[Owasp-portland] FLOSSHack Details and Potential Targets

Wil Clouser clouserw at gmail.com
Fri Jun 1 22:39:08 UTC 2012

Bumping an old thread!  I've been in contact with some people at
Ushahidi lately and things are all ready to go there.  Has there been
any progress figuring out a place for us to meet?  I've thought of
another venue which will probably be happy to host us for a few hours
but I didn't want to pursue it if other wheels were already in motion.



On Wed, May 16, 2012 at 4:53 AM, Timothy D. Morgan
<tmorgan-owasp at vsecurity.com> wrote:
> As much as I don't want to keep pushing the date back, I think it probably is
> best to push the first FLOSSHack out past the June 11th meeting.  Most of the
> pieces are falling into place now, so I do want to nail down a date, even if it
> is a ways out.  That'll give us a deadline to work towards on other logistics.
> Let me ask about FreeGeek availability in late June and I'll get back to you all.
> thanks,
> tim
> On 05/11/2012 11:02 AM, Matthew Lapworth wrote:
>> Later in June would actually work better for me, like the weekend of June
>> 23rd. FreeGeek sounds like a good place to start and I like the suggestion
>> about being spread out a little so you can go heads down on a problem. If
>> FreeGeek doesn't work out, I might be able to get work to sponsor a monthly
>> session but I'll have to check on that after the start of the fiscal year
>> next month. I'm with Tim that funding the chapter OPB style would not be
>> ideal this early. Might be my naive thinking, but given the
>> start-up/venture capital scene in Portland, getting a few companies to pony
>> up a few bucks a month shouldn't be that hard. Maybe in return we could
>> hold brown-bag sessions to talk about things we learned at a high level.
>> I'm planning on working on getting the VM up and running this weekend as
>> it's my first free time in a long while.
>> Cheers,
>> Matt
>> On Thu, May 10, 2012 at 4:23 PM, Wil Clouser <clouserw at gmail.com> wrote:
>>> I didn't know we had a meeting scheduled for the 10th.  Maybe we could
>>> use that meeting to remind people about this and do the FLOSSHack a
>>> couple weeks afterwards (giving time for people to set up the VM).  I
>>> scheduled it close in just because otherwise it might get put off
>>> forever but bumping to mid-late June could be a good idea.
>>> Wil
>>> On Thu, May 10, 2012 at 4:03 PM, Timothy D. Morgan
>>> <tmorgan-owasp at vsecurity.com> wrote:
>>>> Hi Wil,
>>>>> The options they were looking at to allow groups to use the space in
>>>>> the evenings/weekends for a reduced rate didn't pass the board vote so
>>>>> that is out.  As a member, I can sponsor 2 hours of meeting time this
>>>>> month for the OWASP meeting, anything over that hits the regular
>>>>> $35/hour rate.
>>>> That's great to know about for future meetings with Collective Agency.
>>>  Thanks
>>>> for following up with that.  We could either find a sponsor for the
>>> meeting to
>>>> extend it to 4 hours for a very reasonable $70, or just have it
>>> elsewhere.
>>>> Anyone think their company would jump at the chance to sponsor it?
>>>>> I know we were talking about a longer get together so
>>>>> I'm not sure if that'll work or not.  Timothy, did you investigate
>>>>> getting any funds from OWASP?
>>>> I did read up on chapter funding, and besides the method we've been
>>> using so far
>>>> (having sponsors for individual meetings) it looks like we can either
>>> start
>>>> encouraging paid memberships or looking for local companies to sponsor
>>> us on an
>>>> annual basis.  I could probably ask the OWASP board for "start up" funds
>>> of some
>>>> sort, since we're a young chapter, but chances are they're going to come
>>> back at
>>>> some point with strong with encouragement to start asking people to join
>>> as
>>>> $50/year members.  (Going this route doesn't mean everyone must pay to
>>> join
>>>> meetings.  It just means we'd be pestering you all the time, OPB-style,
>>> to pony
>>>> up. =)  If you guys are cool with that, I'm fine with it as well, but I
>>> had
>>>> initially hoped to establish a strong attendance and regular meetings
>>> before
>>>> going there.
>>>> For FLOSSHack, I'm kind of interested in trying out FreeGeek.  We
>>> haven't had a
>>>> meeting there yet, and it seems it could accommodate quite a few people,
>>> even if
>>>> folks do get a bit spread out through the building.  (That may actually
>>> be OK
>>>> for this kind of event, as folks might want to be heads-down hacking now
>>> and
>>>> then with less interruption.)
>>>>> Regarding Ushahidi, it sounds like they've been making progress with
>>>>> their security group.  Some details are at
>>>>> http://wiki.ushahidi.com/display/WIKI/Security+Working+Group including
>>>>> the submission process (emailing them).  Security issues are published
>>>>> publicly at http://security.ushahidi.com/
>>>> Great!  I'm glad they are getting organized about their security
>>> posture.  Makes
>>>> reporting issues much easier.
>>>>> I'm still figuring out if they'd like to be present (live or virtual)
>>>>> at our meeting but I think the next steps here are to determine where
>>>>> and when we want to do this and how many people will show up.  Towards
>>>>> that end, I think scheduling online last time had good feedback, so I
>>>>> made a link we can schedule with:
>>>>> http://www.doodle.com/mu3486diwmrarpb4
>>>> Great.  I wanted to do this, but hadn't got around to it.  I think based
>>> on the
>>>> replies I received to the "weeknight vs. weekend" question, the majority
>>> of
>>>> people preferred doing it on a weekend.
>>>> The most important consideration, though, is scheduling with our venue.
>>>  If we
>>>> do go with FreeGeek, Sundays would probably be best based on what Paul
>>> told me
>>>> off-list.  Collective Agency probably has a bit more flexibility on this.
>>>> Unfortunately my schedule this month has become totally crazy and I will
>>> be out
>>>> of town for a lot of it.  I've added the weekend days I can do to the
>>> doodle
>>>> page (which are May 19 & 20, or June 2 & 3).  Doing the 2nd and 3rd is
>>> probably
>>>> safest from a planning perspective, but I also don't want to steal any
>>> thunder
>>>> from the meeting we have on the 10th.
>>>>> It's tough to find a good day so I threw some variety in there but
>>>>> it's by no means official - if everyone can find another good day or
>>>>> you want me to add one to the list just let me know, I just wanted to
>>>>> get the ball rolling.  We talked about meeting for 2-4 hours in an
>>>>> evening, so figure 6pm or so on whatever day?
>>>> I'm fine with doing it later in the day on the weekend, but earlier
>>> works too.
>>>> Earlier might be better on a Sunday.
>>>>> Also, did anyone else play with the virtual machine?  Any trouble
>>>>> getting it up and running?
>>>> No time yet. =(  I'm sure it won't be too tough to throw together though.
>>>> Thanks for keeping the ball rolling!
>>>> tim
>>> _______________________________________________
>>> Owasp-portland mailing list
>>> Owasp-portland at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-portland

More information about the Owasp-portland mailing list