chasemp (Chase)Administrator
security eng

Projects (35)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Sep 16 2014, 11:39 AM (213 w, 6 d)
Roles
Administrator
Availability
Available
IRC Nick
chasemp
LDAP User
Rush
MediaWiki User
CPettet (WMF) [ Global Accounts ]

Current: security person

Past: engineering manager, lead operations engineer, operations engineer

Local changes.
for upgrades

Recent Activity

Today

chasemp added a comment to T207663: Renumber cloud-instance-transport1-b-eqiad to public IPs.

No technical blockers to this VLAN have public IPs that I know of. Agreed that the switchover would be difficult to make transparent to users. It's possible adding an interface to the neutron router for a new subnet in the existing VLAN would allow cutover to be faster but its probably more trouble than it's worth -- would need to test it out a bit.

Mon, Oct 22, 4:46 PM · netops, Operations, Cloud-Services

Mon, Oct 15

chasemp set the image for security assessments to F26611632: profile.
Mon, Oct 15, 9:32 PM
chasemp set the icon for security assessments to Umbrella.
Mon, Oct 15, 9:31 PM

Thu, Oct 11

chasemp closed T206628: Security Issue Access Request for LarsWirzenius as Resolved.

I've linked my new meta.wikimedia.org and mediawiki.org account to Phabricator now. @chasemp OK?

Thu, Oct 11, 6:15 PM · Security-Team, Security
chasemp closed T206628: Security Issue Access Request for LarsWirzenius, a subtask of T206466: Onboarding liw, as Resolved.
Thu, Oct 11, 6:15 PM · User-zeljkofilipin, Release-Engineering-Team (Kanban)
chasemp added a comment to T206628: Security Issue Access Request for LarsWirzenius.

I don't seem to be able to create an account with a "(WMF)" suffix on mediawiki.org.

Thu, Oct 11, 12:19 PM · Security-Team, Security

Wed, Oct 10

chasemp placed T91707: L10n-bot should not force-merge / override Jenkins (breaks the build) up for grabs.

Thanks, I misunderstood the scope here. Leaving open :)

Wed, Oct 10, 6:21 PM · Continuous-Integration-Infrastructure, translatewiki.net
chasemp added a comment to T206628: Security Issue Access Request for LarsWirzenius.

@chasemp is that better?

Wed, Oct 10, 2:22 PM · Security-Team, Security
chasemp triaged T206628: Security Issue Access Request for LarsWirzenius as Normal priority.
Wed, Oct 10, 1:49 PM · Security-Team, Security
chasemp added a comment to T206628: Security Issue Access Request for LarsWirzenius.

@LarsWirzenius can you link your WMF account to your user profile on phab? https://phabricator.wikimedia.org/p/LarsWirzenius/ right now I see it links to https://www.mediawiki.org/w/index.php?title=User:LarsWirzenius.

Wed, Oct 10, 1:49 PM · Security-Team, Security

Tue, Oct 9

chasemp closed T91707: L10n-bot should not force-merge / override Jenkins (breaks the build) as Resolved.

tentatively resolving this as part of T205563

Tue, Oct 9, 6:52 PM · Continuous-Integration-Infrastructure, translatewiki.net

Wed, Oct 3

chasemp added a comment to T150300: icinga notification if elevated writing to badpass.log.

Change 464077 had a related patch set uploaded (by Gergő Tisza; owner: Gergő Tisza):
[operations/mediawiki-config@master] Move auth logging to different channels for easier counting

https://gerrit.wikimedia.org/r/464077

Wed, Oct 3, 7:29 PM · Patch-For-Review, Security-team-backlog, monitoring, Operations
chasemp created P7624 /mediawiki-i18n-check-docker_v1.
Wed, Oct 3, 6:48 PM

Tue, Oct 2

chasemp added a comment to T150300: icinga notification if elevated writing to badpass.log.

I had a few minutes so I looked at this because it would be super swell to have it rigged up. It's a bit complicated at the moment.

Tue, Oct 2, 12:50 PM · Patch-For-Review, Security-team-backlog, monitoring, Operations

Fri, Sep 28

chasemp added a member for Security: security_team_bot.
Fri, Sep 28, 5:37 PM
chasemp changed hashtags for security_assessment_analytics_2018, added #sec_assess_analytics_2018; removed #analytics_2018.
Fri, Sep 28, 4:55 PM

Tue, Sep 25

chasemp closed T205443: testing task creation with advanced form as Invalid.
Tue, Sep 25, 2:55 PM
chasemp created T205443: testing task creation with advanced form.
Tue, Sep 25, 2:54 PM

Mon, Sep 24

chasemp added a comment to T205340: analytics1-a VLAN has no DNS for gateway addresses to match other analytics VLANs.

Oh hey :). I was going to knock it out for ya but awesome. I will yep

Mon, Sep 24, 11:58 PM · Patch-For-Review, Operations, netops
chasemp added a member for Triagers: chasemp.
Mon, Sep 24, 9:14 PM
chasemp triaged T205340: analytics1-a VLAN has no DNS for gateway addresses to match other analytics VLANs as Low priority.
Mon, Sep 24, 8:47 PM · Patch-For-Review, Operations, netops

Sep 19 2018

chasemp renamed security_assessment_analytics_2018 from security_assessment_analytics 2018 to security_assessment_analytics_2018.
Sep 19 2018, 9:32 PM
chasemp renamed security assessments from security assessment to security assessments.
Sep 19 2018, 7:45 PM
chasemp added a project to T204138: Add 'Risk Rating' field to tasks created via advanced template: security assessments.
Sep 19 2018, 7:40 PM · security assessments, Patch-For-Review, Security-Team, Phabricator
chasemp closed T204138: Add 'Risk Rating' field to tasks created via advanced template as Resolved.

further work in T204160 where we determined we are moving forward with a task type trial

Sep 19 2018, 7:40 PM · security assessments, Patch-For-Review, Security-Team, Phabricator
chasemp renamed security_assessment_analytics_2018 from analytics 2018 to security_assessment_analytics 2018.
Sep 19 2018, 7:35 PM
chasemp created security_assessment_analytics_2018.
Sep 19 2018, 7:34 PM
chasemp edited Description on security assessments.
Sep 19 2018, 7:31 PM
chasemp created security assessments.
Sep 19 2018, 7:30 PM
chasemp triaged T204853: Security Issue Access Request for MBinder_WMF as Normal priority.
Sep 19 2018, 6:33 PM · Security-Team, Security
chasemp added a member for acl*security_team: security_team_bot.
Sep 19 2018, 6:32 PM

Sep 17 2018

chasemp added a comment to T204138: Add 'Risk Rating' field to tasks created via advanced template.

Strange. I think that phab handles "select" lists in a weird way.

Sep 17 2018, 6:00 PM · security assessments, Patch-For-Review, Security-Team, Phabricator
chasemp triaged T204382: wmf group access for SBassett as Normal priority.
Sep 17 2018, 5:59 PM · Patch-For-Review, Security-Team, LDAP-Access-Requests
chasemp added a comment to T204138: Add 'Risk Rating' field to tasks created via advanced template.

@20after4 is the issue that hte field is not hidden on an edit form even though it's hidden on creation forms? Let's sync up on this today if you have a minute

Sep 17 2018, 3:06 PM · security assessments, Patch-For-Review, Security-Team, Phabricator
chasemp closed T204535: test persistence of risk rating which should not be present as Invalid.
Sep 17 2018, 3:05 PM
chasemp created T204535: test persistence of risk rating which should not be present.
Sep 17 2018, 3:05 PM
chasemp added a comment to T202636: Allow routing between eqiad and eqiad1 regions.

There is logic in the NAT controller to exclude certain destination addresses from NAT (IIUC) and potentially dding the 10. range for eqiad instances would allow preservation of source addresses here?

Sep 17 2018, 1:34 PM · Patch-For-Review, Cloud-VPS, cloud-services-team
chasemp added a comment to T204138: Add 'Risk Rating' field to tasks created via advanced template.

@20after4 is the issue that hte field is not hidden on an edit form even though it's hidden on creation forms? Let's sync up on this today if you have a minute

Sep 17 2018, 1:32 PM · security assessments, Patch-For-Review, Security-Team, Phabricator

Sep 16 2018

chasemp added a comment to T204138: Add 'Risk Rating' field to tasks created via advanced template.

@20after4 have any idea why it's still showing up? Oddly I do not see it

Sep 16 2018, 12:35 PM · security assessments, Patch-For-Review, Security-Team, Phabricator

Sep 13 2018

chasemp created P7544 (An Untitled Masterwork).
Sep 13 2018, 3:46 PM
chasemp added a comment to T204138: Add 'Risk Rating' field to tasks created via advanced template.

Yes apologies, we reconsidered shortly after we added it to the default advanced edit form. We can look at cleaning up the couple outliers if it's an issue and for now we are looking at better ways to both have specific criteria for security/risk oriented tasks and leave existing things as unaffected as possible.

Sep 13 2018, 1:28 PM · security assessments, Patch-For-Review, Security-Team, Phabricator

Sep 12 2018

chasemp added a comment to T204160: Should security tasks be a custom type in maniphest?.
. @20after4 and I are talking about doing a few things:
Sep 12 2018, 9:20 PM · Release-Engineering-Team (Kanban), Security-Team, User-MModell, Phabricator
chasemp reopened T204138: Add 'Risk Rating' field to tasks created via advanced template as "Open".

re-opening so we can figure something out, totally down for risk rating not showing on regular advanced tasks. @20after4 and I are talking about doing a few things:

Sep 12 2018, 9:18 PM · security assessments, Patch-For-Review, Security-Team, Phabricator
chasemp closed T204138: Add 'Risk Rating' field to tasks created via advanced template as Resolved.
Sep 12 2018, 7:13 PM · security assessments, Patch-For-Review, Security-Team, Phabricator
chasemp updated subscribers of T204138: Add 'Risk Rating' field to tasks created via advanced template.

Talked to @20after4 for a bit about this and we added it to the advanced form. Let's see how this works out.

Sep 12 2018, 7:13 PM · security assessments, Patch-For-Review, Security-Team, Phabricator
chasemp created P7538 (An Untitled Masterwork).
Sep 12 2018, 6:34 PM
chasemp updated the task description for T204138: Add 'Risk Rating' field to tasks created via advanced template.
Sep 12 2018, 5:50 PM · security assessments, Patch-For-Review, Security-Team, Phabricator
chasemp updated the task description for T204138: Add 'Risk Rating' field to tasks created via advanced template.
Sep 12 2018, 5:27 PM · security assessments, Patch-For-Review, Security-Team, Phabricator
chasemp triaged T204138: Add 'Risk Rating' field to tasks created via advanced template as Normal priority.
Sep 12 2018, 5:27 PM · security assessments, Patch-For-Review, Security-Team, Phabricator

Sep 11 2018

chasemp added a member for WMF-NDA: JBennett.
Sep 11 2018, 7:35 PM

Sep 10 2018

chasemp added a member for acl*phabricator: Quiddity.
Sep 10 2018, 6:51 PM
chasemp added a project to Blog Post: Details of dictionary attack from May 2018: Security-Team.
Sep 10 2018, 3:14 PM · Security-Team
chasemp updated the post content for Blog Post: Additional details on OurMine.
Sep 10 2018, 3:14 PM · Security-Team
chasemp added a comment to T150605: Publish an analysis of the OurMine hack.

https://phabricator.wikimedia.org/phame/post/view/114/additional_details_on_ourmine/

Sep 10 2018, 3:11 PM · Wikimedia-Incident, Security-Team
chasemp closed T185733: Create a logo for the security team as Resolved.
Sep 10 2018, 3:01 PM · Security-Team
chasemp triaged T201203: blog.wikimedia.org loads external scripts as High priority.
Sep 10 2018, 2:38 PM · Privacy, WMF-Blog-Social-Team, Wikimedia-Blog

Sep 5 2018

chasemp added a watcher for AbuseFilter: chasemp.
Sep 5 2018, 5:45 PM
chasemp closed T116305: Followup assessment for analytics cluster as Invalid.

stat1002 does not exist anymore, and this assessment is old. closed in favor of other tasks.

Sep 5 2018, 5:21 PM · Security-Team

Sep 4 2018

chasemp closed T109328: Undefined #Security-General and #Security-Other as Resolved.

As part of revitalizing the security group here we are reviewing our workflow processes :)

Sep 4 2018, 6:40 PM · Project-Admins, Security-Team
chasemp added a parent task for T121136: Establish a process to periodically review and approve access for hadoop/hue users: Unknown Object (Task).
Sep 4 2018, 6:24 PM · Security-team-backlog, Analytics
chasemp triaged T181660: Experiment using phan for static analysis as Normal priority.

I think we can close this as resolved? The experiment has been incredibly successful so far.

Sep 4 2018, 6:15 PM · phan-taint-check-plugin, Security-Team
chasemp changed the edit policy for Security-Team.
Sep 4 2018, 6:05 PM
chasemp added a member for Security-Team: Reedy.
Sep 4 2018, 6:04 PM
chasemp moved T152219: Statistics on Captcha success/failure rate from Backlog to In Progress on the Security-Team board.
Sep 4 2018, 4:40 PM · AICaptcha, Security-Team
chasemp moved T117618: Add restrictive CSP to upload.wikimedia.org from To Follow Up to In Progress on the Security-Team board.
Sep 4 2018, 4:39 PM · Wikimedia-General-or-Unknown, Traffic, Operations, Security-Team
chasemp moved T117618: Add restrictive CSP to upload.wikimedia.org from Backlog to To Follow Up on the Security-Team board.
Sep 4 2018, 4:39 PM · Wikimedia-General-or-Unknown, Traffic, Operations, Security-Team
chasemp assigned T181660: Experiment using phan for static analysis to Bawolff.
Sep 4 2018, 4:35 PM · phan-taint-check-plugin, Security-Team
chasemp claimed T185733: Create a logo for the security team.
Sep 4 2018, 4:35 PM · Security-Team
chasemp moved T109328: Undefined #Security-General and #Security-Other from Backlog to In Progress on the Security-Team board.
Sep 4 2018, 4:32 PM · Project-Admins, Security-Team
chasemp moved T116305: Followup assessment for analytics cluster from Backlog to In Progress on the Security-Team board.
Sep 4 2018, 4:30 PM · Security-Team
chasemp edited projects for T202356: Create Security Patches board/workflow, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:26 PM · Security-team-backlog
chasemp edited projects for T140270: Determine a core set or a checklist of permissions for deployment purpose, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:14 PM · Security-team-backlog, Release-Engineering-Team (Someday), User-greg, Operations
chasemp edited projects for T149588: Create password policy using AntiSpoof, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:13 PM · Security-team-backlog, AntiSpoof, MediaWiki-User-login-and-signup
chasemp edited projects for T149743: Prevent user from continuing until they change their password, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:12 PM · Security-team-backlog, MediaWiki-User-login-and-signup
chasemp edited projects for T28227: Notify user by email when password changed, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:12 PM · Security-team-backlog, MediaWiki-Authentication-and-authorization, MediaWiki-Email, MediaWiki-User-login-and-signup
chasemp edited projects for T150580: Throttle IP when doing many successful login attemps, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:11 PM · Security-team-backlog, MediaWiki-User-login-and-signup
chasemp edited projects for T150647: Deploy EncryptedPassword to WMF, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:10 PM · Security-team-backlog, Wikimedia-Site-requests
chasemp edited projects for T150853: Create a burn-down list of administrator accounts without 2FA or password changes since 11 November 2016, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:10 PM · Security-team-backlog, Security-General
chasemp edited projects for T151425: Enlarge Popular Password File to 100,000 entries, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:09 PM · Security-team-backlog, Patch-For-Review, MediaWiki-User-login-and-signup
chasemp triaged T152219: Statistics on Captcha success/failure rate as Normal priority.
Sep 4 2018, 4:08 PM · AICaptcha, Security-Team
chasemp edited projects for T152972: Accessing private information through SecurePoll should be logged, added: Security; removed Security-Team.
Sep 4 2018, 4:08 PM · Security, Stewards-and-global-tools, MediaWiki-extensions-SecurePoll
chasemp edited projects for T153691: Strengthen two factor authentication by making it concurrent instead of sequential during the authentication process, added: Security; removed Security-Team.
Sep 4 2018, 4:07 PM · Security, MediaWiki-Authentication-and-authorization, MediaWiki-extensions-OATHAuth
chasemp edited projects for T156445: Streamline/automate MW tarball security release process, added: Security; removed Security-Team.
Sep 4 2018, 4:07 PM · Security, Release-Engineering-Team, MediaWiki-Releasing
chasemp edited projects for T156757: Add examples of the three security review processes, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:07 PM · Security-team-backlog, Documentation, Developer-Wishlist (2017)
chasemp triaged T157500: Query percentage of English Wikipedia admins without 2FA as Normal priority.
Sep 4 2018, 4:06 PM · Security
chasemp edited projects for T108360: Create "security pre-announce" group in Phab (to easier allow 3rd parties who get pre-release notifications to access Security tasks), added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:06 PM · Security-team-backlog, MediaWiki-Releasing, Project-Admins, Phabricator
chasemp edited projects for T162171: Become a CVE Numbering Authority (CNA) for MediaWiki and extensions, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:05 PM · Security-team-backlog, Goal
chasemp edited projects for T40860: security@mediawiki.org : Create a public key and publish it on the public key servers, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 4:05 PM · Security-team-backlog, WorkType-NewFunctionality, Operations, Wikimedia-General-or-Unknown
chasemp triaged T184208: Security checkup/reminder for verifying email and authentication details as Normal priority.

Is the Security team interested in working on this? @Reedy @Bawolff (sorry for the individual pings, I couldn't find a tag for the security team itself).

Sep 4 2018, 4:04 PM · Security, Security-team-backlog, Growth-Team, Security-General, MediaWiki-Authentication-and-authorization, Collaboration-Team-Triage, Notifications
chasemp triaged T192453: Remove requirement for security review of well maintained third party libraries as Normal priority.
Sep 4 2018, 4:03 PM · Security-team-backlog, MediaWiki-Documentation, MediaWiki-Vendor, MediaWiki-General-or-Unknown, Proposal, Security, Documentation
chasemp archived ops-security.
Sep 4 2018, 3:55 PM
chasemp archived Security-Extensions.
Sep 4 2018, 3:54 PM
chasemp edited projects for T174877: Spambots as IP addresses and as accounts again prolific within WMF wikis, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 3:53 PM · Security-team-backlog, Trust-and-Safety, Wikimedia-General-or-Unknown
chasemp removed a project from T180648: Expand the access to 2FA on fawiki: Security-Team.
Sep 4 2018, 3:53 PM · Trust-and-Safety, Patch-For-Review, Wikimedia-Site-requests
chasemp edited projects for T180877: Dealing with GitHub security alerts, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 3:51 PM · Security-team-backlog, GitHub-Mirrors
chasemp removed a project from T180994: Access to /vendor blocked: Security-Team.
Sep 4 2018, 3:51 PM · Chameleon, MediaWiki-Interface, Regression
chasemp edited projects for T180278: Expand our usage of FriendsOfPHP/security-advisories, added: Security-team-backlog; removed Security-Team.
Sep 4 2018, 3:49 PM · Patch-For-Review, Security-team-backlog, Composer, Librarization, Security-General, Continuous-Integration-Config, Security
chasemp moved T185733: Create a logo for the security team from Backlog to In Progress on the Security-Team board.
Sep 4 2018, 3:49 PM · Security-Team
chasemp triaged T185733: Create a logo for the security team as Normal priority.
Sep 4 2018, 3:48 PM · Security-Team
chasemp added a comment to T185733: Create a logo for the security team.

https://commons.wikimedia.org/wiki/File:Wikimedia_Strategic_planning_11.svg

Sep 4 2018, 3:48 PM · Security-Team