[Owasp-google-hacking] [GPC] Update Needed

Christian Heinrich christian.heinrich at owasp.org
Wed Jul 28 00:52:38 EDT 2010


Paulo,

On Tue, Jul 13, 2010 at 4:51 AM, Paulo Coimbra <paulo.coimbra at owasp.org> wrote:
> As for your answer, below, I believe it is the appropriate time to say that
> I don’t think your facts’ narrative always entirely captures the essence of
> the email-thread you refer. However, I suggest we further clarify the matter
> in the context of the inquiry process in course so as to assure the
> situation is handled with the care, respect and factualness it deserves.

I disagree and my interpretation is supported by
http://faculty.chicagobooth.edu/nicholas.epley/EpleyKruger.pdf and the
responses to Tom's comment on
http://taosecurity.blogspot.com/2010/06/publicly-traded-companies-read-this.html

The question is if it wasn't someone from Google then who is the
person in question that raised this with Tom Brennan mentioned in the
thread from July 2009.

I am also trying to gauge the benefit to my project from the attached
email threat in light of the fact that I had agreed to discretely
replace the source code - or what I thought might be the source code
[1] - when I returned to Australia rather then play into the hands of
trolls [2]

I have no doubt that the inquiry has been delayed so it will be
twisted to ensure maximum damage to my reputation while OWASP attempts
to distance itself from its lack of action during the entire lifetime
of this project such as the continued removal from the OWASP Leaders
List and recently marking my project inactive (not in September 2009
when requested).

[1] https://lists.owasp.org/pipermail/owasp-google-hacking/2010-June/000023.html
[2] http://twitter.com/TownyRoberto/status/17237972489


-- 
Regards,
Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking
-------------- next part --------------
                                                                                                                                                                                                                                                               
MIME-Version: 1.0
Received: by 10.220.47.169 with HTTP; Mon, 28 Jun 2010 00:00:55 -0700 (PDT)
In-Reply-To: <503B65D1-1342-4ABD-B67F-50A4A8191592 at owasp.org>
References: <AANLkTikSBlmiHcvt6A3ej6FmXSXdSOunPxAPfGyjXDJw at mail.gmail.com>
	<B9A412898630124ABE8350F4EBD32E8401393F34 at mymail.aspectsecurity.com>
	<AANLkTil-g1_pHCwQz4qQ6_ICw0QS_-fMqr0czUM3vfU3 at mail.gmail.com>
	<4c2554f7.848fd80a.7016.64b4 at mx.google.com>
	<503B65D1-1342-4ABD-B67F-50A4A8191592 at owasp.org>
Date: Mon, 28 Jun 2010 17:00:55 +1000
Delivered-To: christian.heinrich at owasp.org
Message-ID: <AANLkTimSco-qqaMac8WYTKhcQTTJ2bjlaG9KQpWkgEYM at mail.gmail.com>
Subject: Re: [GPC] OWASP "Google Hacking" Project - Status - June 2010
From: Christian Heinrich <christian.heinrich at owasp.org>
To: Brennan - OWASP <tomb at owasp.org>
Cc: Paulo Coimbra <paulo.coimbra at owasp.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Tom,

This OWASP Project has advanced the state of the art from the GHDB by
removing the hype of "Google Hacking" and therefore the community can
now make an informed decision.

I haven't presented this OWASP Project since July 2009 and have
actively discouraged further presentations since due to
http://googlecode.blogspot.com/2009/08/well-earned-retirement-for-soap-sear=
ch.html

I had discussed that
http://googlecode.blogspot.com/2009/08/well-earned-retirement-for-soap-sear=
ch.html
would impact this OWASP Project during the GPC Meeting at OWASP EU
2009.

Everyone who has wanted to contribute to this project has been allowed
too (i.e. most recently
https://lists.owasp.org/pipermail/owasp-google-hacking/2010-June/000007.htm=
l).

While from my perspective this is a direct conflict with acting in a
responsible manner (based on the second complaint from Google), the
source code is available (again) from
https://code.google.com/p/dic/source/browse/trunk/dic.pl

On Sun, Jun 27, 2010 at 12:09 AM, Brennan - OWASP <tomb at owasp.org> wrote:
>
> Guys it is very simple.
>
> 1) this project add zero value to OWASP Foundation effort "Our mission is=
 to make application security visible, so that people and organizations can=
 make informed decisions about true application security risks"
>
> 2) If the project is not "OPEN" and there is no source code for it, we sh=
ould move to delete the project. hence #1
>
> 3) continuing to present a project around that is not open is not of bene=
fit for OWASP Foundation Inc.
>
> 4) the project page is NOT update, there is no collaborative effort here
>
> 5) here is the video of the preso: =A0http://video.google.com/videoplay?d=
ocid=3D5419982525671711780&hl=3Den
>
> 6) the project page has no other persons involved in the effort:
>
> http://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project
>
>
> Christian, why should this project continue under the OWASP Flag? =A0Why =
should Paulo note remove it on or before the end of this month?
>
> I am still in Sweden and would love to talk to you personally about this =
you can reach me at 973-506-9303 anytime

--=20
Regards,
Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking


More information about the Owasp-google-hacking mailing list