[Owasp-board] OWASP Summer Code Sprint Proposal

johanna curiel curiel johanna.curiel at owasp.org
Wed Apr 1 20:15:17 UTC 2015


Another thread..about Gsoc discussions


---------- Forwarded message ----------
From: Abbas Naderi <abiusx at owasp.org>
Date: Mon, Mar 31, 2014 at 10:58 AM
Subject: Re: ACTION NEEDED - Instructions for Scoring
To: Björn Kimminich <bjoern.kimminich at gmx.de>
Cc: owasp-gsoc-mentors at googlegroups.com


The point you’re missing, is that its not about us or projects. Its about
students and whats right for them.

These students put countless time and effort into their proposals, and they
deserve to be acknowledged for that. Its not fair to just ignore that fact.

This doesn’t mean that I’m not OK with your suggestion, on the contrary, I
strongly support it. Lets have the list of slots we need, and the list we
want, and then round-robin it using the current scores on comments on
melange. I believe everybody would be happy with this (as long as we get
enough slots overall for OWASP). If its not beneficial to the majority,
then we can devise some other plan.

How does that sound?
-A
______________________________________________________________
*Notice:* This message is *digitally signed*, its *source* and *integrity* are
verifiable.
If you mail client does not support S/MIME verification, it will display a
file (smime.p7s), which includes the X.509 certificate and the signature
body.  Read more at Certified E-Mail with Comodo and Thunderbird
<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
AbiusX.com <http://abiusx.com/>

On Mar 31, 2014, at 10:52 AM, Björn Kimminich <bjoern.kimminich at gmx.de>
wrote:

If the each project lead comes up with a reasonable list in Simon's format
(Must, Like, Optional) and then projects get slots in a controlled
round-robin way (like Settlers of Catan start settlement/road positioning)
capped by their overall activity/relevance/mentor-power (->admin decision)
it might just turn out fair and fine for everyone. Yes, *maybe* some
project leads will end up in a pit fight for some of the final optional
student slots or *maybe* someone doesn't play ball and puts 10 projects on
"Must" and 0 on "Optional" ... but hey, that's for the admins/pit fighters
to resolve, right?

I see no need for the whole group to continue this fruitless discussion. In
the time invested into the drama (summing up read and write effort)
everyone could probably have filled out Kostas spreadsheet easily already
<and> played a round of Settlers of Catan with his/her kids/friends
instead... ;-)

Cheers,
Björn

<settlers-board2_grey-robber_opt.png>


*Gesendet:* Montag, 31. März 2014 um 16:38 Uhr
*Von:* kingthorin+gsoc2014 <kingthorin at gmail.com>
*An:* owasp-gsoc-mentors at googlegroups.com
*Betreff:* Re: ACTION NEEDED - Instructions for Scoring
I'm still baffled by your comments about score privacy. In one breath you
say keep them private in another you say make them public, it doesn't make
sense.

We all understand that this process is taking time and effort on everyone's
part, what some of us are against is requiring additional time or effort
after the fact. I doubt any of us would have cared about the spreadsheet or
putting scores in comments if we'd known ahead of time. When I'd originally
gone through the 88, it would have been an extra 30 sec or less per entry.
At this point it'll take a min or two each; that's an additional hour and a
half, that I'm not willing to waste on after the fact drama.

As for mentoring 2 students, I didn't mean to imply that I wanted to mentor
two. I was trying to point out that of 88 people there are only 2 who I
would be at all interested in mentoring at all...

At this point I'm kind of the opinion that none of this mattes and is only
be dragged out for nothing. If I'm chosen to mentor someone and help out
Simon/ZAP then WONDERFUL, if not I'm ok with that too. Aside from Simon's
original emails to me on the topic of mentoring I'm getting nothing but
discouragement, so really I'm totally fine NOT being a mentor...

Rick


On Monday, March 31, 2014 3:19:16 AM UTC-4, Konstantinos Papapanagiotou
wrote:
>
> As a personal note, I am really surprised (and please Rick, don't take
> this personally it's more of a generic comment) that people are not willing
> to do part with the privacy of their scores.
> I also have a day job, family, kids, dog, cats, etc. and this whole
> process takes me much more time than simply copy/pasting my scores in a
> spreadsheet and sending an e-mail.
> It's really hard to reach a conclusion at the moment since the voices pro
> and against this are pretty much equal.
>
> Google does not encourage being a mentor for 2 students at the same time.
> It's hard to be a mentor for a single student and this is why we always
> assign a backup mentor as well. On top of that, my personal experience says
> that mentoring a single student will take more time that you imagine at
> this stage.
>
> Kostas
>
> On Mon, Mar 31, 2014 at 3:38 AM, kingthorin+gsoc2014 <kingt... at gmail.com
> > wrote:
>>
>> This doesn't make any sense you can't have it both ways:
>>
>> First you say: "The problem is that people don't seem to be adding the
>> score as a comment and we are running out of time."
>>
>> Then you say: "Regarding a shared spreadsheet: we do not want mentors to
>> be able to see other mentors' votes before voting ends, as this might lead
>> to ranking manipulation (ie a mentor seeing another project doing good and
>> giving it on purpose a low score). The way we are doing it now, you don't
>> really know how others have voted."
>>
>> So we can't have a shared spreadsheet because we might see and be
>> influenced by what someone else voted, but we should all post our scores in
>> the comments so everyone can see what we voted/ranked. That's the very
>> definition of contradiction.
>>
>> I'm with Colm and Abbas, I already spent hours going through and ranking
>> everything. I'm not going back to comment or fill out a spreadsheet. I'm
>> really only interested in mentoring one or two people out of 88 anyway. If
>> I'm excluded as a mentor because the rules changed after I did the work I
>> can live with that. Melange already includes averages, if those are skewed
>> ... well that sucks and we you should be pressuring Google to make changes
>> to the system for next year. (Or well if similar problems were experienced
>> last year [as seems to be the case/story] you probably already should have
>> put the pressure on and been out ahead of things this year [both with
>> Google and here with everyone].)
>>
>> Rick
>
>
--
You received this message because you are subscribed to the Google Groups
"OWASP GSOC Mentors" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to owasp-gsoc-mentors+unsubscribe at googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups
"OWASP GSOC Mentors" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to owasp-gsoc-mentors+unsubscribe at googlegroups.com.
For more options, visit https://groups.google.com/d/optout.



On Wed, Apr 1, 2015 at 1:12 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> A complete email thread from last years discussion:
>
> ---------- Forwarded message ----------
> From: Amr Thabet <amr.thabet at owasp.org>
> Date: Thu, Mar 27, 2014 at 6:00 AM
> Subject: Re: Public Apology + Strategy
> To: psiinon <psiinon at gmail.com>
> Cc: owasp-gsoc-mentors at googlegroups.com, Abraham Aranguren <
> abraham.aranguren at owasp.org>
>
>
> Yes .. I totally agree with you
> On Mar 27, 2014 12:05 PM, "psiinon" <psiinon at gmail.com> wrote:
>
> I agree - I made a similar point on another thread.
> The rankings are very important, but should not be the only criteria we
> use.
>
> I agree that all participating projects should get one slot, if they have
> a good enough proposal (each project leader should decide this).
>
> After that I think the main factors involved are:
>
>    - The ranking everyone gives
>    - The ranking the project leader gives
>    - The number of mentors available to mentor each project
>    - How active the project is
>    - How well it can cope with an influx of contributors
>    - The importance to OWASP (ie what does OWASP as an org want to get
>    out of this)
>
> Personally I dont think it would be sensible for one project to take all
> of the slots after the 'one/project' slots are taken, even if that project
> was ZAP.
>
> I would also advise project leaders _not_ to take on students that they
> dont think will have a good chance of being successful - a poor student who
> needs a lot of mentoring could actually damage your project, either with
> their poor code or with the mentors time that they essentially waste.
>
> We need some balance, but thats difficult for us project leaders to decide
> on.
>
> Not quite sure how we should handle this, but my suggestion is that we see
> what projects _would_ be selected if we just went by overall ranking, then
> start arguing our cases.
>
> The final decision(s) should be made by individuals who dont have projects
> that will end up with slots.
>
> Cheers,
>
> Simon
>
>
> On Thu, Mar 27, 2014 at 8:14 AM, Amr Thabet <amr.thabet at owasp.org> wrote:
>
>> For me .. I see the way to choose the proposals/slots and the ranking
>> mechanism is wrong.
>>
>> It doesn't give a chance for every project and creates a competition
>> between the mentors in the same organization
>>
>> Also, if some mentors doesn't understand your project .. they will rank
>> your proposals to 1 even the proposal is the best .. because they simply
>> don't understand your project.
>>
>> Another point, some projects takes many slots because of many mentors to
>> rank (or they decrease the others with rank 1, some of them not all) and
>> others takes 0 slots .. which is not fair .. even if they take many good
>> ranks
>>
>> Simply what I want to say, proposals ranking is dependent on the project
>> and who only understand the project ... and it's not fair to make anyone
>> rank it because it will not be fair mostly
>>
>> With these reasons, I stopped joining owasp gsoc mentors
>>
>> That's my point of view
>>
>> Thanks
>>
>> Amr
>> On Mar 26, 2014 5:48 PM, "Abraham Aranguren" <abraham.aranguren at owasp.org>
>> wrote:
>>
>>> Hi folks,
>>>
>>> As per my private comments, I'd like to apologise once again -because
>>> it's never enough! ;)- here:
>>>
>>> I would like to publicly apologise to: Johanna, Colm, Simon and every
>>> other OWASP mentor who might have been offended by my previous comments,
>>> I was too stressed and did not watch my language, please ignore those
>>> comments and please forgive me.
>>>
>>> When I see someone down-ranking one of our top guys with a "1", I hope
>>> you understand that I am a bit upset (please only use "1" or "2" for
>>> "spammy" or "very weak" proposals respectively), whoever you are, you
>>> are fighting the wrong fight, look @ my strategy below, let's fight
>>> together not against each other please!
>>>
>>> re Strategy:
>>>
>>> Google allocates 1 slot for every 2 mentors. Given that we have 88
>>> proposals, *mentors* is our next cap for slots, our limit is *44* slots
>>> if
>>> we had 88 OWASP mentors registered (44!!!). I am told we have 50 mentors
>>> registered, keep them coming! (that is 25 slots!)
>>> If you are a project leader this year, I would like to encourage you to
>>> focus on getting more mentors (constructive) instead of down-ranking
>>> good proposals from the "competition" (destructive), so that you cover
>>> the MAX slots you could possibly handle in your project. This will
>>> ensure all OWASP projects have a chance!
>>>
>>> What I have done about it:
>>> OWTF has 30 confirmed mentors so far, this means that, OWTF has
>>> *created* 15 OWASP slots, which is 7 *more* than the MAX OWTF could
>>> possibly handle (8, and we are not sure about 1 of those yet :P).
>>> In other words: OWTF has created 7 slots for *other* OWASP projects.
>>>
>>> I have killed myself to achieve this, and I hope OWTF is not viewed as:
>>> "the nasty OWASP project that takes all slots and leaves other OWASP
>>> projects with nothing"
>>> but as:
>>> "the OWASP project that worked hard to generously create slots for
>>> *other* OWASP projects, in addition to covering its own MAX slots
>>> possible"
>>>
>>> We took 5 out of 11 OWASP slots last year (1 student was lost in the
>>> de-dup process later), this kicked other OWASP projects out of "slot
>>> range" and I understand some OWASP mentors might view us as a threat
>>> this year because of that.
>>> Now please, this year is different, we are creating slots for
>>> *ourselves* + *other* OWASP projects
>>>
>>> All OWASP projects deserve a chance, but all GSoC candidates that fought
>>> their proposals with passion deserve a chance too, with enough slots,
>>> all OWASP projects AND amazing GSoC candidates can be happy, please
>>> fight the
>>> right fight and get more mentors for your project.
>>>
>>> Thank you everybody,
>>>
>>> Abe
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "OWASP GSOC Mentors" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to owasp-gsoc-mentors+unsubscribe at googlegroups.com.
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "OWASP GSOC Mentors" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to owasp-gsoc-mentors+unsubscribe at googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> On Wed, Apr 1, 2015 at 1:02 PM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
>> Another clarification
>> I mean "email threads" (not *threats *lol)
>>
>> >Regarding mentors that have expressed their dissatisfaction: I have
>> heard this a lot of times. Can you be more specific? Do you mean those
>> leaders that were found (and actually admitted) behaving unethically
>> by trying to manipulate the scoring process?
>>
>> Yes I'm unsatisfied as those mentors including the ones that behaved
>> badly.Other mentors that did not behave badly were not satisfied.
>>
>>  I do not excuse their behavior but they did it because they saw that the
>> system was not being fair.
>> First of all there were no clear criteria and worst of all, conflict of
>> interests.
>>
>> here some of my reasons which I find the selection procedure was not fair:
>>
>>    - Fabio decided to make you the leader instead of consulting who
>>    should join the admins, and you were a mentor of Hackademics at the time
>>    - The criteria to choose the slots was unclear,  and multiple discussions
>>    regarding what was fair or not went on the discussion groups==> see emails
>>    - In Gsoc 2013 The voting process was not transparent since you could
>>    not see who voted and the scored provided in the Melange system
>>
>>
>> We need to act more democratically, when creating criteria, we should
>> also put these decisions to a vote instead of taking decisions without
>> consulting with the entire team
>>
>> I suggest if you want to know how satisfy or not leaders were regarding
>> the past Gsoc, to set a Poll and you will see their reactions
>>
>> Here some emails of the discussions, I also fwd the entire email thread
>> to the Board members because for some mysterious reason the emails are not
>> found anymore in the mailing list
>> Here was an email from Abraham Aranguren regarding this issues:
>>
>> ---------- Forwarded message ----------
>> From: Abraham Aranguren <abraham.aranguren at owasp.org>
>> Date: Wed, Mar 26, 2014 at 10:48 AM
>> Subject: Public Apology + Strategy
>> To: "owasp-gsoc-mentors at googlegroups.com" <
>> owasp-gsoc-mentors at googlegroups.com>
>>
>>
>> Hi folks,
>>
>> As per my private comments, I'd like to apologise once again -because
>> it's never enough! ;)- here:
>>
>> I would like to publicly apologise to: Johanna, Colm, Simon and every
>> other OWASP mentor who might have been offended by my previous comments,
>> I was too stressed and did not watch my language, please ignore those
>> comments and please forgive me.
>>
>> When I see someone down-ranking one of our top guys with a "1", I hope
>> you understand that I am a bit upset (please only use "1" or "2" for
>> "spammy" or "very weak" proposals respectively), whoever you are, you
>> are fighting the wrong fight, look @ my strategy below, let's fight
>> together not against each other please!
>>
>> re Strategy:
>>
>> Google allocates 1 slot for every 2 mentors. Given that we have 88
>> proposals, *mentors* is our next cap for slots, our limit is *44* slots if
>> we had 88 OWASP mentors registered (44!!!). I am told we have 50 mentors
>> registered, keep them coming! (that is 25 slots!)
>> If you are a project leader this year, I would like to encourage you to
>> focus on getting more mentors (constructive) instead of down-ranking
>> good proposals from the "competition" (destructive), so that you cover
>> the MAX slots you could possibly handle in your project. This will
>> ensure all OWASP projects have a chance!
>>
>> What I have done about it:
>> OWTF has 30 confirmed mentors so far, this means that, OWTF has
>> *created* 15 OWASP slots, which is 7 *more* than the MAX OWTF could
>> possibly handle (8, and we are not sure about 1 of those yet :P).
>> In other words: OWTF has created 7 slots for *other* OWASP projects.
>>
>> I have killed myself to achieve this, and I hope OWTF is not viewed as:
>> "the nasty OWASP project that takes all slots and leaves other OWASP
>> projects with nothing"
>> but as:
>> "the OWASP project that worked hard to generously create slots for
>> *other* OWASP projects, in addition to covering its own MAX slots
>> possible"
>>
>> We took 5 out of 11 OWASP slots last year (1 student was lost in the
>> de-dup process later), this kicked other OWASP projects out of "slot
>> range" and I understand some OWASP mentors might view us as a threat
>> this year because of that.
>> Now please, this year is different, we are creating slots for
>> *ourselves* + *other* OWASP projects
>>
>> All OWASP projects deserve a chance, but all GSoC candidates that fought
>> their proposals with passion deserve a chance too, with enough slots,
>> all OWASP projects AND amazing GSoC candidates can be happy, please fight
>> the
>> right fight and get more mentors for your project.
>>
>> Thank you everybody,
>>
>> Abe
>>
>>
>> On Mar 27, 2014 12:05 PM, "psiinon" <psiinon at gmail.com> wrote:
>>
>> I agree - I made a similar point on another thread.
>> The rankings are very important, but should not be the only criteria we
>> use.
>>
>> I agree that all participating projects should get one slot, if they have
>> a good enough proposal (each project leader should decide this).
>>
>> After that I think the main factors involved are:
>>
>>    - The ranking everyone gives
>>    - The ranking the project leader gives
>>    - The number of mentors available to mentor each project
>>    - How active the project is
>>    - How well it can cope with an influx of contributors
>>    - The importance to OWASP (ie what does OWASP as an org want to get
>>    out of this)
>>
>> Personally I dont think it would be sensible for one project to take all
>> of the slots after the 'one/project' slots are taken, even if that project
>> was ZAP.
>>
>> I would also advise project leaders _not_ to take on students that they
>> dont think will have a good chance of being successful - a poor student who
>> needs a lot of mentoring could actually damage your project, either with
>> their poor code or with the mentors time that they essentially waste.
>>
>> We need some balance, but thats difficult for us project leaders to
>> decide on.
>>
>> Not quite sure how we should handle this, but my suggestion is that we
>> see what projects _would_ be selected if we just went by overall ranking,
>> then start arguing our cases.
>>
>> The final decision(s) should be made by individuals who dont have
>> projects that will end up with slots.
>>
>> Cheers,
>>
>> Simon
>>
>>
>> On Wed, Apr 1, 2015 at 11:41 AM, Fabio Cerullo <fcerullo at owasp.org>
>> wrote:
>>
>>> Noreen,
>>>
>>> The Google Summer of Code FAQ provides clear guidance regarding the
>>> students requirements:
>>>
>>> *How does a student apply? *
>>> https://www.google-melange.com/gsoc/document/show/gsoc_program/google/gsoc2015/help_page#4._How_does_a_student_apply
>>>
>>> *Student participation agreement:*
>>> http://www.google-melange.com/gsoc/document/show/gsoc_program/google/gsoc2015/student_agreement
>>>
>>> *Proof of enrolment:*
>>> http://www.google-melange.com/gsoc/document/show/gsoc_program/google/gsoc2015/proofofenrollment
>>>
>>> I propose we create a program called OWASP Summer Code Sprint (OSCS)
>>> that follows to certain extent the Google Summer of Code rules.
>>>
>>> In my opinion, the structure should look as follows:
>>>
>>> - Organisation team: volunteers who will run with operational/logistical
>>> stuff (e.g. setting up the wiki, follow up mentors, etc)
>>> - Mentors team: project leaders/volunteers who will be working with
>>> selected students and evaluating their proposals.
>>>
>>> No volunteer should be on the two teams to avoid the conflict of
>>> interest some of you mentioned.
>>>
>>> And the steps to be carried out are:
>>>
>>> 1) Call out to project leaders to submit OSCS Ideas - This already
>>> happened and we could use GSOC 2015 Ideas wiki page as template.
>>>
>>> https://www.owasp.org/index.php/GSoC2015_Ideas
>>>
>>> 2) Call for proposals from students. The students will look at the OSCS
>>> Ideas page and submit their own solutions on how to help a particular
>>> project.
>>>
>>> >> We need to establish a timeframe and a platform to receive the
>>> proposals. We could use Google Forms in a similar way as Winter Code Sprint.
>>>
>>> 3) Review proposals sent by students. I think this is the ‘conflicting'
>>> area about the scoring and to my view is easily addressable.
>>>
>>> The ‘Mentors team’ will review/score the proposals and select the best
>>> ones with an oversight from the ‘Organisation Team’.
>>>
>>> If there are any wrongdoings, these should be addressed by the
>>> Organisation Team + OWASP Staff.
>>>
>>> 4) We could have mid-term and full-term student evaluations where
>>> partial payments are made.
>>>
>>> If we want to make this happen, we need to set up a calendar of
>>> activities, responsibilities, etc.
>>>
>>> Regards,
>>>
>>> Fabio Cerullo
>>> Global Board Member
>>> OWASP Foundation
>>> https://www.owasp.org
>>>
>>> On 1 Apr 2015, at 15:27, Noreen Whysel <noreen.whysel at owasp.org> wrote:
>>>
>>> All, In US law, older workers is a protected class. I would not use age
>>> as a proxy for student status, because as a US entity it sets up OWASP for
>>> a lawsuit. We can make the requirement full time, undergraduate, student
>>> status, but it doesn't guarantee youth or financial need. If a 50 year old
>>> applies and meets the requirements, in the US you can't discriminate.
>>>
>>> Johanna, I am sorry you received threats on the mailing list. Is it
>>> something that was/should be investigated?
>>>
>>> Konstantinos is, Regarding keeping it "GSoC," we were not selected this
>>> year so we need to change the name if we do a similar program.
>>>
>>> Noreen Whysel
>>> Community Manager
>>> OWASP Foundation
>>>
>>> On Apr 1, 2015, at 9:34 AM, johanna curiel curiel <
>>> johanna.curiel at owasp.org> wrote:
>>>
>>> Its about setting rules and I based the information regarding Gsoc based
>>> on the many threats I read in the mailing list and based on discussions
>>> when I was at Google. I'm 40 years old and I do understand the situation
>>> regarding age, but I already clarified my point.
>>>
>>> Many project leaders have mentioned their dissatisfaction regarding how
>>> the program Gsoc at OWASp has been run , the rules/criteria are just *an
>>> example* are only a way to put some neutrality and order, I'm not
>>> saying this *must *be this way or another
>>>
>>> And btw I do not want to participate in this initiative. So please
>>> consider me out of it and run it as you want it.
>>>
>>> regards
>>>
>>> Johanna
>>>
>>> On Wed, Apr 1, 2015 at 9:28 AM, Konstantinos Papapanagiotou <
>>> Konstantinos at owasp.org> wrote:
>>>
>>>> Johanna,
>>>>
>>>> We already have a similar very successful program we are running for a
>>>> few years now (GSOC) and a few initiatives like the code sprint. I don't
>>>> understand why we need to reinvent the wheel here. Project leaders will
>>>> propose the best candidates and the selection committee just oversees the
>>>> process.
>>>>
>>>> In any case I would strongly suggest that you choose your wording more
>>>> carefully as in some cases you are creating the wrong impressions.
>>>>
>>>> For example, Google never calls or e-mails universities to check
>>>> student status. It even rarely asks for something more than a simple
>>>> statement from the students.
>>>>
>>>> GSOC does not have a a_huge_ amount of deserting students. Where do you
>>>> get this information from? Google has approx. 150 mentoring organizations
>>>> every year and hundreds of students. Yes, some of them disappear over time
>>>> but they are a small minority. Do you really think that they would still be
>>>> running GSOC if they had a huge number of students that disappeared?
>>>>
>>>> I'll also have to disagree with a few of your thoughts. I am older than
>>>> 35 and I am actually consider joining another postgraduate program. Why am
>>>> I suspicious?
>>>> Why do all projects need to have the same amount of slots? Project A
>>>> might only get only 1 solid proposal. Project B might get 3 excellent
>>>> ideas. Why not give Project B 3 slots and Project A 1 slot? Contribution is
>>>> important but should not be mandatory. Last but not least every mentor
>>>> should be responsible for supervising his/her student and making sure that
>>>> progress is made. Having a formal wiki/blog or similar to formally report
>>>> progress on a weekly basis just adds up on the workload without providing
>>>> any real and valuable feedback.
>>>>
>>>> Let me get back to what I originally said: we are already running this
>>>> for GSOC every year. Why do we need to reinvent this now that we only want
>>>> to run it on a much smaller scale?
>>>>
>>>> Kostas
>>>>
>>>> On Wed, Apr 1, 2015 at 3:10 PM, johanna curiel curiel <
>>>> johanna.curiel at owasp.org> wrote:
>>>>
>>>>> Hi Fabio
>>>>>
>>>>> I think we need to separate the roles. All volunteers are welcome but
>>>>> they should not be mentors
>>>>> Example: If I'm a mentor I cannot be in the selection committee.
>>>>>
>>>>> I agree that the selection committee cannot select the best candidates
>>>>> for project leaders, therefore I propose that the pre-selection of
>>>>> candidates is done by the mentors/project leaders
>>>>>
>>>>> The selection committee evaluates the candidates that the project
>>>>> leaders/mentors have chosen for the project
>>>>> Project leaders/mentors must evaluate based on a criteria that the
>>>>> selection committee has prepared, for example:
>>>>>
>>>>>    - Age of the candidate (candidates older than 35 are suspicious
>>>>>    ;-))
>>>>>    - Which university/ study year attending
>>>>>    - A proof of attendance on that university and we need to confirm
>>>>>    this is true (Google does this)(someone must call the universities/get an
>>>>>    email)
>>>>>    - Proposal must be completely filled in to qualify
>>>>>    - A clear statement and motivation why is he/she  the best
>>>>>    candidate
>>>>>    - All projects should have the same amount of slots (1 or 2)
>>>>>    - History of the candidate: is he/she a contributor or is this the
>>>>>    first time? if the student is already a contributor, he/she gets a plus
>>>>>    point
>>>>>    - A short CV experience of the candidate with the
>>>>>    technology/programming language to be used
>>>>>    - All project leaders and students must have a blog/wiki reporting
>>>>>    their weekly progress, so the committee can check how is everyone doing
>>>>>    - Most important of all: In order to qualify the student must
>>>>>    commit a small contribution. This will help filter the students that are
>>>>>    serious.(like the Outreach Program for women)
>>>>>
>>>>> As you also know, Gsoc has a huge amount of deserting students or
>>>>> students with double jobs. This is a situation we do not want to have, so
>>>>> anything that sets the bar high will help to filter serious students from
>>>>> phoney ones
>>>>>
>>>>>
>>>>> Regards
>>>>>
>>>>> Johanna
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Wed, Apr 1, 2015 at 6:53 AM, Fabio Cerullo <fcerullo at owasp.org>
>>>>> wrote:
>>>>>
>>>>>> Johanna,
>>>>>>
>>>>>> I wanted to follow up regarding this initiative...
>>>>>>
>>>>>> Would you agree that other volunteers could also be part of the
>>>>>> project selection committee?
>>>>>>
>>>>>> I would welcome an open & transparent process where anyone is able to
>>>>>> participate.
>>>>>>
>>>>>> I think is specially important for project leaders to be part of the
>>>>>> student selection process, because they know their project needs.
>>>>>>
>>>>>> If there are any deviations or misconduct from any of its members,
>>>>>> then the committee could rapidly take corrective actions.
>>>>>>
>>>>>> A good starting point for looking at potential participating projects
>>>>>> is below:
>>>>>>
>>>>>> https://www.owasp.org/index.php/GSoC2015_Ideas
>>>>>>
>>>>>> We need to probably rebrand it to OWASP Summer Code Sprint (in
>>>>>> alignment with OWASP Winter Code Sprint run later in the year).
>>>>>>
>>>>>> For info: https://www.owasp.org/index.php/Winter_Code_Sprint
>>>>>>
>>>>>> The main difference is that we will pay students during Summer Code
>>>>>> Sprint.. I’m suggesting USD 3K per student up to a max of 10 slots (30K).
>>>>>>
>>>>>> Please let me know your thoughts.
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Fabio Cerullo
>>>>>> Global Board Member
>>>>>> OWASP Foundation
>>>>>> https://www.owasp.org
>>>>>>
>>>>>> On 5 Mar 2015, at 20:08, johanna curiel curiel <
>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>
>>>>>> Josh
>>>>>>
>>>>>> I would like very much to help during this process but it is clear
>>>>>> that if I do this (and in order to avoid any conflict of interest)
>>>>>>
>>>>>>    - I will not mentor any projects (in the past I was a mentor for
>>>>>>    ZAP, WebgoatPHP, OWTF)
>>>>>>    - Help create a selection criteria based on the project health
>>>>>>    criteria review
>>>>>>    - Have a strong selection criteria for students similar to Gsoc
>>>>>>    and make sure projects follow up these guidelines
>>>>>>    - Communicate this clearly so tehre are no misunderstandings
>>>>>>
>>>>>> I have added Timo who is also helpinbg us with the project reviews
>>>>>> and have developer experience that can help us asses projects
>>>>>>
>>>>>> regards
>>>>>>
>>>>>> Johanna
>>>>>>
>>>>>> On Thu, Mar 5, 2015 at 3:51 PM, Josh Sokol <josh.sokol at owasp.org>
>>>>>> wrote:
>>>>>>
>>>>>>> I didn't participate in past GSoC at any level and really don't feel
>>>>>>> particularly qualified to assemble this program.  It would require way more
>>>>>>> research than my time currently allows.  My stipulations for support were
>>>>>>> stated in my earlier e-mail:
>>>>>>>
>>>>>>>    - Have a pre-defined scope for the opportunity with specific
>>>>>>>    milestones required
>>>>>>>    - Have a pre-defined award for completing the opportunity
>>>>>>>    - Publicly publish any and all opportunities so that anyone can
>>>>>>>    express an interest in them
>>>>>>>    - Have a formal selection process with ideally a committee of
>>>>>>>    leaders making the selections
>>>>>>>    - Those involved in the selection process cannot also submit
>>>>>>>    - Those involved in the selection process are also responsible
>>>>>>>    for assessing completion
>>>>>>>    - All work produced is provided under the same open source
>>>>>>>    license as the project
>>>>>>>
>>>>>>> As long as a proposal (from whoever doesn't really matter) adheres
>>>>>>> to these, then I feel that I can put my support behind it.
>>>>>>>
>>>>>>> ~josh
>>>>>>>
>>>>>>> On Wed, Mar 4, 2015 at 9:21 AM, Tobias <tobias.gondrom at owasp.org>
>>>>>>> wrote:
>>>>>>>
>>>>>>>>  In principle, I like the idea, because I can see how it helps
>>>>>>>> inspire students work in the security field.
>>>>>>>>
>>>>>>>> For the amount: I think we could choose any amount and number of
>>>>>>>> projects that would seem meaningful and affordable. E.g. we could also
>>>>>>>> scale back to 5 projects or what we feel makes sense. GSoC did not start
>>>>>>>> with 10 projects at the beginning.
>>>>>>>>
>>>>>>>> Small thing: our pockets are not as deep as Google's, so I am a bit
>>>>>>>> more cautious on what we get in return for this investment.
>>>>>>>>
>>>>>>>> Would maybe Fabio, Josh and someone else like to call together and
>>>>>>>> hash out differences for a proposal to the board?
>>>>>>>>
>>>>>>>> Cheers, Tobias
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 04/03/15 03:49, Fabio Cerullo wrote:
>>>>>>>>
>>>>>>>> Dear all,
>>>>>>>>
>>>>>>>>  As you probably know by now, we have not been accepted to Google
>>>>>>>> Summer of Code this year.
>>>>>>>>
>>>>>>>>  Usually, this is a major push for projects during the year as
>>>>>>>> experienced by ZAP, OWTF, Appsensor, Hackademics, Seraphimdroid, etc. For a
>>>>>>>> full list of ideas in 2015 please check the following URL:
>>>>>>>>
>>>>>>>>  https://www.owasp.org/index.php/GSoC2015_Ideas
>>>>>>>>
>>>>>>>>  In order to keep the momentum going and progress those projects,
>>>>>>>> I would like to request an extraordinary budget allocation of 30K USD to
>>>>>>>> cover up to 10 student slots at 3K each. Usually Google pays 5500 USD per
>>>>>>>> student during GSOC. We will use the same structure as previous years with
>>>>>>>> Kostas/me as org admins, the project leaders who usually participate in
>>>>>>>> GSOC (Core team) will pick the best student submissions and then a group of
>>>>>>>> dedicated OWASP volunteers who every year act as mentors for the students.
>>>>>>>> We could establish a mid-term and full term evaluation where if a student
>>>>>>>> is failed mid-term he/she will only receive half the funds (1500 USD). If
>>>>>>>> the student is approved full term, he/she receives the full amount (3000
>>>>>>>> USD).
>>>>>>>>
>>>>>>>>  I understand this is a non-planned expenditure, but considering
>>>>>>>> the importance of GSOC in the last couple of years to progress OWASP coding
>>>>>>>> projects, I think is imperative to take some action considering the current
>>>>>>>> scenario.
>>>>>>>>
>>>>>>>>  If you have any questions, please let us know.
>>>>>>>>
>>>>>>>>  Thanks
>>>>>>>> Fabio
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Owasp-board mailing list
>>>>>>>> Owasp-board at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Owasp-board mailing list
>>>>>>> Owasp-board at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>
>>>>>>>
>>>>>> _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>>
>>
>> On Wed, Apr 1, 2015 at 11:41 AM, Fabio Cerullo <fcerullo at owasp.org>
>> wrote:
>>
>>> Noreen,
>>>
>>> The Google Summer of Code FAQ provides clear guidance regarding the
>>> students requirements:
>>>
>>> *How does a student apply? *
>>> https://www.google-melange.com/gsoc/document/show/gsoc_program/google/gsoc2015/help_page#4._How_does_a_student_apply
>>>
>>> *Student participation agreement:*
>>> http://www.google-melange.com/gsoc/document/show/gsoc_program/google/gsoc2015/student_agreement
>>>
>>> *Proof of enrolment:*
>>> http://www.google-melange.com/gsoc/document/show/gsoc_program/google/gsoc2015/proofofenrollment
>>>
>>> I propose we create a program called OWASP Summer Code Sprint (OSCS)
>>> that follows to certain extent the Google Summer of Code rules.
>>>
>>> In my opinion, the structure should look as follows:
>>>
>>> - Organisation team: volunteers who will run with operational/logistical
>>> stuff (e.g. setting up the wiki, follow up mentors, etc)
>>> - Mentors team: project leaders/volunteers who will be working with
>>> selected students and evaluating their proposals.
>>>
>>> No volunteer should be on the two teams to avoid the conflict of
>>> interest some of you mentioned.
>>>
>>> And the steps to be carried out are:
>>>
>>> 1) Call out to project leaders to submit OSCS Ideas - This already
>>> happened and we could use GSOC 2015 Ideas wiki page as template.
>>>
>>> https://www.owasp.org/index.php/GSoC2015_Ideas
>>>
>>> 2) Call for proposals from students. The students will look at the OSCS
>>> Ideas page and submit their own solutions on how to help a particular
>>> project.
>>>
>>> >> We need to establish a timeframe and a platform to receive the
>>> proposals. We could use Google Forms in a similar way as Winter Code Sprint.
>>>
>>> 3) Review proposals sent by students. I think this is the ‘conflicting'
>>> area about the scoring and to my view is easily addressable.
>>>
>>> The ‘Mentors team’ will review/score the proposals and select the best
>>> ones with an oversight from the ‘Organisation Team’.
>>>
>>> If there are any wrongdoings, these should be addressed by the
>>> Organisation Team + OWASP Staff.
>>>
>>> 4) We could have mid-term and full-term student evaluations where
>>> partial payments are made.
>>>
>>> If we want to make this happen, we need to set up a calendar of
>>> activities, responsibilities, etc.
>>>
>>> Regards,
>>>
>>> Fabio Cerullo
>>> Global Board Member
>>> OWASP Foundation
>>> https://www.owasp.org
>>>
>>> On 1 Apr 2015, at 15:27, Noreen Whysel <noreen.whysel at owasp.org> wrote:
>>>
>>> All, In US law, older workers is a protected class. I would not use age
>>> as a proxy for student status, because as a US entity it sets up OWASP for
>>> a lawsuit. We can make the requirement full time, undergraduate, student
>>> status, but it doesn't guarantee youth or financial need. If a 50 year old
>>> applies and meets the requirements, in the US you can't discriminate.
>>>
>>> Johanna, I am sorry you received threats on the mailing list. Is it
>>> something that was/should be investigated?
>>>
>>> Konstantinos is, Regarding keeping it "GSoC," we were not selected this
>>> year so we need to change the name if we do a similar program.
>>>
>>> Noreen Whysel
>>> Community Manager
>>> OWASP Foundation
>>>
>>> On Apr 1, 2015, at 9:34 AM, johanna curiel curiel <
>>> johanna.curiel at owasp.org> wrote:
>>>
>>> Its about setting rules and I based the information regarding Gsoc based
>>> on the many threats I read in the mailing list and based on discussions
>>> when I was at Google. I'm 40 years old and I do understand the situation
>>> regarding age, but I already clarified my point.
>>>
>>> Many project leaders have mentioned their dissatisfaction regarding how
>>> the program Gsoc at OWASp has been run , the rules/criteria are just *an
>>> example* are only a way to put some neutrality and order, I'm not
>>> saying this *must *be this way or another
>>>
>>> And btw I do not want to participate in this initiative. So please
>>> consider me out of it and run it as you want it.
>>>
>>> regards
>>>
>>> Johanna
>>>
>>> On Wed, Apr 1, 2015 at 9:28 AM, Konstantinos Papapanagiotou <
>>> Konstantinos at owasp.org> wrote:
>>>
>>>> Johanna,
>>>>
>>>> We already have a similar very successful program we are running for a
>>>> few years now (GSOC) and a few initiatives like the code sprint. I don't
>>>> understand why we need to reinvent the wheel here. Project leaders will
>>>> propose the best candidates and the selection committee just oversees the
>>>> process.
>>>>
>>>> In any case I would strongly suggest that you choose your wording more
>>>> carefully as in some cases you are creating the wrong impressions.
>>>>
>>>> For example, Google never calls or e-mails universities to check
>>>> student status. It even rarely asks for something more than a simple
>>>> statement from the students.
>>>>
>>>> GSOC does not have a a_huge_ amount of deserting students. Where do you
>>>> get this information from? Google has approx. 150 mentoring organizations
>>>> every year and hundreds of students. Yes, some of them disappear over time
>>>> but they are a small minority. Do you really think that they would still be
>>>> running GSOC if they had a huge number of students that disappeared?
>>>>
>>>> I'll also have to disagree with a few of your thoughts. I am older than
>>>> 35 and I am actually consider joining another postgraduate program. Why am
>>>> I suspicious?
>>>> Why do all projects need to have the same amount of slots? Project A
>>>> might only get only 1 solid proposal. Project B might get 3 excellent
>>>> ideas. Why not give Project B 3 slots and Project A 1 slot? Contribution is
>>>> important but should not be mandatory. Last but not least every mentor
>>>> should be responsible for supervising his/her student and making sure that
>>>> progress is made. Having a formal wiki/blog or similar to formally report
>>>> progress on a weekly basis just adds up on the workload without providing
>>>> any real and valuable feedback.
>>>>
>>>> Let me get back to what I originally said: we are already running this
>>>> for GSOC every year. Why do we need to reinvent this now that we only want
>>>> to run it on a much smaller scale?
>>>>
>>>> Kostas
>>>>
>>>> On Wed, Apr 1, 2015 at 3:10 PM, johanna curiel curiel <
>>>> johanna.curiel at owasp.org> wrote:
>>>>
>>>>> Hi Fabio
>>>>>
>>>>> I think we need to separate the roles. All volunteers are welcome but
>>>>> they should not be mentors
>>>>> Example: If I'm a mentor I cannot be in the selection committee.
>>>>>
>>>>> I agree that the selection committee cannot select the best candidates
>>>>> for project leaders, therefore I propose that the pre-selection of
>>>>> candidates is done by the mentors/project leaders
>>>>>
>>>>> The selection committee evaluates the candidates that the project
>>>>> leaders/mentors have chosen for the project
>>>>> Project leaders/mentors must evaluate based on a criteria that the
>>>>> selection committee has prepared, for example:
>>>>>
>>>>>    - Age of the candidate (candidates older than 35 are suspicious
>>>>>    ;-))
>>>>>    - Which university/ study year attending
>>>>>    - A proof of attendance on that university and we need to confirm
>>>>>    this is true (Google does this)(someone must call the universities/get an
>>>>>    email)
>>>>>    - Proposal must be completely filled in to qualify
>>>>>    - A clear statement and motivation why is he/she  the best
>>>>>    candidate
>>>>>    - All projects should have the same amount of slots (1 or 2)
>>>>>    - History of the candidate: is he/she a contributor or is this the
>>>>>    first time? if the student is already a contributor, he/she gets a plus
>>>>>    point
>>>>>    - A short CV experience of the candidate with the
>>>>>    technology/programming language to be used
>>>>>    - All project leaders and students must have a blog/wiki reporting
>>>>>    their weekly progress, so the committee can check how is everyone doing
>>>>>    - Most important of all: In order to qualify the student must
>>>>>    commit a small contribution. This will help filter the students that are
>>>>>    serious.(like the Outreach Program for women)
>>>>>
>>>>> As you also know, Gsoc has a huge amount of deserting students or
>>>>> students with double jobs. This is a situation we do not want to have, so
>>>>> anything that sets the bar high will help to filter serious students from
>>>>> phoney ones
>>>>>
>>>>>
>>>>> Regards
>>>>>
>>>>> Johanna
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Wed, Apr 1, 2015 at 6:53 AM, Fabio Cerullo <fcerullo at owasp.org>
>>>>> wrote:
>>>>>
>>>>>> Johanna,
>>>>>>
>>>>>> I wanted to follow up regarding this initiative...
>>>>>>
>>>>>> Would you agree that other volunteers could also be part of the
>>>>>> project selection committee?
>>>>>>
>>>>>> I would welcome an open & transparent process where anyone is able to
>>>>>> participate.
>>>>>>
>>>>>> I think is specially important for project leaders to be part of the
>>>>>> student selection process, because they know their project needs.
>>>>>>
>>>>>> If there are any deviations or misconduct from any of its members,
>>>>>> then the committee could rapidly take corrective actions.
>>>>>>
>>>>>> A good starting point for looking at potential participating projects
>>>>>> is below:
>>>>>>
>>>>>> https://www.owasp.org/index.php/GSoC2015_Ideas
>>>>>>
>>>>>> We need to probably rebrand it to OWASP Summer Code Sprint (in
>>>>>> alignment with OWASP Winter Code Sprint run later in the year).
>>>>>>
>>>>>> For info: https://www.owasp.org/index.php/Winter_Code_Sprint
>>>>>>
>>>>>> The main difference is that we will pay students during Summer Code
>>>>>> Sprint.. I’m suggesting USD 3K per student up to a max of 10 slots (30K).
>>>>>>
>>>>>> Please let me know your thoughts.
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Fabio Cerullo
>>>>>> Global Board Member
>>>>>> OWASP Foundation
>>>>>> https://www.owasp.org
>>>>>>
>>>>>> On 5 Mar 2015, at 20:08, johanna curiel curiel <
>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>
>>>>>> Josh
>>>>>>
>>>>>> I would like very much to help during this process but it is clear
>>>>>> that if I do this (and in order to avoid any conflict of interest)
>>>>>>
>>>>>>    - I will not mentor any projects (in the past I was a mentor for
>>>>>>    ZAP, WebgoatPHP, OWTF)
>>>>>>    - Help create a selection criteria based on the project health
>>>>>>    criteria review
>>>>>>    - Have a strong selection criteria for students similar to Gsoc
>>>>>>    and make sure projects follow up these guidelines
>>>>>>    - Communicate this clearly so tehre are no misunderstandings
>>>>>>
>>>>>> I have added Timo who is also helpinbg us with the project reviews
>>>>>> and have developer experience that can help us asses projects
>>>>>>
>>>>>> regards
>>>>>>
>>>>>> Johanna
>>>>>>
>>>>>> On Thu, Mar 5, 2015 at 3:51 PM, Josh Sokol <josh.sokol at owasp.org>
>>>>>> wrote:
>>>>>>
>>>>>>> I didn't participate in past GSoC at any level and really don't feel
>>>>>>> particularly qualified to assemble this program.  It would require way more
>>>>>>> research than my time currently allows.  My stipulations for support were
>>>>>>> stated in my earlier e-mail:
>>>>>>>
>>>>>>>    - Have a pre-defined scope for the opportunity with specific
>>>>>>>    milestones required
>>>>>>>    - Have a pre-defined award for completing the opportunity
>>>>>>>    - Publicly publish any and all opportunities so that anyone can
>>>>>>>    express an interest in them
>>>>>>>    - Have a formal selection process with ideally a committee of
>>>>>>>    leaders making the selections
>>>>>>>    - Those involved in the selection process cannot also submit
>>>>>>>    - Those involved in the selection process are also responsible
>>>>>>>    for assessing completion
>>>>>>>    - All work produced is provided under the same open source
>>>>>>>    license as the project
>>>>>>>
>>>>>>> As long as a proposal (from whoever doesn't really matter) adheres
>>>>>>> to these, then I feel that I can put my support behind it.
>>>>>>>
>>>>>>> ~josh
>>>>>>>
>>>>>>> On Wed, Mar 4, 2015 at 9:21 AM, Tobias <tobias.gondrom at owasp.org>
>>>>>>> wrote:
>>>>>>>
>>>>>>>>  In principle, I like the idea, because I can see how it helps
>>>>>>>> inspire students work in the security field.
>>>>>>>>
>>>>>>>> For the amount: I think we could choose any amount and number of
>>>>>>>> projects that would seem meaningful and affordable. E.g. we could also
>>>>>>>> scale back to 5 projects or what we feel makes sense. GSoC did not start
>>>>>>>> with 10 projects at the beginning.
>>>>>>>>
>>>>>>>> Small thing: our pockets are not as deep as Google's, so I am a bit
>>>>>>>> more cautious on what we get in return for this investment.
>>>>>>>>
>>>>>>>> Would maybe Fabio, Josh and someone else like to call together and
>>>>>>>> hash out differences for a proposal to the board?
>>>>>>>>
>>>>>>>> Cheers, Tobias
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 04/03/15 03:49, Fabio Cerullo wrote:
>>>>>>>>
>>>>>>>> Dear all,
>>>>>>>>
>>>>>>>>  As you probably know by now, we have not been accepted to Google
>>>>>>>> Summer of Code this year.
>>>>>>>>
>>>>>>>>  Usually, this is a major push for projects during the year as
>>>>>>>> experienced by ZAP, OWTF, Appsensor, Hackademics, Seraphimdroid, etc. For a
>>>>>>>> full list of ideas in 2015 please check the following URL:
>>>>>>>>
>>>>>>>>  https://www.owasp.org/index.php/GSoC2015_Ideas
>>>>>>>>
>>>>>>>>  In order to keep the momentum going and progress those projects,
>>>>>>>> I would like to request an extraordinary budget allocation of 30K USD to
>>>>>>>> cover up to 10 student slots at 3K each. Usually Google pays 5500 USD per
>>>>>>>> student during GSOC. We will use the same structure as previous years with
>>>>>>>> Kostas/me as org admins, the project leaders who usually participate in
>>>>>>>> GSOC (Core team) will pick the best student submissions and then a group of
>>>>>>>> dedicated OWASP volunteers who every year act as mentors for the students.
>>>>>>>> We could establish a mid-term and full term evaluation where if a student
>>>>>>>> is failed mid-term he/she will only receive half the funds (1500 USD). If
>>>>>>>> the student is approved full term, he/she receives the full amount (3000
>>>>>>>> USD).
>>>>>>>>
>>>>>>>>  I understand this is a non-planned expenditure, but considering
>>>>>>>> the importance of GSOC in the last couple of years to progress OWASP coding
>>>>>>>> projects, I think is imperative to take some action considering the current
>>>>>>>> scenario.
>>>>>>>>
>>>>>>>>  If you have any questions, please let us know.
>>>>>>>>
>>>>>>>>  Thanks
>>>>>>>> Fabio
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Owasp-board mailing list
>>>>>>>> Owasp-board at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Owasp-board mailing list
>>>>>>> Owasp-board at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>
>>>>>>>
>>>>>> _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150401/ee04b287/attachment-0001.html>


More information about the Owasp-board mailing list