SlideShare a Scribd company logo

OSSEU18: Making Decisions without Consensus - George Dunlap, Citrix

The Linux Foundation
The Linux Foundation

Healthy open-source communities usually include a wide range of people with very different ideologies, goals, values, and points of view; from anarchists to CEOs of major corporations. The normal approach for making decisions that affect the entire community should be an attempt to reach consensus through discussion. But what if you're attempting to make a decision which is critically important, but for which you know there are irreconcilable differences in the community? The XenProject community had such a decision to make in the wake of the XSA-7 security issue. This talk will cover the approach we took which (we think) allowed us to find a "center of gravity" for the community, and allowed everyone to feel that their viewpoint was considered, in the spite of the lack of any option with clear consensus. We hope this will help other communities navigate similarly difficult waters.

Technology
1 of 33
Download to read offline
Making community decisions in the absence of consensus George Dunlap XenProject Committer
[thinking ahead]
The Issue
XenProject Security Process • A well-known place to report vulnerabilities • A structured way of announcing vulnerabilities to users • A pre-disclosure list
Pre-disclosure
XSA-7: Intel SYSRET
Discussion goals • Find the best solution • Do it in a way which everyone felt their voice was heard
ONE Make sure you have a fall-back in case consensus can’t be reached
Process isn’t necessary — until it is
ONE Make sure you have a fall-back in case consensus can’t be reached
TWO Have an online discussion but don’t stop there.
Online discussions are great for… • Identifying important factors • Clarifying thinking • Exploring possible solutions • Understanding implications, pros and cons of different options
Online discussion: Weaknesses • Favor people who… • Like to argue • Are articulate, have a high command of English, or type quickly • Sociological: Favor people who… • Feel like they’re in the “in” crowd • Think their opinion will be popular • Hide silent agreement
Social factors and silent argument : Debian systemd discussion
TWO Have an online discussion but don’t stop there.
THREE Summarize the major positions and hold a five-point survey
Four options • No pre-disclosure • Pre disclosure to software providers only • Pre disclosure to software providers and a small number of public cloud providers • Pre disclosure to software providers most public cloud providers
Five-point survey • Based on “Identify the Champion” • For each option, ask people to rate it: • This is a great idea, and I would argue for it • I am happy with this idea, but I would not argue for it • I am not happy with this idea, but I would not argue against it • This is a terrible idea, and I would argue against it • No opinion
Further details • “Other options / comments” box • Anonymous or named? • Allow anonymous votes but say votes with a name attached would be given more weight • Two-week survey window, announced publicly
Outcome • 33 survey responses • Only 4 anonymous votes • Other 29 were a good mix: • Developers • Distributions • Both large and small cloud providers
FOUR Look for the “center of gravity”
Things to look for • Good: Total approval vs total opposition • Bad: Polarized options, particularly divided by sub-group • Good: Options that are opposed for opposite reasons
No pre-disclosure This is a great idea Happy with this idea Not happy with this idea This is a terrible idea No opinion 0 5 10 15
Software providers only This is a great idea Happy with this idea Not happy with this idea This is a terrible idea No opinion 0 5 10 15
Software and large cloud providers This is a great idea Happy with this idea Not happy with this idea This is a terrible idea No opinion 0 5 10 15
Software and all cloud providers This is a great idea Happy with this idea Not happy with this idea This is a terrible idea No opinion 0 5 10 15
FIVE Write up a concrete proposal
Recap • Make sure you have a fall-back if consensus fails • Have on online discussion, but don’t stop there • Summarize the major options and run a five-point survey • Analyze the data to find the “center of gravity” • Make a concrete proposal based on the findings
Questions Comments / criticism: George Dunlap <george.dunlap@citrix.com> References: XenProject Security Policy (including pre-disclosure list) https://www.xenproject.org/security-policy.html Identify the Champion http://scg.unibe.ch/download/champion/

Recommended

Starting an Open Source Project: 0-100k Users - China Mobile Summit 2015 - EN
Starting an Open Source Project: 0-100k Users - China Mobile Summit 2015 - ENStarting an Open Source Project: 0-100k Users - China Mobile Summit 2015 - EN
Starting an Open Source Project: 0-100k Users - China Mobile Summit 2015 - ENDan Cuellar
 
Creating a constructive comment culture
Creating a constructive comment cultureCreating a constructive comment culture
Creating a constructive comment cultureDaniel_Rhodes
 
Shure Design Jam: Collaborative Spaces
Shure Design Jam: Collaborative SpacesShure Design Jam: Collaborative Spaces
Shure Design Jam: Collaborative SpacesJackie Wolf
 
Jeff Katz on Prototyping
Jeff Katz on PrototypingJeff Katz on Prototyping
Jeff Katz on PrototypingJeff Katz
 
Xen Project Contributor Training Part2 : Processes and Conventions v1.1
Xen Project Contributor Training Part2 : Processes and Conventions v1.1Xen Project Contributor Training Part2 : Processes and Conventions v1.1
Xen Project Contributor Training Part2 : Processes and Conventions v1.1The Linux Foundation
 
Xen Project Contributor Training Part 2 - Processes and Conventions v1.0
Xen Project Contributor Training Part 2 - Processes and Conventions v1.0Xen Project Contributor Training Part 2 - Processes and Conventions v1.0
Xen Project Contributor Training Part 2 - Processes and Conventions v1.0The Linux Foundation
 
Intro to UX
Intro to UXIntro to UX
Intro to UXLegal Services National Technology Assistance Project (LSNTAP)
 
Online training
Online trainingOnline training
Online trainingKyle Dingler
 

Recommended

Starting an Open Source Project: 0-100k Users - China Mobile Summit 2015 - EN
Starting an Open Source Project: 0-100k Users - China Mobile Summit 2015 - ENStarting an Open Source Project: 0-100k Users - China Mobile Summit 2015 - EN
Starting an Open Source Project: 0-100k Users - China Mobile Summit 2015 - ENDan Cuellar
 
Creating a constructive comment culture
Creating a constructive comment cultureCreating a constructive comment culture
Creating a constructive comment cultureDaniel_Rhodes
 
Shure Design Jam: Collaborative Spaces
Shure Design Jam: Collaborative SpacesShure Design Jam: Collaborative Spaces
Shure Design Jam: Collaborative SpacesJackie Wolf
 
Jeff Katz on Prototyping
Jeff Katz on PrototypingJeff Katz on Prototyping
Jeff Katz on PrototypingJeff Katz
 
Xen Project Contributor Training Part2 : Processes and Conventions v1.1
Xen Project Contributor Training Part2 : Processes and Conventions v1.1Xen Project Contributor Training Part2 : Processes and Conventions v1.1
Xen Project Contributor Training Part2 : Processes and Conventions v1.1The Linux Foundation
 
Xen Project Contributor Training Part 2 - Processes and Conventions v1.0
Xen Project Contributor Training Part 2 - Processes and Conventions v1.0Xen Project Contributor Training Part 2 - Processes and Conventions v1.0
Xen Project Contributor Training Part 2 - Processes and Conventions v1.0The Linux Foundation
 
Intro to UX
Intro to UXIntro to UX
Intro to UXLegal Services National Technology Assistance Project (LSNTAP)
 
Online training
Online trainingOnline training
Online trainingKyle Dingler
 
Structure for Implementation.pptx
Structure for Implementation.pptxStructure for Implementation.pptx
Structure for Implementation.pptxCarlynJoyVillanueva2
 
A faster horse
A faster horseA faster horse
A faster horseJoan Wortman
 
Checking Your Privilege: A How-To for Hard Things
Checking Your Privilege: A How-To for Hard Things Checking Your Privilege: A How-To for Hard Things
Checking Your Privilege: A How-To for Hard Things Leslie Hawthorn
 
Opening up Open Source
Opening up Open SourceOpening up Open Source
Opening up Open SourceDerek Buitenhuis
 
Supercharge your Remote Facilitation
Supercharge your Remote FacilitationSupercharge your Remote Facilitation
Supercharge your Remote FacilitationSuzanne Morrison
 
The Open Source Community: Getting Started and Staying Involved
The Open Source Community: Getting Started and Staying InvolvedThe Open Source Community: Getting Started and Staying Involved
The Open Source Community: Getting Started and Staying InvolvedRichard Johnson
 
Designing Effective Strategic Planning Retreats
Designing Effective Strategic Planning RetreatsDesigning Effective Strategic Planning Retreats
Designing Effective Strategic Planning Retreats4Good.org
 
Daniel Burka's Design Workshop Slides: FOWD NYC 2009
Daniel Burka's Design Workshop Slides: FOWD NYC 2009Daniel Burka's Design Workshop Slides: FOWD NYC 2009
Daniel Burka's Design Workshop Slides: FOWD NYC 2009Daniel Burka
 
Testistanbul 2016 - Keynote: "The Story of Appium" by Dan Cuellar
Testistanbul 2016 - Keynote: "The Story of Appium" by Dan CuellarTestistanbul 2016 - Keynote: "The Story of Appium" by Dan Cuellar
Testistanbul 2016 - Keynote: "The Story of Appium" by Dan CuellarTurkish Testing Board
 
Theory research pro-forma
Theory research pro-formaTheory research pro-forma
Theory research pro-formayorkcollege
 
Managing community outrage webinar [autosaved]
Managing community outrage webinar [autosaved]Managing community outrage webinar [autosaved]
Managing community outrage webinar [autosaved]Matthew Crozier
 
Krueger Focus Group Research
Krueger Focus Group ResearchKrueger Focus Group Research
Krueger Focus Group ResearchLaurenShiels1
 
Constitutional Orgs
Constitutional OrgsConstitutional Orgs
Constitutional OrgsCitizen Code
 
Organizational Drama: A Leadership Perspective on Conflict
Organizational Drama: A Leadership Perspective on ConflictOrganizational Drama: A Leadership Perspective on Conflict
Organizational Drama: A Leadership Perspective on Conflict4Good.org
 
The business behind open source
The business behind open sourceThe business behind open source
The business behind open sourceGraham Weldon
 
Understanding Users
Understanding UsersUnderstanding Users
Understanding UsersAbby Covert
 
The Un-researched Persona
The Un-researched PersonaThe Un-researched Persona
The Un-researched Personanlemonier
 
How to Talk About Your Open Source Project So People Get It
How to Talk About Your Open Source Project So People Get ItHow to Talk About Your Open Source Project So People Get It
How to Talk About Your Open Source Project So People Get ItAll Things Open
 
Managing Conflict in Open Source Communities
Managing Conflict in Open Source CommunitiesManaging Conflict in Open Source Communities
Managing Conflict in Open Source CommunitiesAll Things Open
 
Build sh*t that matters
Build sh*t that matters Build sh*t that matters
Build sh*t that matters Nick Chickinelli
 
ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 

More Related Content

Similar to OSSEU18: Making Decisions without Consensus - George Dunlap, Citrix

Checking Your Privilege: A How-To for Hard Things
Checking Your Privilege: A How-To for Hard Things Checking Your Privilege: A How-To for Hard Things
Checking Your Privilege: A How-To for Hard Things Leslie Hawthorn
 
Supercharge your Remote Facilitation
Supercharge your Remote FacilitationSupercharge your Remote Facilitation
Supercharge your Remote FacilitationSuzanne Morrison
 
The Open Source Community: Getting Started and Staying Involved
The Open Source Community: Getting Started and Staying InvolvedThe Open Source Community: Getting Started and Staying Involved
The Open Source Community: Getting Started and Staying InvolvedRichard Johnson
 
Designing Effective Strategic Planning Retreats
Designing Effective Strategic Planning RetreatsDesigning Effective Strategic Planning Retreats
Designing Effective Strategic Planning Retreats4Good.org
 
Daniel Burka's Design Workshop Slides: FOWD NYC 2009
Daniel Burka's Design Workshop Slides: FOWD NYC 2009Daniel Burka's Design Workshop Slides: FOWD NYC 2009
Daniel Burka's Design Workshop Slides: FOWD NYC 2009Daniel Burka
 
Testistanbul 2016 - Keynote: "The Story of Appium" by Dan Cuellar
Testistanbul 2016 - Keynote: "The Story of Appium" by Dan CuellarTestistanbul 2016 - Keynote: "The Story of Appium" by Dan Cuellar
Testistanbul 2016 - Keynote: "The Story of Appium" by Dan CuellarTurkish Testing Board
 
Theory research pro-forma
Theory research pro-formaTheory research pro-forma
Theory research pro-formayorkcollege
 
Managing community outrage webinar [autosaved]
Managing community outrage webinar [autosaved]Managing community outrage webinar [autosaved]
Managing community outrage webinar [autosaved]Matthew Crozier
 
Krueger Focus Group Research
Krueger Focus Group ResearchKrueger Focus Group Research
Krueger Focus Group ResearchLaurenShiels1
 
Constitutional Orgs
Constitutional OrgsConstitutional Orgs
Constitutional OrgsCitizen Code
 
Organizational Drama: A Leadership Perspective on Conflict
Organizational Drama: A Leadership Perspective on ConflictOrganizational Drama: A Leadership Perspective on Conflict
Organizational Drama: A Leadership Perspective on Conflict4Good.org
 
The business behind open source
The business behind open sourceThe business behind open source
The business behind open sourceGraham Weldon
 
Understanding Users
Understanding UsersUnderstanding Users
Understanding UsersAbby Covert
 
The Un-researched Persona
The Un-researched PersonaThe Un-researched Persona
The Un-researched Personanlemonier
 
How to Talk About Your Open Source Project So People Get It
How to Talk About Your Open Source Project So People Get ItHow to Talk About Your Open Source Project So People Get It
How to Talk About Your Open Source Project So People Get ItAll Things Open
 
Managing Conflict in Open Source Communities
Managing Conflict in Open Source CommunitiesManaging Conflict in Open Source Communities
Managing Conflict in Open Source CommunitiesAll Things Open
 

Similar to OSSEU18: Making Decisions without Consensus - George Dunlap, Citrix (20)

Structure for Implementation.pptx
Structure for Implementation.pptxStructure for Implementation.pptx
Structure for Implementation.pptx
 
A faster horse
A faster horseA faster horse
A faster horse
 
Checking Your Privilege: A How-To for Hard Things
Checking Your Privilege: A How-To for Hard Things Checking Your Privilege: A How-To for Hard Things
Checking Your Privilege: A How-To for Hard Things
 
Opening up Open Source
Opening up Open SourceOpening up Open Source
Opening up Open Source
 
Supercharge your Remote Facilitation
Supercharge your Remote FacilitationSupercharge your Remote Facilitation
Supercharge your Remote Facilitation
 
The Open Source Community: Getting Started and Staying Involved
The Open Source Community: Getting Started and Staying InvolvedThe Open Source Community: Getting Started and Staying Involved
The Open Source Community: Getting Started and Staying Involved
 
Designing Effective Strategic Planning Retreats
Designing Effective Strategic Planning RetreatsDesigning Effective Strategic Planning Retreats
Designing Effective Strategic Planning Retreats
 
Daniel Burka's Design Workshop Slides: FOWD NYC 2009
Daniel Burka's Design Workshop Slides: FOWD NYC 2009Daniel Burka's Design Workshop Slides: FOWD NYC 2009
Daniel Burka's Design Workshop Slides: FOWD NYC 2009
 
Testistanbul 2016 - Keynote: "The Story of Appium" by Dan Cuellar
Testistanbul 2016 - Keynote: "The Story of Appium" by Dan CuellarTestistanbul 2016 - Keynote: "The Story of Appium" by Dan Cuellar
Testistanbul 2016 - Keynote: "The Story of Appium" by Dan Cuellar
 
Theory research pro-forma
Theory research pro-formaTheory research pro-forma
Theory research pro-forma
 
Managing community outrage webinar [autosaved]
Managing community outrage webinar [autosaved]Managing community outrage webinar [autosaved]
Managing community outrage webinar [autosaved]
 
Krueger Focus Group Research
Krueger Focus Group ResearchKrueger Focus Group Research
Krueger Focus Group Research
 
Constitutional Orgs
Constitutional OrgsConstitutional Orgs
Constitutional Orgs
 
Organizational Drama: A Leadership Perspective on Conflict
Organizational Drama: A Leadership Perspective on ConflictOrganizational Drama: A Leadership Perspective on Conflict
Organizational Drama: A Leadership Perspective on Conflict
 
The business behind open source
The business behind open sourceThe business behind open source
The business behind open source
 
Understanding Users
Understanding UsersUnderstanding Users
Understanding Users
 
The Un-researched Persona
The Un-researched PersonaThe Un-researched Persona
The Un-researched Persona
 
How to Talk About Your Open Source Project So People Get It
How to Talk About Your Open Source Project So People Get ItHow to Talk About Your Open Source Project So People Get It
How to Talk About Your Open Source Project So People Get It
 
Managing Conflict in Open Source Communities
Managing Conflict in Open Source CommunitiesManaging Conflict in Open Source Communities
Managing Conflict in Open Source Communities
 
Build sh*t that matters
Build sh*t that matters Build sh*t that matters
Build sh*t that matters
 

More from The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEThe Linux Foundation
 

More from The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 

Recently uploaded

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Recently uploaded (20)

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

OSSEU18: Making Decisions without Consensus - George Dunlap, Citrix

  • 1. Making community decisions in the absence of consensus George Dunlap XenProject Committer
  • 3.
  • 5. XenProject Security Process • A well-known place to report vulnerabilities • A structured way of announcing vulnerabilities to users • A pre-disclosure list
  • 8.
  • 9. Discussion goals • Find the best solution • Do it in a way which everyone felt their voice was heard
  • 10. ONE Make sure you have a fall-back in case consensus can’t be reached
  • 11.
  • 12. Process isn’t necessary — until it is
  • 13. ONE Make sure you have a fall-back in case consensus can’t be reached
  • 14. TWO Have an online discussion but don’t stop there.
  • 15. Online discussions are great for… • Identifying important factors • Clarifying thinking • Exploring possible solutions • Understanding implications, pros and cons of different options
  • 16. Online discussion: Weaknesses • Favor people who… • Like to argue • Are articulate, have a high command of English, or type quickly • Sociological: Favor people who… • Feel like they’re in the “in” crowd • Think their opinion will be popular • Hide silent agreement
  • 17. Social factors and silent argument : Debian systemd discussion
  • 18.
  • 19. TWO Have an online discussion but don’t stop there.
  • 20. THREE Summarize the major positions and hold a five-point survey
  • 21. Four options • No pre-disclosure • Pre disclosure to software providers only • Pre disclosure to software providers and a small number of public cloud providers • Pre disclosure to software providers most public cloud providers
  • 22. Five-point survey • Based on “Identify the Champion” • For each option, ask people to rate it: • This is a great idea, and I would argue for it • I am happy with this idea, but I would not argue for it • I am not happy with this idea, but I would not argue against it • This is a terrible idea, and I would argue against it • No opinion
  • 23. Further details • “Other options / comments” box • Anonymous or named? • Allow anonymous votes but say votes with a name attached would be given more weight • Two-week survey window, announced publicly
  • 24. Outcome • 33 survey responses • Only 4 anonymous votes • Other 29 were a good mix: • Developers • Distributions • Both large and small cloud providers
  • 25. FOUR Look for the “center of gravity”
  • 26. Things to look for • Good: Total approval vs total opposition • Bad: Polarized options, particularly divided by sub-group • Good: Options that are opposed for opposite reasons
  • 27. No pre-disclosure This is a great idea Happy with this idea Not happy with this idea This is a terrible idea No opinion 0 5 10 15
  • 28. Software providers only This is a great idea Happy with this idea Not happy with this idea This is a terrible idea No opinion 0 5 10 15
  • 29. Software and large cloud providers This is a great idea Happy with this idea Not happy with this idea This is a terrible idea No opinion 0 5 10 15
  • 30. Software and all cloud providers This is a great idea Happy with this idea Not happy with this idea This is a terrible idea No opinion 0 5 10 15
  • 31. FIVE Write up a concrete proposal
  • 32. Recap • Make sure you have a fall-back if consensus fails • Have on online discussion, but don’t stop there • Summarize the major options and run a five-point survey • Analyze the data to find the “center of gravity” • Make a concrete proposal based on the findings
  • 33. Questions Comments / criticism: George Dunlap <george.dunlap@citrix.com> References: XenProject Security Policy (including pre-disclosure list) https://www.xenproject.org/security-policy.html Identify the Champion http://scg.unibe.ch/download/champion/