[tor-bugs] #2671 [Tor Relay]: Better communication for authority operators, core developers in emergency situations
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Mar 8 19:44:12 UTC 2011
#2671: Better communication for authority operators, core developers in emergency
situations
-----------------------+----------------------------------------------------
Reporter: nickm | Owner:
Type: task | Status: new
Priority: normal | Milestone:
Component: Tor Relay | Version:
Keywords: | Parent: #2664
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Description changed by nickm:
Old description:
> When in danger or in doubt,
> run in circles, scream and shout!
> - traditional motto, possibly naval.
>
> When the bug behind #2664 happened, it took us a few hours to notice.
> That was bad, and #2666 is about trying to notice such situations faster.
> But another problem is that even after we noticed, it still took a while
> to sort out who knew how best to contact which operators. Probably
> developers should get contacted to in the
>
> We should figure out, for each authority operator and core developer[*],
> the best two or three ways to contact them in the case of an emergency.
> If these ways are not something we want to publish (e.g., phone numbers),
> a few people should know them, and all Tor people should know who those
> people are and how to contact them in a hurry.
>
> We should have some emergency-response mechanisms in place. If
> communications are security-sensitive, we should have a way to deal with
> it in place, rather than the current approach of "send gpg-encrypted
> email to those people whose keys you happen to have" or "immediately go
> dark, use OTR to talk pairwise to people you know". Those approaches
> scale badly; we can probably do better.
>
> We should also have planned responses for emergency events like "A key
> server looks like it might have been compromised"; "somebody has reported
> a vulnerability"; "somebody has disclosed a vulnerability"; "one or more
> authorities have gone down strangely;" "looks like the network is
> crashing;" and so on.
>
> [*] "core developer" is here defined as "a developer who is likely to
> needed urgently when something breaks."
New description:
When in danger or in doubt,
run in circles, scream and shout!
- traditional motto, possibly naval.
When the bug behind #2664 happened, it took us a few hours to notice.
That was bad, and #2666 is about trying to notice such situations faster.
But another problem is that even after we noticed, it still took a while
to sort out who knew how best to contact which operators. Probably
developers should get contacted too, so they can be available to deal with
bad/urgent bugs.
We should figure out, for each authority operator and core developer[*],
the best two or three ways to contact them in the case of an emergency.
If these ways are not something we want to publish (e.g., phone numbers),
a few people should know them, and all Tor people should know who those
people are and how to contact them in a hurry.
We should have some emergency-response mechanisms in place. If
communications are security-sensitive, we should have a way to deal with
it in place, rather than the current approach of "send gpg-encrypted email
to those people whose keys you happen to have" or "immediately go dark,
use OTR to talk pairwise to people you know". Those approaches scale
badly; we can probably do better.
We should also have planned responses for emergency events like "A key
server looks like it might have been compromised"; "somebody has reported
a vulnerability"; "somebody has disclosed a vulnerability"; "one or more
authorities have gone down strangely;" "looks like the network is
crashing;" and so on.
[*] "core developer" is here defined as "a developer who is likely to
needed urgently when something breaks."
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2671#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list