[Owasp-leaders] Proposal [Feedback Requested] : This I Believe (Security)

James Landis james.landis at owasp.org
Mon Aug 19 15:56:41 UTC 2013


How about: This I Believe + Making Beliefs Pay Rent? [1]

Too bad prediction markets aren't legal in the US.


On Sun, Aug 18, 2013 at 2:43 AM, Dennis Groves <dennis.groves at owasp.org>wrote:

> My *BIG* concern is that this could easily turn into a 'faith-based'
> security platform.
> I can only support this if people talk about what they believe and it is
> supported by science. Security science that is freely available and
> reproducible.
> *Infosec has enough snake-oil, we need science.*
> Dennis
> On 17 Aug 2013, at 20:56, John Melton wrote:
> Leaders,
> [tl;dr]
> I am considering coordinating a short-term series of essays posted on the
> owasp site about broad application security topics, and want your feedback
> on whether the idea would be interesting to the community.
> [longer version]
> I have long enjoyed the This I Believe (thisibelieve.org) series. For
> those
> not familiar, the idea is that someone writes about a topic they have a
> strong belief in, using short essay form.
> I believe an adaptation of this basic concept could produce value for our
> community. Much of the communication I see flowing through our industry
> could be viewed as dealing with the low-hanging fruit. I think expanding
> and elevating our conversation around security could impact us in various
> ways.
> Some possible benefits I hope to see are:
>    - Greater awareness of related fields or obscure specialties within
>    our field
>    - Application of solutions from other disciplines
>    - Greater awareness of existing solutions from academia vs. industry
>    and related gaps
>    - Introduction of new ideas and new-found awareness of old ideas
>    - Drive interesting discussions amongst our community
>    - Follow-on implementations of valuable solutions
>    - Big ideas to solve hard problems
> However, I do realize that the central goal of this idea is not to produce
> actionable documentation or code, and many of you as such may not find it
> valuable. I propose a 3-step process:
> *Step 1. Receive feedback from the community about whether or not this is a
> good idea. This is what I need now. Feel free to respond to the group or me
> directly (2 weeks). *
> Step 2. If the general feedback is positive, I'll send out another request
> for ideas for people you would like to see write articles. I will then
> collect these and probably illicit a community vote to rank the requested
> authors. I will then send out requests to those authors to see if they
> would be willing to participate. (2-4 weeks)
> Step 3. Setup a schedule for the participating authors to post on a roughly
> monthly basis. My thought is that this would run maybe 6-12 months, but we
> could go longer or shorter depending on interest and participation.
> For now, I'd like to get feedback for step 1. However, as with any project,
> help is always needed and much appreciated. If any of this sounds like fun
> to you and you'd like to help out with leading the project, let me know -
> I'd be grateful.
> Thanks,
> John Melton
> ------------------------------
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> Dennis Groves <http://about.me/dennis.groves>, MSc
> Email me <dennis.groves at owasp.org> or schedule a meeting<http://goo.gl/8sPIy>
> .
> Unless someone like you...cares a whole awful lot...
> nothing is going to get better...It's not."
>                                         -- The Lorax
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130819/279af8c1/attachment.html>

More information about the OWASP-Leaders mailing list