[Owasp-leaders] [Owasp_project_leader_list] Google Summer of Code - Ideas and proposals

Mark Miller mark.miller at owasp.org
Tue Mar 3 16:44:06 UTC 2015


With all that's going on with the OWASP chapter relationships in New
Jersey, New York City and Manhattan, I would support Tom's efforts towards
creating our own, national event in the area.

On Tue, Mar 3, 2015 at 11:39 AM, John Patrick Lita <
john.patrick.lita at owasp.org> wrote:

> yes this is a great idea im also starting it here in Manila, I already
> talk to Mozilla community here to collaborate. i think we have the same
> idea and this will be a great project!
>
> On Tue, Mar 3, 2015 at 6:58 AM, psiinon <psiinon at gmail.com> wrote:
>
>> That could be a very good option then :)
>>
>> On Tue, Mar 3, 2015 at 2:48 PM, Spyros <spyros.gasteratos at owasp.org>
>> wrote:
>>
>>> Simon, melange is open source, we can host it for our own project.
>>>
>>> https://melange.googlesource.com/soc
>>>
>>>
>>> On 03.03.2015 15:39, Adrian Winckles wrote:
>>>
>>>> Sounds good to me
>>>>
>>>> Adrian
>>>>
>>>> OWASP UK Cambridge Chapter Leader
>>>>
>>>> On 3 Mar 2015, at 14:25, Nikola Milosevic <nikola.milosevic at owasp.org>
>>>> wrote:
>>>>
>>>>  I just got idea that we can join hands organizing our own Open Source
>>>>> Summer Sprint (maybe could be the name) with other rejected organizations
>>>>> like Mozilla, Linux and Tor if they are interested. As we are thinking
>>>>> about sponsoring students from our sources, probably they will have to do
>>>>> the same, but in cooperation we can make bigger event and possibly attract
>>>>> more people by spreading the word through the channels we have together.
>>>>>
>>>>> Pozdrav/Best regards,
>>>>>
>>>>> Nikola Milošević
>>>>> OWASP Seraphimdroid project leader
>>>>> nikola.milosevic at owasp.org
>>>>> OWASP - Open Web Application Security Project
>>>>> OWASP Seraphimdroid Project
>>>>>
>>>>> On Tue, Mar 3, 2015 at 1:41 PM, Nikola Milosevic <
>>>>> nikola.milosevic at owasp.org> wrote:
>>>>>
>>>>>> Since I already had a plan for mentoring GSoC, I would be more than
>>>>>> happy to mentor in our own event. Also if there is something else I could
>>>>>> help with, let me know (some organizational things or content for marketing
>>>>>> it, etc.)
>>>>>>
>>>>>> Pozdrav/Best regards,
>>>>>>
>>>>>> Nikola Milošević
>>>>>> OWASP Seraphimdroid project leader
>>>>>> nikola.milosevic at owasp.org
>>>>>> OWASP - Open Web Application Security Project
>>>>>> OWASP Seraphimdroid Project
>>>>>>
>>>>>> On Tue, Mar 3, 2015 at 1:38 PM, <abbas.naderi at owasp.org> wrote:
>>>>>>
>>>>>>> I think its a good idea to host this with lower stipend, totally
>>>>>>> separate from GSoC.
>>>>>>>
>>>>>>> -A
>>>>>>>
>>>>>>>  On Mar 3, 2015, at 8:35 AM, Spyros <spyros.gasteratos at owasp.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>> I'm in and with some help I can be the contact point and organize
>>>>>>>> it.
>>>>>>>>
>>>>>>>> (The solution to the potential conflict of interest is that Fabio
>>>>>>>> and Kostas are still the ones who get to decide who gets 3 students, who
>>>>>>>> gets 1 and who gets none and any other matter deemed sensitive.).
>>>>>>>>
>>>>>>>> However, maybe it would be better if we lower the student stipend
>>>>>>>> at least for the first year to 1000 or 2k/student, there will be a lot of
>>>>>>>> students who couldn't participate in GSoC this year and we'll get proposals
>>>>>>>> either-way.
>>>>>>>>
>>>>>>>> Also, what if we ask our sponsors to sponsor projects for the
>>>>>>>> summer?
>>>>>>>> I'm not familiar with the OWASP approach to this but if they agree,
>>>>>>>> they get more code in a project of their choosing (the one they sponsor),
>>>>>>>> students have the company name on their cv, they work same as gsoc and
>>>>>>>> companies get more familiar with our projects. It may be a win-win. (Apart
>>>>>>>> from the ethics part ofc). The projects that didn't get a sponsor can still
>>>>>>>> get some money from OWASP and of course work with reduced
>>>>>>>>
>>>>>>>> What do you think?
>>>>>>>>
>>>>>>>> On 03.03.2015 14:05, Fabio Cerullo wrote:
>>>>>>>>
>>>>>>>>> guys
>>>>>>>>>
>>>>>>>>> Im thinking on raising a request to the OWASP board for funds
>>>>>>>>> approval.
>>>>>>>>>
>>>>>>>>> We will probably not be able to cover the amount of slots as last
>>>>>>>>> year, but
>>>>>>>>> maybe we could come up with 5/6 slots to be approved (25/30K).
>>>>>>>>> Then we need
>>>>>>>>> to find a balanced way to distribute the funds among participating
>>>>>>>>> projects
>>>>>>>>> (e.g. 1 slot per project)
>>>>>>>>>
>>>>>>>>> We should follow same process as Google, with proposal
>>>>>>>>> reviews/evaluations,
>>>>>>>>> etc. So effectively, nothing major to be changed.. other than
>>>>>>>>> running our
>>>>>>>>> own version of the Summer of Code.
>>>>>>>>>
>>>>>>>>> What do you think?
>>>>>>>>>
>>>>>>>>> Fabio
>>>>>>>>>
>>>>>>>>> On Tue, Mar 3, 2015 at 12:05 PM, Abraham Aranguren <
>>>>>>>>> abraham.aranguren at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>>  With a couple of exceptions, the OWASP Winter Code Sprint was not
>>>>>>>>>> as
>>>>>>>>>> good (at least for OWTF) as GSoC, we might want to consider
>>>>>>>>>> increasing
>>>>>>>>>> the student rewards.
>>>>>>>>>> The problem here is that projects have almost no money (compared
>>>>>>>>>> to what
>>>>>>>>>> GSoC gives students, we cannot pay $5k to 1 person), but we could
>>>>>>>>>> re-consider attracting *project* funds like attached.
>>>>>>>>>>
>>>>>>>>>> So, I would propose to:
>>>>>>>>>> 1) Try to get some project funds / project sponsors
>>>>>>>>>> 2) See if we are in a position to pay something (even if it's a
>>>>>>>>>> low
>>>>>>>>>> amount, but something)
>>>>>>>>>> 3) Come up with an "OWASP Summer Code Sprint", that gives a bit
>>>>>>>>>> more
>>>>>>>>>> than uni credits
>>>>>>>>>>
>>>>>>>>>> Thoughts welcome, just an idea! :)
>>>>>>>>>>
>>>>>>>>>> Abe
>>>>>>>>>>
>>>>>>>>>> P.S. Taking into account the low funds/rewards of the "OWASP
>>>>>>>>>> Winter Code
>>>>>>>>>> Sprint" initiative, this was a *huge* success, don't get me
>>>>>>>>>> wrong! :). I
>>>>>>>>>> am focusing on what we can probably improve to get more out of a
>>>>>>>>>> new
>>>>>>>>>> similar "parallel program" to GSoC.
>>>>>>>>>>
>>>>>>>>>> On 03/03/2015 12:24 PM, Konstantinos Papapanagiotou wrote:
>>>>>>>>>>
>>>>>>>>>>> Leaders,
>>>>>>>>>>>
>>>>>>>>>>> Unfortunately OWASP has not been selected for GSOC 2015. Google
>>>>>>>>>>> has
>>>>>>>>>>> not provided any justification for this decision which is quite
>>>>>>>>>>> frustrating, especially since we did nothing different than the
>>>>>>>>>>> previous years and also had the highest number of ideas ever.
>>>>>>>>>>>
>>>>>>>>>>> For what it's worth it other high profile organizations that
>>>>>>>>>>> have been
>>>>>>>>>>> participating in the program for years have been also left out,
>>>>>>>>>>> such
>>>>>>>>>>> as the Linux Foundation. Nevertheless, we are currently
>>>>>>>>>>> discussing
>>>>>>>>>>> similar incentives that could be given to students this year in
>>>>>>>>>>> order
>>>>>>>>>>> to encourage them to contribute to OWASP projects and hopefully
>>>>>>>>>>> we
>>>>>>>>>>> will have more news on this soon.
>>>>>>>>>>>
>>>>>>>>>>> Kostas
>>>>>>>>>>>
>>>>>>>>>>> On Thu, Feb 19, 2015 at 8:13 PM, Konstantinos Papapanagiotou
>>>>>>>>>>> <Konstantinos at owasp.org <mailto:Konstantinos at owasp.org>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>      Leaders,
>>>>>>>>>>>
>>>>>>>>>>>      This is a kind reminder for GSoC 2015. If you want to get
>>>>>>>>>>> some
>>>>>>>>>>>      serious work done during the summer of 2015, submit your
>>>>>>>>>>> ideas
>>>>>>>>>>>      here: https://www.owasp.org/index.php/GSoC2015_Ideas
>>>>>>>>>>>
>>>>>>>>>>>      We already have ideas for 11 projects and students are
>>>>>>>>>>> already
>>>>>>>>>>>      engaging with project leaders to discuss potential
>>>>>>>>>>> projects. If
>>>>>>>>>>>      you are interested to join the program, now is the time to
>>>>>>>>>>> add
>>>>>>>>>>>      your ideas.
>>>>>>>>>>>
>>>>>>>>>>>      Finally, feel free to contact me directly should you need
>>>>>>>>>>> any
>>>>>>>>>>>      further information.
>>>>>>>>>>>
>>>>>>>>>>>      Kostas
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>      On Monday, February 9, 2015, Konstantinos Papapanagiotou
>>>>>>>>>>>      <Konstantinos at owasp.org <mailto:Konstantinos at owasp.org>>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>          Leaders,
>>>>>>>>>>>
>>>>>>>>>>>          Google is now accepting applications for mentoring
>>>>>>>>>>>          organizations for GSoC 2015.
>>>>>>>>>>>
>>>>>>>>>>>          For those of you that have participated in the program,
>>>>>>>>>>> this
>>>>>>>>>>>          is the time of the year to start outlining your ideas
>>>>>>>>>>> for
>>>>>>>>>>>          projects here:
>>>>>>>>>>>
>>>>>>>>>>>          https://www.owasp.org/index.php/GSoC2015_Ideas
>>>>>>>>>>>
>>>>>>>>>>>          For the rest of you the Google Summer of Code
>>>>>>>>>>>          (http://www.google-melange.com/gsoc/homepage/google/
>>>>>>>>>>> gsoc2015)
>>>>>>>>>>>          is an amazing opportunity to get some work done on your
>>>>>>>>>>> project.
>>>>>>>>>>>
>>>>>>>>>>>          Last year we got 16 slots for 7 OWASP projects. This
>>>>>>>>>>> year we
>>>>>>>>>>>          are looking forward to having even more OWASP projects
>>>>>>>>>>>          participating in the program.
>>>>>>>>>>>
>>>>>>>>>>>          Please don't hesitate to contact me directly if you
>>>>>>>>>>> need any
>>>>>>>>>>>          additional information.
>>>>>>>>>>>
>>>>>>>>>>>          Kostas
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> Owasp_project_leader_list mailing list
>>>>>>>>>>> Owasp_project_leader_list at lists.owasp.org
>>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp_
>>>>>>>>>>> project_leader_list
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>
>>>>>>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>  _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>
>>
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
>
> --
> Best Regrads
> John Patrick Lita
> *Chapter Leader OWASP Manila*
> FB Page @OwaspManila <https://www.facebook.com/OwaspManila>
> https://www.owasp.org/index.php/Manila
> https://lists.owasp.org/mailman/listinfo/owasp-manila
> <https://lists.owasp.org/mailman/listinfo/owasp-manila>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
*Mark Miller, Senior Storyteller*
*Curator and Founder, Trusted Software Alliance*

*Host and Executive Producer, OWASP 24/7 Podcast ChannelCommunity Advocate,
Sonatype*

*Developers and Application Security: Who is Responsible?*
<https://www.surveymonkey.com/s/Developers_and_AppSec>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150303/4c07c2d0/attachment-0001.html>


More information about the OWASP-Leaders mailing list