[Owasp-portland] FLOSSHack Details and Potential Targets

Timothy D. Morgan tmorgan-owasp at vsecurity.com
Wed May 16 11:53:41 UTC 2012

As much as I don't want to keep pushing the date back, I think it probably is
best to push the first FLOSSHack out past the June 11th meeting.  Most of the
pieces are falling into place now, so I do want to nail down a date, even if it
is a ways out.  That'll give us a deadline to work towards on other logistics.

Let me ask about FreeGeek availability in late June and I'll get back to you all.


On 05/11/2012 11:02 AM, Matthew Lapworth wrote:
> Later in June would actually work better for me, like the weekend of June
> 23rd. FreeGeek sounds like a good place to start and I like the suggestion
> about being spread out a little so you can go heads down on a problem. If
> FreeGeek doesn't work out, I might be able to get work to sponsor a monthly
> session but I'll have to check on that after the start of the fiscal year
> next month. I'm with Tim that funding the chapter OPB style would not be
> ideal this early. Might be my naive thinking, but given the
> start-up/venture capital scene in Portland, getting a few companies to pony
> up a few bucks a month shouldn't be that hard. Maybe in return we could
> hold brown-bag sessions to talk about things we learned at a high level.
> I'm planning on working on getting the VM up and running this weekend as
> it's my first free time in a long while.
> Cheers,
> Matt
> On Thu, May 10, 2012 at 4:23 PM, Wil Clouser <clouserw at gmail.com> wrote:
>> I didn't know we had a meeting scheduled for the 10th.  Maybe we could
>> use that meeting to remind people about this and do the FLOSSHack a
>> couple weeks afterwards (giving time for people to set up the VM).  I
>> scheduled it close in just because otherwise it might get put off
>> forever but bumping to mid-late June could be a good idea.
>> Wil
>> On Thu, May 10, 2012 at 4:03 PM, Timothy D. Morgan
>> <tmorgan-owasp at vsecurity.com> wrote:
>>> Hi Wil,
>>>> The options they were looking at to allow groups to use the space in
>>>> the evenings/weekends for a reduced rate didn't pass the board vote so
>>>> that is out.  As a member, I can sponsor 2 hours of meeting time this
>>>> month for the OWASP meeting, anything over that hits the regular
>>>> $35/hour rate.
>>> That's great to know about for future meetings with Collective Agency.
>>  Thanks
>>> for following up with that.  We could either find a sponsor for the
>> meeting to
>>> extend it to 4 hours for a very reasonable $70, or just have it
>> elsewhere.
>>> Anyone think their company would jump at the chance to sponsor it?
>>>> I know we were talking about a longer get together so
>>>> I'm not sure if that'll work or not.  Timothy, did you investigate
>>>> getting any funds from OWASP?
>>> I did read up on chapter funding, and besides the method we've been
>> using so far
>>> (having sponsors for individual meetings) it looks like we can either
>> start
>>> encouraging paid memberships or looking for local companies to sponsor
>> us on an
>>> annual basis.  I could probably ask the OWASP board for "start up" funds
>> of some
>>> sort, since we're a young chapter, but chances are they're going to come
>> back at
>>> some point with strong with encouragement to start asking people to join
>> as
>>> $50/year members.  (Going this route doesn't mean everyone must pay to
>> join
>>> meetings.  It just means we'd be pestering you all the time, OPB-style,
>> to pony
>>> up. =)  If you guys are cool with that, I'm fine with it as well, but I
>> had
>>> initially hoped to establish a strong attendance and regular meetings
>> before
>>> going there.
>>> For FLOSSHack, I'm kind of interested in trying out FreeGeek.  We
>> haven't had a
>>> meeting there yet, and it seems it could accommodate quite a few people,
>> even if
>>> folks do get a bit spread out through the building.  (That may actually
>> be OK
>>> for this kind of event, as folks might want to be heads-down hacking now
>> and
>>> then with less interruption.)
>>>> Regarding Ushahidi, it sounds like they've been making progress with
>>>> their security group.  Some details are at
>>>> http://wiki.ushahidi.com/display/WIKI/Security+Working+Group including
>>>> the submission process (emailing them).  Security issues are published
>>>> publicly at http://security.ushahidi.com/
>>> Great!  I'm glad they are getting organized about their security
>> posture.  Makes
>>> reporting issues much easier.
>>>> I'm still figuring out if they'd like to be present (live or virtual)
>>>> at our meeting but I think the next steps here are to determine where
>>>> and when we want to do this and how many people will show up.  Towards
>>>> that end, I think scheduling online last time had good feedback, so I
>>>> made a link we can schedule with:
>>>> http://www.doodle.com/mu3486diwmrarpb4
>>> Great.  I wanted to do this, but hadn't got around to it.  I think based
>> on the
>>> replies I received to the "weeknight vs. weekend" question, the majority
>> of
>>> people preferred doing it on a weekend.
>>> The most important consideration, though, is scheduling with our venue.
>>  If we
>>> do go with FreeGeek, Sundays would probably be best based on what Paul
>> told me
>>> off-list.  Collective Agency probably has a bit more flexibility on this.
>>> Unfortunately my schedule this month has become totally crazy and I will
>> be out
>>> of town for a lot of it.  I've added the weekend days I can do to the
>> doodle
>>> page (which are May 19 & 20, or June 2 & 3).  Doing the 2nd and 3rd is
>> probably
>>> safest from a planning perspective, but I also don't want to steal any
>> thunder
>>> from the meeting we have on the 10th.
>>>> It's tough to find a good day so I threw some variety in there but
>>>> it's by no means official - if everyone can find another good day or
>>>> you want me to add one to the list just let me know, I just wanted to
>>>> get the ball rolling.  We talked about meeting for 2-4 hours in an
>>>> evening, so figure 6pm or so on whatever day?
>>> I'm fine with doing it later in the day on the weekend, but earlier
>> works too.
>>> Earlier might be better on a Sunday.
>>>> Also, did anyone else play with the virtual machine?  Any trouble
>>>> getting it up and running?
>>> No time yet. =(  I'm sure it won't be too tough to throw together though.
>>> Thanks for keeping the ball rolling!
>>> tim
>> _______________________________________________
>> Owasp-portland mailing list
>> Owasp-portland at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-portland

More information about the Owasp-portland mailing list