[Owasp-portland] FLOSSHack Details and Potential Targets [Caution: Suspicious Link] [Caution: Suspicious Link]

David Pirolo webmaster at warnerpacific.edu
Fri May 11 19:55:08 UTC 2012


She did ask about terrorism insurance, but I negotiated down to just
liability in case something gets broken. :) I'm checking into seeing if
a refundable damage deposit would work or if can be waived since this is
only 4 hrs.  The person responsible for room reservations is out for the
rest of today so I'll have to get back to the group on Monday.

-D

On Fri, 2012-05-11 at 11:42 -0700, Matthew Lapworth wrote:
> Hey David
> 
> That would be a great setup. What kind of insurance are they looking
> for (theft, fire, attacks by foreign governments)? 
> 
> Matt
> 
> On May 11, 2012 11:36 AM, "David Pirolo" <webmaster at warnerpacific.edu>
> wrote:
>         I'm checking into using a classroom at our college.  Got the
>         blessing
>         from IT and they would be willing to setup a dedicated 10MB
>         circuit for
>         this. I just need facilities to give the OK.
>         
>         One question I was asked is if we have insurance.
>         
>         -D
>         
>         
>         On Fri, 2012-05-11 at 08:02 -0700, Matthew Lapworth wrote:
>         > Later in June would actually work better for me, like the
>         weekend of
>         > June 23rd. FreeGeek sounds like a good place to start and I
>         like the
>         > suggestion about being spread out a little so you can go
>         heads down on
>         > a problem. If FreeGeek doesn't work out, I might be able to
>         get work
>         > to sponsor a monthly session but I'll have to check on that
>         after the
>         > start of the fiscal year next month. I'm with Tim that
>         funding the
>         > chapter OPB style would not be ideal this early. Might be my
>         naive
>         > thinking, but given the start-up/venture capital scene in
>         Portland,
>         > getting a few companies to pony up a few bucks a month
>         shouldn't be
>         > that hard. Maybe in return we could hold brown-bag sessions
>         to talk
>         > about things we learned at a high level.
>         >
>         >
>         > I'm planning on working on getting the VM up and running
>         this weekend
>         > as it's my first free time in a long while.
>         >
>         >
>         > Cheers,
>         > Matt
>         >
>         > On Thu, May 10, 2012 at 4:23 PM, Wil Clouser
>         <clouserw at gmail.com>
>         > wrote:
>         >         I didn't know we had a meeting scheduled for the
>         10th.  Maybe
>         >         we could
>         >         use that meeting to remind people about this and do
>         the
>         >         FLOSSHack a
>         >         couple weeks afterwards (giving time for people to
>         set up the
>         >         VM).  I
>         >         scheduled it close in just because otherwise it
>         might get put
>         >         off
>         >         forever but bumping to mid-late June could be a good
>         idea.
>         >
>         >         Wil
>         >
>         >         On Thu, May 10, 2012 at 4:03 PM, Timothy D. Morgan
>         >         <tmorgan-owasp at vsecurity.com> wrote:
>         >         > Hi Wil,
>         >         >
>         >         >
>         >         >> The options they were looking at to allow groups
>         to use the
>         >         space in
>         >         >> the evenings/weekends for a reduced rate didn't
>         pass the
>         >         board vote so
>         >         >> that is out.  As a member, I can sponsor 2 hours
>         of meeting
>         >         time this
>         >         >> month for the OWASP meeting, anything over that
>         hits the
>         >         regular
>         >         >> $35/hour rate.
>         >         >
>         >         > That's great to know about for future meetings
>         with
>         >         Collective Agency.  Thanks
>         >         > for following up with that.  We could either find
>         a sponsor
>         >         for the meeting to
>         >         > extend it to 4 hours for a very reasonable $70, or
>         just have
>         >         it elsewhere.
>         >         > Anyone think their company would jump at the
>         chance to
>         >         sponsor it?
>         >         >
>         >         >
>         >         >> I know we were talking about a longer get
>         together so
>         >         >> I'm not sure if that'll work or not.  Timothy,
>         did you
>         >         investigate
>         >         >> getting any funds from OWASP?
>         >         >
>         >         > I did read up on chapter funding, and besides the
>         method
>         >         we've been using so far
>         >         > (having sponsors for individual meetings) it looks
>         like we
>         >         can either start
>         >         > encouraging paid memberships or looking for local
>         companies
>         >         to sponsor us on an
>         >         > annual basis.  I could probably ask the OWASP
>         board for
>         >         "start up" funds of some
>         >         > sort, since we're a young chapter, but chances are
>         they're
>         >         going to come back at
>         >         > some point with strong with encouragement to start
>         asking
>         >         people to join as
>         >         > $50/year members.  (Going this route doesn't mean
>         everyone
>         >         must pay to join
>         >         > meetings.  It just means we'd be pestering you all
>         the time,
>         >         OPB-style, to pony
>         >         > up. =)  If you guys are cool with that, I'm fine
>         with it as
>         >         well, but I had
>         >         > initially hoped to establish a strong attendance
>         and regular
>         >         meetings before
>         >         > going there.
>         >         >
>         >         >
>         >         > For FLOSSHack, I'm kind of interested in trying
>         out
>         >         FreeGeek.  We haven't had a
>         >         > meeting there yet, and it seems it could
>         accommodate quite a
>         >         few people, even if
>         >         > folks do get a bit spread out through the
>         building.  (That
>         >         may actually be OK
>         >         > for this kind of event, as folks might want to be
>         heads-down
>         >         hacking now and
>         >         > then with less interruption.)
>         >         >
>         >         >
>         >         >> Regarding Ushahidi, it sounds like they've been
>         making
>         >         progress with
>         >         >> their security group.  Some details are at
>         >         >> http://wiki.ushahidi.com/display/WIKI/Security
>         +Working
>         >         +Group including
>         >         >> the submission process (emailing them).  Security
>         issues
>         >         are published
>         >         >> publicly at http://security.ushahidi.com/
>         >         >
>         >         > Great!  I'm glad they are getting organized about
>         their
>         >         security posture.  Makes
>         >         > reporting issues much easier.
>         >         >
>         >         >
>         >         >> I'm still figuring out if they'd like to be
>         present (live
>         >         or virtual)
>         >         >> at our meeting but I think the next steps here
>         are to
>         >         determine where
>         >         >> and when we want to do this and how many people
>         will show
>         >         up.  Towards
>         >         >> that end, I think scheduling online last time had
>         good
>         >         feedback, so I
>         >         >> made a link we can schedule with:
>         >         >> http://www.doodle.com/mu3486diwmrarpb4
>         >         >
>         >         > Great.  I wanted to do this, but hadn't got around
>         to it.  I
>         >         think based on the
>         >         > replies I received to the "weeknight vs. weekend"
>         question,
>         >         the majority of
>         >         > people preferred doing it on a weekend.
>         >         >
>         >         > The most important consideration, though, is
>         scheduling with
>         >         our venue.  If we
>         >         > do go with FreeGeek, Sundays would probably be
>         best based on
>         >         what Paul told me
>         >         > off-list.  Collective Agency probably has a bit
>         more
>         >         flexibility on this.
>         >         >
>         >         > Unfortunately my schedule this month has become
>         totally
>         >         crazy and I will be out
>         >         > of town for a lot of it.  I've added the weekend
>         days I can
>         >         do to the doodle
>         >         > page (which are May 19 & 20, or June 2 & 3).
>          Doing the 2nd
>         >         and 3rd is probably
>         >         > safest from a planning perspective, but I also
>         don't want to
>         >         steal any thunder
>         >         > from the meeting we have on the 10th.
>         >         >
>         >         >
>         >         >> It's tough to find a good day so I threw some
>         variety in
>         >         there but
>         >         >> it's by no means official - if everyone can find
>         another
>         >         good day or
>         >         >> you want me to add one to the list just let me
>         know, I just
>         >         wanted to
>         >         >> get the ball rolling.  We talked about meeting
>         for 2-4
>         >         hours in an
>         >         >> evening, so figure 6pm or so on whatever day?
>         >         >
>         >         > I'm fine with doing it later in the day on the
>         weekend, but
>         >         earlier works too.
>         >         > Earlier might be better on a Sunday.
>         >         >
>         >         >> Also, did anyone else play with the virtual
>         machine?  Any
>         >         trouble
>         >         >> getting it up and running?
>         >         >
>         >         > No time yet. =(  I'm sure it won't be too tough to
>         throw
>         >         together though.
>         >         >
>         >         > Thanks for keeping the ball rolling!
>         >         > tim
>         >         _______________________________________________
>         >         Owasp-portland mailing list
>         >         Owasp-portland at lists.owasp.org
>         >
>         https://lists.owasp.org/mailman/listinfo/owasp-portland
>         >
>         >
>         >
>         >
>         >
>         > --
>         > Matthew Lapworth
>         > http://www.bit-shift.net
>         >
>         > We are what we repeatedly do. Excellence then is not an act,
>         but a
>         > habit.
>         >   - Aristotle
>         >
>         > _______________________________________________
>         > Owasp-portland mailing list
>         > Owasp-portland at lists.owasp.org
>         > https://lists.owasp.org/mailman/listinfo/owasp-portland
>         
>         




More information about the Owasp-portland mailing list