[Owasp-leaders] Regular OWASP polls

Dinis Cruz dinis.cruz at owasp.org
Wed Jan 8 16:02:34 UTC 2014


One more note on the non @owasp.org email holders, they should be able to
see the results and votes

Which means that the only limitation that is mapped to an
@owasp.orgidentity is to be able to vote. This means that votes are
not done and
accessible behind closed doors (in this case having an @owasp.org email),
ie there is open and transparent access to anybody with internet access.
On 8 Jan 2014 15:31, "Dinis Cruz" <dinis.cruz at owasp.org> wrote:

> Simon, what about using twitter to vote? (Allow non @owasp.org email
> holders to vote using their twitter feed (which we can map back to an owasp
> leader's account ))
> On 8 Jan 2014 15:28, "psiinon" <psiinon at gmail.com> wrote:
>
>> Thats true.
>> Except when people like me tweet about them
>> https://twitter.com/psiinon/status/420609431047397376
>> Ooops ;)
>>
>>
>> On Wed, Jan 8, 2014 at 3:19 PM, Konstantinos Papapanagiotou <
>> Konstantinos at owasp.org> wrote:
>>
>>> Hiding the results of the poll until it closes also prevents biased
>>> votes. It's not a matter of openness in my opinion.
>>>
>>> Kostas
>>>
>>>
>>> On Wed, Jan 8, 2014 at 5:13 PM, Tobias <tobias.gondrom at owasp.org> wrote:
>>>
>>>>  Dear Simon,
>>>>
>>>> thank you so much for organising this and setting this up.
>>>> This is great and I will be looking forward to using this community
>>>> poll more in the future!
>>>>
>>>> And I totally agree with your replies to requests from non-owasp email
>>>> holders.
>>>> Nothing is perfect and the tool is as it is and naturally has some
>>>> technical limitations. In case of public requests, it is fully sufficient
>>>> to make available simple summary results after the survey is closed. We
>>>> don't need to make huge investments just to publish partial real-time
>>>> preliminary update results for the public. In most normal cases, surveys
>>>> don't even have preliminary status updates at all.
>>>>
>>>> All the best, Tobias
>>>>
>>>>
>>>> Ps.: on a technical term, one might also question the requesters
>>>> argument that an internal member poll for a decision would qualify as
>>>> "OWASP materials". However, personally I just love openness and
>>>> transparency and would encourage and embrace if we could post the end
>>>> summary results of our community surveys somewhere on our website after
>>>> they are finished. (Without publishing details how each single named
>>>> individual voted in the poll.)
>>>>
>>>>
>>>>
>>>>
>>>> On 08/01/14 14:40, psiinon wrote:
>>>>
>>>>    And another problem...
>>>>
>>>>  I've been receiving _lots_ of requests to access the form from non
>>>> OWASP accounts.
>>>>  I have replied to all of them with a canned response of:
>>>> I'm afraid this poll is currently only available to people with OWASP
>>>> email accounts to ensure that only OWASP members / contributors take part.
>>>>
>>>> To get an OWASP email address follow the link on
>>>> https://www.owasp.org/index.php/Owasp.org_email_address
>>>>
>>>> Cheers,
>>>>
>>>> Simon
>>>>
>>>>  However I've just received a reply of:
>>>> Dear Simon,
>>>>
>>>> the main page of the owasp website states "all of our materials are
>>>> available under a free and open software license". Thus I again ask for
>>>> these materials.
>>>>
>>>>  Best regards,
>>>> a long-time owasp follower
>>>>
>>>>  PS: Thanks, I don't need these information, but I am just surprised
>>>> that being an all open and free project, you deny access to these
>>>> informtion? Isn't that ignoring the foundaries of the project?
>>>>
>>>>  For now I'm going to stick with the statement I put on
>>>> https://www.owasp.org/index.php/Polls:
>>>> Note that only OWASP members can see the 'live' results. A summary of
>>>> the results will be made public when the poll closes, but the full details
>>>> will stay restricted to OWASP members to prevent email harvesting.
>>>>
>>>>  However I want to let anyone else have a say on this rather than it
>>>> being just my decision.
>>>>
>>>>  Simon
>>>>
>>>>
>>>> On Wed, Jan 8, 2014 at 2:34 PM, psiinon <psiinon at gmail.com> wrote:
>>>>
>>>>>    OK, it looks like Google Forms arent _quite_ as good as they
>>>>> initially seem :(
>>>>>
>>>>>  For a start, there is no easy way to prevent anyone from voting
>>>>> multiple times.
>>>>>  We can see if anyone does, but thats not always immediately obvious
>>>>> if there are a lot of responses.
>>>>>
>>>>>  The poll owner can edit the spreadsheet to take out 'extra' votes,
>>>>> but the totals in the summary are _not_ updated :(
>>>>>
>>>>>  This means that the summary for the 'RSA' poll is currently wrong - I
>>>>> removed one 'extra' vote (which may of course have been accidental) and
>>>>> then removed 2 extra votes that I made while testing to see if I could
>>>>> easily prevent multiple votes :(
>>>>>
>>>>>  If anyone has any straightforward solutions to these 2 issues then
>>>>> please let me know.
>>>>>
>>>>>  Simon
>>>>>
>>>>>
>>>>>  On Tue, Jan 7, 2014 at 9:16 PM, Dennis Groves <
>>>>> dennis.groves at owasp.org> wrote:
>>>>>
>>>>>>  I was one of the first to answer the survey, however, let me
>>>>>> publicly say that this is an awesome idea Psiinon!
>>>>>> We really should be involving the community much more, and this is a
>>>>>> great way to do that.
>>>>>>
>>>>>>
>>>>>> On Tue, Jan 7, 2014 at 11:27 AM, Dinis Cruz <dinis.cruz at owasp.org>wrote:
>>>>>>
>>>>>>> yeah, keep it @owasp.org domain only since that is also a nice perk
>>>>>>> for having that email address (and makes the whole process simpler)
>>>>>>>
>>>>>>>  Rock & Roll Simon, this is a great evolution :)
>>>>>>>
>>>>>>>  Dinis
>>>>>>>
>>>>>>>
>>>>>>> On 7 January 2014 15:48, <nawaid.iqbal at owasp.org> wrote:
>>>>>>>
>>>>>>>> I agree with Tobias. People with only owasp.org should only be
>>>>>>>> allowed to voice their opinion
>>>>>>>>
>>>>>>>> Regards
>>>>>>>>
>>>>>>>> Nawaid
>>>>>>>> Sent from BlackBerry® on Airtel
>>>>>>>>
>>>>>>>> -----Original Message-----
>>>>>>>> From: psiinon <psiinon at gmail.com>
>>>>>>>> Sender: owasp-leaders-bounces at lists.owasp.org
>>>>>>>> Date: Tue, 7 Jan 2014 11:55:11
>>>>>>>> To: Michael Coates<michael.coates at owasp.org>
>>>>>>>> Cc: Kanwal Singh \(WebMentors\)<kanwalsb at gmail.com>; OWASP Leaders<
>>>>>>>> owasp-leaders at lists.owasp.org>; Nishant Johar \(EMOBX\)<
>>>>>>>> nj at emobx.com>; Ravdeep Sodhi<ravdeep.sodhi at ecoretechnos.com>
>>>>>>>> Subject: Re: [Owasp-leaders] Regular OWASP polls
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>   --
>>>>>> Dennis Groves <http://about.me/dennis.groves>, MSc
>>>>>> Email me, <dennis.groves at owasp.org> or schedule a meeting<http://goo.gl/8sPIy>
>>>>>> .
>>>>>>  *This email is licensed under a CC BY-ND 3.0
>>>>>> <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license.*
>>>>>> Stand up for your freedom to install free software.<http://www.fsf.org/campaigns/secure-boot/statement>
>>>>>> Please do not send me Microsoft Office/Apple iWork documents.
>>>>>> Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>>>>>>
>>>>>>  <http://www.owasp.org/>
>>>>>>
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>  OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140108/28325fee/attachment-0001.html>


More information about the OWASP-Leaders mailing list