[Noisebridge-discuss] Ring-based trust/security model

Tao Neuendorffer Flaherty neuendorffer at googlemail.com
Fri Feb 17 12:35:37 PST 2012


Hackanese Tourists

I once heard Japan described as a wonderful place to visit. You are visiting Japan; that means you have excellent taste! We love you and want to show you everything! But that is for a visit; then you leave, because we don't have space for foreigners to live.

Noisebridge would benefit from the same amount of love for visitors. People being buzzed in -need- to be given a friendly tour and explanation. If they are a hacker, they will be impressed and inspired to work with you. If they are not, they will leave with the understanding of what you are and that they need to keep looking.

I like the idea of shutting down Noisebridge to the public for a week "for renovations". And something like these ring levels clearly implemented when you open.

Peace,
Tao

Sent from my iPad

On Feb 15, 2012, at 18:41, Gopiballava Flaherty <gopiballava at gmail.com> wrote:

> Some sort of guest pass scheme sounds like a good idea to me. Something to make it very clear to newbies that they are there at the discretion of NB. 
> 
> Thanks,
> 
> gopi at iPhone
> 
> 
> On Feb 15, 2012, at 18:26, Jonathan Toomim <jtoomim at jtoomim.org> wrote:
> 
>> TL;DR: Let's use a trust ring security model, with levels for Members, Friends, Guests, and Everyone Else. Most privileges are     reserved for Guests and above. People who demonstrate hack fu become Friends, and get a key and 24/7 unsupervised access. Guests need to have a Member or Friend sponsor them while they're there; complaints about a Guest's behavior or odor can be passed on to their sponsor, who will likely be more approachable than the Guest. 
>> 
>> On 2/15/2012 4:51 PM, Jonathan Toomim wrote:
>>> 
>>> I think we need to redesign and make more explicit the security model we use when dealing with users of NB. I think a ring-based       model would be better for us, since a capability-based model would be too complicated and difficult to track. It also seems to be       what we are implicitly using right now. 
>>> 
>>> http://en.wikipedia.org/wiki/Ring_(computer_security)
>>> 
>>> Currently, it seems we have these rings:
>>> 
>>> Ring levels:
>>> 0:    Members
>>> 1:    Non-members with keys
>>> 2:    Everyone else
>>> 3:    https://noisebridge.net/wiki/85.5 (asked to leave once)
>>> 4:    https://noisebridge.net/wiki/86
>>> 
>>> The requirements for entry into these rings are:
>>> 0:    Paying money; https://www.noisebridge.net/wiki/Membership
>>> 1:    Being deemed a hacker, and/or being around at the right time
>>> 2:    [default]
>>> 3:    Being lame
>>> 4:    Being evil
>>> 
>>> Currently, the privileges contained within each ring appear to be as follows:
>>> 0:    Member shelves; participating in consensus decisions
>>> 1:    Not needing to use the buzzer
>>> 2:    Using the space 24/7; using the kitchen; using the refrigerator; reserving use of the kitchen; using the bathrooms; attending classes; conducting classes or meetings in the classrooms; hanging out in the classrooms and not conducting classes; hacking; not hacking; hanging around in the library; discussing the politics of homelessness; using the computers to play Runescape; using the NES to play Wizards and Warriors; buzzing people in; inviting people in; using the laser cutter; using the 3D printers...
>>> 3.    Coming to Tuesday member meetings to discuss their status
>>> 4.    [empty set]
>>> 
>>> I don't know about you, but I think that this model is about as secure as Windows XP. Sure, we can keep patching Internet Explorer's security holes as we find them, but as long as we give so many privileges to our regular applications we're gonna have problems. I think we can do better.
>>> 
>>> Here is what I propose:
>>> 
>>> Ring levels:
>>> 0:    Members
>>> 1:    Friends of NB
>>> 2:    Guests of NB
>>> 3.    Class attendees
>>> 4.    General public
>>> 5.    Tempban
>>> 6.    Permaban
>>> 
>>> Requirements for being in each ring:
>>> 0:    Paying money; https://www.noisebridge.net/wiki/Membership
>>> 1:    Vouched for by 1 Member as being sane and competent in hack fu
>>> 2:    Sponsored by a Friend for up to 4 hours, or a Member; must wear a label with the sponsor's name and expiration time
>>> 3:    Being in the right place at the right time
>>> 4:    [default]
>>> 5:    Being deemed a jerk by 1 Member or 3 Friends, or being deemed dangerous by anyone
>>> 6:    Being deemed dangerous by 1 Member, or being deemed undesirable by a consensus meeting
>>> 
>>> Privileges within each ring:
>>> 0:    Member shelves; consensus decisions; beFriending; unFriending; sponsoring guest-lectures and classes run by non-Friends; unlimited sponsorship of Guests while present; right to arbitrarily boot anyone in ring 1 or above (unless opposed by another Member); right to arbitrarily tempban anyone in ring 2 or above
>>> 1:    Key/access code; unsupervised 24/7 access to the space; unsupervised use of expensive tools (e.g. laser cutter); running classes; reserving the kitchen or classrooms; right to create "do not hack" labels (e.g. in refrigerator); booting or tempbanning of ring 2 and above with 2 other supporting Friends; sponsorship of 1 Guest at a time for no more than 4 consecutive hours per Guest; unilaterally booting one's own Guest; buzzing people in (but must check that person's status before letting them roam around the space)
>>> 2:    Access to space while a sponsor is present; supervised use of expensive tools; unsupervised use of everything else (including       kitchen and computers)
>>> 3:    Attending classes; using the bathrooms; limited kitchen access (no cooking or refrigerator access)
>>> 4:    Same rights as Guest during Open Hacking hours (e.g. M-F 0900-1700, plus one night a week); otherwise, must be actively supervised by a Member or Friend
>>> 5:    Coming to Tuesday meetings to discuss their status
>>> 6:    [empty set]
>>> 
>>> This would put most non-hackers in ring 2 or above. Sponsorship is intended to be casually given; being someone's sponsor is acknowledging responsibility to mediate any disputes that might arise. For example, if Friend Fred sponsored skeezy Guest Scooter, and good Guest Gwen didn't like Scooter, she could take a look at Scooter's nametag, see that he was sponsored by Fred, and talk to Fred about Scooter's status and behavior. Fred then has the option of either mediating the dispute and trying to get Scooter's skeeziness under control, explicitly booting Scooter, ignoring Gwen's complaint, or simply revoking his Guest sponsorship and letting him either find another sponsor or leave.
>>> 
>>> For becoming a Friend, the "competent in hack fu" requirement was chosen over "interested in learning hack fu" because it's easier to verify actual hack fu than simple interest, and true interest usually results in at least some degree of competence if it is sustained (unless the person is just dumb, but I suspect we won't want dumb Friends anyway).
>>> 
>>>     -------
>>> 
>>> Whatcha think? I don't know if I'll be able to make it to the Thursday discussion group (might be returning to LA before then),       so one of you might have to adopt the advocacy of this plan if you       like it.
>>> 
>>> Jonathan
>>> 
>>> 
>>> _______________________________________________
>>> Noisebridge-discuss mailing list
>>> Noisebridge-discuss at lists.noisebridge.net
>>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>> _______________________________________________
>> Noisebridge-discuss mailing list
>> Noisebridge-discuss at lists.noisebridge.net
>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20120217/8a1ad18c/attachment.htm 


More information about the Noisebridge-discuss mailing list