[Owasp-leaders] Reaching developers = cooperative hackathons

kuai hinojosa kuai.hinojosa at owasp.org
Sun Sep 12 12:04:33 EDT 2010


Thanks Rohyt! Nice to hear from you btw. It has been a while.

Is Mike part of your team? I'll keep my ears open then, my group and I want to help out.

Kuai


On Sep 12, 2010, at 11:14 AM, Rohyt Belani <rohytbelani at gmail.com> wrote:

> Mike Zusman recently confirmed with Paulo that he is setting up the OWASP Mobile Security project. He is planning on setting up a placeholder for the project shortly and one of the first initiatives he mentioned to me what a Mobile App Sec Top 10. Stay tuned....
> 
> On Sun, Sep 12, 2010 at 9:08 AM, kuai hinojosa <kuai.hinojosa at owasp.org> wrote:
> Should we do this here or move it to a "mobilesec" mailing list?
> 
> Kuai
> On Sep 12, 2010, at 12:53 AM, Jeff Williams <jeff.williams at owasp.org> wrote:
> 
>> 
>>> Great point, the decision what to include or not will be the project itself. The decision that needs to be made right now whether OWASP want to fill this void.
>> 
>> Absolutely.
>> 
>>> Mobile application\development\security is coming whether we want to or not, and mobile security is an issue and people are looking for guidance in this area. I believe that OWASP is best positioned to fill this void. Maybe the project would start as an amendment to the current Top 10 and depending on the findings, it can either fork out to be its own or it can remain as an amendment. Thoughts?
>> 
>> Let's start identifying the key issues and then figure how to package them so the most improve mobile security for the most users.
>> 
>> I strongly recommend thinking through the entire risk in the mobile context.  The XSS discussion is illustrative.  Can you truly articulate the risk to a mobile user of XSS?  There are different threats and impacts here than the desktop web browser context. 
>> 
>> --Jeff
>> _______________________________________________
>> 
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20100912/2c09dc87/attachment.html 


More information about the OWASP-Leaders mailing list