Security culture: Miro Letter

1 view
Skip to first unread message

Bill Oetjen

unread,
May 18, 2012, 9:59:04 AM5/18/12
to burlington_d...@googlegroups.com, Jonathan Leavitt, annie jordan, Matt Cropp

Hi Folks,
One of the recipients of the draft expressed a concern arising from handing over our googlegroup addresses to political officials.  That's a concern I hadn't  contemplated.
As a work-around,  I could offer a zombie e-mail address, one that I never use, to receive and relay correspondence from city hall.
Other suggestions?

Thanks, and Solidarity,

Bill

Eric Davis

unread,
May 18, 2012, 2:19:51 PM5/18/12
to burlington_d...@googlegroups.com, Jonathan Leavitt, annie jordan, Matt Cropp
As a point of information in regards to security, communication that happens via googlegroups, at least our particular googlegroup is out in the open (maybe it is possible to close them? Though personally I like the transparency.) Anything that is written to the googlegroups address can be seen by the world. In addition this googlegroup is also listed publicly on occupyburlington.org


In my opinion for communication with the mayor that avenue preferable as the conversation will be transparent and a matter of public record. 

It is something we need to be sensitive of when planning actions though...

William Oetjen

unread,
May 18, 2012, 2:40:48 PM5/18/12
to burlington_d...@googlegroups.com, Jonathan Leavitt, annie jordan, Matt Cropp



There's a story about some folks who endeavored to design a horse by committee.

Something about ending up with a camel.


Anyway, writing, then editing by open source, a letter, particularly one as sensitive as this, has been an exercise for me.

I share your analysis of the relative security of exposing our googlegroups vs. using a third-party address as a blind.   Not fully convinced that ANY security blanket or firewall we employ will make a bit of difference in the end.   But, if any interested Occupier is willing to block it, we ought to consider alternatives.    The zombie address can be made open to the whole googlegroup, or any interested, bona fide Occupier if they wish it.   All I have to do is publish the address and the unique password.  
But that creates even greater security issues:
anyone with the pw could change the pw, locking out anyone else;
" " " could send misleading messages to anyone else;

and likely more potentially destructive ones.  

So, for the moment, I'll ask everyone to hold space for me, and trust me to make a safe, responsible judgment call and err on the side of security for our movement.   Bear in mind, if any  question ever arises about transparency, any citizen may contact the mayor's office and request the documents as a matter of public record.

We can work this out in public at our next GA, Saturday, Noon.

Thank you for sharing your concern,

In Solidarity,

Bill Oetjen

373-4568
Reply all
Reply to author
Forward
0 new messages