Wikimedia Security Team/Documentation/cleanup notes
Thoughts/Notes/Reference[edit]
some notes https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Index :)
wiki/security as a portal (https://wikitech.wikimedia.org/wiki/Portal:Wikitech ) rather than foo/bar/baz? https://wikitech.wikimedia.org/wiki/Portal:Cloud_VPS/Admin/Maintenance reference No portal namespace on mw.o !! So yes just a portal-esque design at /wiki/Security
https://infosec.mozilla.org/ https://www.mozilla.org/en-US/security/
Need to annotate 'policy' vs Policy (security policy ala official template and process https://meta.wikimedia.org/wiki/Category:Policies_maintained_by_the_Wikimedia_Foundation
mw main landing page must acknowledge more than mw scope mw could use an almost sub-portal for training/documentation/guides/best practices not speciffially WMF or WMF process related
meta page on the what/why/where of docs and flow
mw landing page/portal more than mw is reall life, palpable?
When to mark things as
This page is obsolete. It is being retained for archival purposes. It may document extensions or features that are obsolete and/or no longer supported. Do not rely on any information on this page. |
or
This page is outdated. |
or ... -- https://www.mediawiki.org/wiki/Documentation/Style_guide/templates#Fixme_Historical_Outdated_Update
Or soft-redirect? https://www.mediawiki.org/wiki/Template:Soft_redirect -- similar result to https://www.mediawiki.org/wiki/Template:Archived_extension
Add a "See also" section to main Security pages on each wikis that interlinks the various landing pages (policies are over here, SOP, here, team, here, etc.)
Keep in mind which pages really must be translatable.
don't move pages with subpages without magic (especially translated subpages)
edit summaries to be friendly on mw
Mediawiki.org[edit]
Create
https://www.mediawiki.org/wiki/security/docs https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Draft https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Proposals https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Proposals/Archived https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Policy https://www.mediawiki.org/wiki/Security/Policy
Keep
https://www.mediawiki.org/wiki/Wikimedia_Technology/Annual_Plans/FY2019/CDP1:_Privacy,_Security,_and_Data_Management/CDP_Budget_Segment_2/Goals#Status_2 https://www.mediawiki.org/wiki/Security_for_developers (link from https://www.mediawiki.org/wiki/Security/Policy ) https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Thanks
Keep and Move
https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Password_strengthening_2019 => https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Proposals https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Policy/Proposed => https://www.mediawiki.org/wiki/Security/Policy/Proposed
Keep and Edit
https://www.mediawiki.org/wiki/Wikimedia_Security_Team https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Volunteers https://www.mediawiki.org/wiki/Security https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Policy/Access_to_security_issues (convert to https://office.wikimedia.org/wiki/Security_SOP_Template )
Redirect
https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Standard_Operating_Procedure/ => https://www.mediawiki.org/wiki/Security/SOP https://www.mediawiki.org/wiki/Reporting_security_bugs => https://www.mediawiki.org/wiki/Security/reporting_bugs
Move & Edit
https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Training (also see https://www.mediawiki.org/wiki/Security_for_developers ) https://www.mediawiki.org/wiki/Phan-taint-check-plugin
REDIRECT soft / hard or mark
This page is obsolete. It is being retained for archival purposes. It may document extensions or features that are obsolete and/or no longer supported. Do not rely on any information on this page. |
etc
https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Privacy_roadmap https://www.mediawiki.org/wiki/Wikimedia_Security_Team/ApplicationScanning https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Vulnerability_scanning https://www.mediawiki.org/wiki/Security_auditing_and_response https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Roadmap https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Goals_201516 https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Goals_2016-2017 https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_review_template https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Password_strengthening_2019 -- maybe not this https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_reviews/What_we_are_looking_for https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Metrics https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_for_libraries https://www.mediawiki.org/wiki/Does_my_application_need_a_security_review https://www.mediawiki.org/wiki/Wikimedia_Security_Team/WMF_Engineering_risk_assessment
office.wikimedia.org[edit]
Create
https://office.wikimedia.org/wiki/Security https://office.wikimedia.org/wiki/Security/Policy https://office.wikimedia.org/wiki/Security/Policy/Draft https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Onboarding
Keep
https://office.wikimedia.org/wiki/Wikimedia_Security_Team/investigating_incidents https://office.wikimedia.org/wiki/Wikimedia_Security_Team/AWS_EC2_instance_(Kali) (link back to team page) https://office.wikimedia.org/wiki/Office_IT/Information_Security (link from w/security https://office.wikimedia.org/wiki/Security_Cameras (link from w/security) https://office.wikimedia.org/wiki/Privacy_breach_protocols (link from w/security) https://office.wikimedia.org/wiki/Privacy_by_Design_Policy (link from w/sec) https://office.wikimedia.org/wiki/Data_access_guidelines (link from w/sec)
Keep and Move
https://office.wikimedia.org/wiki/Security_Basics => https://office.wikimedia.org/wiki/Security/Training/Basics https://office.wikimedia.org/wiki/Security_Policies/Password_Policy => https://office.wikimedia.org/wiki/Security/Policy/Password_Policy (make a redirect to canonical?) https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Incident_Response => => https://office.wikimedia.org/wiki/Security/Policy/Draft/Incident_Response https://office.wikimedia.org/wiki/Security_Policies/Data_Classification => https://office.wikimedia.org/wiki/Security/Policy/Data_Classification https://office.wikimedia.org/wiki/Security_Policies/Risk_Management => https://office.wikimedia.org/wiki/Security/Policy/Risk_Management https://office.wikimedia.org/wiki/Security_Policies/Supplier_Security_Addendum => https://office.wikimedia.org/wiki/Security/Policy/Draft/Supplier_Security_Addendum https://office.wikimedia.org/wiki/Security_Policies/Vulnerability_Matrix => https://office.wikimedia.org/wiki/Security/Policy/Draft/Vulnerability_Matrix https://office.wikimedia.org/wiki/Security_Strategy_2019 => https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Strategy_2019 (link back to team page) https://office.wikimedia.org/wiki/Security_Policy_template => https://office.wikimedia.org/wiki/Security/Templates/Policy https://office.wikimedia.org/wiki/Security_SOP_Template => https://office.wikimedia.org/wiki/Security/Templates/SOP https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Onboarding_David_Sharpe => https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Onboarding/David_Sharpe https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Onboarding_David_Sharpe/sessions => https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Onboarding/David_Sharpe/Sessions https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Onboarding_Michal_Anna => https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Onboarding/Michal_Anna
Keep and Edit
https://office.wikimedia.org/wiki/Wikimedia_Security_Team (header points to mw and below content is office private ONLY) https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Onboarding (remove draft)
Redirect
https://office.wikimedia.org/wiki/Security_Policies => https://office.wikimedia.org/wiki/Security/Policy
Move & Edit
REDIRECT soft / hard or mark
This page is obsolete. It is being retained for archival purposes. It may document extensions or features that are obsolete and/or no longer supported. Do not rely on any information on this page. |
etc
https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Cloud_VPS_instance_(adhoc-utils01.security-tools) https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Index https://office.wikimedia.org/wiki/Wikimedia_Security_Team/Service:_Security_Reviews https://office.wikimedia.org/wiki/Office_IT/Security_Review_2016 https://office.wikimedia.org/wiki/SIEM_Evaluation_Project
wikitech.wikimedia.org[edit]
Create https://wikitech.wikimedia.org/wiki/Security/ Nope, per trailing slash discussion
Keep
https://wikitech.wikimedia.org/wiki/Security_update https://wikitech.wikimedia.org/wiki/How_to_perform_security_fixes
Keep and Move Keep and Edit
https://wikitech.wikimedia.org/wiki/Security or redirect to portal? https://wikitech.wikimedia.org/wiki/Nova_Resource:Security-tools (ref from main portal)
REDIRECT soft / hard or mark
This page is obsolete. It is being retained for archival purposes. It may document extensions or features that are obsolete and/or no longer supported. Do not rely on any information on this page. |
etc
Move & Edit Remove / Archive
meta.wikimedia.org[edit]
Create https://meta.wikimedia.org/wiki/Security/
Keep
https://meta.wikimedia.org/wiki/Wikimedia_Foundation_v._National_Security_Agency/FAQ (from landing)
Keep and Move
https://meta.wikimedia.org/wiki/Password_policy -- should be on foundation.wm.o and translated ala privacy policy? /wiki/security/policy/password
Keep and Edit
https://meta.wikimedia.org/wiki/Security ...keep but kill redirect, make portal or landing page
Redirect Move & Edit
REDIRECT soft / hard or mark
This page is obsolete. It is being retained for archival purposes. It may document extensions or features that are obsolete and/or no longer supported. Do not rely on any information on this page. |
etc