As you can imagine, the difficult part of this is to balance security with accessibility. We’d like to be open, but we can’t give the keys to the kingdom out to anyone who promises to help. The approach we’re taking is to treat volunteers as we would part-time employees - post positions, interview, and then supervise to gain trust. This is a fairly common model, actually, for any organization with volunteers and a need for security. Youth programs, for example, generally do an interview and background check with new volunteers, and those volunteers will be paired with senior volunteers or staff for a while.
However, it’s a bit cumbersome, both for Mozilla and for potential volunteers. We must design entire positions - ongoing tasks or roles that a volunteer can work on for an extended period of time - and then select a limited number of volunteers to fill those roles. For potential volunteers, an application and interview can mean a long time (weeks?) before they get to do anything hands-on. It also carries the risk that we’d have to turn a qualified volunteer away due to lack of suitable positions.
So what to do?
We need a more fluid way of interacting with potential contributors. Since our bug database is public, we can begin by simply tagging a few bugs that are appropriate for newcomers – things that don’t require sensitive access and are well-encapsulated so they can be completed without extensive knowledge of Mozilla’s infrastructure.
It’s a bit short right now. There are a few things that may help:
We can get better about identifying appropriate tasks and projects and making bugs out of them.
We can identify a means of giving limited or sandboxed access to a new volunteer.
Consumers of Mozilla’s IT resources can begin tagging bugs,where Mozilla can provide the resources and volunteers can do the heavylifting - got any ideas?