[Owasp-leaders] Regular OWASP polls

Konstantinos Papapanagiotou Konstantinos at owasp.org
Wed Jan 8 15:19:48 UTC 2014


Hiding the results of the poll until it closes also prevents biased votes.
It's not a matter of openness in my opinion.

Kostas


On Wed, Jan 8, 2014 at 5:13 PM, Tobias <tobias.gondrom at owasp.org> wrote:

>  Dear Simon,
>
> thank you so much for organising this and setting this up.
> This is great and I will be looking forward to using this community poll
> more in the future!
>
> And I totally agree with your replies to requests from non-owasp email
> holders.
> Nothing is perfect and the tool is as it is and naturally has some
> technical limitations. In case of public requests, it is fully sufficient
> to make available simple summary results after the survey is closed. We
> don't need to make huge investments just to publish partial real-time
> preliminary update results for the public. In most normal cases, surveys
> don't even have preliminary status updates at all.
>
> All the best, Tobias
>
>
> Ps.: on a technical term, one might also question the requesters argument
> that an internal member poll for a decision would qualify as "OWASP
> materials". However, personally I just love openness and transparency and
> would encourage and embrace if we could post the end summary results of our
> community surveys somewhere on our website after they are finished.
> (Without publishing details how each single named individual voted in the
> poll.)
>
>
>
>
> On 08/01/14 14:40, psiinon wrote:
>
>    And another problem...
>
>  I've been receiving _lots_ of requests to access the form from non OWASP
> accounts.
>  I have replied to all of them with a canned response of:
> I'm afraid this poll is currently only available to people with OWASP
> email accounts to ensure that only OWASP members / contributors take part.
>
> To get an OWASP email address follow the link on
> https://www.owasp.org/index.php/Owasp.org_email_address
>
> Cheers,
>
> Simon
>
>  However I've just received a reply of:
> Dear Simon,
>
> the main page of the owasp website states "all of our materials are
> available under a free and open software license". Thus I again ask for
> these materials.
>
>  Best regards,
> a long-time owasp follower
>
>  PS: Thanks, I don't need these information, but I am just surprised that
> being an all open and free project, you deny access to these informtion?
> Isn't that ignoring the foundaries of the project?
>
>  For now I'm going to stick with the statement I put on
> https://www.owasp.org/index.php/Polls:
> Note that only OWASP members can see the 'live' results. A summary of the
> results will be made public when the poll closes, but the full details will
> stay restricted to OWASP members to prevent email harvesting.
>
>  However I want to let anyone else have a say on this rather than it being
> just my decision.
>
>  Simon
>
>
> On Wed, Jan 8, 2014 at 2:34 PM, psiinon <psiinon at gmail.com> wrote:
>
>>    OK, it looks like Google Forms arent _quite_ as good as they
>> initially seem :(
>>
>>  For a start, there is no easy way to prevent anyone from voting multiple
>> times.
>>  We can see if anyone does, but thats not always immediately obvious if
>> there are a lot of responses.
>>
>>  The poll owner can edit the spreadsheet to take out 'extra' votes, but
>> the totals in the summary are _not_ updated :(
>>
>>  This means that the summary for the 'RSA' poll is currently wrong - I
>> removed one 'extra' vote (which may of course have been accidental) and
>> then removed 2 extra votes that I made while testing to see if I could
>> easily prevent multiple votes :(
>>
>>  If anyone has any straightforward solutions to these 2 issues then
>> please let me know.
>>
>>  Simon
>>
>>
>>  On Tue, Jan 7, 2014 at 9:16 PM, Dennis Groves <dennis.groves at owasp.org>wrote:
>>
>>>  I was one of the first to answer the survey, however, let me publicly
>>> say that this is an awesome idea Psiinon!
>>> We really should be involving the community much more, and this is a
>>> great way to do that.
>>>
>>>
>>> On Tue, Jan 7, 2014 at 11:27 AM, Dinis Cruz <dinis.cruz at owasp.org>wrote:
>>>
>>>> yeah, keep it @owasp.org domain only since that is also a nice perk
>>>> for having that email address (and makes the whole process simpler)
>>>>
>>>>  Rock & Roll Simon, this is a great evolution :)
>>>>
>>>>  Dinis
>>>>
>>>>
>>>> On 7 January 2014 15:48, <nawaid.iqbal at owasp.org> wrote:
>>>>
>>>>> I agree with Tobias. People with only owasp.org should only be
>>>>> allowed to voice their opinion
>>>>>
>>>>> Regards
>>>>>
>>>>> Nawaid
>>>>> Sent from BlackBerry® on Airtel
>>>>>
>>>>> -----Original Message-----
>>>>> From: psiinon <psiinon at gmail.com>
>>>>> Sender: owasp-leaders-bounces at lists.owasp.org
>>>>> Date: Tue, 7 Jan 2014 11:55:11
>>>>> To: Michael Coates<michael.coates at owasp.org>
>>>>> Cc: Kanwal Singh \(WebMentors\)<kanwalsb at gmail.com>; OWASP Leaders<
>>>>> owasp-leaders at lists.owasp.org>; Nishant Johar \(EMOBX\)<nj at emobx.com>;
>>>>> Ravdeep Sodhi<ravdeep.sodhi at ecoretechnos.com>
>>>>> Subject: Re: [Owasp-leaders] Regular OWASP polls
>>>>>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>
>>>
>>>   --
>>> Dennis Groves <http://about.me/dennis.groves>, MSc
>>> Email me, <dennis.groves at owasp.org> or schedule a meeting<http://goo.gl/8sPIy>
>>> .
>>>  *This email is licensed under a CC BY-ND 3.0
>>> <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license.*
>>> Stand up for your freedom to install free software.<http://www.fsf.org/campaigns/secure-boot/statement>
>>> Please do not send me Microsoft Office/Apple iWork documents.
>>> Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>>>
>>>  <http://www.owasp.org/>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>>
>> --
>>  OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>
>
>
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
>
> _______________________________________________
> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140108/f3081038/attachment.html>


More information about the OWASP-Leaders mailing list