better communicate who has access to what

[chadwhitacre]

Received the following IRC snippet from @ribasushi in private email:

A: Also, a somewhat disconcerting part of that company's business policy: "Don’t compensate employees. Employees of an open company don’t earn a wage or salary or receive benefits from the company. Their only distinction from non-employees is their access to sensitive data, such as private customer data, passwords, and detailed financial information."
A: So basically, they got a bunch of unpaid volunteers with their hands on thousands of credit card numbers+personal info.
B: fun fun
A: ... I wonder if they're hiring... >:}

We should do a better job of communicating who has access to what, to dispel this kind of FUD.

[chadwhitacre]

Ideally/eventually this needs to be automated, across all systems we use. Hmm ... this should probably be part of building.gittip.com, so perhaps I should reticket over there?

[ribasushi]

A simple start would be

Currently there are N people (detailed list, members of team-gittip(right?)) with access to the operation servers, data etc. This is not the final state of affairs, we are currently in the process of finalizing the legal details of this with a lawyer (you are, right?:), and an updated/streamlined hierarchy/bylaws/etc will show up on this page when ready.

You are off to a great start, don't let security-through-obscurity subtract from your credibility.

[zbynekwinkler]

Ideally/eventually this needs to be automated, across all systems we use

We should not let this requirement stop us from publishing this info. There is so few of us that and the list changes so very little that hand updates are more than acceptable.

[ribasushi]

@zwn +1

[chadwhitacre]

You're right. For the record, though, this gets the list of collaborators for Heroku:

curl https://api.heroku.com/apps/gittip/collaborators -H "Accept: application/vnd.heroku+json; version=3" -H "Authorization: Bearer ${APIKEY}"

That gives us a guid and an email, but we want to link to profiles on Gittip.

[chadwhitacre]

Really what we want is the other way around: a facility in Gittip to mark certain accounts has having this or that access, and then updating ACLs as appropriate.

[chadwhitacre]

Short story:

• Heroku: @whit537 @bruceadams @clone1018 @zwn, also @kennethreitz (employed by Heroku, explicitly listed w/ access)
• Digital Ocean: @whit537, @rummik (root access to gttp.co server), @seanlinsley (deploy access to gttp.co)
• GitHub: @whit537 @bruceadams @clone1018 @zwn ("owners" team for @gittip)
• Sentry: @whit537 @bruceadams @clone1018 @zwn @patcon @rummik @seanlinsley
• Google Analytics: @clone1018 @rummik @abnor @seanlinsley @whit537 @patcon
• Supportbee: @whit537 @bruceadams @clone1018 @zwn @patcon
• Balanced: @whit537 @clone1018 @bruceadams
• Coinbase: @whit537
• PayPal: @whit537
• New Alliance: @whit537
• Ally: @whit537
• Owner of LLC: @whit537

[ribasushi]

Erm... and who watches the watch^WSentry (whatever it is)? :)
Ah that was a partial list... wow that's a big list ;)

[clone1018]

!m @whit537

[chadwhitacre]

@ribasushi Sorry, fired comment too early. Refresh for filled out listing.

[patcon]

This discussion is totally important, so thanks @ribasushi.

So we have a sense internally who we trust, but perhaps we could use a service like TrustCloud to help outsiders see at a glance that there are real reputations at stake?
https://trustcloud.com/

TrustCloud essentially encourages users to hook up all their social media accounts, so that it can build a metadata record of your activity and history, and assign a simple score. Here's mine (and via the API.) So someone with a facebook account for 6 years with posts that regularly see activity will get a higher score/badge than a dead dummy account.

[chadwhitacre]

That's actually really interesting, @patcon. Definitely a service to know about, especially once we start to reach the limits of our current anti-fraud infrastructure.

[clone1018]

Updated the list.

[pjf]

@clone1018: Where's the list? Is it the one in the comments above, because if so that's hard to find. I imagine ideally we'd want it on http://building.gittip.com/ , yes?

[rummik]

That list is a little incomplete still if it's the one @whit537 gave. I have access to the gttp.co server on Digital Ocean (and @seanlinsley has access to deploy)

[clone1018]

Yes, I am talking about @whit537's comment above.

You're right @pjf we need to complete the list and move it to building.gittip.com.

[patcon]

@rummik I started to update the comment with your input, but am not clear enough to update confidently (ex: access to all of digital ocean? ssh access to instance? heroku access on gttp.co app only? etc etc?)

Would you mind updating the comment yourself? :)

@pjf totally not ideal, but it's just been a simple place for us to add stuff in the meantime (saying access? in IRC brings up the link)

[rummik]

@patcon Do the changes I made make sense?

[patcon]

looks great. thanks very much

[seanlinsley]

(makes me wish comments on GitHub were versioned like they are on Stack Overflow)

[clone1018]

Updated: added @clone1018 and @bruceadams to Balanced.

[patcon]

@whit537 I know we're avoiding the wiki, but can we turn it on just to store something simple like this? It's versioned and easy for anyone to edit on the fly, right? Thoughts guys?

[chadwhitacre]

Building Gittip docs are almost as easy to write as a wiki page. They're basically markdown. Write a Building Gittip doc! :-)

[chadwhitacre]

As a first pass at this, I've copied #2028 (comment) to http://building.gittip.com/appendices/access.