[Owasp-board] Fwd: Tweet by Chris Wysopal on Twitter

Jim Manico jim.manico at owasp.org
Tue Aug 25 03:59:41 UTC 2015


Yup, the conversation is polite. I sent the author links to the OT10 to consider and have not asked for any action to be taken until the author has a chance to review our works from 2013. 

--
Jim Manico
Global Board Member
OWASP Foundation
https://www.owasp.org
Join me at AppSecUSA 2015!

> On Aug 24, 2015, at 9:59 PM, Matt Tesauro <matt.tesauro at owasp.org> wrote:
> 
> +1 on doing the "Hey, it looks like you made an honest mistake" conversation first.
> 
> From what I've heard of other Open Source license enforcement, most people are unaware of license requirements and 90+% comply once you let them know what's required.
> 
> </Matt's 2 cents>
> 
> --
> -- Matt Tesauro
> OWASP WTE Project Lead
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> http://AppSecLive.org - Community and Download site
> OWASP OpenStack Security Project Lead
> https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project
> 
>> On Mon, Aug 24, 2015 at 9:47 PM, Michael Coates <michael.coates at owasp.org> wrote:
>> OWASP Top 10 is licensed as Creative Commons Attribution-ShareAlike 3.0 license.
>> From my understanding basic attribution would be required. 
>> 
>> I'd recommend waiting for feedback from the project leader first. In all of these situations my hope is always that we can reach out, inform the other party of the situation and correct the situation.
>> 
>> 
>> https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
>> Licensing
>> The OWASP Top 10 is free to use. It is licensed under thehttp://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
>> 
>> 
>> 
>> --
>> Michael Coates | @_mwc
>> OWASP Global Board
>> Join me at AppSecUSA 2015 in San Francisco!
>> 
>> 
>> 
>> 
>>> On Mon, Aug 24, 2015 at 6:43 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>> A member of our community informed me that someone packaged up the OWASP Top Ten 2013 and rebranded it without OWASP attribution.  The info is below. What do you think?
>>> 
>>> http://mobile.eweek.com/security/slideshows/top-10-common-application-attacks-to-avoid.html
>>> 
>>> --
>>> Jim Manico
>>> Global Board Member
>>> OWASP Foundation
>>> https://www.owasp.org
>>> Join me at AppSecUSA 2015!
>>> 
>>> Begin forwarded message:
>>> 
>>>> Date: August 24, 2015 at 7:52:10 PM CDT
>>>> To: Jim Manico <jim.manico at owasp.org>
>>>> Subject: Tweet by Chris Wysopal on Twitter
>>>> 
>>>> 
>>>> 	Chris Wysopal (@WeldPond)
>>>> 8/24/15, 8:29 PM
>>>> Based on information from IBM? Isn't this just the OWASP Top 10? @eWEEKNews eweek.com/security/slide…
>>>> 
>>>> Download the Twitter app
>>> 
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>> 
>> 
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150824/d67582cb/attachment-0001.html>


More information about the Owasp-board mailing list