[Owasp-board] For Discussion - Hourly contractor for wiki housekeeping

Jim Manico jim.manico at owasp.org
Tue Aug 11 23:14:37 UTC 2015


It's there already. Kelly put it up there yesterday.

Aloha,
Jim

On 8/11/15 8:16 AM, Tobias wrote:
> Hi Michael, et al.
>
> just like to remind: if you like to make a proposal for this, our 
> board meeting is coming up.
> Please add this to the agenda page.
> https://owasp.org/index.php/August_12,_2015
>
> Thanks, Tobias
>
>
> On 11/08/15 04:58, Jim Manico wrote:
>> The current editing team includes a few from Germany and a few from 
>> the US.
>>
>> I am free the next 2 weeks from noon-? Pacific time. I would be super 
>> stoked if you help set this up - I'll be there ready to deliver a 
>> good pretension on the topic. Cool?
>>
>> Aloha,
>> Jim
>>
>>
>> On 8/10/15 10:57 AM, Noreen Whysel wrote:
>>> When is a good time for you for a wiki editing hangout? Do we have a 
>>> sense of where people on the current editing team live?
>>>
>>> Noreen Whysel
>>> Community Manager
>>> OWASP Foundation
>>>
>>> On Mon, Aug 10, 2015 at 4:52 PM, Jim Manico <jim.manico at owasp.org 
>>> <mailto:jim.manico at owasp.org>> wrote:
>>>
>>>     > Do you all think we should have an open call scheduled for
>>>     people intrested in the wiki editing team (and refresher for
>>>     those already on it) to walk them through how to edit the wiki
>>>     and the FIXME process?
>>>
>>>     Please, I should have been doing more of this the past few
>>>     months - I'll take any help to spread awareness of the wiki
>>>     editor team. Thanks!
>>>
>>>     > I am also planning to add a session on wiki editing to the
>>>     Chapter Leaders Workshop.
>>>
>>>     I'm a wiki ninja, I'd be glad to help with this. :)
>>>
>>>     Aloha
>>>     Jim
>>>
>>>
>>>
>>>     On 8/10/15 10:51 AM, Noreen Whysel wrote:
>>>>     I am also planning to add a session on wiki editing to the
>>>>     Chapter Leaders Workshop. I could turn that into a training for
>>>>     the wiki editing team. I created a course for the NYC Hackathon
>>>>     earlier this year but it was more about AppSec in Wikipedia
>>>>     instead of just the owasp.org <http://owasp.org> website.
>>>>
>>>>     Noreen Whysel
>>>>     Community Manager
>>>>     OWASP Foundation
>>>>
>>>>     On Mon, Aug 10, 2015 at 4:44 PM, Noreen Whysel
>>>>     <noreen.whysel at owasp.org> wrote:
>>>>
>>>>         Do you all think we should have an open call scheduled for
>>>>         people intrested in the wiki editing team (and refresher
>>>>         for those already on it) to walk them through how to edit
>>>>         the wiki and the FIXME process?
>>>>
>>>>         Noreen Whysel
>>>>         Community Manager
>>>>         OWASP Foundation
>>>>
>>>>         On Mon, Aug 10, 2015 at 4:31 PM, Jim Manico
>>>>         <jim.manico at owasp.org> wrote:
>>>>
>>>>             I lead the editors team and have admin wiki access myself.
>>>>
>>>>             An I'm sorry if this is a hassle - I am happy to work
>>>>             with you to streamline this or give you elevated access
>>>>             once we get rolling.
>>>>
>>>>             Aloha,
>>>>             Jim
>>>>
>>>>
>>>>
>>>>             On 8/10/15 10:24 AM, johanna curiel curiel wrote:
>>>>>             Hi Jim
>>>>>
>>>>>             I know you are very active ;-), I just wanted some
>>>>>             clarifications.
>>>>>
>>>>>             I was not sure if the the wiki editors had complete
>>>>>             access as admin to the wiki.
>>>>>
>>>>>             I will highlight the content, provide more relevant
>>>>>             links to link from the Home page and let you know when
>>>>>             ready.
>>>>>
>>>>>             I'll continue on the wiki editors mailing list.
>>>>>
>>>>>             regards
>>>>>
>>>>>             Johanna
>>>>>
>>>>>             On Mon, Aug 10, 2015 at 4:17 PM, Jim Manico
>>>>>             <jim.manico at owasp.org> wrote:
>>>>>
>>>>>                 If you email the list it will get done shortly
>>>>>                 thereafter. Or even if you get delete access and
>>>>>                 delete yourself - just let us know.
>>>>>
>>>>>                 Johanna, I'm an active member and when I say I do
>>>>>                 something I do it. I hope that has been your
>>>>>                 experience with me over the past few years.
>>>>>
>>>>>                 I will not let you down. Please do not let this
>>>>>                 get in the way of doing good work. We have your
>>>>>                 back and want to help.
>>>>>
>>>>>                 Aloha,
>>>>>                 --
>>>>>                 Jim Manico
>>>>>                 Global Board Member
>>>>>                 OWASP Foundation
>>>>>                 https://www.owasp.org
>>>>>                 Join me at AppSecUSA <http://appsecusa.org/> 2015!
>>>>>
>>>>>                 On Aug 10, 2015, at 10:07 AM, johanna curiel
>>>>>                 curiel <johanna.curiel at owasp.org> wrote:
>>>>>
>>>>>>                 Hi Jim
>>>>>>
>>>>>>                 If I take the time to highlight the irrelevant
>>>>>>                 content and provide a link to which one must go,
>>>>>>                 who has access and who will do the changes?
>>>>>>
>>>>>>                 I just hate to do a lot of work and nothing later
>>>>>>                 happens...or would the wiki editors provide me to
>>>>>>                 access to change this directly? How do the wiki
>>>>>>                 editors actually work? Do volunteers just label
>>>>>>                 things (with FIXME).
>>>>>>
>>>>>>                 I would like more clarification on this part
>>>>>>                 since the wiki editors page did not answer this
>>>>>>
>>>>>>                 regards
>>>>>>
>>>>>>                 Johanna
>>>>>>
>>>>>>                 On Mon, Aug 10, 2015 at 3:23 PM, Jim Manico
>>>>>>                 <jim.manico at owasp.org> wrote:
>>>>>>
>>>>>>                     Thats why we have a group of editors who all
>>>>>>                     have appsec experience.
>>>>>>
>>>>>>                     https://lists.owasp.org/mailman/listinfo/owasp-wiki-editors
>>>>>>
>>>>>>                     --
>>>>>>                     Jim Manico
>>>>>>                     Global Board Member
>>>>>>                     OWASP Foundation
>>>>>>                     https://www.owasp.org
>>>>>>                     Join me at AppSecUSA
>>>>>>                     <http://appsecusa.org/> 2015!
>>>>>>
>>>>>>                     On Aug 10, 2015, at 3:30 AM, johanna curiel
>>>>>>                     curiel <johanna.curiel at owasp.org> wrote:
>>>>>>
>>>>>>>                     there is a clarification needed of something
>>>>>>>                     as simple as who is now Responsible for the
>>>>>>>                     Wiki it's not the community it's not a
>>>>>>>                     member of the board it is Paul and his hired
>>>>>>>                     staff.
>>>>>>>
>>>>>>>                     Thx Tom. I did not know that and I believe
>>>>>>>                     neither did Timo.
>>>>>>>
>>>>>>>                     >This is not OWASP of 2004... There is a large
>>>>>>>                     amounts of funding spent on people hired to
>>>>>>>                     manage to policy and work per there job
>>>>>>>                     descriptions. Let's be careful to let them
>>>>>>>                     do just that.
>>>>>>>
>>>>>>>                     How do this staff knows what kind of content
>>>>>>>                     is relevant or not? I don't think that
>>>>>>>                     formula is working well right now. That
>>>>>>>                     content has not been properly updated since
>>>>>>>                     Sarah's Baso's was Executive director.
>>>>>>>
>>>>>>>                     /If I/ was the content manager of this site,
>>>>>>>                     this was long time updated ;-P. If OWASP is
>>>>>>>                     already paying staff to do this then why is
>>>>>>>                     not updated? I think that the problem is
>>>>>>>                     that the staff is not familiar with the
>>>>>>>                     content so how can they change this content
>>>>>>>                     or know what is relevant?
>>>>>>>
>>>>>>>                     The actual content is very outdated and
>>>>>>>                     irrelevant to sec folks. Again I don't think
>>>>>>>                     paying another contractor without any
>>>>>>>                     know-how of the content will help clean the
>>>>>>>                     wiki properly and highlight relevant
>>>>>>>                     content.It will be a waste of money.
>>>>>>>
>>>>>>>                     Regards
>>>>>>>
>>>>>>>                     Johanna
>>>>>>>
>>>>>>>                     On Mon, Aug 10, 2015 at 9:17 AM, Tom Brennan
>>>>>>>                     <tomb at proactiverisk.com> wrote:
>>>>>>>
>>>>>>>                         there is a clarification needed of
>>>>>>>                         something as simple as who is now
>>>>>>>                         Responsabile for the Wiki it's not the
>>>>>>>                         community it's not a member of the board
>>>>>>>                         it is Paul and his hired staff.
>>>>>>>
>>>>>>>                         Keep reading..
>>>>>>>
>>>>>>>                         The operational business of the
>>>>>>>                         foundation is handled by Paul Richie who
>>>>>>>                         was hired by the BoD.  reporting to him
>>>>>>>                         is a project coordinator job focus:
>>>>>>>                         https://www.owasp.org/images/a/a1/OWASP_Project_Coordinator-FabioTobiasAug25.pdf
>>>>>>>
>>>>>>>
>>>>>>>                         and community manager
>>>>>>>                         https://www.owasp.org/index.php/OWASP_Jobs/Community_Manager
>>>>>>>
>>>>>>>                         Let's pause an review the above job
>>>>>>>                         descriptions
>>>>>>>
>>>>>>>                         The volunteers who create/edit content
>>>>>>>                         as part of the community should do so in
>>>>>>>                         step with the people who's paid job is
>>>>>>>                         to shepard reward encourage and drive
>>>>>>>                         this. Call it a committee task force
>>>>>>>                         wiki group what ever.... But end of day
>>>>>>>                         there is now a chain of command and that
>>>>>>>                         starts with the operations people that
>>>>>>>                         are measured on what they do and
>>>>>>>                         compensated for it.
>>>>>>>
>>>>>>>                         Paul should be and I am sure is asking
>>>>>>>                         and getting feedback from the
>>>>>>>                         employees/staff on how to approach this
>>>>>>>                         and ultimately it is his decisions on
>>>>>>>                         the logistics of the operation.  If it
>>>>>>>                         works GREAT if it does not, try try again
>>>>>>>
>>>>>>>                         This is not OWASP of 2004... There is a
>>>>>>>                         large amounts of funding spent on people
>>>>>>>                         hired to manage to policy and work per
>>>>>>>                         there job descriptions. Let's be careful
>>>>>>>                         to let them do just that.
>>>>>>>
>>>>>>>                         Collaborate with them but don't step on
>>>>>>>                         over or around them. If there is a
>>>>>>>                         problem escalate as a complaint if needed.
>>>>>>>
>>>>>>>                         Plans (next 30 days)
>>>>>>>
>>>>>>>                         Progress (accomplishments of last 30 days)
>>>>>>>
>>>>>>>                         Problems (board meeting agenda item for
>>>>>>>                         vote that the staff can't handle without
>>>>>>>                         guidance an a vote)
>>>>>>>
>>>>>>>                         As simple as that we should be able to
>>>>>>>                         communicate what is going on at OWASP
>>>>>>>
>>>>>>>                         IMHO edit and redirect away, don't
>>>>>>>                         delete. It's a wiki
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>                         On Aug 10, 2015, at 8:47 AM, johanna
>>>>>>>                         curiel curiel <johanna.curiel at owasp.org>
>>>>>>>                         wrote:
>>>>>>>
>>>>>>>>                         I think if you give Johanna and I
>>>>>>>>                         delete rights on the wiki it would do
>>>>>>>>                         much more good as opposed to hiring
>>>>>>>>                         somebody who is not familiar with the
>>>>>>>>                         content or the projects.
>>>>>>>>
>>>>>>>>                         If this becomes a project under our
>>>>>>>>                         guidance(which I think unfamiliar
>>>>>>>>                         people to the content cannot provide)
>>>>>>>>                         is essential
>>>>>>>>
>>>>>>>>                         Example
>>>>>>>>                         From the home page you get this link:
>>>>>>>>                         https://www.owasp.org/index.php/Category:How_To
>>>>>>>>
>>>>>>>>                         This is very old stuff and there are
>>>>>>>>                         more relevant content and projects that
>>>>>>>>                         promoting from the home page the "OWASP
>>>>>>>>                         LiveCD Education Project (SpoC 2007)"
>>>>>>>>                         and "Webscarab" .
>>>>>>>>
>>>>>>>>                         What we need is a _technical editor _to
>>>>>>>>                         help us re-write and correct the text.
>>>>>>>>                         This way we can highlight relevant
>>>>>>>>                         content and there is so much but is not
>>>>>>>>                         properly promoted.
>>>>>>>>
>>>>>>>>                         This whole section is really VERY
>>>>>>>>                         outdated and irrelevant right now,
>>>>>>>>                         especially from the homepage
>>>>>>>>                         <Screenshot 2015-08-10 08.42.41.png>
>>>>>>>>
>>>>>>>>                         With all due respect, you need to know
>>>>>>>>                         the content in order to direct users to
>>>>>>>>                         relevant one. We know which is
>>>>>>>>                         the relevant content(especially
>>>>>>>>                         people familiar with the latest and
>>>>>>>>                         updated projects)
>>>>>>>>
>>>>>>>>                         We can make a plan of what will be
>>>>>>>>                         clean up before deleting or doing
>>>>>>>>                         anything, but it's clear that without
>>>>>>>>                         know-how of the content, hiring someone
>>>>>>>>                         will be not very efficient or effective
>>>>>>>>                         in my opinion.
>>>>>>>>
>>>>>>>>                         regards
>>>>>>>>
>>>>>>>>                         Johanna
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>                         On Mon, Aug 10, 2015 at 6:59 AM, Jim
>>>>>>>>                         Manico <jim.manico at owasp.org> wrote:
>>>>>>>>
>>>>>>>>                             I support giving you both delete
>>>>>>>>                             access so long as you send a note
>>>>>>>>                             to the wiki editor list and just
>>>>>>>>                             let us know what you are up to...
>>>>>>>>
>>>>>>>>                             --
>>>>>>>>                             Jim Manico
>>>>>>>>                             Global Board Member
>>>>>>>>                             OWASP Foundation
>>>>>>>>                             https://www.owasp.org
>>>>>>>>                             Join me at AppSecUSA
>>>>>>>>                             <http://appsecusa.org/> 2015!
>>>>>>>>
>>>>>>>>                             On Aug 9, 2015, at 11:21 PM, Timo
>>>>>>>>                             Goosen <timo.goosen at owasp.org> wrote:
>>>>>>>>
>>>>>>>>>                             I still feel that people on the
>>>>>>>>>                             project task force should have
>>>>>>>>>                             delete rights on the wiki.
>>>>>>>>>
>>>>>>>>>                             If people want to see stuff for
>>>>>>>>>                             archiving purposes they can use
>>>>>>>>>                             archive.org <http://archive.org>
>>>>>>>>>                             to view the page.
>>>>>>>>>
>>>>>>>>>                             The owasp wiki looks sloppy at the
>>>>>>>>>                             moment and we should clean it up.
>>>>>>>>>
>>>>>>>>>                             I think if you give Johanna and I
>>>>>>>>>                             delete rights on the wiki it would
>>>>>>>>>                             do much more good as opposed to
>>>>>>>>>                             hiring somebody who is not
>>>>>>>>>                             familiar with the content or the
>>>>>>>>>                             projects.
>>>>>>>>>
>>>>>>>>>                             Regards.
>>>>>>>>>                             Timo
>>>>>>>>>
>>>>>>>>>                             On Sun, Aug 9, 2015 at 11:26 PM,
>>>>>>>>>                             Jim Manico <jim.manico at owasp.org>
>>>>>>>>>                             wrote:
>>>>>>>>>
>>>>>>>>>                                  >There would need to be a
>>>>>>>>>                                 category that replaces "FIXME"
>>>>>>>>>                                 with "Archived" or something
>>>>>>>>>                                 similar for the archived page.
>>>>>>>>>
>>>>>>>>>                                 That is currently the
>>>>>>>>>                                 "historical" flag.
>>>>>>>>>
>>>>>>>>>                                 |[[Categorie:FIXME/historical]]|
>>>>>>>>>                                 	out of date but archived for
>>>>>>>>>                                 historical context
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>                                 Some content is good to save,
>>>>>>>>>                                 some is just junk. The
>>>>>>>>>                                 wiki-editors group is set up
>>>>>>>>>                                 to answer those questions.
>>>>>>>>>
>>>>>>>>>                                 https://lists.owasp.org/mailman/listinfo/owasp-wiki-editors
>>>>>>>>>
>>>>>>>>>                                 Aloha,
>>>>>>>>>                                 Jim
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>                                 Another issue I just thought
>>>>>>>>>>                                 of: If a page is simply
>>>>>>>>>>                                 archived it will still show
>>>>>>>>>>                                 up in search. This is not a
>>>>>>>>>>                                 problem if the page redirects
>>>>>>>>>>                                 to a newer or more relevant
>>>>>>>>>>                                 one. But could be if it is
>>>>>>>>>>                                 not clearly tagged as an
>>>>>>>>>>                                 archived/outdated page.
>>>>>>>>>>
>>>>>>>>>>                                 Noreen Whysel
>>>>>>>>>>                                 Community Manager
>>>>>>>>>>                                 OWASP Foundation
>>>>>>>>>>
>>>>>>>>>>                                 On Aug 9, 2015, at 4:24 PM,
>>>>>>>>>>                                 Bev Corwin
>>>>>>>>>>                                 <bev.corwin at owasp.org> wrote:
>>>>>>>>>>
>>>>>>>>>>>                                 Nice explanation Noreen,
>>>>>>>>>>>                                 thank you, just curious, do
>>>>>>>>>>>                                 you think that it is
>>>>>>>>>>>                                 important to reference the
>>>>>>>>>>>                                 history details on the
>>>>>>>>>>>                                 pages, or would the
>>>>>>>>>>>                                 automated history / changes
>>>>>>>>>>>                                 tracking information be
>>>>>>>>>>>                                 enough for anyone looking
>>>>>>>>>>>                                 for any archives?
>>>>>>>>>>>
>>>>>>>>>>>                                 Bev
>>>>>>>>>>>
>>>>>>>>>>>                                 On Sun, Aug 9, 2015 at 2:38
>>>>>>>>>>>                                 PM, Noreen Whysel
>>>>>>>>>>>                                 <noreen.whysel at owasp.org> wrote:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>                                     Redirects are simple.
>>>>>>>>>>>                                     Add
>>>>>>>>>>>                                     #REDIRECT [[:NewPage]] to the
>>>>>>>>>>>                                     edit field and it will
>>>>>>>>>>>                                     redirect to the new
>>>>>>>>>>>                                     page. All the old page
>>>>>>>>>>>                                     history is saved and
>>>>>>>>>>>                                     viewed very easily by
>>>>>>>>>>>                                     typing the URL,
>>>>>>>>>>>                                     https://www.owasp.org/index.php?title=Old_Page_Title&action=history.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>                                 _______________________________________________
>>>>>>>>>>                                 Owasp-board mailing list
>>>>>>>>>>                                 Owasp-board at lists.owasp.org
>>>>>>>>>>                                 <mailto:Owasp-board at lists.owasp.org>
>>>>>>>>>>                                 https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>>
>>>>>>>>>                                 -- 
>>>>>>>>>                                 Jim Manico
>>>>>>>>>                                 Global Board Member
>>>>>>>>>                                 OWASP Foundation
>>>>>>>>>                                 https://www.owasp.org
>>>>>>>>>                                 Join me at AppSecUSA 2015!
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>                                 _______________________________________________
>>>>>>>>>                                 Owasp-board mailing list
>>>>>>>>>                                 Owasp-board at lists.owasp.org
>>>>>>>>>                                 https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>                             _______________________________________________
>>>>>>>>                             Owasp-board mailing list
>>>>>>>>                             Owasp-board at lists.owasp.org
>>>>>>>>                             https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>
>>>>>>>>
>>>>>>>>                         _______________________________________________
>>>>>>>>                         Owasp-board mailing list
>>>>>>>>                         Owasp-board at lists.owasp.org
>>>>>>>>                         https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>
>>>>>>>                         WARNING: E-mail transmission cannot be
>>>>>>>                         guaranteed to be secure or error-free as
>>>>>>>                         information could be intercepted,
>>>>>>>                         corrupted, lost, destroyed, arrive late
>>>>>>>                         or incomplete, or contain viruses. The
>>>>>>>                         sender therefore does not accept
>>>>>>>                         liability for any errors or omissions in
>>>>>>>                         the contents of this message, which
>>>>>>>                         arise as a result of e-mail
>>>>>>>                         transmission. No employee or agent is
>>>>>>>                         authorized to conclude any binding
>>>>>>>                         agreement on behalf of ProactiveRISK
>>>>>>>                         with another party by email.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>>             -- 
>>>>             Jim Manico
>>>>             Global Board Member
>>>>             OWASP Foundation
>>>>             https://www.owasp.org
>>>>             Join me at AppSecUSA 2015!
>>>>
>>>>
>>>>             _______________________________________________
>>>>             Owasp-board mailing list
>>>>             Owasp-board at lists.owasp.org
>>>>             <mailto:Owasp-board at lists.owasp.org>
>>>>             https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>>
>>>
>>>     -- 
>>>     Jim Manico
>>>     Global Board Member
>>>     OWASP Foundation
>>>     https://www.owasp.org
>>>     Join me at AppSecUSA 2015!
>>>
>>>
>>
>> -- 
>> Jim Manico
>> Global Board Member
>> OWASP Foundation
>> https://www.owasp.org
>> Join me at AppSecUSA 2015!
>>
>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>

-- 
Jim Manico
Global Board Member
OWASP Foundation
https://www.owasp.org
Join me at AppSecUSA 2015!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150811/1ed1ba62/attachment-0001.html>


More information about the Owasp-board mailing list