ADMIN: Adjustment of mod powers
Amanda
editor at texas.net
Wed Nov 5 14:26:22 UTC 2003
Members of FAQ--
As some of you may know, over a year ago, there was a disaffected
member of the main list. She had issues with some of the then-
moderators of the list.
A friend of this person hacked into the account of two of the
moderators; they set one of them to have the power to "delete list"
and did just that. Deleted the entire main list. Everything. Gone.
The then-admin team leaped into action; and with great difficulty,
managed to get the files restored; and set up security measures to
avoid this type of occurrence in future.
We are a much, much larger list now and the potential for
disaffection, with the commensurate lessening of personal
relationships and familiarity, is larger as well. Because of this,
all members of the admin team observe certain security precautions,
still.
One of the measures that had been implemented on all HPfGU lists up
to now, aside from this one, is controlling who has the ability to
change the moderator powers of other moderators. Understand: there
are several "moderator powers": approving posts, approving members,
removing members, banning people, changing other moderators'
abilities, and deleting the list. A moderator is anyone who exercises
*any* of these powers.
A moderator with the ability to change others' abilities is able to
go in and add or delete powers to other moderators. Up until
yesterday, *everyone* who was a moderator on this list had this power.
Something like 31 of us.
The outbreak of controversy on this list has sharpened our concern
that this list had so many people with this power and did not observe
this security measure as the other HP4GU lists do. Any one of the
moderators on this list could be hacked into and this list deleted.
Or any one of the moderators on this list could themselves do this.
This is how we lost the main list. And that was a terrible time and
we never want to go through that again; we can't even contemplate the
amount of dedicated work that would be lost if anything happened to
the FAQ list.
So, because of these security concerns, night before last, three MEGs
[Amanda, Dicey, and Kelley] made an executive decision and made the
following changes:
-- Everyone who was a moderator, is still a moderator.
-- We removed the ability to ban and to change other people's
settings from all but the following people (all familiar with the
personal security measures, as well):
Ali
Abigail
Heidi
Paul K.
Debbie
Sheryll
Phyllis
--Following this action, yesterday morning Sheryll also deleted
the "remove members" ability, closing another security concern.
We stress: this was an interim security measure and has not changed
anyone's moderator status. No further changes will be made without
FAQ's input.
We further stress: as an interim measure, it can and should be
revisited. FAQ is an HP4GU list and MEG will be a part of the
decision as to who has moderator authority and/or powers on FAQ, but
the FAQ members and FAQ input are a vital factor as well. When a non-
interim MEG liaison has been identified, and an optimal number of
moderators determined, that liaison will work with FAQ to organize a
moderator selection process.
~Amanda
More information about the HP4GU-FAQ
archive