[Owasp-board] Regarding Hackademic project

Bev Corwin bev.corwin at owasp.org
Thu Jul 23 14:01:36 UTC 2015


+1 I support Johanna and the Project Committee. I do not think that it is
OWASP's mission to give such special preference and accommodations to
excessively exclusive non-accommodating groups.

Bev


On Thu, Jul 23, 2015 at 9:58 AM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> In any case you seem to be spending way too much time in finding
> inconsistencies in things I run. I honestly don't care about labels so feel
> free to call hackademic "lab", "incubator" or however you wish. I have to
> say that I'm very surprisde though that a project can be demoted by a
> single person in a single email. That's quite a lot of power in one person
> and not a very democratic way to decide, isn't it?
>
> I'm the leader and I base the decisions on the criteria an opinions of my
> team, not only me.Take the time if you want to read all the work has been
> done by multiple volunteers:
>
> https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Assessments
>
> The fact that we want to see improvements and spend time on it should be
> seen as a whole for OWASP , the users and consumers of the projects , not
>  only for an individual benefit.
>
> And yes, don't worry, I won't waste my time reviewing your project anymore.
>
>  This was part of the major review we did last year and after a year ,
> also we conducted a new review lead by Timo.
>
> We can conclude that in our opinion this project does not deserve the
> label it has based on a criteria built by a team not only me.
> Based on the many hours we spend reviewing and building this project. And
> we have provided proof of that.
>
> It seems we spent more time that you on this project ;-P.
>
> Regards
>
> Johanna
>
> On Thu, Jul 23, 2015 at 9:47 AM, Konstantinos Papapanagiotou <
> Konstantinos at owasp.org> wrote:
>
>> Johanna,
>>
>> You should really refrain from telling me what to do and what not to do.
>> This is my personal volunteer time and frankly I'll do as l see best and
>> what's best for owasp and the community.
>>
>> I believe that you've got this all wrong. As usual you make statements
>> out of the blue to give a false impression. Can you point out how exactly
>> $4500 has been spent and by whom?
>>
>> In any case you seem to be spending way too much time in finding
>> inconsistencies in things I run. I honestly don't care about labels so feel
>> free to call hackademic "lab", "incubator" or however you wish. I have to
>> say that I'm very surprisde though that a project can be demoted by a
>> single person in a single email. That's quite a lot of power in one person
>> and not a very democratic way to decide, isn't it?
>>
>> Lastly in what concerns me and I also believe the hackademic
>> project, your involvement is very unproductive. Please stop spending so
>> much time with us and let us move forward with our project as we see best.
>> Unless of course you believe we are somehow  violating owasp ethics or
>> bylaws and this shouldn't even be an owasp project.
>>
>> Kostas
>>
>>
>> On Thursday, July 23, 2015, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>
>>> On May Timo did an extensive evaluation
>>>
>>> https://docs.google.com/spreadsheets/d/1LpPBZ1kSnxuQ3I2bCE3aXVKOQXM7HnT4Xxfw5Nv1DKw/edit?usp=sharing
>>>
>>> Also Timo is referring to their comments regarding security:
>>> https://github.com/Hackademic/hackademic/issues/165
>>>
>>> We exchange multiple emails with Spyros and Antonis which are leading
>>> the project ,regarding the status and the findings from Marios and Timo.
>>> All open on the Project Task Force mailing list
>>>
>>> https://groups.google.com/a/owasp.org/forum/?hl=en#!topic/projects-task-force/iKoo1utMwAc
>>>
>>> @Konstantinos, you should be more involved in the actual development of
>>> the project because it seems to us you are not even aware what is happening.
>>>
>>> No changes were done, I did not receive any feedback further.
>>>
>>> We spent a lot of time reviewing and providing enough opportunities for
>>> improvement, but if their project leaders expect that they need to be
>>> financed every time to make progress in their project, I do not agree with
>>> this attitude.
>>>
>>> Thats the point. We know that none of this funds is spent by their
>>> project leaders directly, but project leaders have responsibilities because
>>> they get opportunities such as attending the Project Summits, which was
>>> also paid from the Project Summit EU.
>>>
>>> We are demoting this project to incubator status.
>>>
>>> USD4500 is now been spent in Hackademics development.
>>>
>>> I hope that something comes out of this and at least improvements are
>>> done.
>>>
>>>
>>> Regards
>>>
>>> Johanna
>>>
>>> On Thu, Jul 23, 2015 at 8:45 AM, Timo Goosen <timo.goosen at owasp.org>
>>> wrote:
>>>
>>>> I'd like to see these guys demoted from LAB status. They seem to also
>>>> lack basic knowledge of security from my interaction with them.
>>>>
>>>> I don't support this project and they will not get anymore of my time
>>>> as a volunteer for OWASP.
>>>> ( I don't get or my time as volunteer and neither does Johanna,
>>>> contrary to popular belief.)
>>>>
>>>>
>>>>
>>>> Regards.
>>>> Timo
>>>>
>>>> On Thu, Jul 23, 2015 at 2:26 PM, johanna curiel curiel <
>>>> johanna.curiel at owasp.org> wrote:
>>>>
>>>>> And btw I'm not impress by the activity level of this project over the
>>>>> years on the mentioned branch.
>>>>>
>>>>> This is a 'LAB' project which people expect a certain level of
>>>>> maturity. When Timo and Marios did their testing the same conclusion was
>>>>> observed: they lack documentation
>>>>>
>>>>> This project was promoted to LAB before we did a major evaluation in
>>>>> 2014 and honestly compare to other incubators, it lacks many things to be a
>>>>> LAB project.
>>>>>
>>>>> However we did not demoted, we leave it and keep on observing it.
>>>>>
>>>>> My whole point is and also from Timo, that a project should be more
>>>>> responsive regarding the work we do and also their project leaders should
>>>>> keep in mind there are responsibilities regarding this. IF you are only
>>>>> their to receive funds then, we are quite reluctant to believe its
>>>>> credibility
>>>>>
>>>>> [image: Inline image 1]
>>>>>
>>>>> On Thu, Jul 23, 2015 at 8:16 AM, Timo Goosen <timo.goosen at owasp.org>
>>>>> wrote:
>>>>>
>>>>>>
>>>>>> >Also as I've said in the past, there are projects that are almost
>>>>>> identical copies of hackademic that have also received funds even though at
>>>>>> that time they didn't have >one line of code. Why weren't you skeptical
>>>>>> about those projects but on the contrary quite supportive
>>>>>> Can you give a list of these projects?
>>>>>>
>>>>>> Also I'd like to see some feedback on what you guys did with the
>>>>>> funds.
>>>>>> That you guys received.
>>>>>>
>>>>>>
>>>>>> Regards.
>>>>>> Timo
>>>>>>
>>>>>> On Thu, Jul 23, 2015 at 2:05 PM, Konstantinos Papapanagiotou <
>>>>>> Konstantinos at owasp.org> wrote:
>>>>>>
>>>>>>> Johanna,
>>>>>>>
>>>>>>> Most of our commits are on the 'next' branch:
>>>>>>> https://github.com/Hackademic/hackademic/graphs/commit-activity
>>>>>>>
>>>>>>> I believe that funds were allocated through the agreed, transparent
>>>>>>> procedure for the code sprint. If other projects are in need of funds why
>>>>>>> didn't they apply?
>>>>>>>
>>>>>>> Also as I've said in the past, there are projects that are almost
>>>>>>> identical copies of hackademic that have also received funds even though at
>>>>>>> that time they didn't have one line of code. Why weren't you skeptical
>>>>>>> about those projects but on the contrary quite supportive?
>>>>>>>
>>>>>>> And last but not least, next time you want to make such allegations
>>>>>>> please get in touch with me rather than send emails to the board behind my
>>>>>>> back.
>>>>>>>
>>>>>>> Kostas
>>>>>>>
>>>>>>> On Thu, Jul 23, 2015 at 2:43 PM, johanna curiel curiel <
>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>
>>>>>>>> Dear Task Force members and Board
>>>>>>>>
>>>>>>>> Over the last year, we have had a close look to the Hackademic
>>>>>>>> project.
>>>>>>>>
>>>>>>>> Last year we did a testing during the month of October , executed
>>>>>>>> by Marios Kourtesis and I. This year, Timo Goosen also did an evaluation on
>>>>>>>> this project during the Project Summit EU.
>>>>>>>>
>>>>>>>> From the evaluations we could conclude the following:
>>>>>>>>
>>>>>>>>    - The project lacks documentation in order for first time users
>>>>>>>>    to install and to build this properly
>>>>>>>>    - The project does not have any developments except during the
>>>>>>>>    Google summer of Code last year. You can see their contributions on their
>>>>>>>>    main development branch here. Basically almost none(see attached image)
>>>>>>>>       - https://www.openhub.net/p/hackademic
>>>>>>>>    - I requested an update regarding their developments but never
>>>>>>>>    received an answer on this
>>>>>>>>    - Timo Goosen spent quite lot of time during the Summit working
>>>>>>>>    on their project, developing documentation for them which they never
>>>>>>>>    updated their wiki and use it
>>>>>>>>
>>>>>>>> Now this project is getting the sponsorship for the Summer of code
>>>>>>>> when they hardly work on their development and to us it lacks a certain
>>>>>>>> level of maturity and robustness which unfortunately there are other
>>>>>>>> projects in incubator stage that are much better and more mature than this
>>>>>>>> one.
>>>>>>>>
>>>>>>>> I strongly advise the board that before taking major decisions to
>>>>>>>> spend money in activities for projects lacking a clear strcutural
>>>>>>>> development , to take the time and evaluate if the project deserves it.
>>>>>>>>
>>>>>>>> I think there are many other projects that can use that money and
>>>>>>>> have shown committed and responsive project leaders
>>>>>>>>
>>>>>>>>
>>>>>>>> Regards
>>>>>>>> Johanna
>>>>>>>>
>>>>>>>> HACKADEMICS activity over the past 2 years:
>>>>>>>> [image: Inline image 1]
>>>>>>>> Johanna
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Owasp-board mailing list
>>>>>>>> Owasp-board at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Owasp-board mailing list
>>>>>>> Owasp-board at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150723/451e6439/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2015-07-23 08.20.26.png
Type: image/png
Size: 45571 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150723/451e6439/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2015-07-23 07.38.03.png
Type: image/png
Size: 82965 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150723/451e6439/attachment-0003.png>


More information about the Owasp-board mailing list