[Owasp-leaders] OWASP Mailing Lists

Kevin Reiter kevin.reiter at owasp.org
Thu Mar 5 14:41:28 EST 2009


Hi Tim,

I was basing my comments on my personal experience with other forum
software, which is why I used the words "typically" and "can be", meaning
"not in every single case."  I've not seen a forum that allows a user to
receive an e-mail for every single post, including new topics not previously
subscribed to, which is why I stated that observation.  I'm not trying to
start a flamewar over this, and I'm obviously not the expert here on this -
I was just voicing _my_ opinion.

~Kevin

On Thu, Mar 5, 2009 at 2:26 PM, Tim Bass <tim.silkroad at gmail.com> wrote:

> Hi Kevin,
>
> I gave my opinion.   I manage a large forum with over 3,000,000 page
> views a month and over 70,000 registered users and none of your
> arguments
> are correct, on modern, correctly managed forums. Spam is easier to
> manage. There are modern plugins for this.  For folks who have mobile,
> they
> can have email forwarded or the forum can have a mobile skin.   All
> modern forum as subscribe in/out functions for new posts, if that is
> what
> users want.   Bots are easy to manage with simple plugin.
>
> Obviously, and I am not being caustic, you don't manage a large,
> modern, commercial forum.
>
> Cheers.
>
>
>
>
>
>
> On Fri, Mar 6, 2009 at 2:00 AM, Kevin Reiter <kevin.reiter at owasp.org>
> wrote:
> > I disagree about this for a few reasons (and feel free to disagree with
> me
> > on this :)
> >
> > - Forums can be difficult to access/navigate from mobile devices.
> > - Forum software requires constant maintenance (patches, version
> upgrades,
> > spambot registration preening, etc.) to maintain security for both the
> forum
> > application as well as the machine it resides on.
> > - Forums typically do not let members know when there are new posts -
> only
> > if you're already subscribed to an existing topic.  If you don't login
> and
> > check, you're not made aware of any important announcements.
> > - Forums are higher targets for automated "sploit bots".
> >
> > Now, that's not to say that in addition to the mailing lists there
> couldn't
> > (or shouldn't) be an official OWASP Forum.  I'm just pointing out that
> > replacing the mailing lists with a forum might not be the best idea.
> >
> > Also, I'm curious to know how you mean, "mailing lists don't scale well."
> > In what way?  How are they deficient?  How don't they "scale well"?  I'm
> not
> > being carcastic, just curious by what you mean as it pertains to the
> OWASP
> > lists.
> >
> >
> > ~Kevin
> >
> > On Thu, Mar 5, 2009 at 1:27 PM, Tim Bass <tim.silkroad at gmail.com> wrote:
> >>
> >> Dear All,
> >>
> >> Mailing lists to not scale well.
> >>
> >> OWASP should consider moving to a modern, professional forum, like
> >> vBulletin.
> >>
> >> The Ubuntu Forums
> >> Linux Questions
> >> The UNIX and Linux Forums
> >>
> >> etc.
> >>
> >> All these busy forums use vB.
> >>
> >> Email is so "last century" LOL.
> >>
> >> Cheers.
> >> _______________________________________________
> >> OWASP-Leaders mailing list
> >> OWASP-Leaders at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >
> >
> >
> > --
> > Kevin Reiter
> > NJNYMetro OWASP
> >
> > _______________________________________________
> > OWASP-Leaders mailing list
> > OWASP-Leaders at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >
> >
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090305/abb9a619/attachment.html 


More information about the OWASP-Leaders mailing list