[Owasp-board] Waspy is it a serious award?

johanna curiel curiel johanna.curiel at owasp.org
Tue Aug 16 09:41:38 UTC 2016


>>We need vetting if the awards mean anything.
The award should have some form of prestige and value and it seems this is
not the case. Should we at least begin with a survey to get the impressions
from the community?

We definitely need  to review the integrity of the nominations and confirm
with the person who has nominated someone:

   - Is the person who claims it is
   - The relationship with that person
   - Or was it an *anonymous nomination*


Look, if someone in South Africa gets nominated and I live in US I have no
way of knowing if those claims to win the award are true. In 2014 a project
was nominated that I though was a complete joke, especially when I went and
look at that project. So we need a committee to at least confirm the
identity and claims of nominations and let community vote based on data
that has been checked.


I agree with you Eoin that we need a way to confirm who is voting for who,
like you say, you can indeed nominate yourself (you have bene doing that
all these years...I know , confess it! 😜 and none is controlling that,
quite awkward for an organisation that is promoting cyber security ;-)

>>Self nomination which is evident

IS it because you nominated yourself?😁 Seriously I don't like to accuse
anyone without proof. But we can at least begin check who did nominate who
or was an anonymous nomination? Should anonymous nomination even count?

I nominated John Lita this year multiple times, I can confirm that. And we
can go through all the nominations and confirm the identity of those that
nominated
If the nomination is 'anonymous' should this even count?

We should investigate these things at least in order to make sure there is
integrity in the nomination process.



On Tue, Aug 16, 2016 at 3:10 AM, Eoin Keary <eoin.keary at owasp.org> wrote:

> We need vetting if the awards mean anything.
> We can currently nominate a Fictional person and possibly win.
> We also need to prevent self nomination which is evident.
>
>
> Eoin Keary
> OWASP Volunteer
> @eoinkeary
>
>
>
> On 16 Aug 2016, at 02:07, johanna curiel curiel <johanna.curiel at owasp.org>
> wrote:
>
> >>At this point, low turnout for the WASPY's is more of a symptom of
> several other community stressors than it is a condemnation of the WASPY's
> themselves.
>
> Again, as someone that like to analyse data, I think we need data to
> support these statements. You can be right but you can be wrong. What data
> supports your conclusions?
>
> >>*Most* confessed that they did not understand what their intended use
> was or how to best utilize them for their chapters
>
> In 2012 the winner got USD1000, an iPad and a trophy.
> https://www.owasp.org/index.php/WASPY_Awards_2012
>
> What do people win actually today these days?
>
> You want to give a trophy it should really mean something or you should
> get some kind of reward that you value, like Helen did back in 2012.
>
> In my eyes WASPY has become an award that represents no value at all for
> those that win it. Even worse when you win it for something that makes no
> sense.
>
> >>The tendency to throw something up and then tear it down in favor of
> another thing rather than experiment and tweak is incredibly disorienting
> to the community as a whole.
>
>  We want to improve things not 'tear down' anything. Actually we should
> ask ourselves, how can we make this award valuable to those that win it and
> how to make it significant for those that nominate volunteers?
>
> A  survey is needed with at least a representative number of the community
> where we can take these conclusions.And then, we can look at the data and
> make adjustments based on that.
>
>  why there is so little motivation to nominate others to win an award?
> What is the reason why so few people are been nominated compare to the
> amount of volunteers we have?mahy great people have never been nominated,
> and so many other volunteers I know.
>
> Lets remember that the title of this email is '*Waspy :is it a serious
> award?'*
>
> Which I'm afraid that's not the case and the reason why we should get a
> representative feedback from the entire *global* community to understand
> the issue and try to fix the enormous lack of participation.
>
>
> On Mon, Aug 15, 2016 at 7:29 PM, Tiffany Long <tiffany.long at owasp.org>
> wrote:
>
>> Like I said, the first step would be to engage in an educational
>> campaign.  I spoke with several leaders world wide over the course of the
>> last 6 weeks about the WASPY awards. Most confessed that they did not
>> understand what their intended use was or how to best utilize them for
>> their chapters.  Addressing this would be the most effective way to move
>> the awards forward.  The tendency to throw something up and then tear it
>> down in favor of another thing rather than experiment and tweak is
>> incredibly disorienting to the community as a whole.
>>
>> At this point, low turnout for the WASPY's is more of a symptom of
>> several other community stressors than it is a condemnation of the WASPY's
>> themselves.  For example, there was 15% turnout for the vote by this time
>> last year. While sadly low, that number is still higher than we get
>> returned on many of our more existential concerns.  The WASPYs are one of
>> the most consistently retweeted and talked about activities.  In the
>> context of the rest of the OWASP environment they are doing just fine.
>>
>> I expect that as we solidify the community more, the WASPYs will have a
>> slight decrease or nominal increase in utility next year, followed by
>> fairly steady increases reflecting increased community activity.
>>
>>
>>
>>
>> Tiffany Long
>> Community Manager
>>
>> On Mon, Aug 15, 2016 at 4:09 PM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>
>>> >>In the end, there are a number of challenges to tackle, the WASPY’s
>>> need a tweaking, not a complete reconfiguring.
>>>
>>> I'm sorry to say that I disagree with your statements. I think you need
>>> to look deeper at the data and history of these awards before making such
>>> conclusions.
>>>
>>> Last year I was nominated for the 'caribbean region' for things I did at
>>> global level, like organise Project summits or review projects, actually
>>> nothing to do with my local chapter. WhenI saw that, I almost reacted like
>>> Eoin, wanted to take my name off that list, but hey I commented to a board
>>> member and decided to just leave it. In the end I never received the award
>>> ;-P
>>>
>>> I asked all people that know me very well : please do not nominate me
>>> ever, these awards do not reflect at all the reality of what we do as
>>> volunteers.
>>>
>>> Then this year out of no where there are no regional awards. And even
>>> less nominees.
>>>
>>> Are you sure that this only needs a 'tweaking'?
>>>
>>> If thats the case let's not waste time with committees.
>>>
>>>
>>> On Mon, Aug 15, 2016 at 6:35 PM, Tiffany Long <tiffany.long at owasp.org>
>>> wrote:
>>>
>>>>
>>>> Hello Everybody,
>>>>
>>>> I am excited about this conversation because it gives me a great
>>>> opportunity to discuss the WASPY awards and their social function in the
>>>> OWASP Community.
>>>>
>>>> The WASPYs were originally intended to honor all of the invisible work
>>>> that goes into running the OWASP community.  The idea is that our leaders
>>>> would nominate exceptional volunteers who make the Chapters, Projects, or
>>>> Community function and that all of our community could nominate their peers
>>>> for work that is not always visible to the masses or even the leaders.
>>>> This type of public acknowledgement has long been known to keep volunteer
>>>> organizations energized.  When it functions, this mechanism performs a
>>>> couple of important social functions which support community cohesion.
>>>>
>>>> The WASPYs are clearly not performing at their best right now, but they
>>>> ARE still performing their function.  The most effective ways to help them
>>>> perform better are to help promote leadership buy-in as nominators rather
>>>> than using the tool as a reward for leadership or ignoring it.  This is a
>>>> great tool that every project and chapter leader should be utilizing.
>>>>
>>>> Let’s discuss the WASPYs as they exist now for example.  Anyone (even
>>>> non-members) can nominate a person to win the award which is divided into
>>>> to 4 well defined categories.  Every aspect of the award is maintained on
>>>> the WASPY page
>>>> <https://tracking.cirrusinsight.com/c68f55c3-f18b-48d4-ab9f-dd385b757b4c/owasp-org-index-php-waspy-awards-2016>,
>>>> Kelly has done an amazing job of ensuring the transparency of the award on
>>>> this page from start to finish. Community members then nominate anyone they
>>>> feel meets the criteria by and is required to include a short statement on
>>>> why they support their nominee for any particular category.  This blurb is
>>>> then what the community is asked to judge on.
>>>>
>>>> Because the WASPY’s are a good faith endeavor we do not vet the
>>>> candidates separately. Additionally the invisible work people put into
>>>> OWASP is often impossible to measure through impartial, established
>>>> metrics.  Therefore, rather than attempt to unfairly measure the
>>>> impossible, we allow the nominators to describe the deeds of the nominees.
>>>> This is also why we do not edit (other than the occasional spelling error)
>>>> the blurbs. This is the nominator’s chance to sell their candidate and we
>>>> do not put restrictions or interfere.
>>>>
>>>> It is clear that this year their is slightly less participation than
>>>> last year, but as a chart of all nominations for the history of the award
>>>> will show you, this is not by much.  The figure is even closer when you
>>>> take into account that many of the 2015 nominees were submitted in large
>>>> groups (this is not reflected in the chart below).
>>>> In this case, I would say that the WASPYs are functioning fairly okay.
>>>> They should be tweaked rather than overhauled.  For instance, we should
>>>> engage in an education campaign to help our leaders understand how to best
>>>> use the WASPYs as a tool.  Perhaps we should think about changing the
>>>> reward for the winner.  We should definitely change the way we talk about
>>>> them. A second step would be to perhaps clarify why the blurb is
>>>> important.  Perhaps we can explore how winners are selected for future
>>>> WASPYs.
>>>>
>>>> In the end, there are a number of challenges to tackle, the WASPY’s
>>>> need a tweaking, not a complete reconfiguring.
>>>> Best,
>>>> Tiffany
>>>>
>>>> Tiffany Long
>>>> Community Manager
>>>>
>>>> On Mon, Aug 15, 2016 at 1:50 PM, Eoin Keary <eoin.keary at owasp.org>
>>>> wrote:
>>>>
>>>>> Ok I'm happy to help.
>>>>> Sign me up
>>>>>
>>>>> Eoin Keary
>>>>> OWASP Volunteer
>>>>> @eoinkeary
>>>>>
>>>>>
>>>>>
>>>>> On 15 Aug 2016, at 20:41, johanna curiel curiel <
>>>>> johanna.curiel at owasp.org> wrote:
>>>>>
>>>>> Thank you Josh.
>>>>>
>>>>> Indeed, lets see if we can setup a committee for this purpose and
>>>>> define a better award.
>>>>>
>>>>> @Eoin: let me know you want to join the committee. I'll see if we can
>>>>> set a draft plan/proposal we can discuss with the community ;-)
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Aug 15, 2016 at 3:31 PM, Josh Sokol <josh.sokol at owasp.org>
>>>>> wrote:
>>>>>
>>>>>> Personally, I would rather see WASPYs driven by a group of our
>>>>>> leaders rather than by the OWASP Board.  This would probably be another
>>>>>> great use of the Committees 2.0 framework and it sounds like Johanna and
>>>>>> Eoin would be huge assets to such a team.
>>>>>>
>>>>>> ~josh
>>>>>>
>>>>>> On Mon, Aug 15, 2016 at 1:55 PM, johanna curiel curiel <
>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>
>>>>>>> >>Tiffany can help to make the WASPY results more meaningful.
>>>>>>>
>>>>>>> We can start by defining what exactly is the WASPY award for:
>>>>>>>
>>>>>>>    - Create a survey and ask the community how to define and award
>>>>>>>    that fits OWASP spirit and ideology
>>>>>>>    - Create Clear categories
>>>>>>>    - A more transparent nomination and vetting process
>>>>>>>
>>>>>>> I also think that if only the paid members can nominate & vote, this
>>>>>>> does not represent a 'community' vote. This should be discussed.
>>>>>>>
>>>>>>> It is clear that every year there has been more lack of
>>>>>>> participation in the nomination and voting process and every year this
>>>>>>> awards gets weird with unpredictable changes between categories and regions.
>>>>>>>
>>>>>>> Some better instructions should be provided regarding the conditions
>>>>>>> for nomination.
>>>>>>>
>>>>>>> The board should set this item in the agenda to be discussed. My
>>>>>>> suggestion is that Tiffany can help define a draft for a better process but
>>>>>>> this should definitely be discussed with paying members and the OWASP
>>>>>>> community in general. Once there is a clear proposal, then the Board as the
>>>>>>> final responsible, should take a decision.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Aug 15, 2016 at 12:12 PM, Josh Sokol <josh.sokol at owasp.org>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> There was a similar thread back in August 2014.  I wrote up my
>>>>>>>> thoughts on this topic here:
>>>>>>>>
>>>>>>>> http://lists.owasp.org/pipermail/owasp-board/2014-August/014
>>>>>>>> 474.html
>>>>>>>>
>>>>>>>> I see contributions from both Eoin and Johanna in that thread as
>>>>>>>> well.  Unfortunately, I don't think anything has changed at this point, but
>>>>>>>> hopefully Tiffany can help to make the WASPY results more meaningful.
>>>>>>>>
>>>>>>>> ~josh
>>>>>>>>
>>>>>>>> On Sun, Aug 14, 2016 at 2:25 PM, johanna curiel curiel <
>>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>>
>>>>>>>>> Eoin: Did you get the 'physical' award last year?' I wasn't in
>>>>>>>>> appsec us so I was awaiting to being sent.
>>>>>>>>>
>>>>>>>>> Mine never arrived😁😭
>>>>>>>>>
>>>>>>>>> And, apart from a physical award, what else do people actually win?
>>>>>>>>>
>>>>>>>>> Vetting process... is there something wrong with the description
>>>>>>>>> for those categories?
>>>>>>>>> Who is making the clear decisions regarding this vetting process
>>>>>>>>> or better said: is there even a process?
>>>>>>>>>
>>>>>>>>> For those people nominated multiple times I see that the
>>>>>>>>> description provided quite fits the category and reason for nomination.
>>>>>>>>> last year was worse, some people description and reason was
>>>>>>>>> empty.😬
>>>>>>>>>
>>>>>>>>> And btw this year, don't we have 'per region' awards?
>>>>>>>>> Why are things change from one moment to another without being
>>>>>>>>> discussed at all with the community or at least the paying members who are
>>>>>>>>> the only ones that can actually vote...?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Sun, Aug 14, 2016 at 8:21 AM, Eoin Keary <eoin.keary at owasp.org>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Folks I won this last year and have been nominated this year
>>>>>>>>>> "good for me" but the quality of the nominations, is it vetted at all??
>>>>>>>>>>
>>>>>>>>>> I'm happy to be removed from the nominees list btw this is not
>>>>>>>>>> any scheme, or ploy etc..
>>>>>>>>>>
>>>>>>>>>> Some people have been nominated for various things but have the
>>>>>>>>>> claims been verified by 1/2 third parties?
>>>>>>>>>>
>>>>>>>>>> Some nominations are "cut and paste" for all categories?
>>>>>>>>>> Seriously? Yes!
>>>>>>>>>> Different catagories but the same text for each?? Make sense?
>>>>>>>>>> I could technically nominate a fictional person I bet with no
>>>>>>>>>> problems :)
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Just curious about the vetting process, is all.
>>>>>>>>>> (Assuming this email shall be ignored 😀)
>>>>>>>>>>
>>>>>>>>>> All the best!!
>>>>>>>>>>
>>>>>>>>>> Eoin
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Eoin Keary
>>>>>>>>>> OWASP Volunteer
>>>>>>>>>> @eoinkeary
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> Owasp-board mailing list
>>>>>>>>>> Owasp-board at lists.owasp.org
>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Johanna Curiel
>>>>>>>>> OWASP Volunteer
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> Owasp-board mailing list
>>>>>>>>> Owasp-board at lists.owasp.org
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Johanna Curiel
>>>>>>> OWASP Volunteer
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Johanna Curiel
>>>>> OWASP Volunteer
>>>>>
>>>>>
>>>>
>>>
>>>
>>> --
>>> Johanna Curiel
>>> OWASP Volunteer
>>>
>>
>>
>
>
> --
> Johanna Curiel
> OWASP Volunteer
>
>


-- 
Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20160816/d2d58066/attachment-0001.html>


More information about the Owasp-board mailing list