[Owasp-leaders] Reaching developers = cooperative hackathons
neil at owasp.org
Sun Sep 12 11:07:32 EDT 2010
Kuai! I ran into Lorna at the conference and remembered that you were
associated with MN or still are. How are you doing? I hear you got a
new gig! but I hope that won't affect your work with the global
education committee etc ;)
On 9/12/2010 6:08 AM, kuai hinojosa wrote:
> Should we do this here or move it to a "mobilesec" mailing list?
> On Sep 12, 2010, at 12:53 AM, Jeff Williams <jeff.williams at owasp.org
> <mailto:jeff.williams at owasp.org>> wrote:
>>> Great point, the decision what to include or not will be the project
>>> itself. The decision that needs to be made right now whether OWASP
>>> want to fill this void.
>>> Mobile application\development\security is coming whether we want to
>>> or not, and mobile security is an issue and people are looking for
>>> guidance in this area. I believe that OWASP is best positioned to
>>> fill this void. Maybe the project would start as an amendment to the
>>> current Top 10 and depending on the findings, it can either fork out
>>> to be its own or it can remain as an amendment. Thoughts?
>> Let's start identifying the key issues and then figure how to package
>> them so the most improve mobile security for the most users.
>> I strongly recommend thinking through the entire risk in the mobile
>> context. The XSS discussion is illustrative. Can you truly
>> articulate the risk to a mobile user of XSS? There are different
>> threats and impacts here than the desktop web browser context.
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders