[Owasp-board] FW: Remove "leaders-list" from Google Hacking Discussion

Kate Hartmann kate.hartmann at owasp.org
Mon Jul 12 16:38:11 UTC 2010


Please take a look at Michael's comments.

 

Kate Hartmann

OWASP Operations Director

9175 Guilford Road

Suite 300

Columbia, MD  21046

 

301-275-9403 

kate.hartmann at owasp.org

Skype:  kate.hartmann1 

 

From: Michael Coates [mailto:michael.coates at owasp.org] 
Sent: Monday, July 12, 2010 11:17 AM
To: owasp-board at lists.owasp.org
Cc: Kate Hartmann
Subject: Remove "leaders-list" from Google Hacking Discussion

 

[cc'ing kate for approval to moderated board list]

 

Board,

I encourage you to quickly resolve this issue at today's meeting.  At the
current moment the OWASP leaders list has very little activity (which is
another issue in itself) as a result, the back and forth squabbling over the
google hacking project is dominating the list.  While I think it is
important to include the necessary parties to resolve the issue - the
leaders list should not be one of those groups.  If an additional audience
is needed then consider involving the global committees.

The leaders list represents both the "leaders" of OWASP, but also about 85%
(just a guess) of the active owasp population. When the leaders list is
copied on a negative thread that contains confusion and a back and forth
bickering it can result in an overall negative view of OWASP as a whole.
When in reality, this is just a small issue that needs to be handled.

It sounds like there is a process in place to review this issue. Let's move
through that process with the necessary parties and then announce the
results to the leaders list when complete. Until then I would encourage an
email to the involved parties asking them to discuss the issue in the
appropriate forum and not the leaders list.

 

Thanks!

Michael

 

---------- Forwarded message ----------
From: "Tom Brennan - OWASP" <tomb at owasp.org>
Date: Jul 12, 2010 5:01 AM
Subject: Re: [Owasp-leaders] [GPC] Update Needed
To: "Christian Heinrich" <christian.heinrich at owasp.org>,
<global-projects-committee-bounces at lists.owasp.org>, "Jason Li"
<jason.li at owasp.org>


Christian,  There was never a complaint from anyone @ Google to me
personally.

Today is the July board call at noon est 1-866-534-4754 Code: "OWASP"
(69277). and we will discuss this issue as old business join us, listen in
and speak up, very transparent.






Semper Fi,

Tom Brennan
OWASP Foundation Inc.
Tel: (973)506-9303

-----Original Message-----
From: Christian Heinrich <christian.heinrich at owasp.org>
Sender: global-projects-committee-bounces at lists.owasp.org
Date: Mon, 12 Jul 2010 14:33:49
To: Jason Li<jason.li at owasp.org>
Cc: OWASP Foundation Board List<owasp-board at lists.owasp.org>;
<owasp-google-hacking at lists.owasp.org>; <owasp-leaders at lists.owasp.org>;
Global Projects Committee<global-projects-committee at lists.owasp.org>
Subject: Re: [GPC] Update Needed

Jason,


On Mon, Jul 12, 2010 at 12:22 PM, Jason Li <jason.li at owasp.org> wrote:
> I never said that you lied...

The correct course of action would have been that Dinis realized they
bypassed me with their complaint and subsequently forwarded it to be
so it could be handled with discretion.

Furthermore, there are similarities to their complaint to what was put
out on twitter by others i.e.
http://twitter.com/TownyRoberto/status/17235012717 and that they have
stolen the identities of real people i.e.
https://lists.owasp.org/pipermail/owasp-leaders/2010-July/003293.html

Two high profile people had nominated themselves to review this OWASP
Project i.e. Chris Gates (metasploit) and PDP (GNUCITIZEN) i.e. this
isn't a single evaluator.


> As I said, the message was not about the Google Hacking project, but
> about shortcomings of the ...

In light of the assumptions of the complaint from Tom Brennan that he
received from Google (i.e. August 2008) I won't release the source
code to the GPC repository either until their complaint was clarified
as it would appear that I was encouraging people to violate Google's
Terms of Service and therefore OWASP would lost its standing with
Google.

https://lists.owasp.org/pipermail/owasp-australia/2010-June/000285.html
was correct i.e. I was busy as I was considering exploring both the
AJAX Search API (again) and porting to the Bing SOAP service or
officially closing the project down which I intended to present at the
recent OWASP NL Meeting.

Due to
https://lists.owasp.org/pipermail/owasp-australia/2010-June/thread.html,
the agreement that I had reached with Kate and Matt prior to departing
Australia (i.e. 24 June) was that this incident would be resolved when
I returned to Australia (i.e. 9 July)

The firestorm has ensured because rather then follow the agreement
with Kate, particular senior members of the OWASP community (excluding
Andrew van der Stock) have tried to assist and when I have declined
their offer that have in turn insisted resulting in it backfiring as I
expected resulting in more effort for everyone..


>> 2. Create additional metadata which communicates that unique projects
with a limited shelf life,...

Unless the GPC put the roadmap on the same page as
http://www.owasp.org/index.php?title=Category:OWASP_Google_Hacking_Project
then people won't see this at a glance.


>> 4. Reconsider Andrew van der Stock's proposal to become a full time
employee
>
> I can't really ...

I believe he wanted USD$60K

--

Regards,
Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
OWASP "Google Hacking" Projec...

Global-projects-committee mailing list

Global-projects-committee at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/global-projects-committee

_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp...

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100712/27c20195/attachment-0002.html>


More information about the Owasp-board mailing list