View and vote on the article here: Cyberarmy - A Proposal for New Directions
Cyberarmy - A Proposal for New Directions| Category | | | Summary | | Cyberarmy - Securing cyberspace for the next generation |
| | Body |
A Proposal for New Directions
29 Jan 2002
This is an attempt to submit a cohesive master plan for CA or, at least, begin the framework thereof. It should be read in light of the original post I made on the 26 Jan 2002 (included at the bottom of this one). This proposal recognises the considerable efforts that has been expended to move CA from a simple 'tools' page to an organisation that boosts some 70K regisrants. It likewise recognises the inherent difficulties in managing an organisation virtually where important meetings occur through irc, email or web board posting. Such communication streams may be effective in communicating day to day issues, but it may not be the most efficient means of communicating to develop solid strategic plans. I sumise that any real strategic planning by CA may be best accomplished through submissions such as this one by those who are interested and motivated enough to put something to writing. Armed with submissions (plural hopefully), the management of CA could have a base from which to hold meaningful discussions. There may be points or ideas in each that have merit and those may be discussed but always within the framework of looking at the 'big picture'. It is the big picture that I am interested with in this proposal so while I may recommend or detail policies and procedures, it is done with limited knowledge of the internal workings of z8+. This is not a complete framework but a platform from which discussion and thought may be generated.
1. CA become a respectible/professional organisation at the brigade level.
2. CA continue to maintain the best security learning site on the net.
3. CA maintains a command structure that has builtin stability and based upon member merit and committment.
4. CA's funding is stable and renewable.
5. The CA website acurately reflects our brigades hard work.
6. CA makes significant contributions towards our stated mission.
7. CA members have fun as well as working towards a worthy purpose.
8. CA develops strategic alliances with outside organisations.
The current image of CA is questionable. Some have righly stated that our organisation is a hacker club who are not *really* serious about other issues. The first step to developing credibility would be to move towards incorprating as a non-profit organisation. More than anything else this conveys the message that we are more than just a game for teenagers and the while many of our ranks are young, we do mean business. Not that we will have floods of people wanting to donate money to CA as a tax write off but merely the effort required to become a non-profit means that the organisation has some foresight and intends to stay around for awhile. It will not really prove any benefit materially for CA but it could assist in demonstrating our resolve to those who either have the worng idea of CA or those who know nothing of us. Incorporating as a non-profit is not a simple, quick process and would consume time for those involved. Fortunately, this is the area where I have practical dirt world experience and I would assist in any moves to either start this process or investgate the proper procedures and ramifications.
Our most valuable resource, our members, exhibit a high turnover rate. This is to be expected when the majority of our members are quiet young. Even though we do attract a young crowd what we impart to these young people is a proper respect for security, experience in working as part of a group, responsibility and problem solving. An endearing quality of CA is being blind to age but highly respect intelligence, motivation and comraderie. The high turnover rate should be expected and a part of our overall process. Zebulun should remain one of our (notice the inference of more than one) breeding grounds for new recruits for brigade work. Our lower ranks will undoubtedly be comprised of members who have varying degrees of maturity, motivation and committment. What we must do is ensure than our upper ranks are filled with members who have more than average of these qualities. The current decoration scheme is one method by which motivated members are rewarded and recognised for future development. At the top of CA's infrastructure should be our CinC. The CinC has the responsibility to oversee the entire CA operation. The administration of CA would be a shared responsibility delegated among the Joint Chiefs Of Staff (JCOS). JCOS would be made up of the highest ranking officer from each brigade. Initially the JCOS positions will be inherited from our previous marshalls. But as time progresses vacancies would be filled through an application process. JOCS would then review eligible applicants and appoint the most qualified new Marshal. Each Marshal (Brigade leader) would have a Second In Charge (2IC) of the rank of Brigadier General to follow-up most of the brigade issues and liase with their Marshal. In theory, the 2IC would be the most likely candiate for a new Marshal position.
From this point down the brigade, organisation would be the responsibility of the Brig. General and ultimately the Brigade Marshall. C/O's of sub brigade would be appointed much as they are now. The Brig. General may confer rank/decorations upon those within their brigade. Rank advancements and decorations would follow an established protocol (see the CPC/PA decoration policy for an example).
The ultimate heirarchy would look something like this:
CinC (elected by the JCOS)
JCOS (Marshalls - top officer from each brigade)
//Brigades
Brig. Generals (2IC for each brigade)
Ker.
Lt. Ker
Maj.
Cap.
Lt.
2nd Lt.
Brigades would include:
FUNDING
MORALE - human resources
CAPR - Public Relations
CPC
CAIRC
CAZEB - Zebulun Team
CASEC - Security Team (Exploit Research)
CIA
CA POLICY - CA Policy Team
CA UNIVERSITY
CA OPEN SOURCE
READY RESPONSE
ETC...
The important point here is the seperation of Zebulun from the CA brigade structure except for a new brigade to manage the zeb challenge and boards. The zeb server should have its own domain such as zebulunchallenge.net (I will register this if needed or donate $50 to CA if not). The focus of Zebulun should be clearly stated as the teaching of security expolits to raise general awareness in the internet community of such issues. Zebulun nicks and personal images should be confined to the zeb boards. The brigade boards would contain our registered CA Name (for example DRogers as my own) and a small personal pict. We should continue to maintain out 'tools', 'tutorials' and associated paraphrenalia within the Zeb site. From Zebulun we could recruit our brigade membership. Another possibility is recruitment through our public specific brigade boards for those interested in our mission of some part of it but not interested in the Zebulun Challenge. Some may consider that the removal of Zeb from the site proper would destroy the fun of CA. To those, it would be acceptible for them to remain in the Zeb side of CA without having to undertake brigade work. However, others will find their own rewards and fun through actively working within the brigades and getting to know other brigade members. It is important to note that responsibility should not rest entirely on one persons shoulders but among the collective. This is a voluntary organisation, no one is getting paid from their efforts therefore we should be as supportive of one another as possible.
This is the face we show the world. It must be professionally designed and quickly convey what CA is all about. There should be a small area for each brigade to post an article/tutorial/update so that upon casual inspection, a vistor has no doubt that there is an incredible amount of work occuring within these brigades. Our intentions should be very transparent to the outsider. This means that our site and public boards in CA.com reflect what is really happening. A link should be made available to view our traffic patterns (I dont know if this is a security risk or not) with something like MRTG. This would allow a potential advertiser/sponsor to validate our traffic patterns and usage. Links should be available for the casual visitor to view our command structure and how we operate. What ever 'hands on' evidence we can deliver should be available here. Another example is a link to a page that detects all of a users stats such as IP, OS, and etc. to give the outsider some idea of why Internet Privacy is a big issue. Most of us here have a relatively technical understanding of cyberworking but that does not mean we have to limit ALL of our publications to our own audience (They call that preaching to the choir back in Texas). We are interested in education as much as anything else so we must also strive to educate those with more challenged understanding then our own. By being aware of this we may broaden our target audience considerably.
CA would continue to foster learning. Learning would come from working on the zeb challenge, CA UNIVERSITY, or through the work of the brigades. The possiblities for learning should be expanding and not focused primarily on zeb hacks.
I hope these few submissions are not flippantly disregarded as impossible. I know that from reading the message boards, especially the temp board, it is hard to imagine that CA could pull off a professional make over. I would rather make an attempt to move CA in a more professional direction than pay lip service to the idea but not put any efforts to its realisation. If, after a given amount of time the project proves too difficult or is unpopular amoung our members then the site could quickly revert to its previous incarnation. I am interested in how Marshalls feel about the future of CA and if any are content to allow it to remain as it was.
We can be professionals, regardless of age, and we must organise ourselves accordingly.
Respectfully Submitted,
Maj. Makomaster C/O Policy/PA/CPC
mako_inthesurf@linuxvoodoo.org
AKA DRogers
Original Essay
Submitted 26 Jan. 2002
(submitted as an open letter to marshals)
Before embarking on this open letter I would like to preface it by saying that my primary employment for the past 16 years has been within the nonprofit/charity arena. Currently I am the Coordinator of a Children's Charity in Sydney (www.stretch-a-family.com.au). I also have a small server hosting business that targets Japanese businesses and offers colocation and credit card processing facilities (www.anasazi.com.au). I would like to take a moment to voice my opinions regarding the future of CA.
I have been active within CA since Aug. 2001. I initially was interested in learning about securing servers but also to find out what a 'hacker' really was. I learned and digested as much info. as I could. Soon I joined CPC and realised that CA was more than a nifty hacker game. There was a mission to strive towards and lots of great people were pursuing these lofty goals. I became familiar with CA's and CPC's mission and began to examine our policies. Policy development has been an area I have had to learn quickly in over the years. Good policy lays the foundation for a good organisation that can survive staff turnovers or resignations of key people.
It is very obvious that CA has two hurdles to clear before being considered a 'serious' organisation. The most apparent is our current funding crisis. I've seen CA struggle through several server moves or crisis. Without a doubt, server and site stability must be priority number one for the organisation to remain viable. The other was to develop strong policies that emphasis a professional management structure and clear priorities.
Funding is never a glamorous issue and I would like to think that if the mission is important enough, the funding will materialise. But, alas, I know this to be untrue. It would not surprise me if I have spent over 50% of my professional energy in the past few years on funding issues. With no funding, the mission dies. CA's funding problem is huge. Server rental and bandwidth do not come cheaply. Unfortunately, the majority of our members are underage and therefore can not contribute via credit card. Anticipating funding from our members at this point is not prudent.
Therefore, outside sources of funding must be found. The barrier here is the reputation of CA in the 'general' internet community. I believe that some sort of sponsoring or advertising deal could be negotiated but this will only occur after CA reorganises its priorities, maintains credibiity and develops a stable reputation.
At the moment CA may be seen as a place where hackers breed or wannabe hackers congregate. I think that many individuals get the wrong impression from the CA site. Our organisation and leadership is built around the Zebulun game. I quickly acknowledge that zeb has caused me to research many internet security issues and I am grateful to learn in a fun environment. But, CA is more than zeb. I hear this often especially amoung my CPC comrades. Our members work hard towards CA's mission of being a watchdog for net regulation and privacy issues, eliminating child pronography and supporting open source. Sadly, this is not the face of CA that is seen by most others, especially the casual visitor to our site.
I applaude the impending rank split and see this as a step in the right direction for CA. Zeb should remain a fantastic learning/teaching tool but not as a measure of CA leadership. Our site, when reestablished, should be split or reorganised. The index page should emphasis our committment to security, learning, net regulation, privacy, and open source. To do this perhaps the index page could feature a weekly update/article/story from each brigade so that guests immediately are aware of the WORK that's occuring here. Zeb should remain, but as a minor part of our work. Those who just want to play a game can focus on zeb and hang out in the zeb boards. The zeb server could be independent of the CA server thus allowing for more control of zeb the further one progresses in the challenge. But enough about that ...
Public boards should be arranged along brigade lines. When we seek assistance, cooperation or funding, our site will be the first point of call for others to investigate who we really are. About a month and a half ago, I remember reading with interest a debate that sprang up in the temp boards initiated by a civilian about censorship. I did not get into that discussion but I do have some opinions. CA does fight for freedom of speech on the net. Each web admin. should be able to post content they feel is acceptable and not be forced by governmental legislation to censor material wantonly. Consequently, an individual posting or using a site must abide by the site admins. policies or terms or use. If not, the site admin. has the authority/right to remove it. CA should be run as a professional organisation and we should not tolerate individuals abusing public areas or potentially damaging CA's reputation. If a post is abusive or damaging, it should be removed. We can not allow immaturity of others to mar our reputation or professionalism.
Our leadership could remain in the 'army' nomenclature, afterall, we do call ourselves the cyberarmy. The marshall system seems to work from down here (maj) but it could be organised more along the lines of a board of directors - made up of the higest ranking officer from each brigade. Our nicks may be appropriate for zeb but they do nothing for our credibility outside of CA. Perhaps we should rethink the use of nicks beyond zeb and come up with something else.
Credibility will mature especially if we are able to cultivate outside alliances and networks with other organisations. This will be easier when our brigade work is more transparent and easily available through the main site.
I continue to remain active and loyal to CA but wanted to voice my opinions especially in light of some of the recent posts on the temp web board. Each day I think of CA, the issues at hand, ideas for improvement, fundraising strategies, policy issues and the struggle ahead. I feel that the future of CA is beyond my control and in the hands of others which is why I forced myself to write this letter (I learned vi in the process - be kind to typos ;) ). I hope we can reframe ourselves as a worthy professional cause.
Sincerely,
Maj Makomaster
AKA Dale Rogers
CyberArmy: Securing cyberspace for future generations |
|
This article was imported from zZine. (original author: makomaster)
There are no replies to this post yet.
|