[Owasp-board] OWASP Summer of Code Sprint Proposal - to be discussed at board meeting on April-29

Tobias tobias.gondrom at owasp.org
Mon Apr 27 17:32:21 UTC 2015


thanks. I added the link to the board page.

@all: if there are other alternative proposals, please do add them to 
the Board page now. And post a quick message here, so people can read 
all documents before our meeting on April-29.

Thanks, Tobias

On 27/04/15 18:12, Konstantinos Papapanagiotou wrote:
> Tobias,
> We posted almost simultaneously.
> The updated proposal, including accepted feedback can be found here: 
> https://docs.google.com/document/d/1FTC-zh__i6ft6uyZRw4rZHxOA44U6T7i33r8RkN0AXk/edit?usp=sharing
> Thanks,
> Kostas
> On Mon, Apr 27, 2015 at 8:09 PM, Tobias <tobias.gondrom at owasp.org 
> <mailto:tobias.gondrom at owasp.org>> wrote:
>     Hi all,
>     it's been great seeing this extensive discussion and exchange of a
>     lot of ideas and comments on this topic. I can see that everyone
>     wants the best for OWASP, the challenge is to find a joint common
>     was forward. If possible, I would like to focus this discussion
>     and lead to the next steps.
>     So I added the topic to the next board meeting agenda on April 29
>     at 12:00-13:00 PST.
>     (Btw. all board meetings are open and public, so feel free to
>     listen in, there will also be a recording afterwards.)
>     https://owasp.org/index.php/OWASP_Board_Meetings#tab=Agenda_for_2015_Meetings
>     *Could maybe Fabio (or another volunteer) write up a consolidated
>     final proposal including the accepted feedback by Tuesday
>     April-28, so that we could possibly vote on it or discuss the
>     details / amend it on Wednesday April-29? **
>     *
>     Thanks, Tobias
>     Tobias Gondrom
>     Chairman OWASP Global Board
>     email: tobias.gondrom at owasp.org <mailto:tobias.gondrom at owasp.org>
>     mobile: +852 56002975 <tel:%2B852%2056002975>
>     mobile: +44 7521003005 <tel:%2B44%207521003005>
>     skype: tgondrom
>     twitter: @tgondrom
>     On 26/04/15 23:24, Kevin W. Wall wrote:
>>     On Sat, Apr 25, 2015 at 2:47 PM, Jim Manico<jim.manico at owasp.org>  <mailto:jim.manico at owasp.org>  wrote:
>>>     Another note is that if you look at all the projects this 250,000k$ funded
>>>     in 2008...
>>>     https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008
>>>     ...most are now dead projects.
>>>     We do good at getting projects started but do poorly in bringing these
>>>     projects to maturity.
>>     Unless this was a list of all the projects what actually received funds for
>>     the OWASP SoC 2008, I think this is an unfair characterization.
>>     Instead, I think it is likely that this list of projects at
>>     https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008
>>     was just a list complete list of projects at the time. I think it is doubtful
>>     that they all received funds, especially since there are two *inactive*
>>     projects on that list.
>>     Secondly, even if all of those projects received funds, almost 7 years
>>     have passed since that time. While you may think that projects have
>>     at OWASP have a lower success rate than than normal unfunded FOSS
>>     projects, I'm not sure that conjecture is true and am not willing to
>>     believe it based without some hard data to back it up. I suspect that
>>     if we looked at FOSS overall, OWASP is probably about average. I
>>     think it just seems worse because we are all more intimately aware of
>>     all the OWASP projects that seem to fall by the wayside but in general
>>     most failed FOSS projects go completely unnoticed by us.
>>     Not only that, but compare the success rate of OWASP projects
>>     to VC funded tech start ups and I'll bet that OWASP looks pretty
>>     good in comparison, especially if you take into account that the
>>     start-ups usually have full-time, paid staff while we are working
>>     almost exclusively using volunteer hours.
>>>     I really want us to make a big impact. I suggest we focus in on our flagship
>>>     and lab projects with big potential. I'd hate to fund dozens of projects
>>>     (again) that just die on the view a few years after getting funding.
>>     Having said all that, I am by no means endorsing spending $30k in
>>     funds without fully counting the costs and I just don't mean in money.
>>     2008 was before I got involved again with OWASP, but I'm guessing
>>     that time was spent to make it a success whatever <season> of code
>>     was run. I am just as much concerned that jumping into this in some
>>     hasty manner will have much more negative effects than just possibly
>>     not bring a significant ROI on the money decided to fund it.
>>     -kevin
>     _______________________________________________
>     Owasp-board mailing list
>     Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150427/06f15fbf/attachment-0001.html>

More information about the Owasp-board mailing list