[Owasp-board] Regarding Hackademic project

johanna curiel curiel johanna.curiel at owasp.org
Thu Jul 23 13:58:37 UTC 2015


In any case you seem to be spending way too much time in finding
inconsistencies in things I run. I honestly don't care about labels so feel
free to call hackademic "lab", "incubator" or however you wish. I have to
say that I'm very surprisde though that a project can be demoted by a
single person in a single email. That's quite a lot of power in one person
and not a very democratic way to decide, isn't it?

I'm the leader and I base the decisions on the criteria an opinions of my
team, not only me.Take the time if you want to read all the work has been
done by multiple volunteers:
https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Assessments

The fact that we want to see improvements and spend time on it should be
seen as a whole for OWASP , the users and consumers of the projects , not
 only for an individual benefit.

And yes, don't worry, I won't waste my time reviewing your project anymore.

 This was part of the major review we did last year and after a year , also
we conducted a new review lead by Timo.

We can conclude that in our opinion this project does not deserve the label
it has based on a criteria built by a team not only me.
Based on the many hours we spend reviewing and building this project. And
we have provided proof of that.

It seems we spent more time that you on this project ;-P.

Regards

Johanna

On Thu, Jul 23, 2015 at 9:47 AM, Konstantinos Papapanagiotou <
Konstantinos at owasp.org> wrote:

> Johanna,
>
> You should really refrain from telling me what to do and what not to do.
> This is my personal volunteer time and frankly I'll do as l see best and
> what's best for owasp and the community.
>
> I believe that you've got this all wrong. As usual you make statements out
> of the blue to give a false impression. Can you point out how exactly $4500
> has been spent and by whom?
>
> In any case you seem to be spending way too much time in finding
> inconsistencies in things I run. I honestly don't care about labels so feel
> free to call hackademic "lab", "incubator" or however you wish. I have to
> say that I'm very surprisde though that a project can be demoted by a
> single person in a single email. That's quite a lot of power in one person
> and not a very democratic way to decide, isn't it?
>
> Lastly in what concerns me and I also believe the hackademic project, your
> involvement is very unproductive. Please stop spending so much time with us
> and let us move forward with our project as we see best. Unless of course
> you believe we are somehow  violating owasp ethics or bylaws and this
> shouldn't even be an owasp project.
>
> Kostas
>
>
> On Thursday, July 23, 2015, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
>> On May Timo did an extensive evaluation
>>
>> https://docs.google.com/spreadsheets/d/1LpPBZ1kSnxuQ3I2bCE3aXVKOQXM7HnT4Xxfw5Nv1DKw/edit?usp=sharing
>>
>> Also Timo is referring to their comments regarding security:
>> https://github.com/Hackademic/hackademic/issues/165
>>
>> We exchange multiple emails with Spyros and Antonis which are leading the
>> project ,regarding the status and the findings from Marios and Timo. All
>> open on the Project Task Force mailing list
>>
>> https://groups.google.com/a/owasp.org/forum/?hl=en#!topic/projects-task-force/iKoo1utMwAc
>>
>> @Konstantinos, you should be more involved in the actual development of
>> the project because it seems to us you are not even aware what is happening.
>>
>> No changes were done, I did not receive any feedback further.
>>
>> We spent a lot of time reviewing and providing enough opportunities for
>> improvement, but if their project leaders expect that they need to be
>> financed every time to make progress in their project, I do not agree with
>> this attitude.
>>
>> Thats the point. We know that none of this funds is spent by their
>> project leaders directly, but project leaders have responsibilities because
>> they get opportunities such as attending the Project Summits, which was
>> also paid from the Project Summit EU.
>>
>> We are demoting this project to incubator status.
>>
>> USD4500 is now been spent in Hackademics development.
>>
>> I hope that something comes out of this and at least improvements are
>> done.
>>
>>
>> Regards
>>
>> Johanna
>>
>> On Thu, Jul 23, 2015 at 8:45 AM, Timo Goosen <timo.goosen at owasp.org>
>> wrote:
>>
>>> I'd like to see these guys demoted from LAB status. They seem to also
>>> lack basic knowledge of security from my interaction with them.
>>>
>>> I don't support this project and they will not get anymore of my time as
>>> a volunteer for OWASP.
>>> ( I don't get or my time as volunteer and neither does Johanna, contrary
>>> to popular belief.)
>>>
>>>
>>>
>>> Regards.
>>> Timo
>>>
>>> On Thu, Jul 23, 2015 at 2:26 PM, johanna curiel curiel <
>>> johanna.curiel at owasp.org> wrote:
>>>
>>>> And btw I'm not impress by the activity level of this project over the
>>>> years on the mentioned branch.
>>>>
>>>> This is a 'LAB' project which people expect a certain level of
>>>> maturity. When Timo and Marios did their testing the same conclusion was
>>>> observed: they lack documentation
>>>>
>>>> This project was promoted to LAB before we did a major evaluation in
>>>> 2014 and honestly compare to other incubators, it lacks many things to be a
>>>> LAB project.
>>>>
>>>> However we did not demoted, we leave it and keep on observing it.
>>>>
>>>> My whole point is and also from Timo, that a project should be more
>>>> responsive regarding the work we do and also their project leaders should
>>>> keep in mind there are responsibilities regarding this. IF you are only
>>>> their to receive funds then, we are quite reluctant to believe its
>>>> credibility
>>>>
>>>> [image: Inline image 1]
>>>>
>>>> On Thu, Jul 23, 2015 at 8:16 AM, Timo Goosen <timo.goosen at owasp.org>
>>>> wrote:
>>>>
>>>>>
>>>>> >Also as I've said in the past, there are projects that are almost
>>>>> identical copies of hackademic that have also received funds even though at
>>>>> that time they didn't have >one line of code. Why weren't you skeptical
>>>>> about those projects but on the contrary quite supportive
>>>>> Can you give a list of these projects?
>>>>>
>>>>> Also I'd like to see some feedback on what you guys did with the funds.
>>>>> That you guys received.
>>>>>
>>>>>
>>>>> Regards.
>>>>> Timo
>>>>>
>>>>> On Thu, Jul 23, 2015 at 2:05 PM, Konstantinos Papapanagiotou <
>>>>> Konstantinos at owasp.org> wrote:
>>>>>
>>>>>> Johanna,
>>>>>>
>>>>>> Most of our commits are on the 'next' branch:
>>>>>> https://github.com/Hackademic/hackademic/graphs/commit-activity
>>>>>>
>>>>>> I believe that funds were allocated through the agreed, transparent
>>>>>> procedure for the code sprint. If other projects are in need of funds why
>>>>>> didn't they apply?
>>>>>>
>>>>>> Also as I've said in the past, there are projects that are almost
>>>>>> identical copies of hackademic that have also received funds even though at
>>>>>> that time they didn't have one line of code. Why weren't you skeptical
>>>>>> about those projects but on the contrary quite supportive?
>>>>>>
>>>>>> And last but not least, next time you want to make such allegations
>>>>>> please get in touch with me rather than send emails to the board behind my
>>>>>> back.
>>>>>>
>>>>>> Kostas
>>>>>>
>>>>>> On Thu, Jul 23, 2015 at 2:43 PM, johanna curiel curiel <
>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>
>>>>>>> Dear Task Force members and Board
>>>>>>>
>>>>>>> Over the last year, we have had a close look to the Hackademic
>>>>>>> project.
>>>>>>>
>>>>>>> Last year we did a testing during the month of October , executed by
>>>>>>> Marios Kourtesis and I. This year, Timo Goosen also did an evaluation on
>>>>>>> this project during the Project Summit EU.
>>>>>>>
>>>>>>> From the evaluations we could conclude the following:
>>>>>>>
>>>>>>>    - The project lacks documentation in order for first time users
>>>>>>>    to install and to build this properly
>>>>>>>    - The project does not have any developments except during the
>>>>>>>    Google summer of Code last year. You can see their contributions on their
>>>>>>>    main development branch here. Basically almost none(see attached image)
>>>>>>>       - https://www.openhub.net/p/hackademic
>>>>>>>    - I requested an update regarding their developments but never
>>>>>>>    received an answer on this
>>>>>>>    - Timo Goosen spent quite lot of time during the Summit working
>>>>>>>    on their project, developing documentation for them which they never
>>>>>>>    updated their wiki and use it
>>>>>>>
>>>>>>> Now this project is getting the sponsorship for the Summer of code
>>>>>>> when they hardly work on their development and to us it lacks a certain
>>>>>>> level of maturity and robustness which unfortunately there are other
>>>>>>> projects in incubator stage that are much better and more mature than this
>>>>>>> one.
>>>>>>>
>>>>>>> I strongly advise the board that before taking major decisions to
>>>>>>> spend money in activities for projects lacking a clear strcutural
>>>>>>> development , to take the time and evaluate if the project deserves it.
>>>>>>>
>>>>>>> I think there are many other projects that can use that money and
>>>>>>> have shown committed and responsive project leaders
>>>>>>>
>>>>>>>
>>>>>>> Regards
>>>>>>> Johanna
>>>>>>>
>>>>>>> HACKADEMICS activity over the past 2 years:
>>>>>>> [image: Inline image 1]
>>>>>>> Johanna
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Owasp-board mailing list
>>>>>>> Owasp-board at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150723/9942a81c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2015-07-23 07.38.03.png
Type: image/png
Size: 82965 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150723/9942a81c/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2015-07-23 08.20.26.png
Type: image/png
Size: 45571 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150723/9942a81c/attachment-0003.png>


More information about the Owasp-board mailing list