[Owasp-board] Google Hacking Project - Note by Jeff Williams, Chair, The OWASP Foundation

Paulo Coimbra paulo.coimbra at owasp.org
Wed Jul 7 18:11:18 UTC 2010 

All,

 

For your information.

 

Thanks,

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: owasp-leaders-bounces at lists.owasp.org
[mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Jeff Williams
Sent: quarta-feira, 7 de Julho de 2010 18:43
To: owasp-leaders at lists.owasp.org
Subject: Re: [Owasp-leaders] Can someone summarize "OWASP Gate"?

 

Hi,

 

Essentially, the Google Hacking project has been presented at several
conferences, but the underlying source code was not available anywhere. The
explanation was that Google has stopped supporting the API the tool uses.
The code has now been released, but there are still some questions revolving
around the project and whether there was any abuse.

 

As a large distributed community, we can expect occasional allegations of
abuse of our principles, ethics, and brand. The important thing to remember
is that we have an inquiry process in place to handle these situations
carefully, respectfully, and factually.   OWASP has started an inquiry in
the Google Hacking matter to find out the facts and make recommendations to
the Board and Leaders.  That process should take a few weeks - stay tuned.

 

Please let me know if you have any questions or ideas.  Thanks,

 

--Jeff

 

Jeff Williams, Chair

The OWASP Foundation

 

From: owasp-leaders-bounces at lists.owasp.org
[mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of John Wilander
Sent: Wednesday, July 07, 2010 1:23 PM
To: owasp-leaders at lists.owasp.org
Subject: [Owasp-leaders] Can someone summarize "OWASP Gate"?

 

Hi leaders!

 

I saw the lengthy emails on the Google Hacking project and several
semi-cryptic tweets, some of them tagging #owaspgate. Could someone with
good knowledge summarize the problem in a few sentences? I would sure
appreciate it.

 

To me it seems to be about an orphaned, not open enough OWASP project. But
has there been deliberate abuse? Are chapters and/or project(s) involved? Is
there a lynch mob somewhere?

 

   /John

-- 
John Wilander
Chapter leader OWASP Sweden, http://owaspsweden.blogspot.com
Conference chair OWASP AppSec Research 2010, http://owasp.se

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100707/f8ac64cb/attachment-0002.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT00068.txt
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100707/f8ac64cb/attachment-0002.txt>

More information about the Owasp-board mailing list