[Owasp-leaders] Reaching developers = cooperative hackathons

kuai hinojosa kuai.hinojosa at owasp.org
Sun Sep 12 09:08:57 EDT 2010


Should we do this here or move it to a "mobilesec" mailing list?

Kuai
On Sep 12, 2010, at 12:53 AM, Jeff Williams <jeff.williams at owasp.org> wrote:

> 
>> Great point, the decision what to include or not will be the project itself. The decision that needs to be made right now whether OWASP want to fill this void.
> 
> Absolutely.
> 
>> Mobile application\development\security is coming whether we want to or not, and mobile security is an issue and people are looking for guidance in this area. I believe that OWASP is best positioned to fill this void. Maybe the project would start as an amendment to the current Top 10 and depending on the findings, it can either fork out to be its own or it can remain as an amendment. Thoughts?
> 
> Let's start identifying the key issues and then figure how to package them so the most improve mobile security for the most users.
> 
> I strongly recommend thinking through the entire risk in the mobile context.  The XSS discussion is illustrative.  Can you truly articulate the risk to a mobile user of XSS?  There are different threats and impacts here than the desktop web browser context. 
> 
> --Jeff
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20100912/58afa47c/attachment.html 


More information about the OWASP-Leaders mailing list