Changes for page Chris Short

Last modified by ChrisShort on 2020/02/28 15:25
<
From version < 12.2 >
edited by LuisVilla
on 2020/02/27 18:37
To version < 12.4 >
edited by ChrisShort
on 2020/02/28 15:19
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.LuisVilla
1 +XWiki.ChrisShort
Content
... ... @@ -24,7 +24,7 @@
24 24  
25 25  The dot-com bubble burst and with no other options, off to the US Air Force for a technical role I went. Once in technical training, it was surprising to see how unstable and insecure the systems were (these were government systems, right?). I got in trouble one day for exploiting an oversight in the schoolhouse systems to message every classroom simultaneously kicking off dozens of messages flying across the network completely disrupting all learning. I got my butt chewed, sure. But, then I helped explain what I did and how to mitigate that risk and a few others. Months later, at my first duty station, an opportunity to learn by taking part in Joint Expeditionary Force Experiment 2000 was my assignment. This Experiment was to test new ways to adapt to changing conditions in the battlespace, which included red/blue infosec teams trying to ward each other off.
26 26  
27 -We hit a problem with some new network gear and the monitoring system we were using. There were many interfaces across the network that we couldn't monitor because our monitoring system required additional licenses to monitor SNMP devices. We knew attacks were imminent and the government acquisition system was not going to work in our favor. Enter open source software: I ran an idea up my chain of command. Upon approval, a mentor and I went off and grabbed a handful of spare parts off an equipment self. We cobbled together a modest Linux server. I spent a week carrying around a book titled, 'Unix Hints and Hacks' much to the chagrin of senior leadership. "Who was this hacker in our NOSC experimenting with new equipment and that evil Linux thing?"
27 +We hit a problem with some new network gear and the monitoring system we were using. There were many interfaces across the network that we couldn't monitor because our monitoring system required additional licenses to monitor SNMP devices. We knew attacks were imminent and the government acquisition system was not going to work in our favor. Enter open source software: I ran an idea up my chain of command. Upon approval, a mentor and I went off and grabbed a handful of spare parts off an equipment shelf. We cobbled together a modest Linux server. I spent a week carrying around a book titled, 'Unix Hints and Hacks' much to the chagrin of senior leadership. "Who was this hacker in our NOSC experimenting with new equipment and that evil Linux thing?"
28 28  
29 29  Within a few days, we had used [[nmap>>url:https://nmap.org/]], [[MRTG>>url:https://oss.oetiker.ch/mrtg/]], [[Apache httpd>>url:http://httpd.apache.org/]], and a handful of other open source tools to better lock down the network and build a network monitoring and utilization dashboard system. That would allow us to see anomalies graphed in real-time and react to them accordingly. Attacks did come, we were able to see an influx of activity at the network boundary and begin the work to thwart it while paying closer attention to internal systems for signs of compromise. The experiment ended in great success. Since we had created the only place in the Air Force that could monitor this new gear, my work center inherited directly from the vendor a bleeding-edge VoIP system for us to tinker with before it went for testing in early 2001.
30 30  
XWiki.XWikiComments[0]
Date
... ... @@ -1,1 +1,1 @@
1 -2020-02-27 18:37:38.905
1 +2020-02-27 18:37:38.0
XWiki.XWikiComments[1]
Author
... ... @@ -1,0 +1,1 @@
1 +XWiki.ChrisShort
Comment
... ... @@ -1,0 +1,18 @@
1 +Hi Luis,
2 +
3 +First of all, thank you for asking these questions and thank you for taking an active part in this election. I'll forgive you for the length of your questions if you can forgive me for the length of my answers:
4 +
5 +
6 +1. OSI should be in the business of maintaining an environment where open source software can be contributed to in a healthy and positive manner. This is not a simple task on a global level but, its purpose should be to make sure that folks know about open source and the potential it brings.
7 +
8 +2. The OSI board should govern as much or as little as the community sees fit. It is not for the board to determine its hours; that's up to the members and the community. If they see fit to give the board of directors enough work to fill a workweek, then I hope they are ready to deal with the outcomes of that decision. If the members and community see fit to give the board little to do, that's its decision as well. The board also doesn't have to sit idle either. This is a team activity. There's a little more in my answer to #4 as well.
9 +
10 +3. Change is constant, especially in this industry. The primary purpose of any governing body is to manage change and continue peaceful transitions of leadership throughout the life of the body. I can see how you could think this is a binary thing but, I see it as a far more fluid situation. It's not OSI's job to do one or the other. It's OSI's job to stabilize or steward in a manner dependent on the circumstances and consistent with the needs of its members.
11 +
12 +4. OSI can do more as far as outreach goes, in my opinion. It could probably do more polling of its members to gauge happiness and objectives too. At the very least, part of the answer to question #2 is here. I would propose a goal of the organization would be to build as many partnerships with as many open source programs as possible. We also need to work to engage our members effectively so that members are spreading our message more. This means we need to spread the word ourselves first.
13 +
14 +5. I answered this one already, "Open source software has done nothing but provide opportunity after opportunity in my life. It should be cared for and maintained so that everyone willing can benefit from it as much as I have (hopefully more)."
15 +
16 +6. I was in the grocery store the other day browsing through coffee (looking for anything new from a local brand). I noticed one brand had six government or organizational certification logos banded around the back; fair trade, shade-grown, organic, and so on. Why couldn't other standards bodies around fair pay, equality, work/life balance, etc. stand up to certify software in the same way my coffee beans are? I would welcome friendships with any organization working effectively to better open source software and its communities.
17 +
18 +I hope that answers your questions!
Date
... ... @@ -1,0 +1,1 @@
1 +2020-02-28 04:06:39.0

Submit feedback regarding this wiki to webmaster@opensource.org

This wiki is licensed under a Creative Commons 2.0 license
XWiki 14.10.13 - Documentation