approved: Security-Team.
Apr 23 2019, 4:06 PM · Security-Team
Dsharpe updated the task description for T218091: Security Team quarterly check in for April - June 2019.
Apr 23 2019, 4:05 PM · Security-Team
Dsharpe created T221659: Provide a training session for the new Acceptable Use Policy, once it is approved.
Apr 23 2019, 4:05 PM · Security-Team
Dsharpe updated the task description for T218091: Security Team quarterly check in for April - June 2019.
Apr 23 2019, 3:09 PM · Security-Team
Dsharpe added a comment to T221642: Create an Acceptable Use Policy.

The Acceptable Use Policy is currently in review, and lives at https://office.wikimedia.org/wiki/Security/Policy/Candidates/Acceptable_Use_Policy.

Apr 23 2019, 3:08 PM · Security-Team
Dsharpe created T221642: Create an Acceptable Use Policy.
Apr 23 2019, 3:07 PM · Security-Team
Dsharpe added a comment to T221639: Establish Foundation's Security Council.

Security Council charter document has been drafted and submitted for approval.

Apr 23 2019, 3:03 PM · Security-Team
Dsharpe updated the task description for T218091: Security Team quarterly check in for April - June 2019.
Apr 23 2019, 3:01 PM · Security-Team
Dsharpe created T221639: Establish Foundation's Security Council.
Apr 23 2019, 3:00 PM · Security-Team

Mar 22 2019

Dsharpe closed T213742: Onboarding David Sharpe to Security Team as Information Security Analyst as Resolved.
Mar 22 2019, 9:27 PM · Security-Team
Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Mar 22 2019, 9:27 PM · Security-Team

Mar 21 2019

chasemp empowered Dsharpe as an administrator.
Mar 21 2019, 3:26 PM

Jan 18 2019

Dsharpe added a comment to T214130: Requesting access to production for dsharpe.

Yes, the ssh key pair is entirely new, and not used any where else at all.

Jan 18 2019, 3:16 PM · Operations, SRE-Access-Requests
Dsharpe updated the task description for T214130: Requesting access to production for dsharpe.
Jan 18 2019, 1:19 AM · Operations, SRE-Access-Requests
Dsharpe created T214130: Requesting access to production for dsharpe.
Jan 18 2019, 1:05 AM · Operations, SRE-Access-Requests

Jan 17 2019

Dsharpe updated the task description for T214090: Request to add new hire David Sharpe (Dsharpe) to wmf LDAP group.
Jan 17 2019, 9:32 PM · Patch-For-Review, LDAP-Access-Requests
Dsharpe created T214090: Request to add new hire David Sharpe (Dsharpe) to wmf LDAP group.
Jan 17 2019, 9:24 PM · Patch-For-Review, LDAP-Access-Requests
Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Jan 17 2019, 9:07 PM · Security-Team

Jan 16 2019

Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Jan 16 2019, 2:05 PM · Security-Team
Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Jan 16 2019, 2:54 AM · Security-Team
Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Jan 16 2019, 2:52 AM · Security-Team
Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Jan 16 2019, 2:31 AM · Security-Team
Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Jan 16 2019, 2:21 AM · Security-Team
Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Jan 16 2019, 2:16 AM · Security-Team
Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Jan 16 2019, 2:11 AM · Security-Team

Jan 15 2019

Dsharpe updated the task description for T213742: Onboarding David Sharpe to Security Team as Information Security Analyst.
Jan 15 2019, 1:52 PM · Security-Team