Author: Christie Koehler

software engineer, geek, yoga practitioner, bike commuter, zen buddhist, queer, vegan, legion of tech board member, osbridge planner, engineer@ShopIgniter

Strategies for Facilitating Better Meetings

As part of my work with Mozilla and Stumptown Syndicate, I attend a lot of meetings and many of those I am responsible for facilitating.

I think most people consider meetings to be necessary evils. Meetings are often time-consuming, inefficient and take us away from real work we need to be doing, and yet they seem unavoidable. It’s probably true that we can’t get away with eliminating meetings all together. Sometimes you just have to get everyone in a “room” together to hash out some issue.

However, I think we can work towards having more efficient meetings and below are some strategies I’ve learned for doing so.

Designate a Facilitator

The facilitator is usually the “driver” of the meeting. She helps the group understand and achieve their objective(s), assists the group in following the agenda and staying on schedule. The facilitator should ensure that notes are taken. Often, but not always, the facilitator is the person who initiates and schedules the meetings (by sending out the meeting invite).

Have a Clear, Obtainable Objective

Before the meeting (ideally when the meeting is scheduled), an objective (or set of objectives) for the meeting should be drafted and communicated to the entire group. The objective should follow SMART criteria: specific, measurable, attainable, relevant and time-bound. If you are meeting to make a series of decisions, state what specific decisions need to be made.

Create and Distribute an Agenda

Having an agenda is essential for keeping a meeting focused and timely. Whenever possible, circulate the agenda ahead of time so attendees can: a) determine the important of their presence at the meeting and prioritize their schedule accordingly, and b) prepare for the meeting.

In agendas I draft, I always include the following:

(Descriptive) Meeting Title & Date

== Objective ==
== Attendees ==
== Agenda / Notes ==
== Action Items ==

Did you note my use of wiki syntax? Not a coincidence! If you’re using a wiki in your organization, writing notes and agendas in wiki syntax makes recording of agendas and meeting notes that much easier (more on this in a bit).

Make Sure You Really Need a Meeting

It sounds simple, but before you schedule a meeting, ask yourself if you really need one. Can you clearly state your objective and draft an agenda? If not, you may not be prepared to have a meeting. Would an email work instead? A quick IRC conversation?

Include Compete Participation Instructions

Include complete participation instructions every time, even for regular meetings with regular participants. The reason for this is that you want as few barriers to attending your meeting and being on time for it as possible. If someone has to go looking for information on how to participate in the meeting, there is a chance that they will be late or that they won’t attend at all.

Things to consider including in your meeting invite:

  • date and time (including in UTC)
  • physical location (if there is one) and any special access instructions
  • conference/video call information, including complete dial-in number, room number and any required access codes
  • key instructions for using the conference/vidyo call system (e.g. how to mute yourself)
  • direct links to on-line meeting systems
  • if software is required to participate in the meeting, instructions on how to obtain and install it

Don’t assume that participants will have any of the above info readily accessible, even if they have attended your meetings before.

Here’s text that I put at the bottom of every Mozilla meeting invite (some info has been faked, so please don’t use for a real Mozilla meeting):

==============================================================
Connection Details: 

Vidyo 9597 (ckoehler).

+1 650 903 0800, x92 (or +1 800 707 2533, password 000) 
Then 99597 

•1 to mute if you’re dialed in (nb: it makes an audible beep) 

Direct room link: 
https://v.mozilla.com/flex.html?roomdirect.html&key=1234567890 
==============================================================

Note: If you’re a Mozillian and you want non-employees to join your Vidyo meeting, be sure to include the direct link.

Be Mindful of Participants’ Time

Because people’s time is precious, we should be mindful when requesting and utilizing it. There are several aspects to being mindful of your participants’ time:

  • Make sure each participant is really required at the meeting. Each of your participants should have an integral role in obtaining the objective of your meeting. If they don’t, add them as an optional attendee or don’t invite them at all.
  • Be aware of the timezone for each of your participants. When working with a global organization it’s often not possible to find a time that’s convenient for everyone. But you should have some awareness of who is being inconvenienced when, and try to distribute that burden. For example, don’t  schedule every meeting for times that are convenient only for those in Pacific time.
  • Start on-time and end on-time. Most people have multiple meetings per day, and have other things they need to do at certain times. Don’t make others late by conducting a meeting that exceeds its scheduled time. Better yet, strive to end a few minutes early! Most everyone appreciates a few unexpected minutes between commitments to stretch their legs, use the restroom and get some water or coffee. Likewise, be respectful of those who arrive on-time for a meeting by starting on-time. A meeting that starts at the scheduled time is that much more likely to end by the scheduled time.

Take Notes

One of the most important things you can do during a meeting is to ensure that good notes are taken. Taking notes has the following benefits:

  • helps to keep participants focused and on-track during the meeting
  • provides a clear record of what was discussed and decided during the meeting, for reference both by those who attended the meeting and those who were not able to do so

I find it works well for the group to take notes together in the same etherpad I have used for the agenda.  Notes do not have to be a word for word recounting of what was said in the meeting, but should include a summary of the discussion points, questions raised and answers given.

You don’t need to create perfect notes while the meeting is happening. Just record the important information and be prepared to edit afterward.

Follow-Up

A good meeting is not complete until you’ve distributed and recorded the revised meeting notes (or minutes), with key decisions and action items clearly indicated.

The complete agenda and note-taking process looks like this:

  • create and circulate an agenda in advance of the meeting
  • use etherpad (or another collaborative editing tool) whenever possible
  • take notes, with the group’s assistance, in the same document you used for the agenda
  • edit the notes after the meeting is complete, making sure to call out key decisions and action items
  • distribute the edited notes to everyone you invited to the meeting (not just those who actually attended)
  • record the notes in an accessible location (on a public wiki, on your organization’s intranet, etc.)

When I distribute meeting notes, I usually do so via email, with a link to the edited notes and action items included in the actual body of the email.

Your Strategies?

What strategies do you have for running better meetings? Let me know by leaving a comment.

Advice to Women Seeking Careers in Technology

Note: This post is inspired by this question submitted to Quora.

There are many benefits to a career in technology:

  • wages and compensation are high compared to other industries (even accounting for the wage gap between men and women)
  • many tech jobs offer flexible schedules and working environments
  • the work can be intellectually challenging and fulfilling

Here are some bits of advice I’d give to women considering a career in technology, or to those just beginning one.

Practice building confidence and be mindful about not selling yourself short.

It’s well known that women routinely under-assess their own skills as well as their value to their workplace or organization. Watch for this in yourself and work on ways to build your own confidence and self-assessment abilities.

Build and utilize a support network.

I can’t stress the importantance of having a network of people you can reach out to when things get tough (which they will, because that’s life). But don’t wait until you’re down in the dumps to reach out. Find a group of people you connect well with and make consistent connections with them. Don’t be afraid to attend women-only events and groups if you find that’s where you feel most comfortable.

Know that you will encounter sexism, racism and other misbehavior.

The tech industry is full of very privileged individuals and you will undoubtedly encounter sexist, racist and other kinds of bad behavior. No matter how trivial this behavior seems know that you are under no obligation to brush it off or grow a thicker skin. Know that you can talk about the bad behavior you encounter. If you don’t feel comfortable doing this publicly, utilize your support network.

Avail yourself of feminist and other anti-oppressionist resources.

Start with geekfeminism.org and microaggressions.com.

Learn to negotiate and ask for what you are worth.

This is a corollary to “not selling yourself short” and includes salary as well as desired job position. I know of companies who will offer the harder to fill, less prestigious positions to women first simply because they are more likely to accept them (even when they would prefer the more prestigious position). Read Ask For It for some good tips on negotiation in the workplace.

Know that work environments can vary significantly.

Workplace culture and environment can vary drastically from company to company. Don’t forget that when you’re interviewing, you’re interviewing the company in addition to them interviewing you. Ask them about their anti-harassment policies and what they do to facilitate women achieving in tech. If you think they could be doing better, consider letting them know.

Be a life-long learner.

Tech is a rapidly changing field where practice makes all the difference. Find a mentor. Be a mentor. Read code and write code. Go to user/meetup groups. Teach others. Practice. Build.

Fellow tech women who have been around a while now: What tips would you offer? Leave ’em in the comments!

Death Threats in Open Source Are not Occurring in a Vacuum

Individuals who make death threats start with less egregious behavior and systematically test the boundaries of the communities in which they exist. When they get away with small violations, they often move on to larger ones. They watch what others are able to get away with, too. The pattern of behavior is common among abusers. If you’re an abuse survivor, you know this implicitly.

The open source community consistently condones the type of behavior that can escalate to death threats. The “free as in freedom” philosophy has created a haven for privileged individuals to act without accountability. Harassment, discrimination and exclusion of women, queer and trans people, racial minorities and other individuals from marginalized groups are commonplace. This is not okay. Not only is it morally wrong to exclude people in this manner, but communities thrive on diversity and stagnate without it. Open source is no different, and we have largely been failing to address this issue.

If you’re not actively working to make your community welcoming to a diverse set of individuals, you are part of the problem. If you are a white, straight cis man and you look around at your community and the majority of what you see are straight, white, cis men, then you are part of the problem. If your project or community does not have a code of conduct and you are not actively providing meaningful enforcement of those standards, then you are part of the problem. If you are not holding your technical leaders accountable for their behavior that is harming the community, then you are part of the problem.

We can no longer operate under the fantasy that maintaining healthy open source communities is solely a matter of technical skill or competence. As Matthew Garrett recently stated:

No matter how technically competent a community leader is, no matter how much code review they perform or how much mentorship they provide, if they’re expressing unacceptable social opinions then they’re diminishing the community. People I know and respect have left technical communities simply because people in positions of responsibility have engaged in this kind of behaviour without it causing them any problems.

Want to lessen the number of death threats that women (and others) in open source receive? Adopt a strong code of conduct and enforce it. Do not allow misogynist, sexist, racist, homophobic, etc. comments or behavior, no matter how trivial they feel to you. Don’t ask people like me to explain to you ad nauseam why a fellow community member saying “we don’t want you around” is a threat. Don’t argue when we say that a co-worker  who advocates against universal marriage is advocating legislative violence. Instead, hold those who make these statements accountable.

In other words, reducing and eliminating death threats in the open source community starts with being intolerant of microagressions.

My First Internet Death Threat (Trigger Warning)

Trigger warning: Violence against women, homophobia and fat-shaming.

Friday morning I woke up to find I’d received my first internet death threat. It was in response to my blog post about accountability. I’m posting the contents of the entire message below so that others have an idea of the kind garbage others and I have to endure when we choose to speak on social justice issues.

Unfortunately, the commenter was used an IP anonymizer, so there is no way to determine their identity. Is it a colleague or a total stranger? There’s no way to know.

Here’s the comment. Consider the trigger warning above before you decide whether or not to read on.

Jesus stop whining you stupid dyke. No one gives a shit what you think, and if you keep attention whoring like this you’re going to end up with your fat throat slit if one of us can manage to find a knife deep enough to penetrate your layers of blubber.

Point is, you’re just a useless, loudmouthed lesbian. Personally, I think you should consider leaving Mozilla or better yet do the world (and your parents) a favor and kill yourself already. You’re worthless fat waste of space and posting this garbage does nothing to promote Mozilla’s image. Grab an ounce of self-worth and delete your shitty blog, cunt.

I’ve known for a long time that those who speak out about anti-oppression and other social justice issues receive death threats. I now know first-hand how unsettling it is to be on the receiving end of such threats. It’s made me re-think my habit of checking email first thing in the morning before I’m fully awake an functional. What it hasn’t done is discouraged me from talking about these issues. If anything, being the target of such speech is just a reminder about how important it is for those of us in marginalized groups to be visible and to be heard when we feel we are able to do so.

Update 8 October 12:19: A couple of people have asked me to post the email headers and IP address of the person who left the comment. Unfortunately, it was left as a comment via WordPress so I don’t have email headers. What I do have is the IP address and reverse lookup as captured by Apache and WordPress software: IP: 31.172.30.1, tor18.anonymizer.ccc.de. It’s my understanding that there is no way to track the identity of someone who has used Tor, but I’m happy to share my Apache logs with anyone who thinks they might be able to get some more info from them. Also, the person gave the email address “kelly.rutherford@gmail.com,” but I assume that is not their own because why use Tor and then give your real email?

On Accountability

Back in July, someone claiming to be a “Mozilla member” made threatening comments here on my blog, directed towards myself and my colleague Tim Chevalier. I reported the comments immediately to Mozilla HR. It look nearly three months, but I can now report a resolution.

The person who left the comments is a Mozilla employee. They have been contacted by Mozilla HR and directed not to make these kind of comments to Mozilla employees or community members in the future, or else face disciplinary action. They have also issued an apology to me personally. Unfortunately, the person has declined to provide a public apology and isn’t being compelled to do so.

I find the lack of a public apology disappointing and a detriment to the Mozilla community. Those who violate community conduct standards should face the consequences of their actions and they should have to face them publicly.

Why? Many reasons. Without having to face consequences, abusive behavior is likely to continue, and likely to escalate. When those who violate conduct standards are held publicly accountable for their actions, it gives those who might have been a target of such behavior in the past a chance to finally speak up. And, it demonstrates that the Mozilla community takes its employees’ and contributors’ conduct toward one another seriously and doesn’t tolerate abuse. A public apology gives those who transgress an opportunity to make amends with the community.

In the case of the person who left the threats on my blog, their desire not to look bad is being placed above our (mine, Tim’s and others from marginalized groups) need to feel safe, and thus represents a refusal to acknowledge their deleterious effect on our entire community.

The commenter’s actions harmed not just the two of us who were the direct targets, but the Mozilla community as a whole by setting the example that if a queer person feels they are being discriminated against at Mozilla and speaks out about it, they will be penalized with a public threat. Why was the original comment a threat? Because saying “we don’t want you two around” implies that they would do their best, either directly or indirectly, to make sure Tim and I were not able to continue to be around. Furthermore, their use of “we” created anxiety that there was not just one, but many people at Mozilla who wanted to force out people who speak out against discrimination.

More generally, the commenter’s actions set a precedent that if somebody is in a vulnerable minority group, they must choose between being silent and accepting what they experience as discriminatory treatment or risk being humiliated and threatened if they speak out against it. Being in a situation where the only choices are to accept abuse without criticizing it or be retaliated against for speaking up, is unfair. A community where people in minority groups are treated unfairly is one that many such people will either leave, or not join in the first place, because they don’t feel welcome. And driving away people in minority groups hurts the community. It deprives the community of all that minority group members can contribute, and means Mozilla won’t have the best employees and contributors it can possibly have.

In the lack of acknowledgment that the commenter’s actions harmed the community, I hear unwillingness to say that Mozilla values its contributors who are queer. If harming us does not harm the community, then the only logical conclusion is that we’re not an important part of the community. It’s hurtful to see that the facts apparently point to this conclusion.

While it’s true that I could reveal the identity of the anonymous commenter, I don’t feel comfortable doing so publicly, here on my blog because I fear a lack of support from the Mozilla community. On the one hand, many of you expressed your outrage and disapproval of the commenter’s behavior, but on the other hand, some of you also expressed doubt that the commenter could even be part of the Mozilla community. Also, I have not seen a lot of outspoken support for those who speak up on these issues, and have certainly experienced a lack of institutional support on behalf of Mozilla leadership.

What I will do is encourage those of you who have been the target of threatening behavior, even if it seems insignificant, to document and report it.

Update 3 October 19:45 PDT: Read Harassment, Accountability, and Justice for Tim’s response to this issue.

Securing Your On-line Life with a Password Manager and Two-Factor Auth

The Internet was ablaze last week with discussion of the hacking of Mat Honan. For those not up to speed about what happened, hackers were able to use social engineering and weaknesses in the security policies of Apple and Amazon to obtain access to Mat’s on-line accounts and to reset all of his Apple devices. Scary stuff!

With this incident on everyone’s mind, I thought it would be a good idea to share the techniques I use to secure my on-line life. I encourage you to adopt these practices if you haven’t already.

Use A Password Manager

My favorite password manager is LastPass. It’s cross-platform and cross-browser. There is a free version and a very affordable premium version at $12/year.

Other options include KeePass and 1Password.

With LastPass, your data is stored online in an encrypted format. To access your information, you unlock your “vault” with a master password. On the desktop, LastPass isn’t a stand-alone program. Rather, you use it as a browser plugin. On mobile platforms there is a stand-alone program that includes an integrated web browser. Because your data is stored online, it is synchronized across and available from multiple computers. This is great if you use more than one system, which I do. LastPass also offers the ability to access your vault when you’re off-line (though two-factor auth is limited in this case).

LastPass allows you to securely store:

  • passwords for all your sites
  • secure notes, which you can use to store misc information like server logins, credit card and bank account info, passphrases and more
  • form data, including credit card information (makes online buying a snap)

It also provides a password generator.

Here’s an example of what it looks like to retrieve passwords in LastPass:

Free Image Hosting at www.ImageShack.us

And here’s how I login to sites that I have saved with LastPass:

Free Image Hosting at www.ImageShack.us

Using a password manager, be it LastPass, KeePass, 1Password or another solution, allows you to easily follow the best practices I outline below.

Use a Unique, Strong Password for Every Site

You should never re-use a password. Use a unique password for every account that you create everywhere. This limits a security compromise from spreading to one site to another.

Make sure you pick a strong password. Better yet, use a computer generated password rather than one you make up on your own. Many password managers, including the ones I have mentioned in this post, have a password generator built in. Use it!

Here’s LastPass’ generator:

Free Image Hosting at www.ImageShack.us

How Do I Remember All These Unique Passwords?

At this point you might be asking, “how will I remember all these difficult passwords?” You won’t! The only password you’ll need to remember is the master password for your password manager.

Stand-Alone Password Generators

Don’t like or want to use the built-in password generator? There are plenty of stand-alone options.

My favorite password generator is actually the one that ships with OSX. It’s a bit difficult to get to, however, because you have to open the keychain and then click on some additional buttons. However, this app will call the password generate dialog directly.

If you’re on Windows, there’s pwgen-win. If you’re on Linux, try apg or pwgen.

Don’t Use Real Information in Security Questions

Security questions are those additional questions you fill out when you set up web accounts, especially for on-line banking. Some examples:

  • childhood nickname
  • name of first pet
  • first school attended
  • place where you met your spouse
  • favorite sports team

Most of the security questions I’ve encountered are absolutely terrible in that answering them honestly does nothing to protect your account. Why? Because we live in the age of social networking and answers to these questions are almost always readily available to anyone who’s willing to spend a few minutes searching on Google.

The solution is to provide bogus answers. Favorite Sports Team? The Bangalore Bananas. Or xFLXw99X62ONsPFU. There’s no way someone can use social engineering to come up with answers like these (unless you post them online for some reason). In order for this strategy to work, don’t rely on your memory. Instead, use your password manager to save the security questions and answers just as you do with unique, strong passwords. LastPass makes this particularly easy because on any webpage with a form you can use the “Save All Entered Data” to capture your questions and answers.

Enable Two-Factor (or 2-Step) Authentication Wherever Possible

Two-factor authentication means that in order to login to a site, you need to provide two pieces of information instead of just your password. Most two-factor authentication schemes involve providing your password and a unique code generated by a separate program, usually on a physical device.

For example, when I log in to Google, I first login the usual way and am then prompted for a verification code:

Free Image Hosting at www.ImageShack.us

And then I open Google Authenticator on my phone in order to retrieve a special code:

Free Image Hosting at www.ImageShack.us

Enabling two-factor authentication adds an extra level of security because it means a hacker can’t login to your account even if they have your password. They’d also have to have the physical device that generates the second authentication factor.

In this post I’ll cover enabling and using two-factor authentication with Gmail and with LastPass.

Enabling Two-Factor Auth for Google

To enable two-factor authentication for your Google account:

  • Login to your account and navigate to your Account page.
  • Navigate to security settings.
  • Click ‘edit’ next to 2-step verification.
  • If you haven’t already verified you’re phone, you’ll need to do so now.
  • After this, 2-step verification will be enabled.

Free Image Hosting at www.ImageShack.us

You should now set how to receive your verification codes. You can enable one or more of the following methods:

  • Mobile application (Google Authenticator, for Android and iOS)
  • Backup phone (not your Google voice number)
  • Print backup codes (keep in your wallet or somewhere else safe)

Free Image Hosting at www.ImageShack.us

I recommend setting all three, especially if you have a smart-phone or tablet. The method I use most often is the mobile application.

When you select mobile application, you’ll see the following screen. Scan the QR code with your phone or table. You’ll then be given a key to enter into the form to verify your device.

Free Image Hosting at www.ImageShack.us

Note: You can install Google Authenticator on multiple devices, but you  must do so at the same time. If you wish to add a device later, you’ll need to turn off 2-step authentication and go through the whole process again. You do not need to do this in order to add another Google account to Authenticator, however.

Generating Application-Specific Passwords

What happens if you want to use an email client like Thunderbird, Mail.app or Outlook? Or a chat client with your gTalk? You still can, but you have to generated application-specific passwords. What this means is that for each application you would like to allow to access your mail or chat, you generate a password for. This password is revocable at any time should you loose control of that application (e.g. you loose the laptop on which it’s installed) or suspect that the password has somehow been compromised.

Free Image Hosting at www.ImageShack.us

Enabling Two-Factor Auth in LastPass

LastPass offers a few options for two-factor authentication:

  • fingerprint reader
  • grid authentication
  • Yubikey
  • Google Authenticator

I selected Yubikey. A Yubikey is a USB device that generates a unique, one-time password. Once you link a Yubikey to your LastPass account and enable two-factor authentication, you need to use your Yubikey along with your regular password each time you want to log in (although you can specific which computers are trusted and therefore do not require secondary authentication).

I bought 2 Yubikeys and an additional year of LastPass service for $50. Because you can associate your LastPass account with multiple Yubikeys, I have one for regular use and one for a backup in case I loose the first.

Here’s what it looks like when I log in to LastPass with Yubikey authentication enabled.

First I’m prompted like usual for my LastPass email and password:

Free Image Hosting at www.ImageShack.us

And then prompted from my OTP from Yubikey:

Free Image Hosting at www.ImageShack.us

Have a Recovery Email That is Not Easy to Guess and Keep it Private

Both Google and LastPass allow you to specify a recovery email address. I strongly recommend that you setup a second email account that is dissimilar to your regular, public email address, keep it private and use it as the recovery email for your critical accounts (like Google and LastPass). The reason for using a private, separate email is so that hackers are less able to guess your recovery email and be able to launch an attack against it.

Also, if you are uncomfortable having all your on-line eggs in one basket like I am, consider paying for a backup email account from a service like FastMail, HushMail or Pobox.

Change Important Passwords Periodically

You should change the passwords on your critical accounts on a regular basis. Quarterly is probably a good target. Even twice or once a year will be better than never. For best results, link it to some other deadline. Self-employed? Change your critical passwords when you send in your quarterly estimated taxes.

What are critical passwords? Your Google account and password manager, certainly. Probably also your on-line banking, too.

Check Access Logs Frequently

Most systems provide access logs that you are able to check. You should periodically examine this information for anything that seems strange. Look for connections that don’t match your usage because this could be a sign someone is accessing your account without your permission or knowledge.

To see your Google access logs, log in to Gmail, scroll down to the bottom of your inbox and look for “Last account activity.” Then click on details.

Free Image Hosting at www.ImageShack.us

You’ll see a screen like this where you can see which IP addresses have been connecting to your account:

Free Image Hosting at www.ImageShack.us

Make Regular Backups

The above steps are not a guarantee against your data being compromised. You should make sure you’re regularly backing up any data that’s important to you, including your password information.

 

Response to Nice Girl’s “The Dark Side of Feminism”

The recent post The Dark Side of Geek Feminism, authored by the pseudo-anonymous Nice Girl, and the mostly uncritical responses to it concern me for a couple of reasons.

First, it attacks all of geek feminism based on the actions of a few unnamed individuals. I find this problematic because there is no certification for being a geek feminist. Anyone can call themselves such. Certainly, there are those who call themselves feminists and claim to align themselves with our efforts to support women (in tech, geekdom and elsewhere), but then undermine those efforts with their actions. Or support women to the detriment of other oppressed groups. Folks who do this should be called out on their behavior. It’s not an attack or a condemnation to do so, it’s an opportunity for dialog and for social change.

Furthermore, the author discounts the need for accountability, equating it with vigilante justice. She claims that “naming and shaming” means “trying these things in the court of public opinion” and that both are “wrong and dangerous.” I find this conclusion to be flawed. Without question, it is a person’s decision whether or not to name their abuser. There are plenty of good reasons for not doing so. However, it’s clear that the author is withholding such information not to protect herself, but in order to protect potential abusers and derailers: “[Naming people] can completely ruin someone’s life. The internet lynch mob that it inevitably creates can haunt a person for years.”

Another aspect of the post to consider is use of the term “lynch mob” (quoted above) and the author’s response to being called out on its inappropriateness. Rather than reflecting on why it’s inappropriate to use such a phrase, she simply says she was being hyperbolic and accuses the person who called her out of trolling. What this tells me is that the author clearly doesn’t understand intersectionality and how it relates to privilege. For me, this kind of understanding, or at least the willingness to achieve it, is a prerequisite for engaging in feminist dialog in the first place.

Which leads me to wonder, is the author really engaging in a feminist dialog, or is she promoting an anti-feminist agenda?

I ask because Nice Girl’s post feels like an attention-stealing effort and an attack on anti-oppression dialog. Rather than having a productive conversation about specific people’s behavior, we’re discussing unidentified “bad feminists,” whom we have no ability to address because we don’t know who they are or the full content and context of what they said.

Nice Girl says she believes “naming and shaming” to be unfair. However, the approach she took is even more unfair because it attacks everyone associated with geek feminism; any one of us could be the person she’s talking about.

I’d be having a much different response if the author had written factually about her experiences and not given her post the damming title The Dark Side of Geek Feminism.

[Note: Wondering why is it not appropriate to use ‘lynch mob’ in the way the author uses it? Because it is powerful term that evokes institutional violence against oppressed groups.]

More reading on intersectionality includes: the Geek Feminism Wiki and The Angry Black Woman.

O’Reilly Open Source Award

O'Reilly Open Source Award

Last Friday I was presented with an O’Reilly Open Source Award. The award recognizes  “individual contributors who have demonstrated exceptional leadership, creativity, and collaboration in the development of Open Source Software.” Wikipedia has a list of previous winners.

Not only did I get the very awesome sharpie-enscribed lightbulb award you see above, but I also received my very own Eggbot! The Eggbot is an open source CNC artbot and was used to create the awards.

I’m honored to be recognized by O’Reilly for my work getting people involved in in Open Source through events like BarCamp Portland and Open Source Bridge via my governance of Stumptown Syndicate.

However, these efforts are by no means singular. The projects I’m involved in are successful because of the awesome people that choose to volunteer their time to help make them a reality. I would have liked to be able to recognize a dozen or more people on stage with me last Friday. Thank you Audrey Eschright, Reid Beels, Jim Eastman, Kirsten Comandich, Amy Farrell, Chris McCraw, Igal Koshevoy, and Melissa Chavez for working with me on these projects year after year. And, thank you to my lovely wife Sherri Montgomery for supporting my work and joining in herself.

If you’re curious what Edd and Sarah said about me, check out the video here:

I feel as if my work in open source and free culture is just beginning. There is so much more to do. If you’d like to join me, get in touch!