[Owasp-leaders] Measuring Intent and Funding Things

Yvan Boily yvanboily at gmail.com
Tue Mar 25 05:07:05 UTC 2014


I requested some a copy of the Cornucopia materials from blackfoot.

I am happy to coordinate a print run of the cards, but in order to
dramatically simplify things I would prefer to run an crowdfunding campaign
to get a pile of them mass produced.  Basically the goal would be to get an
estimate on the production run, coordinate with (Sam|Kate|Colin|?!?) to get
some nice OWASP branded packaging (I haven't seen the controversial (?)
packaging mentioned in other threads).

If there is media (videos of folks playing, copy about the game, etc) that
would also be helpful.  The great thing about running something like this
through kickstarter is that you can allow people to order them at unit
cost, or to pay more to support this or other OWASP projects.

I also think this is a better way to allow community members (including
myself) to vote with their wallets rather than spending sparse project
funds to get something produced.  Any objections?  Am I putting the cart
before the horse here?  Maybe I am just a little too excited to get a copy?

:)


On Mon, Mar 24, 2014 at 9:43 PM, Samantha Groves
<samantha.groves at owasp.org>wrote:

> Sorry, rules of engagement can be found here:
> https://www.owasp.org/index.php/Funding
>
>
> On Mon, Mar 24, 2014 at 9:42 PM, Samantha Groves <
> samantha.groves at owasp.org> wrote:
>
>> We have about $18,000 available for project development:
>> https://www.owasp.org/index.php/Community_Engagement_-_Payments
>>
>> I just need to update this page with what has already been spent.
>>
>> In regard to ordering the books... what are these for? I ask because
>> there might be another budget this expense will come from if they fall
>> under another category.
>>
>>
>>
>> On Mon, Mar 24, 2014 at 4:55 PM, Dinis Cruz <dinis.cruz at owasp.org> wrote:
>>
>>> Cool how much is it and what are the rules of engagement?
>>>
>>> Can I start by ordering 10x copies of OpenSAMM and 10x copies of latest
>>> top 10?
>>> On 24 Mar 2014 14:55, "Samantha Groves" <samantha.groves at owasp.org>
>>> wrote:
>>>
>>>> Just an FYI... There is a project fund bucket that was given to us this
>>>> year. It is not much, but it is a start. The question now is... What do you
>>>> want to do with it?
>>>>
>>>>
>>>> On Thu, Mar 20, 2014 at 10:38 AM, Yvan Boily <yvanboily at gmail.com>wrote:
>>>>
>>>>> I fully support using chapter funds to produce materials for OWASP
>>>>> chapters, chapter leads, and to support projects and stuff.
>>>>>
>>>>> What I am looking for here is to find a way to fund the production of
>>>>> OWASP branded materials for non-OWASP stuff, for example if I want a case
>>>>> of OWASP cheat sheets that are professionally produced so I can have our HR
>>>>> team include them in the new hire kit for every new dev my employer hires,
>>>>> OWASP shouldn't foot the bill for that :)  (something like this -
>>>>> http://www.amazon.com/Microsoft-Introduction-Reference-Instructions-Shortcuts/dp/1936220156/ref=sr_1_14?ie=UTF8&qid=1395336990&sr=8-14&keywords=cheat+sheetas opposed to a simple sheet of paper).
>>>>>
>>>>> I guess maybe I am looking for a way to vote with my wallet for stuff
>>>>> that might eventually be available as a general order product (which I
>>>>> suspect will raise hackles, but hey, if OWASP doesn't do it, someone else
>>>>> will, and pocket the money instead of investing it in community projects).
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Mar 20, 2014 at 7:07 AM, Dinis Cruz <dinis.cruz at owasp.org>wrote:
>>>>>
>>>>>> I think having those professional materials are super important for
>>>>>> OWASP and I also tend to have the OpenSAMM printed book at hand
>>>>>> since it one of most professional ones we have :)
>>>>>>
>>>>>> So yes, Yvan you are spot on (from my point of view) on your analysis
>>>>>> and OWASP should be helping to pay for those materials (specially since
>>>>>> they are an investment into the OWASP brand, and who knows how many new
>>>>>> members and conference attendees we would get from the recipients of
>>>>>> those materials)
>>>>>>
>>>>>> My view is that we should be using some of the OWASP funds (currently
>>>>>> available) to pay for this type of materials (so that our leaders can
>>>>>> distribute it). I'm still waiting for the idea of '*OWASP Projects
>>>>>> Funds bucket*' or '*OWASP Chapters Funds bucket'* so that us (the
>>>>>> OWASP leaders) can 'just get on with it' and distribute the great stuff
>>>>>> that is created at OWASP.
>>>>>>
>>>>>> Basically Yvan should be able to quickly order the materials he
>>>>>> mentions below (all from a global fund that is available to all OWASP
>>>>>> leaders).
>>>>>>
>>>>>> That is what I tried to do with the OWASP GSD project<https://www.owasp.org/index.php/OWASP_GSD_Project>,and
>>>>>> as you can see on https://www.owasp.org/index.php/OWASP_GSD_Projectthat money has been put to good use (
>>>>>> Yvan I think there is still some in there, so feel free to use it).
>>>>>>
>>>>>> BTW.. and if we can't get the 'OWASP Projects Funds bucket' setup in
>>>>>> the next months, *what about topping up the GSD projects fund?*
>>>>>>
>>>>>> Dinis
>>>>>>
>>>>>>
>>>>>> On 20 March 2014 12:22, Yvan Boily <yvanboily at gmail.com> wrote:
>>>>>>
>>>>>>> Hi Leaders,
>>>>>>>
>>>>>>> After seeing Jim's post about Cornucopia and buying a couple of
>>>>>>> copies of the nicely produced OpenSAMM documents at AppSecEU last year, I
>>>>>>> was about to post a response, but I realized that I had a bigger question.
>>>>>>>
>>>>>>> For BSidesVancouver this year we used crowd-funding and I learned
>>>>>>> that it is a powerful way for the community involved with that to signal
>>>>>>> intent about priorities when organizing the event.  It worked out really
>>>>>>> well, and allowed us to keep our event 100% free for those who couldn't or
>>>>>>> chose not to pay to attend.  Since it was super successful, I pretty much
>>>>>>> drank the crowd funding kool-aid.   Later this year some gaming (as in
>>>>>>> playing dungeons and dragons every sunday night) folks and I will be
>>>>>>> running a separate kickstarter to collect funds to print something that we
>>>>>>> have been working on as a hobby; we have had a number of people say they
>>>>>>> would buy a copy, but using crowdfunding will allow us to figure out how
>>>>>>> much to spend on printing stuff and potentially allow us to get a higher
>>>>>>> volume printed so we can reduce the unit cost.
>>>>>>>
>>>>>>> In addition to this, I have pitched using crowd-funding to fund the
>>>>>>> development of high quality training materials to at least one other OWASP
>>>>>>> leader.
>>>>>>>
>>>>>>> Has anyone else in the OWASP community investigated using
>>>>>>> crowd-funding via Indie Go-Go, Kickstarter, or others to measure intent and
>>>>>>> make physical copies of things available?
>>>>>>>
>>>>>>> The reason I ask is:
>>>>>>>
>>>>>>> * I would like a professionally manufactured version of Cornucopia
>>>>>>> (I am talking print quality, not anything else).  This is expensive.  Also,
>>>>>>> I want about 12 copies, not 1.
>>>>>>>
>>>>>>> * I love the quality of the OpenSAMM guide; I literally carry it
>>>>>>> around with me when I am attending security meetups and cons where I might
>>>>>>> talk about OWASP because it's production values are simply superb.
>>>>>>>
>>>>>>> * I really wish I could buy (by the case) professional quality
>>>>>>> printouts of the OWASP cheat sheets to give devs in my community, and at
>>>>>>> work.
>>>>>>>
>>>>>>> These things are expensive to produce (both the cost of
>>>>>>> manufacturing, and the cost of producing good quality print materials).
>>>>>>>
>>>>>>> Is this something that people are interested in looking at it?  Is
>>>>>>> it a viable option?  Are people going to freak out[1] for my suggesting
>>>>>>> it?
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Yvan
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> [1] omg drama talking about crowdfunding in some other communities I
>>>>>>> am involved with (gaming, local activism, etc)
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> *Samantha Groves, MBA*
>>>>
>>>> *OWASP Projects Manager*
>>>>
>>>>
>>>> The OWASP Foundation
>>>>
>>>> Phoenix, USA
>>>>
>>>> Email: samantha.groves at owasp.org
>>>>
>>>> Skype: samanthahz
>>>>
>>>>
>>>> OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>
>>>>
>>>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>>>
>>>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>>>
>>>> New Project Application Form <http://www.tfaforms.com/263506>
>>>>
>>>>
>>>>
>>>>
>>
>>
>> --
>>
>> *Samantha Groves, MBA*
>>
>> *OWASP Projects Manager*
>>
>>
>> The OWASP Foundation
>>
>> Phoenix, USA
>>
>> Email: samantha.groves at owasp.org
>>
>> Skype: samanthahz
>>
>>
>> OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>
>>
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>
>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>
>> New Project Application Form <http://www.tfaforms.com/263506>
>>
>>
>>
>>
>
>
> --
>
> *Samantha Groves, MBA*
>
> *OWASP Projects Manager*
>
>
> The OWASP Foundation
>
> Phoenix, USA
>
> Email: samantha.groves at owasp.org
>
> Skype: samanthahz
>
>
> OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>
>
> Book a Meeting with Me <http://goo.gl/mZXdZ>
>
> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>
> New Project Application Form <http://www.tfaforms.com/263506>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140324/2adedd1d/attachment-0001.html>


More information about the OWASP-Leaders mailing list