[Owasp-leaders] OWASP Mailing Lists

Arshan Dabirsiaghi arshan.dabirsiaghi at aspectsecurity.com
Thu Mar 5 14:45:12 EST 2009


I agree with Kevin, for what it's worth. Does anyone else view the benefits of forum communication as worth making the global switch?
 
Arshan

________________________________

From: owasp-leaders-bounces at lists.owasp.org on behalf of Kevin Reiter
Sent: Thu 3/5/2009 2:41 PM
To: owasp-leaders at lists.owasp.org
Subject: Re: [Owasp-leaders] OWASP Mailing Lists


Hi Tim,

I was basing my comments on my personal experience with other forum software, which is why I used the words "typically" and "can be", meaning "not in every single case."  I've not seen a forum that allows a user to receive an e-mail for every single post, including new topics not previously subscribed to, which is why I stated that observation.  I'm not trying to start a flamewar over this, and I'm obviously not the expert here on this - I was just voicing _my_ opinion.

~Kevin


On Thu, Mar 5, 2009 at 2:26 PM, Tim Bass <tim.silkroad at gmail.com> wrote:


	Hi Kevin,
	
	I gave my opinion.   I manage a large forum with over 3,000,000 page
	views a month and over 70,000 registered users and none of your
	arguments
	are correct, on modern, correctly managed forums. Spam is easier to
	manage. There are modern plugins for this.  For folks who have mobile,
	they
	can have email forwarded or the forum can have a mobile skin.   All
	modern forum as subscribe in/out functions for new posts, if that is
	what
	users want.   Bots are easy to manage with simple plugin.
	
	Obviously, and I am not being caustic, you don't manage a large,
	modern, commercial forum.
	
	Cheers.
	






	On Fri, Mar 6, 2009 at 2:00 AM, Kevin Reiter <kevin.reiter at owasp.org> wrote:
	> I disagree about this for a few reasons (and feel free to disagree with me
	> on this :)
	>
	> - Forums can be difficult to access/navigate from mobile devices.
	> - Forum software requires constant maintenance (patches, version upgrades,
	> spambot registration preening, etc.) to maintain security for both the forum
	> application as well as the machine it resides on.
	> - Forums typically do not let members know when there are new posts - only
	> if you're already subscribed to an existing topic.  If you don't login and
	> check, you're not made aware of any important announcements.
	> - Forums are higher targets for automated "sploit bots".
	>
	> Now, that's not to say that in addition to the mailing lists there couldn't
	> (or shouldn't) be an official OWASP Forum.  I'm just pointing out that
	> replacing the mailing lists with a forum might not be the best idea.
	>
	> Also, I'm curious to know how you mean, "mailing lists don't scale well."
	> In what way?  How are they deficient?  How don't they "scale well"?  I'm not
	> being carcastic, just curious by what you mean as it pertains to the OWASP
	> lists.
	>
	>
	> ~Kevin
	>
	> On Thu, Mar 5, 2009 at 1:27 PM, Tim Bass <tim.silkroad at gmail.com> wrote:
	>>
	>> Dear All,
	>>
	>> Mailing lists to not scale well.
	>>
	>> OWASP should consider moving to a modern, professional forum, like
	>> vBulletin.
	>>
	>> The Ubuntu Forums
	>> Linux Questions
	>> The UNIX and Linux Forums
	>>
	>> etc.
	>>
	>> All these busy forums use vB.
	>>
	>> Email is so "last century" LOL.
	>>
	>> Cheers.
	>> _______________________________________________
	>> OWASP-Leaders mailing list
	>> OWASP-Leaders at lists.owasp.org
	>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
	>
	>
	>
	> --
	> Kevin Reiter
	> NJNYMetro OWASP
	>
	> _______________________________________________
	> OWASP-Leaders mailing list
	> OWASP-Leaders at lists.owasp.org
	> https://lists.owasp.org/mailman/listinfo/owasp-leaders
	>
	>
	_______________________________________________
	OWASP-Leaders mailing list
	OWASP-Leaders at lists.owasp.org
	https://lists.owasp.org/mailman/listinfo/owasp-leaders
	

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090305/6ca184ae/attachment-0001.html 


More information about the OWASP-Leaders mailing list