[Owasp-board] Regarding Hackademic project

johanna curiel curiel johanna.curiel at owasp.org
Thu Jul 23 13:20:12 UTC 2015


On May Timo did an extensive evaluation
https://docs.google.com/spreadsheets/d/1LpPBZ1kSnxuQ3I2bCE3aXVKOQXM7HnT4Xxfw5Nv1DKw/edit?usp=sharing

Also Timo is referring to their comments regarding security:
https://github.com/Hackademic/hackademic/issues/165

We exchange multiple emails with Spyros and Antonis which are leading the
project ,regarding the status and the findings from Marios and Timo. All
open on the Project Task Force mailing list
https://groups.google.com/a/owasp.org/forum/?hl=en#!topic/projects-task-force/iKoo1utMwAc

@Konstantinos, you should be more involved in the actual development of the
project because it seems to us you are not even aware what is happening.

No changes were done, I did not receive any feedback further.

We spent a lot of time reviewing and providing enough opportunities for
improvement, but if their project leaders expect that they need to be
financed every time to make progress in their project, I do not agree with
this attitude.

Thats the point. We know that none of this funds is spent by their project
leaders directly, but project leaders have responsibilities because they
get opportunities such as attending the Project Summits, which was also
paid from the Project Summit EU.

We are demoting this project to incubator status.

USD4500 is now been spent in Hackademics development.

I hope that something comes out of this and at least improvements are done.


Regards

Johanna

On Thu, Jul 23, 2015 at 8:45 AM, Timo Goosen <timo.goosen at owasp.org> wrote:

> I'd like to see these guys demoted from LAB status. They seem to also lack
> basic knowledge of security from my interaction with them.
>
> I don't support this project and they will not get anymore of my time as a
> volunteer for OWASP.
> ( I don't get or my time as volunteer and neither does Johanna, contrary
> to popular belief.)
>
>
>
> Regards.
> Timo
>
> On Thu, Jul 23, 2015 at 2:26 PM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
>> And btw I'm not impress by the activity level of this project over the
>> years on the mentioned branch.
>>
>> This is a 'LAB' project which people expect a certain level of maturity.
>> When Timo and Marios did their testing the same conclusion was observed:
>> they lack documentation
>>
>> This project was promoted to LAB before we did a major evaluation in 2014
>> and honestly compare to other incubators, it lacks many things to be a LAB
>> project.
>>
>> However we did not demoted, we leave it and keep on observing it.
>>
>> My whole point is and also from Timo, that a project should be more
>> responsive regarding the work we do and also their project leaders should
>> keep in mind there are responsibilities regarding this. IF you are only
>> their to receive funds then, we are quite reluctant to believe its
>> credibility
>>
>> [image: Inline image 1]
>>
>> On Thu, Jul 23, 2015 at 8:16 AM, Timo Goosen <timo.goosen at owasp.org>
>> wrote:
>>
>>>
>>> >Also as I've said in the past, there are projects that are almost
>>> identical copies of hackademic that have also received funds even though at
>>> that time they didn't have >one line of code. Why weren't you skeptical
>>> about those projects but on the contrary quite supportive
>>> Can you give a list of these projects?
>>>
>>> Also I'd like to see some feedback on what you guys did with the funds.
>>> That you guys received.
>>>
>>>
>>> Regards.
>>> Timo
>>>
>>> On Thu, Jul 23, 2015 at 2:05 PM, Konstantinos Papapanagiotou <
>>> Konstantinos at owasp.org> wrote:
>>>
>>>> Johanna,
>>>>
>>>> Most of our commits are on the 'next' branch:
>>>> https://github.com/Hackademic/hackademic/graphs/commit-activity
>>>>
>>>> I believe that funds were allocated through the agreed, transparent
>>>> procedure for the code sprint. If other projects are in need of funds why
>>>> didn't they apply?
>>>>
>>>> Also as I've said in the past, there are projects that are almost
>>>> identical copies of hackademic that have also received funds even though at
>>>> that time they didn't have one line of code. Why weren't you skeptical
>>>> about those projects but on the contrary quite supportive?
>>>>
>>>> And last but not least, next time you want to make such allegations
>>>> please get in touch with me rather than send emails to the board behind my
>>>> back.
>>>>
>>>> Kostas
>>>>
>>>> On Thu, Jul 23, 2015 at 2:43 PM, johanna curiel curiel <
>>>> johanna.curiel at owasp.org> wrote:
>>>>
>>>>> Dear Task Force members and Board
>>>>>
>>>>> Over the last year, we have had a close look to the Hackademic
>>>>> project.
>>>>>
>>>>> Last year we did a testing during the month of October , executed by
>>>>> Marios Kourtesis and I. This year, Timo Goosen also did an evaluation on
>>>>> this project during the Project Summit EU.
>>>>>
>>>>> From the evaluations we could conclude the following:
>>>>>
>>>>>    - The project lacks documentation in order for first time users to
>>>>>    install and to build this properly
>>>>>    - The project does not have any developments except during the
>>>>>    Google summer of Code last year. You can see their contributions on their
>>>>>    main development branch here. Basically almost none(see attached image)
>>>>>       - https://www.openhub.net/p/hackademic
>>>>>    - I requested an update regarding their developments but never
>>>>>    received an answer on this
>>>>>    - Timo Goosen spent quite lot of time during the Summit working on
>>>>>    their project, developing documentation for them which they never updated
>>>>>    their wiki and use it
>>>>>
>>>>> Now this project is getting the sponsorship for the Summer of code
>>>>> when they hardly work on their development and to us it lacks a certain
>>>>> level of maturity and robustness which unfortunately there are other
>>>>> projects in incubator stage that are much better and more mature than this
>>>>> one.
>>>>>
>>>>> I strongly advise the board that before taking major decisions to
>>>>> spend money in activities for projects lacking a clear strcutural
>>>>> development , to take the time and evaluate if the project deserves it.
>>>>>
>>>>> I think there are many other projects that can use that money and have
>>>>> shown committed and responsive project leaders
>>>>>
>>>>>
>>>>> Regards
>>>>> Johanna
>>>>>
>>>>> HACKADEMICS activity over the past 2 years:
>>>>> [image: Inline image 1]
>>>>> Johanna
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150723/57779619/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2015-07-23 08.20.26.png
Type: image/png
Size: 45571 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150723/57779619/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2015-07-23 07.38.03.png
Type: image/png
Size: 82965 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150723/57779619/attachment-0003.png>


More information about the Owasp-board mailing list