[Owasp-board] Waspy is it a serious award?

Tiffany Long tiffany.long at owasp.org
Tue Aug 16 22:50:54 UTC 2016


If you would like to start a committee it begins by proposing the committee
on the leader's list to see if it gets support.  I would be glad to help
you through the process and even help you propose the committee.  Although,
as nothing can happen to affect the 2016 awards, I would suggest we start
the process after the awards are presented.


Tiffany Long
Community Manager

On Tue, Aug 16, 2016 at 3:34 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> Thank you Kevin 😁
>
> Indeed the right word is not *rigged* and I couldn't agree more.
>
> >>If you want to say the current system is "unintentionally biased" or
> even perhaps "irreparably broken" (though I think that's a stretch), I
> could at least get behind you. Is it flawed and less than ideal? Certainly.
> Should it be fixed? Probably... assuming we want to continue the award.
> Will it *get* fixed? I don't know, but neither does anyone else unless we
> try.
>
> Please, my excuses on this misunderstanding , especially coming from
> someone that is speaking 4 languages the entire day and is not a native
> english speaker. So yes, I think that you nailed it. I think the best term
> that fits the situation is "unintentionally biased".
>
> But, so far I also agree with Tiffany that this entire WASPY award issue
> is a reflection of some more worrisome problems within the OWASP community.
>
> >>In fact, if you start a committee, you can sign me up. But let's try to
> refrain from casting aspersions on fellow OWASP members who almost
> certainly had good intentions when setting up the WASPYs.
>
> Should we begin with a survey asking members and none members their
> opinion regarding this award? I would like to improve things based on
> community support, so , I'll send a survey to the entire community list,
> including members and none members. Depending on this feedback , we can
> take it from there.
>
> I believe it has been created with all good intentions but it seems that
> WASPY  has become the golden apple of discord, if you know what I mean:
> http://www.greek-gods.info/greek-gods/aphrodite/myths/
> aphrodite-paris-golden-apple/
>
>
> On Tue, Aug 16, 2016 at 6:12 PM, Kevin W. Wall <kevin.w.wall at gmail.com>
> wrote:
>
>> Johanna,
>>
>> I think I know what you mean, but I would contend that "rigged" is not
>> really the right word here. When used in the context of an election,
>> "rigged" denotes a preconceived, duplicitous intent to get a particular
>> outcome in an election. There is an old saying: never attribute to malice
>> what you can to stupidity, or in this case, more likely ignorance.
>>
>> If you want to say the current system is "unintentionally biased" or even
>> perhaps "irreparably broken" (though I think that's a stretch), I could at
>> least get behind you. Is it flawed and less than ideal? Certainly. Should
>> it be fixed? Probably... assuming we want to continue the award. Will it
>> *get* fixed? I don't know, but neither does anyone else unless we try.
>>
>> In fact, if you start a committee, you can sign me up. But let's try to
>> refrain from casting aspersions on fellow OWASP members who almost
>> certainly had good intentions when setting up the WASPYs.
>>
>> -kevin
>> --
>> Blog: http://off-the-wall-security.blogspot.com/.   | Twitter:
>> @KevinWWall
>> NSA: All your crypto bit are belong to us.
>>
>> On Aug 16, 2016 14:19, "johanna curiel curiel" <johanna.curiel at owasp.org>
>> wrote:
>>
>>> >>That said, other international organizations manage to
>>> have similar awards with similar systems.  Calling the system "Rigged" is
>>> hyperbolic because it denotes malicious intent or structural barriers which
>>> do not exist.
>>>
>>> Are you saying that I call it rigged because I have malicious intend? I
>>> provided the data top show you why is this voting system rigged.
>>>
>>> Tiffany, if only *paying* members can vote, how can we call this
>>> 'community' award when there are even chapter or project members that are
>>> not even paid members
>>>
>>> In a system where such a small group can vote compare to the amount of
>>> people part of the 'community' then I think there is a problem here
>>>
>>> Please, do not judge me based on that. Let's keep the discussion on the
>>> subject.
>>>
>>> >>In addition we can work to boost membership to OWASP specifically
>>> outside of the US.
>>>
>>> This is what I support if we want GLOBAL involvement and participation
>>> on voting system for awards or the direction OWASP is taken.
>>> Like people voting for the Board.
>>>
>>> On Tue, Aug 16, 2016 at 1:29 PM, Tiffany Long <tiffany.long at owasp.org>
>>> wrote:
>>>
>>>> I agree that this is the second biggest issue the WASPYs have.  I said
>>>> that here: " Currently from a Community Management perspective, the
>>>> two largest problems with the WASPYs are leadership buy in and encouraging
>>>>  members to vote outside of their chapters."
>>>>
>>>> That said, other international organizations manage to
>>>> have similar awards with similar systems.  Calling the system "Rigged" is
>>>> hyperbolic because it denotes malicious intent or structural barriers which
>>>> do not exist.   We can work to help our community judge the WASPYs by the
>>>> standards intended just as every other large organization or
>>>> even scholarship does.  In addition we can work to boost membership to
>>>> OWASP specifically outside of the US.  OWASP certainly has structural problems,
>>>> the WASPYs are not currently one of them.
>>>>
>>>> -Tiffany
>>>>
>>>> Tiffany Long
>>>> Community Manager
>>>>
>>>> On Tue, Aug 16, 2016 at 10:15 AM, johanna curiel curiel <
>>>> johanna.curiel at owasp.org> wrote:
>>>>
>>>>> Just to clarify regarding data. This is my data:
>>>>>
>>>>> >> Currently from a Community Management perspective, the two largest
>>>>> problems with the WASPYs are leadership buy in and encouraging  members to
>>>>> vote outside of their chapters.
>>>>>
>>>>> I think the problem is bigger than that.
>>>>>
>>>>> The only people that can vote are paying members. We have +/-2400
>>>>> members based on the last published list.
>>>>>
>>>>> Only alone in the US, there are around +/-1300 members
>>>>>
>>>>> Look at the demographics of membership:
>>>>> https://docs.google.com/spreadsheets/d/1jG1ad1s6pEbBjsGkftCB
>>>>> _2dU70n6GajRe4CYLGFwkM8/edit#gid=0
>>>>>
>>>>> If a paying member has to vote on a chapter that he does not even
>>>>> know, how can you expect they will actually vote for it?
>>>>>
>>>>> I have never been to Dublin, I have never been in SnowFROC and I
>>>>> cannot vote for a volunteer work based on a wiki page claim alone.
>>>>>
>>>>> I can vote for John Lita because he is always publishing all the
>>>>> actions he does, I have spoken with him multiple times and I have the
>>>>> impression that he is doing an amazing work. Again that is my impression. I
>>>>> hope he wins because I think he deserves it. BUT in the Philippines there
>>>>> is only 1 member !!!!!
>>>>>
>>>>> In Ireland only 33 members
>>>>>
>>>>> And then we have us with +1300 members ;-)
>>>>>
>>>>> Chances are there are more voters for US volunteers given the fact
>>>>> 1300 are in US alone and maybe from that group there is a huge amount that
>>>>> has been into SnowFROC and knows Kate's work. So she has a bigger chance to
>>>>> get the award based on the amount of paying members because of US members
>>>>> if her volunteer work is supported by these paying members.
>>>>>
>>>>> That does not reflect at all the community. This is defiantly not a
>>>>> community award based on this voting system.
>>>>>
>>>>> Is this fair? This looks rigged to me.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Tue, Aug 16, 2016 at 12:23 PM, johanna curiel curiel <
>>>>> johanna.curiel at owasp.org> wrote:
>>>>>
>>>>>> >>Is it your suspicion that people would nominate other people
>>>>>> maliciously?  The WASPYs allow self nomination, that does not violate
>>>>>> the integrity of the award
>>>>>>
>>>>>> Really, *self nomination* for a volunteer award? ok I think this is
>>>>>> really funny.
>>>>>>
>>>>>> If thats the case my work is done here 😁
>>>>>>
>>>>>> On Tue, Aug 16, 2016 at 12:17 PM, Tiffany Long <
>>>>>> tiffany.long at owasp.org> wrote:
>>>>>>
>>>>>>> From Eoin
>>>>>>>
>>>>>>> We definitely need  to review the integrity of the nominations and
>>>>>>> confirm with the person who has nominated someone:
>>>>>>>
>>>>>>>    - Is the person who claims it is
>>>>>>>    - The relationship with that person
>>>>>>>    - Or was it an *anonymous nomination*
>>>>>>>
>>>>>>> From Johanna:
>>>>>>>
>>>>>>> I nominated John Lita this year multiple times, I can confirm that.
>>>>>>> And we can go through all the nominations and confirm the identity of those
>>>>>>> that nominated
>>>>>>> If the nomination is 'anonymous' should this even count?
>>>>>>>
>>>>>>> Who nominated a person for an award has no bearing.  Is it
>>>>>>> your suspicion that people would nominate other people maliciously?  The
>>>>>>> WASPYs allow self nomination, that does not violate the integrity of the
>>>>>>> award. A person's relationship to the person they nominate is
>>>>>>> not germane either.   If someone notices a volunteer doing amazing work and
>>>>>>> nominates them, I don't care if they are nominating their wife, brother,
>>>>>>> best friend or a total stranger. There is no way to vet these relationships
>>>>>>> from a global level and nor is it seemly to do so.   In fact, going to such
>>>>>>> a granular level would look like the committee was pointing people out to
>>>>>>> continue a feud. This is not the purpose of OWASP.
>>>>>>>
>>>>>>>
>>>>>>> "Look, if someone in South Africa gets nominated and I live in US I
>>>>>>> have no way of knowing if those claims to win the award are true. In 2014 a
>>>>>>> project was nominated that I though was a complete joke, especially when I
>>>>>>> went and look at that project. So we need a committee to at least confirm
>>>>>>> the identity and claims of nominations and let community vote based on data
>>>>>>> that has been checked."
>>>>>>>
>>>>>>> Did you vote for the project?  If not the system worked.  If so the
>>>>>>> system also worked and that was a choice you made.  Can this be harder to
>>>>>>> do with personal contributions?  Sure.  But you are coming at the award
>>>>>>> from the POV of a security person rather than a good faith Community
>>>>>>> member.  So far the concerns you are raising have not been realized.
>>>>>>>
>>>>>>>  Currently from a Community Management perspective, the two largest
>>>>>>> problems with the WASPYs are leadership buy in and encouraging  members to
>>>>>>> vote outside of their chapters.  That said, the WASPYs still garner more
>>>>>>> reaction from the community than almost any other work we do.  Judging from
>>>>>>> a community involvement perspective and metrics the WASPYs are fine.  They
>>>>>>> could be improved, but I suggest improving them in ways that also improve
>>>>>>> the overall community before we fight problems that do not yet exist.  If
>>>>>>> you have metrics disproving this, please share them, because so far the
>>>>>>> concerns are not based on metrics at all. Like I said, metrics are not the
>>>>>>> be-all (especially if we choose the wrong ones) but from a gestalt
>>>>>>> perspective the adjustments we need to make to the WASPYs are more in the
>>>>>>> realm of perception than the realm of policy.
>>>>>>>
>>>>>>> Making the awards more bureaucratic  is simply not necessary or
>>>>>>> worth staff time right now.   That said, if you can get the community
>>>>>>> behind it you can absolutely start a committee.  I will even help you
>>>>>>> through the steps and write the proposal if you want.  I suggest you wait
>>>>>>> until a couple of weeks after this year's winner is announced in order to
>>>>>>> not besmirch the award winner.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Tiffany Long
>>>>>>> Community Manager
>>>>>>>
>>>>>>> On Tue, Aug 16, 2016 at 2:41 AM, johanna curiel curiel <
>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>
>>>>>>>> >>We need vetting if the awards mean anything.
>>>>>>>> The award should have some form of prestige and value and it seems
>>>>>>>> this is not the case. Should we at least begin with a survey to get the
>>>>>>>> impressions from the community?
>>>>>>>>
>>>>>>>> We definitely need  to review the integrity of the nominations and
>>>>>>>> confirm with the person who has nominated someone:
>>>>>>>>
>>>>>>>>    - Is the person who claims it is
>>>>>>>>    - The relationship with that person
>>>>>>>>    - Or was it an *anonymous nomination*
>>>>>>>>
>>>>>>>>
>>>>>>>> Look, if someone in South Africa gets nominated and I live in US I
>>>>>>>> have no way of knowing if those claims to win the award are true. In 2014 a
>>>>>>>> project was nominated that I though was a complete joke, especially when I
>>>>>>>> went and look at that project. So we need a committee to at least confirm
>>>>>>>> the identity and claims of nominations and let community vote based on data
>>>>>>>> that has been checked.
>>>>>>>>
>>>>>>>>
>>>>>>>> I agree with you Eoin that we need a way to confirm who is voting
>>>>>>>> for who, like you say, you can indeed nominate yourself (you have bene
>>>>>>>> doing that all these years...I know , confess it! 😜 and none is
>>>>>>>> controlling that, quite awkward for an organisation that is promoting cyber
>>>>>>>> security ;-)
>>>>>>>>
>>>>>>>> >>Self nomination which is evident
>>>>>>>>
>>>>>>>> IS it because you nominated yourself?😁 Seriously I don't like to
>>>>>>>> accuse anyone without proof. But we can at least begin check who did
>>>>>>>> nominate who or was an anonymous nomination? Should anonymous nomination
>>>>>>>> even count?
>>>>>>>>
>>>>>>>> I nominated John Lita this year multiple times, I can confirm that.
>>>>>>>> And we can go through all the nominations and confirm the identity of those
>>>>>>>> that nominated
>>>>>>>> If the nomination is 'anonymous' should this even count?
>>>>>>>>
>>>>>>>> We should investigate these things at least in order to make sure
>>>>>>>> there is integrity in the nomination process.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Tue, Aug 16, 2016 at 3:10 AM, Eoin Keary <eoin.keary at owasp.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> We need vetting if the awards mean anything.
>>>>>>>>> We can currently nominate a Fictional person and possibly win.
>>>>>>>>> We also need to prevent self nomination which is evident.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Eoin Keary
>>>>>>>>> OWASP Volunteer
>>>>>>>>> @eoinkeary
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 16 Aug 2016, at 02:07, johanna curiel curiel <
>>>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>> >>At this point, low turnout for the WASPY's is more of a symptom
>>>>>>>>> of several other community stressors than it is a condemnation of the
>>>>>>>>> WASPY's themselves.
>>>>>>>>>
>>>>>>>>> Again, as someone that like to analyse data, I think we need data
>>>>>>>>> to support these statements. You can be right but you can be wrong. What
>>>>>>>>> data supports your conclusions?
>>>>>>>>>
>>>>>>>>> >>*Most* confessed that they did not understand what their
>>>>>>>>> intended use was or how to best utilize them for their chapters
>>>>>>>>>
>>>>>>>>> In 2012 the winner got USD1000, an iPad and a trophy.
>>>>>>>>> https://www.owasp.org/index.php/WASPY_Awards_2012
>>>>>>>>>
>>>>>>>>> What do people win actually today these days?
>>>>>>>>>
>>>>>>>>> You want to give a trophy it should really mean something or you
>>>>>>>>> should get some kind of reward that you value, like Helen did back in 2012.
>>>>>>>>>
>>>>>>>>> In my eyes WASPY has become an award that represents no value at
>>>>>>>>> all for those that win it. Even worse when you win it for something that
>>>>>>>>> makes no sense.
>>>>>>>>>
>>>>>>>>> >>The tendency to throw something up and then tear it down in
>>>>>>>>> favor of another thing rather than experiment and tweak is incredibly
>>>>>>>>> disorienting to the community as a whole.
>>>>>>>>>
>>>>>>>>>  We want to improve things not 'tear down' anything. Actually we
>>>>>>>>> should ask ourselves, how can we make this award valuable to those that win
>>>>>>>>> it and how to make it significant for those that nominate volunteers?
>>>>>>>>>
>>>>>>>>> A  survey is needed with at least a representative number of the
>>>>>>>>> community where we can take these conclusions.And then, we can look at the
>>>>>>>>> data and make adjustments based on that.
>>>>>>>>>
>>>>>>>>>  why there is so little motivation to nominate others to win an
>>>>>>>>> award? What is the reason why so few people are been nominated compare to
>>>>>>>>> the amount of volunteers we have?mahy great people have never been
>>>>>>>>> nominated, and so many other volunteers I know.
>>>>>>>>>
>>>>>>>>> Lets remember that the title of this email is '*Waspy :is it a
>>>>>>>>> serious award?'*
>>>>>>>>>
>>>>>>>>> Which I'm afraid that's not the case and the reason why we should
>>>>>>>>> get a representative feedback from the entire *global* community
>>>>>>>>> to understand the issue and try to fix the enormous lack of participation.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, Aug 15, 2016 at 7:29 PM, Tiffany Long <
>>>>>>>>> tiffany.long at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>>> Like I said, the first step would be to engage in an educational
>>>>>>>>>> campaign.  I spoke with several leaders world wide over the course of the
>>>>>>>>>> last 6 weeks about the WASPY awards. Most confessed that they did not
>>>>>>>>>> understand what their intended use was or how to best utilize them for
>>>>>>>>>> their chapters.  Addressing this would be the most effective way to move
>>>>>>>>>> the awards forward.  The tendency to throw something up and then tear it
>>>>>>>>>> down in favor of another thing rather than experiment and tweak is
>>>>>>>>>> incredibly disorienting to the community as a whole.
>>>>>>>>>>
>>>>>>>>>> At this point, low turnout for the WASPY's is more of a symptom
>>>>>>>>>> of several other community stressors than it is a condemnation of the
>>>>>>>>>> WASPY's themselves.  For example, there was 15% turnout for the vote by
>>>>>>>>>> this time last year. While sadly low, that number is still higher than we
>>>>>>>>>> get returned on many of our more existential concerns.  The WASPYs are one
>>>>>>>>>> of the most consistently retweeted and talked about activities.  In the
>>>>>>>>>> context of the rest of the OWASP environment they are doing just fine.
>>>>>>>>>>
>>>>>>>>>> I expect that as we solidify the community more, the WASPYs will
>>>>>>>>>> have a slight decrease or nominal increase in utility next year, followed
>>>>>>>>>> by fairly steady increases reflecting increased community activity.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Tiffany Long
>>>>>>>>>> Community Manager
>>>>>>>>>>
>>>>>>>>>> On Mon, Aug 15, 2016 at 4:09 PM, johanna curiel curiel <
>>>>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>>>>
>>>>>>>>>>> >>In the end, there are a number of challenges to tackle, the
>>>>>>>>>>> WASPY’s need a tweaking, not a complete reconfiguring.
>>>>>>>>>>>
>>>>>>>>>>> I'm sorry to say that I disagree with your statements. I think
>>>>>>>>>>> you need to look deeper at the data and history of these awards before
>>>>>>>>>>> making such conclusions.
>>>>>>>>>>>
>>>>>>>>>>> Last year I was nominated for the 'caribbean region' for things
>>>>>>>>>>> I did at global level, like organise Project summits or review projects,
>>>>>>>>>>> actually nothing to do with my local chapter. WhenI saw that, I almost
>>>>>>>>>>> reacted like Eoin, wanted to take my name off that list, but hey I
>>>>>>>>>>> commented to a board member and decided to just leave it. In the end I
>>>>>>>>>>> never received the award ;-P
>>>>>>>>>>>
>>>>>>>>>>> I asked all people that know me very well : please do not
>>>>>>>>>>> nominate me ever, these awards do not reflect at all the reality of what we
>>>>>>>>>>> do as volunteers.
>>>>>>>>>>>
>>>>>>>>>>> Then this year out of no where there are no regional awards. And
>>>>>>>>>>> even less nominees.
>>>>>>>>>>>
>>>>>>>>>>> Are you sure that this only needs a 'tweaking'?
>>>>>>>>>>>
>>>>>>>>>>> If thats the case let's not waste time with committees.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Mon, Aug 15, 2016 at 6:35 PM, Tiffany Long <
>>>>>>>>>>> tiffany.long at owasp.org> wrote:
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Hello Everybody,
>>>>>>>>>>>>
>>>>>>>>>>>> I am excited about this conversation because it gives me a
>>>>>>>>>>>> great opportunity to discuss the WASPY awards and their social function in
>>>>>>>>>>>> the OWASP Community.
>>>>>>>>>>>>
>>>>>>>>>>>> The WASPYs were originally intended to honor all of the
>>>>>>>>>>>> invisible work that goes into running the OWASP community.  The idea is
>>>>>>>>>>>> that our leaders would nominate exceptional volunteers who make the
>>>>>>>>>>>> Chapters, Projects, or Community function and that all of our community
>>>>>>>>>>>> could nominate their peers for work that is not always visible to the
>>>>>>>>>>>> masses or even the leaders.  This type of public acknowledgement has long
>>>>>>>>>>>> been known to keep volunteer organizations energized.  When it functions,
>>>>>>>>>>>> this mechanism performs a couple of important social functions which
>>>>>>>>>>>> support community cohesion.
>>>>>>>>>>>>
>>>>>>>>>>>> The WASPYs are clearly not performing at their best right now,
>>>>>>>>>>>> but they ARE still performing their function.  The most effective ways to
>>>>>>>>>>>> help them perform better are to help promote leadership buy-in as
>>>>>>>>>>>> nominators rather than using the tool as a reward for leadership or
>>>>>>>>>>>> ignoring it.  This is a great tool that every project and chapter leader
>>>>>>>>>>>> should be utilizing.
>>>>>>>>>>>>
>>>>>>>>>>>> Let’s discuss the WASPYs as they exist now for example.  Anyone
>>>>>>>>>>>> (even non-members) can nominate a person to win the award which is divided
>>>>>>>>>>>> into to 4 well defined categories.  Every aspect of the award is maintained
>>>>>>>>>>>> on the WASPY page
>>>>>>>>>>>> <https://tracking.cirrusinsight.com/c68f55c3-f18b-48d4-ab9f-dd385b757b4c/owasp-org-index-php-waspy-awards-2016>,
>>>>>>>>>>>> Kelly has done an amazing job of ensuring the transparency of the award on
>>>>>>>>>>>> this page from start to finish. Community members then nominate anyone they
>>>>>>>>>>>> feel meets the criteria by and is required to include a short statement on
>>>>>>>>>>>> why they support their nominee for any particular category.  This blurb is
>>>>>>>>>>>> then what the community is asked to judge on.
>>>>>>>>>>>>
>>>>>>>>>>>> Because the WASPY’s are a good faith endeavor we do not vet the
>>>>>>>>>>>> candidates separately. Additionally the invisible work people put into
>>>>>>>>>>>> OWASP is often impossible to measure through impartial, established
>>>>>>>>>>>> metrics.  Therefore, rather than attempt to unfairly measure the
>>>>>>>>>>>> impossible, we allow the nominators to describe the deeds of the nominees.
>>>>>>>>>>>> This is also why we do not edit (other than the occasional spelling error)
>>>>>>>>>>>> the blurbs. This is the nominator’s chance to sell their candidate and we
>>>>>>>>>>>> do not put restrictions or interfere.
>>>>>>>>>>>>
>>>>>>>>>>>> It is clear that this year their is slightly less participation
>>>>>>>>>>>> than last year, but as a chart of all nominations for the history of the
>>>>>>>>>>>> award will show you, this is not by much.  The figure is even closer when
>>>>>>>>>>>> you take into account that many of the 2015 nominees were submitted in
>>>>>>>>>>>> large groups (this is not reflected in the chart below).
>>>>>>>>>>>> In this case, I would say that the WASPYs are functioning
>>>>>>>>>>>> fairly okay.  They should be tweaked rather than overhauled.  For instance,
>>>>>>>>>>>> we should engage in an education campaign to help our leaders understand
>>>>>>>>>>>> how to best use the WASPYs as a tool.  Perhaps we should think about
>>>>>>>>>>>> changing the reward for the winner.  We should definitely change the way we
>>>>>>>>>>>> talk about them. A second step would be to perhaps clarify why the blurb is
>>>>>>>>>>>> important.  Perhaps we can explore how winners are selected for future
>>>>>>>>>>>> WASPYs.
>>>>>>>>>>>>
>>>>>>>>>>>> In the end, there are a number of challenges to tackle, the
>>>>>>>>>>>> WASPY’s need a tweaking, not a complete reconfiguring.
>>>>>>>>>>>> Best,
>>>>>>>>>>>> Tiffany
>>>>>>>>>>>>
>>>>>>>>>>>> Tiffany Long
>>>>>>>>>>>> Community Manager
>>>>>>>>>>>>
>>>>>>>>>>>> On Mon, Aug 15, 2016 at 1:50 PM, Eoin Keary <
>>>>>>>>>>>> eoin.keary at owasp.org> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Ok I'm happy to help.
>>>>>>>>>>>>> Sign me up
>>>>>>>>>>>>>
>>>>>>>>>>>>> Eoin Keary
>>>>>>>>>>>>> OWASP Volunteer
>>>>>>>>>>>>> @eoinkeary
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On 15 Aug 2016, at 20:41, johanna curiel curiel <
>>>>>>>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thank you Josh.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Indeed, lets see if we can setup a committee for this purpose
>>>>>>>>>>>>> and define a better award.
>>>>>>>>>>>>>
>>>>>>>>>>>>> @Eoin: let me know you want to join the committee. I'll see if
>>>>>>>>>>>>> we can set a draft plan/proposal we can discuss with the community ;-)
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Mon, Aug 15, 2016 at 3:31 PM, Josh Sokol <
>>>>>>>>>>>>> josh.sokol at owasp.org> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Personally, I would rather see WASPYs driven by a group of
>>>>>>>>>>>>>> our leaders rather than by the OWASP Board.  This would probably be another
>>>>>>>>>>>>>> great use of the Committees 2.0 framework and it sounds like Johanna and
>>>>>>>>>>>>>> Eoin would be huge assets to such a team.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> ~josh
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Mon, Aug 15, 2016 at 1:55 PM, johanna curiel curiel <
>>>>>>>>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> >>Tiffany can help to make the WASPY results more
>>>>>>>>>>>>>>> meaningful.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> We can start by defining what exactly is the WASPY award for:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>    - Create a survey and ask the community how to define
>>>>>>>>>>>>>>>    and award that fits OWASP spirit and ideology
>>>>>>>>>>>>>>>    - Create Clear categories
>>>>>>>>>>>>>>>    - A more transparent nomination and vetting process
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I also think that if only the paid members can nominate &
>>>>>>>>>>>>>>> vote, this does not represent a 'community' vote. This should be discussed.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> It is clear that every year there has been more lack of
>>>>>>>>>>>>>>> participation in the nomination and voting process and every year this
>>>>>>>>>>>>>>> awards gets weird with unpredictable changes between categories and regions.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Some better instructions should be provided regarding the
>>>>>>>>>>>>>>> conditions for nomination.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> The board should set this item in the agenda to be
>>>>>>>>>>>>>>> discussed. My suggestion is that Tiffany can help define a draft for a
>>>>>>>>>>>>>>> better process but this should definitely be discussed with paying members
>>>>>>>>>>>>>>> and the OWASP community in general. Once there is a clear proposal, then
>>>>>>>>>>>>>>> the Board as the final responsible, should take a decision.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Mon, Aug 15, 2016 at 12:12 PM, Josh Sokol <
>>>>>>>>>>>>>>> josh.sokol at owasp.org> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> There was a similar thread back in August 2014.  I wrote up
>>>>>>>>>>>>>>>> my thoughts on this topic here:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> http://lists.owasp.org/piperma
>>>>>>>>>>>>>>>> il/owasp-board/2014-August/014474.html
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I see contributions from both Eoin and Johanna in that
>>>>>>>>>>>>>>>> thread as well.  Unfortunately, I don't think anything has changed at this
>>>>>>>>>>>>>>>> point, but hopefully Tiffany can help to make the WASPY results more
>>>>>>>>>>>>>>>> meaningful.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> ~josh
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Sun, Aug 14, 2016 at 2:25 PM, johanna curiel curiel <
>>>>>>>>>>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Eoin: Did you get the 'physical' award last year?' I
>>>>>>>>>>>>>>>>> wasn't in appsec us so I was awaiting to being sent.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Mine never arrived😁😭
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> And, apart from a physical award, what else do people
>>>>>>>>>>>>>>>>> actually win?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Vetting process... is there something wrong with the
>>>>>>>>>>>>>>>>> description for those categories?
>>>>>>>>>>>>>>>>> Who is making the clear decisions regarding this vetting
>>>>>>>>>>>>>>>>> process or better said: is there even a process?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> For those people nominated multiple times I see that the
>>>>>>>>>>>>>>>>> description provided quite fits the category and reason for nomination.
>>>>>>>>>>>>>>>>> last year was worse, some people description and reason
>>>>>>>>>>>>>>>>> was empty.😬
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> And btw this year, don't we have 'per region' awards?
>>>>>>>>>>>>>>>>> Why are things change from one moment to another without
>>>>>>>>>>>>>>>>> being discussed at all with the community or at least the paying members
>>>>>>>>>>>>>>>>> who are the only ones that can actually vote...?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> On Sun, Aug 14, 2016 at 8:21 AM, Eoin Keary <
>>>>>>>>>>>>>>>>> eoin.keary at owasp.org> wrote:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Folks I won this last year and have been nominated this
>>>>>>>>>>>>>>>>>> year "good for me" but the quality of the nominations, is it vetted at all??
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> I'm happy to be removed from the nominees list btw this
>>>>>>>>>>>>>>>>>> is not any scheme, or ploy etc..
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Some people have been nominated for various things but
>>>>>>>>>>>>>>>>>> have the claims been verified by 1/2 third parties?
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Some nominations are "cut and paste" for all categories?
>>>>>>>>>>>>>>>>>> Seriously? Yes!
>>>>>>>>>>>>>>>>>> Different catagories but the same text for each?? Make
>>>>>>>>>>>>>>>>>> sense?
>>>>>>>>>>>>>>>>>> I could technically nominate a fictional person I bet
>>>>>>>>>>>>>>>>>> with no problems :)
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Just curious about the vetting process, is all.
>>>>>>>>>>>>>>>>>> (Assuming this email shall be ignored 😀)
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> All the best!!
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Eoin
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Eoin Keary
>>>>>>>>>>>>>>>>>> OWASP Volunteer
>>>>>>>>>>>>>>>>>> @eoinkeary
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>>>>> Owasp-board mailing list
>>>>>>>>>>>>>>>>>> Owasp-board at lists.owasp.org
>>>>>>>>>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>> Johanna Curiel
>>>>>>>>>>>>>>>>> OWASP Volunteer
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>>>> Owasp-board mailing list
>>>>>>>>>>>>>>>>> Owasp-board at lists.owasp.org
>>>>>>>>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>> Johanna Curiel
>>>>>>>>>>>>>>> OWASP Volunteer
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> Johanna Curiel
>>>>>>>>>>>>> OWASP Volunteer
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> Johanna Curiel
>>>>>>>>>>> OWASP Volunteer
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Johanna Curiel
>>>>>>>>> OWASP Volunteer
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Johanna Curiel
>>>>>>>> OWASP Volunteer
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Johanna Curiel
>>>>>> OWASP Volunteer
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Johanna Curiel
>>>>> OWASP Volunteer
>>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Johanna Curiel
>>> OWASP Volunteer
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>
>
> --
> Johanna Curiel
> OWASP Volunteer
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20160816/17565354/attachment-0001.html>


More information about the Owasp-board mailing list