Adding capacity and diversity to OSS security and privacy tools


(joncamfield) #1

Hi! :wave:

My team and I are building a project proposal to remotely embed expert talent (such as developers, project managers, documentation leads, etc.) who live in radically different environments than, say western democracies, with open source security/privacy tools. The goal is to improve the capacity of the tool development team, which are often a loose collection of volunteers or 1-2 developers, while also increasing the diversity of backgrounds represented in the tool dev process.

We intend to leverage the CHAOSS framework to help identify specific areas of improvement to focus on, and would love to learn from the existing work already done in improving diversity in tech.

I’d welcome feedback (have you tried something similar? Are there other programs doing this already?), thanks!


(Georg Link (he/him)) #2

Hi @joncamfield,

Thanks for sharing what you are working on.

Can you share specifics?
I am curious because I am a CHAOSS D&I workgroup maintainer.

I don’t know enough to give actionable feedback. I can offer to chat about using CHAOSS metrics and talk through your project proposal. PM me to put a time on our calendars.


(joncamfield) #3

@GeorgLink – I… don’t think I have earned messaging privileges yet; but I just followed you on twitter so we can bootstrap a DM conversation from there.

Our team does a lot of work assessing organizational capacity, but historically focused on their ability to manage grant funding and leverage it for impact – or separately, as part of an NGO-focused risk assessment framework (https://SAFETAG.org). What we haven’t done is work with OSS tool dev teams (who often aren’t formalized as an organization) and adapt any of these existing approaches or take into account the type of community health metrics which could better tune support needs.


(Georg Link (he/him)) #4

Sure thing. I followed you back.