Page MenuHomePhabricator

chasemp (Chase)
securityAdministrator

Projects (15)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Thursday

  • Clear sailing ahead.

User Details

User Since
Sep 16 2014, 11:39 AM (296 w, 6 d)
Roles
Administrator
Availability
Available
IRC Nick
chasemp
LDAP User
Rush
MediaWiki User
CPettet (WMF) [ Global Accounts ]

Current: senior security architect

Past: security architect, security engineer, engineering manager, lead operations engineer, operations engineer

https://m.mediawiki.org/wiki/Wikimedia_Security_Team

Recent Activity

Tue, May 19

chasemp moved T235858: Increase of training data retention (>90 days) is validated with Legal / Privacy from Incoming to Watching on the Security-Team board.
Tue, May 19, 4:19 PM · Security-Team, Discovery-Search (Current work)
chasemp added a project to T235858: Increase of training data retention (>90 days) is validated with Legal / Privacy: Security-Team.
Tue, May 19, 4:19 PM · Security-Team, Discovery-Search (Current work)
chasemp added a project to T189531: All Wikimedia developer services should use single sign-on : CAS-SSO.
Tue, May 19, 3:47 PM · CAS-SSO, Security, Security-Team, User-Tgr, Wikimedia-Hackathon-2018, Wikimedia-General-or-Unknown, Epic

Mon, May 18

chasemp added a comment to T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team).

10 day bump :)

Mon, May 18, 6:20 PM · serviceops, PM, Security-Team, vm-requests, Operations

Thu, May 14

chasemp closed T252778: Add OIT to author affiliation drop down as Resolved.

done

Thu, May 14, 3:05 PM · Phabricator, PM, Security-Team
chasemp added a project to T252778: Add OIT to author affiliation drop down: Phabricator.
Thu, May 14, 3:04 PM · Phabricator, PM, Security-Team
chasemp moved T252778: Add OIT to author affiliation drop down from Incoming to In Progress on the Security-Team board.
Thu, May 14, 2:53 PM · Phabricator, PM, Security-Team
chasemp triaged T252778: Add OIT to author affiliation drop down as Medium priority.
Thu, May 14, 2:53 PM · Phabricator, PM, Security-Team

Tue, May 12

chasemp added a comment to T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team).

Why does this need a complete VM, though? If this simply sends some notifications triggered by cron jobs, simply running them from mwmaint1002 seems fine? (Despite the mw-specific name, mwmaint1002 also hosts various other maintenance profiles (profile::mariadb::maintenance and profile::openldap::management)

Tue, May 12, 6:24 PM · serviceops, PM, Security-Team, vm-requests, Operations

Mon, May 11

chasemp changed the status of T242285: Create status mechanism(s) for security-team@ combining Asana and Phab from Open to Stalled.
Mon, May 11, 7:25 PM · PM, Security-Team
chasemp lowered the priority of T251784: Puppetize Peek for running in prod from Medium to Low.

waiting on the VM

Mon, May 11, 7:25 PM · Patch-For-Review, Security-Team
chasemp added a project to T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team): PM.
Mon, May 11, 6:46 PM · serviceops, PM, Security-Team, vm-requests, Operations
chasemp moved T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team) from In Progress to Waiting on the Security-Team board.
Mon, May 11, 6:29 PM · serviceops, PM, Security-Team, vm-requests, Operations
chasemp moved T251784: Puppetize Peek for running in prod from Incoming to In Progress on the Security-Team board.
Mon, May 11, 3:02 PM · Patch-For-Review, Security-Team

Fri, May 8

chasemp added a subtask for T242285: Create status mechanism(s) for security-team@ combining Asana and Phab: T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team).
Fri, May 8, 3:15 PM · PM, Security-Team
chasemp added a parent task for T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team): T242285: Create status mechanism(s) for security-team@ combining Asana and Phab.
Fri, May 8, 3:15 PM · serviceops, PM, Security-Team, vm-requests, Operations
chasemp moved T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team) from Incoming to In Progress on the Security-Team board.
Fri, May 8, 3:15 PM · serviceops, PM, Security-Team, vm-requests, Operations
chasemp updated the task description for T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team).
Fri, May 8, 3:14 PM · serviceops, PM, Security-Team, vm-requests, Operations
chasemp added a project to T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team): Security-Team.
Fri, May 8, 3:13 PM · serviceops, PM, Security-Team, vm-requests, Operations
chasemp created T252210: Eqiad: 1VM request for Peek (PM service in use by Security Team).
Fri, May 8, 3:13 PM · serviceops, PM, Security-Team, vm-requests, Operations
chasemp renamed T242285: Create status mechanism(s) for security-team@ combining Asana and Phab from Create status mechanism for security-team@ combining Asana and Phab to Create status mechanism(s) for security-team@ combining Asana and Phab.
Fri, May 8, 3:05 PM · PM, Security-Team

Mon, May 4

chasemp triaged T251784: Puppetize Peek for running in prod as Medium priority.
Mon, May 4, 4:42 PM · Patch-For-Review, Security-Team
chasemp created T251784: Puppetize Peek for running in prod.
Mon, May 4, 4:32 PM · Patch-For-Review, Security-Team

Fri, May 1

chasemp added a comment to T244792: Determine any impacts to SRE from OIT's planned move to JumpCloud for LDAP.

@faidon it doesn't seem like that case was surfaced actually. @jbond would know for sure as he handling the transition logic on SRE side.

Fri, May 1, 7:23 PM · Patch-For-Review, User-jbond, Security-Team, Operations

Thu, Apr 30

chasemp updated the task description for T246712: Security Readiness Review for push notifications infrastructure.
Thu, Apr 30, 6:29 PM · Push-Notification-Service, secscrum, Product-Infrastructure-Team-Backlog, Security, Security Readiness Reviews
chasemp renamed T242285: Create status mechanism(s) for security-team@ combining Asana and Phab from Create status mechansim for security-team@ combining Asana and Phab to Create status mechanism for security-team@ combining Asana and Phab.
Thu, Apr 30, 1:56 PM · PM, Security-Team

Wed, Apr 29

chasemp added a comment to T242285: Create status mechanism(s) for security-team@ combining Asana and Phab.

Ready to roll other than a place to run it. Confirmed with @Jcross the format and info look good.

Wed, Apr 29, 7:41 PM · PM, Security-Team
chasemp added a comment to T242285: Create status mechanism(s) for security-team@ combining Asana and Phab.

https://gerrit.wikimedia.org/r/#/c/wikimedia/security/tooling/peek/+/593268/

Wed, Apr 29, 4:20 PM · PM, Security-Team
chasemp closed T247634: [ignore] test report case as Invalid.
Wed, Apr 29, 2:42 PM · secscrum

Apr 14 2020

chasemp added a comment to T242285: Create status mechanism(s) for security-team@ combining Asana and Phab.

I'm working on it still :)

Apr 14 2020, 3:49 PM · PM, Security-Team

Apr 13 2020

chasemp edited projects for T32018: Require some user groups to have a periodically confirmed valid email address, added: Security, Core Platform Team; removed Security-Team.
Apr 13 2020, 3:07 PM · Core Platform Team, Security, MediaWiki-User-management

Apr 9 2020

chasemp reassigned T238547: Security issue access for darthmon_wmde from JBennett to Dsharpe.
Apr 9 2020, 12:39 PM · Security, Security-Team

Apr 7 2020

chasemp awarded T157651: sql.php must not run LoadExtensionSchemaUpdates a Orange Medal token.
Apr 7 2020, 9:59 AM · Sustainability (Incident Prevention), MW-1.35-notes (1.35.0-wmf.30; 2020-04-28), Wikidata, Growth-Team, StructuredDiscussions, Core Platform Team Workboards (Clinic Duty Team), Patch-For-Review, Performance-Team, MediaWiki-Maintenance-system

Apr 6 2020

chasemp moved T249337: Security Issue Access Request for hnowlan from Incoming to In Progress on the Security-Team board.
Apr 6 2020, 3:26 PM · Security-Team, Security

Apr 2 2020

chasemp added a comment to T242285: Create status mechanism(s) for security-team@ combining Asana and Phab.

notes from meeting today with @Jcross

Apr 2 2020, 7:39 PM · PM, Security-Team

Mar 31 2020

chasemp added a member for AWS: chasemp.
Mar 31 2020, 8:55 PM
chasemp created AWS.
Mar 31 2020, 8:54 PM

Mar 25 2020

chasemp triaged T248497: Security Preview for Jumpcloud as Medium priority.
Mar 25 2020, 8:30 PM · secscrum, Security Risk Management, Security Preview
chasemp triaged T247634: [ignore] test report case as Lowest priority.
Mar 25 2020, 6:55 PM · secscrum
chasemp moved T248497: Security Preview for Jumpcloud from Incoming to Back Orders on the secscrum board.
Mar 25 2020, 6:17 PM · secscrum, Security Risk Management, Security Preview
chasemp created T248497: Security Preview for Jumpcloud.
Mar 25 2020, 6:16 PM · secscrum, Security Risk Management, Security Preview
chasemp added a comment to T244792: Determine any impacts to SRE from OIT's planned move to JumpCloud for LDAP.

Thanks @chasemp

@MoritzMuehlenhoff please confirm you can access the admin dashboard, and I will go ahead and close this task out.

Mar 25 2020, 6:13 PM · Patch-For-Review, User-jbond, Security-Team, Operations

Mar 24 2020

chasemp closed T240490: Revamping Security-Team Work Intake and Flows as Resolved.
Mar 24 2020, 4:07 PM · PM, Epic, Security-Team
chasemp added a comment to T248095: test for inprogress but unassigned reporting.

Please leave open for now :) I'll manage it. Apologies for the clutter.

Mar 24 2020, 3:51 PM · Security-Team
chasemp reopened T247634: [ignore] test report case as "Open".

Please leave open it's a test case for reporting still :D

Mar 24 2020, 3:50 PM · secscrum
chasemp added a hashtag to Privacy Engineering: #privacy-engineering.
Mar 24 2020, 3:47 PM
chasemp moved T240490: Revamping Security-Team Work Intake and Flows from Watching to Our Part Is Done on the Security-Team board.
Mar 24 2020, 3:43 PM · PM, Epic, Security-Team
chasemp changed the visibility for T240490: Revamping Security-Team Work Intake and Flows.
Mar 24 2020, 3:43 PM · PM, Epic, Security-Team
chasemp updated the task description for T240490: Revamping Security-Team Work Intake and Flows.
Mar 24 2020, 3:42 PM · PM, Epic, Security-Team
chasemp renamed T242285: Create status mechanism(s) for security-team@ combining Asana and Phab from Create weekly status email for security-team@ combining Asana and Phab to Create status mechansim for security-team@ combining Asana and Phab.
Mar 24 2020, 3:40 PM · PM, Security-Team
chasemp added a comment to T240490: Revamping Security-Team Work Intake and Flows.

All subtasks closed.

Mar 24 2020, 3:39 PM · PM, Epic, Security-Team
chasemp closed T244161: Turn off #privacy workboard, a subtask of T240490: Revamping Security-Team Work Intake and Flows, as Resolved.
Mar 24 2020, 3:36 PM · PM, Epic, Security-Team
chasemp closed T244161: Turn off #privacy workboard as Resolved.

https://phabricator.wikimedia.org/project/profile/1205/

Mar 24 2020, 3:36 PM · Phabricator, Security-Team, Privacy
chasemp added a comment to T248294: Separate permission for creating a page with a custom content model.

Per Daniel, this seems fine. Improvement in granularity of permissions is a good thing. Feel free to loop us in again if CR is needed when appropriate, but not something we'll probably work on (and it looks like DannyS712 is planning on anyway)

Mar 24 2020, 3:26 PM · Editing-team, Security-Team, MediaWiki-User-management, User-DannyS712

Mar 23 2020

chasemp added a comment to T244161: Turn off #privacy workboard.

Hoping to wrap this up as a straggler at teh end of the quarter, can I lend a hand for separating wheat from chaff?

Mar 23 2020, 8:40 PM · Phabricator, Security-Team, Privacy

Mar 19 2020

chasemp triaged T248095: test for inprogress but unassigned reporting as Lowest priority.
Mar 19 2020, 2:28 PM · Security-Team

Mar 18 2020

chasemp moved T247634: [ignore] test report case from Incoming to In Progress on the secscrum board.
Mar 18 2020, 5:59 PM · secscrum

Mar 17 2020

chasemp renamed secscrum from secteam scrum to secscrum.
Mar 17 2020, 3:53 PM

Mar 16 2020

chasemp added a comment to T247764: remove bawolff from acl*security-team (to remain in acl*security).

RIP cabal membership

Mar 16 2020, 7:52 PM · Security, Security-Team
chasemp closed T247764: remove bawolff from acl*security-team (to remain in acl*security) as Resolved.
Mar 16 2020, 3:36 PM · Security, Security-Team
chasemp removed a member for acl*security_team: Bawolff.
Mar 16 2020, 3:35 PM
chasemp triaged T247764: remove bawolff from acl*security-team (to remain in acl*security) as Medium priority.
Mar 16 2020, 3:35 PM · Security, Security-Team

Mar 13 2020

chasemp created T247634: [ignore] test report case.
Mar 13 2020, 7:48 PM · secscrum

Mar 12 2020

chasemp closed T247549: test of url perms mangling as Invalid.
Mar 12 2020, 6:08 PM · User-chasemp
chasemp changed the visibility for T247549: test of url perms mangling.
Mar 12 2020, 6:05 PM · User-chasemp
chasemp created T247549: test of url perms mangling.
Mar 12 2020, 6:04 PM · User-chasemp
chasemp moved T247327: Combine RFS forms for Security Readiness Review and other RFS from Incoming to Watching on the Security-Team board.
Mar 12 2020, 1:23 AM · secscrum, Security-Team, RFS, Security Readiness Reviews

Mar 10 2020

chasemp moved T245205: Security Readiness Review For The Security Design of Toolforge Kubernetes from Incoming to Back Orders on the secscrum board.
Mar 10 2020, 8:42 PM · secscrum, Security Readiness Reviews, Toolforge, Security
chasemp updated the task description for T245205: Security Readiness Review For The Security Design of Toolforge Kubernetes.
Mar 10 2020, 8:42 PM · secscrum, Security Readiness Reviews, Toolforge, Security
chasemp edited projects for T245205: Security Readiness Review For The Security Design of Toolforge Kubernetes, added: Security Readiness Reviews; removed Security-Team-Services.
Mar 10 2020, 8:41 PM · secscrum, Security Readiness Reviews, Toolforge, Security
chasemp edited Description on Security Preview.
Mar 10 2020, 8:36 PM
chasemp edited Description on Security Readiness Reviews.
Mar 10 2020, 8:36 PM
chasemp removed a hashtag from secscrum: #security_reviews_team.
Mar 10 2020, 8:35 PM
chasemp closed T247326: combine security readiness review and security preview boards with third tag as Resolved.
Mar 10 2020, 8:34 PM · Project-Admins, secscrum, Security-Team, Security, Security Preview, Security Readiness Reviews
chasemp added hashtags to secscrum: #secteam-scrum, #secscrum.
Mar 10 2020, 8:32 PM
chasemp renamed secscrum from security reviews team to secteam scrum.
Mar 10 2020, 8:29 PM
chasemp edited Description on secscrum.
Mar 10 2020, 8:28 PM
chasemp closed T247351: testing herald secreviews as Invalid.
Mar 10 2020, 8:25 PM · secscrum, Security Preview
chasemp added a project to T247351: testing herald secreviews: Security Preview.
Mar 10 2020, 8:24 PM · secscrum, Security Preview
chasemp removed projects from T247351: testing herald secreviews: secscrum, Security Readiness Reviews.
Mar 10 2020, 8:24 PM · secscrum, Security Preview
chasemp created T247351: testing herald secreviews.
Mar 10 2020, 8:24 PM · secscrum, Security Preview
chasemp added a comment to T247326: combine security readiness review and security preview boards with third tag.

https://phabricator.wikimedia.org/tag/secteam-scrum

Mar 10 2020, 8:24 PM · Project-Admins, secscrum, Security-Team, Security, Security Preview, Security Readiness Reviews
chasemp edited Description on Security Preview.
Mar 10 2020, 8:23 PM
chasemp edited Description on Security Preview.
Mar 10 2020, 8:22 PM
chasemp edited Description on Security Readiness Reviews.
Mar 10 2020, 8:20 PM
chasemp moved T115095: Security review of Newsletter extension from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, Patch-For-Review, Security-Team, Wikimedia-Hackathon-2016, MediaWiki-extensions-Newsletter
chasemp moved T787: Security review of community extensions: Extension:AtomExporter, Extension:DownloadCounter, Extension:PasswordProtected from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, Security-Team
chasemp moved T76782: security review of Wikimetrics from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security, Security Readiness Reviews, Analytics, Analytics-Wikimetrics
chasemp moved T108687: Security review for CodeMirror extension branch master from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, Community-Tech, MediaWiki-extensions-CodeMirror
chasemp moved T134931: Security review of GlobalGroupPermissions from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security, Security Readiness Reviews, MW-1.30-release-notes (WMF-deploy-2017-07-25_(1.30.0-wmf.11)), Patch-For-Review
chasemp moved T135198: Security review for RevisionSlider extension from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, TCB-Team-Sprint-2016-05-19, TCB-Team-Sprint-2016-06-02, Revision-Slider, Community-Tech, TCB-Team
chasemp moved T137197: Security review of the Performance Inspector from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, Performance-Team, MediaWiki-extensions-PerformanceInspector
chasemp moved T144467: Security review for Google MT for Content Translation from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security, Security Readiness Reviews, Core Platform Team Legacy (Watching / External), Language-Team (Language-2018-October-December), CX-deployments, Language-2017-Oct-Dec, Services (watching), Parsing-Team, Language-Q1-2016-17 Sprint 6, Language-Engineering July-September 2016, Security-Extensions
chasemp moved T146174: Security review of FileAnnotations from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, Patch-For-Review, FileAnnotations (Beta Cluster Release)
chasemp moved T138324: Security review for CollaborationKit from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, MediaWiki-extensions-CollaborationKit
chasemp moved T149083: Security review for InterwikiSorting Extension from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, MediaWiki-extensions-InterwikiSorting, User-Addshore, Wikidata
chasemp moved T149869: Security review for PageForms from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security, Security Readiness Reviews, MediaWiki-extensions-Page_Forms
chasemp moved T148583: Security review for Linter extension from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, MediaWiki-extensions-Linter
chasemp moved T151902: Security Review of Popups extension library from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:20 PM · secscrum, Security Readiness Reviews, Page-Previews (2016-17-Q3-Goal), Readers-Web-Backlog
chasemp moved T153087: Security Review of Trending Edits Endpoint from Incoming to Our Part Is Done on the secscrum board.
Mar 10 2020, 8:19 PM · secscrum, Security Readiness Reviews, Reading Epics (Trending Edits), Trending-Service