[Owasp-board] Regarding Hackademic project-follow up discussion clarifications

Konstantinos Papapanagiotou Konstantinos at owasp.org
Fri Jul 24 09:42:09 UTC 2015


Lack transparency?!! How is that?!

On Fri, Jul 24, 2015 at 11:16 AM, Timo Goosen <timo.goosen at owasp.org> wrote:

> >You can point out such inconsistencies on a personal or project level
> before publicly saying that you guys know nothing about security and keep
> spending money without doing anything.
> I've tried being nice. I'm not gonna take back what I said. I'm not new to
> the Open Source community and this is not how you run an open source
> project. This project lacks transparency and also you guys don't react well
> to people trying to help you, you react even worse to criticism. I do think
> you guys are wasting money and I also think you are ungrateful.
>
> Regards.
> Timo
>
>
> On Thu, Jul 23, 2015 at 6:59 PM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
>> >You can point out such inconsistencies on a personal or project level
>> before publicly saying that you guys know nothing about security and keep
>> spending money without doing anything.
>>
>> We already did this directly with the project leaders and didn't received
>> an answer. Spyros never answered my questions regarding the new branch or
>> updates:
>>
>> https://groups.google.com/a/owasp.org/forum/?hl=en#!topic/projects-task-force/iKoo1utMwAcT
>>
>> No one took the time to update the wiki or update us with the status.
>>
>> Timo just made an observation on the fact that the documentation he
>> created was not published and never received a concrete answer on that.He
>> gave them the documentation through email.Maybe his reaction was out of
>> frustration he has expressed multiple times to me due to spending time and
>> he felt no appreciation for the efforts he did.
>>
>>  If I didn't contact you directly is because you do not appear to us as
>> leading the project. Spyros and Antonis are doing that from our
>> understanding.
>> See mailing list:
>> http://lists.owasp.org/pipermail/owasp-hackademic-challenges/
>>
>> I think that the problem here is a misconception and misunderstanding of
>> the work and Project classification. I would like to clarify this again.
>> This information has been published on the wiki:
>> https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Assessments
>>
>> The higher you are ranked, the more we review , watch and control we do.
>> Projects in incubator phase are more free to have the development they want
>> as long as they keep active within a period of 1 year for code, 2-3 years
>> for documentation. A very low bar, even though many members have expressed
>> that they do not even support this. I think we should consider putting this
>> to a community vote
>>
>> Why is that ? Because the  higher that you rank , the more benefits you
>> get including budget,  financing and participation in initiatives.
>> The fact that USD4,500- can go to your project creates a level of
>> responsibility for deliverables.
>>
>> I'm not accusing the project of doing anything, but the issue here is the
>> status LAB vs activity level does not match.The branch shows no major
>> progress nor wiki or updates or mailing list have a low activity.
>>
>> I'm not saying we should not spend USD12,500 in 4 projects, what I'm
>> saying is that for next time we should evaluate if this activity or any
>> other should be kept when it has not the desired impact on the proposed
>> OWASP mission and goals.
>>
>> That is what any organisation does when investing or spending in a
>> certain activity. Whether to improve it or cancel it.
>>
>> That goes for any initiative.
>>
>> Regards
>>
>> Johanna
>>
>>
>>
>>
>>
>> On Thu, Jul 23, 2015 at 11:10 AM, Konstantinos Papapanagiotou <
>> Konstantinos at owasp.org> wrote:
>>
>>> This has been already discussed openly, voted and decided, a couple of
>>> months ago. Why do we have to come back? Unless you think that you can also
>>> kill an initiative voted by the board with a single email of yours like you
>>> demoted our project.
>>>
>>> Anyway Johanna, I'm in favor of criticism and the reviewing process
>>> because it provides constructive comments. Once more, I have no issues with
>>> calling Hackademic "Lab", "Incubator" or anything that you see fit. You
>>> promoted it to "Lab", you demote it to "incubator". However in this thread
>>> I've seen a lot of comments that are more like libel on a public mailing
>>> list , rather than criticism. You have said that we get money without doing
>>> anything, that there's hardly any work done and someone even said that we
>>> "lack basic knowledge of security". The project might not be mature enough,
>>> might not have all the required elements to be on the "Lab" status, might
>>> have security or other bugs but this is something totally different. You
>>> can point out such inconsistencies on a personal or project level before
>>> publicly saying that you guys know nothing about security and keep spending
>>> money without doing anything.
>>> Frankly Johanna, I expected that at least you, personally, knew the
>>> progress we are making, even if its slow; and you also know me personally
>>> you could have got in touch with me first with all these issues. My take
>>> would have probably been to go back to incubator until we improve. You can
>>> do as you see fit with the project but I do expect an apology on a personal
>>> level for things that have been said.
>>>
>>> Thank you Johanna,
>>> Kostas
>>>
>>>
>>  --
>> You received this message because you are subscribed to the Google Groups
>> "OWASP Projects Task Force" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to projects-task-force+unsubscribe at owasp.org.
>> To post to this group, send email to projects-task-force at owasp.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/owasp.org/d/msgid/projects-task-force/CACxry_1nO4ktH%2BdVOy60WhurFd-rf4zhMS%2BOH8necshirVf%2BAA%40mail.gmail.com
>> <https://groups.google.com/a/owasp.org/d/msgid/projects-task-force/CACxry_1nO4ktH%2BdVOy60WhurFd-rf4zhMS%2BOH8necshirVf%2BAA%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150724/ede63b13/attachment-0001.html>


More information about the Owasp-board mailing list