[Owasp-portuguese] [Owasp-leaders] Released: OWASP Top 10 – 2017 Release Candidate

Filipe Lacerda filipe.lacerda at lusolabs.com
Sat Apr 15 10:40:20 UTC 2017


Ola Carlos, Paulo e restantes,

Eu alinho na tradução também. Há muito que não faço uma dessas. Volto a Portugal na próxima semana e posso reservar umas horas para isto. Definam em que formato e seguimos em frente. De látex sei pouco ou nada.

Um abraço, e boa Páscoa,
Filipe

On April 15, 2017 11:58:02 AM GMT+02:00, "Carlos Serrão" <carlos.serrao at owasp.org> wrote:
>Paulo e restantes,
>quando fizemos a tradução do Top 10 de 2010, o mesmo foi feito em Word.
>
>Como disse, a abordagem mais simples é:
>
>1. Reunimos voluntários
>2. Atribuimos 1 página a cada voluntário para traduzir o texto… e
>podemos usar o formato que quisermos
>3. Atribuimos 2 revisores para rever o capítulo que cada um traduziu
>4. Um de nós, importa o texto traduzido para o template final (sim, o
>tal que é em PPTX)
>5. Revemos mais umas vezes e ….
>6. Aprovamos e divulgamos.
>
>Abraço e boa Páscoa para todos!
>
>> On 15 Apr 2017, at 00:56, Paulo Silva <pauloasilva at gmail.com> wrote:
>> 
>> Olá Kembolle,
>> o Carlos fez a experiência no crowdin mas o documento original não é
>uma boa source devido ao formato (pdf e/ou pptx), tendo acabado por
>converter para texto por forma a possibilitar a tradução na plataforma.
>> 
>> Como é que vocês costumam fazer?
>> 
>> Vejo ainda uma outra possibilidade que tornaria o documento mais vivo
>e aberto a contribuições, que seria no formato gitbook.
>> 
>> Embora concorde com o Carlos quando ele diz que é o conteúdo que
>importa, acho importante que o documento mantenha a identidade.
>> 
>> No limite avançamos com tecnologia "moderna": LibreOffice e Master
>documents ;)
>> 
>> Em 15/04/2017 00:22, "Kembolle Amilkar" <kembolle at owasp.org
><mailto:kembolle at owasp.org>> escreveu:
>> Muito legal a iniciativa.
>> Nós do cap. cuiabá utilizamos uma ferramenta chamada
>https://crowdin.com/ <https://crowdin.com/> para realizar tradução em
>varios membros, caso ainda dê tempo gostaria de participar tambem desta
>tradução caso puder.
>> 
>> Cheers!
>> 
>> 
>> --
>> Kembolle A. Oliveira
>> Computer Forensic Science and IT Security Professional.
>> Contact: Home  <http://www.kembolle.com.br/p/fale-conosco.html#>|
>Blog  <http://www.blog.kembolle.com.br/>| Linkedin 
><http://www.linkedin.com/in/kembolle>| Email 
><mailto:contato at kembolle.com.br>| Mobile  <>| Owasp Cuiabá
><https://www.owasp.org/index.php/Cuiaba>
>> 
>> Em 13 de abril de 2017 09:59, Carlos Serrão <carlos.serrao at owasp.org
><mailto:carlos.serrao at owasp.org>> escreveu:
>> 
>>> On 13 Apr 2017, at 14:46, Paulo Silva <pauloasilva at gmail.com
><mailto:pauloasilva at gmail.com>> wrote:
>>> 
>>> Eu alinho, mas temos que pensar muito bem nisso
>>> 
>>> 1. Nem toda a gente é proficiente em LaTeX
>>> 2. Os TOP 10 "tendem a inovar" em design
>>> 
>>> Tens alguma ideia na manga para manter o layout do TOP 10 2017, que
>não seja usar tabular data em LaTeX, ou assumiríamos desde logo um novo
>formato?
>> 
>> Eu acho que o mais importante é o conteúdo, e não o formato!
>> Se tivermos que assumir um novo formato, porque uma questão de
>portabilidade e de manutenção, não vejo porque não o fazer!
>> 
>>> 
>>> Qualquer coisa mais light, como Markdow, faz sentido (ex. Gitbook?)
>>> 
>>> Em 13/04/2017 14:11, "Carlos Serrão" <carlos.serrao at owasp.org
><mailto:carlos.serrao at owasp.org>> escreveu:
>>> Pois,
>>> eu bem que te dizia… PPTX para um documento destes não faz muito
>sentido!!!
>>> 
>>> Eu acho que poderíamos ser nós a inovar isto, e fazer uma versão em
>Latex? O que vos parece?!? E se ficasse apetecível até poderíamos
>propor isso como a base para os próximos documentos da OWASP.
>>> 
>>>> On 13 Apr 2017, at 13:15, Paulo Silva <pauloasilva at gmail.com
><mailto:pauloasilva at gmail.com>> wrote:
>>>> 
>>>> @Carlos Serrão: e lá está o famoso PPTX[1] :D
>>>> 
>>>> Velhos hábitos...
>>>> 
>>>> 
>>>> [1]:
>https://github.com/OWASP/Top10/blob/4664182b012379948ca56372d6b0d4d1aed39322/2017/OWASP%20Top%2010%20-%202017%20RC1-English.pptx
><https://github.com/OWASP/Top10/blob/4664182b012379948ca56372d6b0d4d1aed39322/2017/OWASP%20Top%2010%20-%202017%20RC1-English.pptx>
>>>> 
>>>> 2017-04-13 13:08 GMT+01:00 Carlos Serrão <carlos.serrao at owasp.org
><mailto:carlos.serrao at owasp.org>>:
>>>> Óptimo!
>>>> Para isto não custar muito… e à semelhança do que aconteceu noutros
>projectos de tradução, sugiro:
>>>> 
>>>> - cada um traduza 1 ou 2 páginas;
>>>> - depois seja feita duplo peer-review para validar tradução.
>>>> 
>>>> Abraço.
>>>> 
>>>> 
>>>>> On 13 Apr 2017, at 13:02, Paulo Silva <pauloasilva at gmail.com
><mailto:pauloasilva at gmail.com>> wrote:
>>>>> 
>>>>> Vou pedir ao restante pessoal para se juntar aqui à ML para
>conseguirmos coordenar
>>>>> 
>>>>> 
>>>>> 2017-04-13 12:45 GMT+01:00 Carlos Serrão <carlos.serrao at owasp.org
><mailto:carlos.serrao at owasp.org>>:
>>>>> Obrigado Ricardo!
>>>>> 
>>>>>> On 13 Apr 2017, at 11:56, Ricardo M <ricardomcm at gmail.com
><mailto:ricardomcm at gmail.com>> wrote:
>>>>>> 
>>>>>> Here! Também poderei ajudar.
>>>>>> 
>>>>>> Abraço.
>>>>>> 
>>>>>> No dia 13 de abril de 2017 às 10:05, Carlos Serrão
><carlos.serrao at owasp.org <mailto:carlos.serrao at owasp.org>> escreveu:
>>>>>> Ok,
>>>>>> let’s do this!
>>>>>> 
>>>>>>> On 13 Apr 2017, at 10:04, Paulo Silva <pauloasilva at gmail.com
><mailto:pauloasilva at gmail.com>> wrote:
>>>>>>> 
>>>>>>> Sempre "mais open".
>>>>>>> 
>>>>>>> A última tradução em que participei foi feita no
>https://crowdin.com/ <https://crowdin.com/>: a OWASP tem lá alguns
>projetos.
>>>>>>> É colaborativo e à base de "peer review". A tradução é feita por
>blocos/parágrafos. Podemos testar a ver se funciona para todos.
>>>>>>> 
>>>>>>> 
>>>>>>> 2017-04-13 9:59 GMT+01:00 Carlos Serrão <carlos.serrao at owasp.org
><mailto:carlos.serrao at owasp.org>>:
>>>>>>> Yep
>>>>>>> concordo!
>>>>>>> 
>>>>>>> Vou então fazer o kick-start disso.
>>>>>>> O ideal, era usar a mesma abordagem que fizemos anteriormente,
>i.e., dividir o documento em diferentes capítulos e depois existir um
>responsável pela tradução dos mesmos.
>>>>>>> 
>>>>>>> Ferramentas? Word? Ou preferem optar por mais open? Tipo
>OpenOffice/LibreOffice? Ou até mesmo Latex?
>>>>>>> 
>>>>>>> Quando decidirmos isso, crio o projecto no Github e começamos a
>angariar voluntários!
>>>>>>> 
>>>>>>> Aguardo o vosso feedback.
>>>>>>> 
>>>>>>>> On 12 Apr 2017, at 11:26, Paulo Silva <pauloasilva at gmail.com
><mailto:pauloasilva at gmail.com>> wrote:
>>>>>>>> 
>>>>>>>> Para iniciar os trabalhos de tradução, sim, no entanto acho que
>devemos fazer um trabalho preliminar de familiarização com o documento,
>podendo até resultar em algum comentário pertinente à RC, até porque
>este documento inclui "coisas novas".
>>>>>>>> 
>>>>>>>> On Wed, Apr 12, 2017 at 11:06 AM, Carlos Serrão
><carlos.serrao at owasp.org <mailto:carlos.serrao at owasp.org>> wrote:
>>>>>>>> Paulo,
>>>>>>>> acho uma excelente iniciativa… mas provavelmente é melhor
>aguardarmos a versão final, não acham?
>>>>>>>> 
>>>>>>>> Abraço.
>>>>>>>> 
>>>>>>>>> On 12 Apr 2017, at 10:35, Paulo Silva <pauloasilva at gmail.com
><mailto:pauloasilva at gmail.com>> wrote:
>>>>>>>>> 
>>>>>>>>> Olá Carlos,
>>>>>>>>> É possível que já tenha identificado pessoal interessado em
>participar na tradução para pt-PT.
>>>>>>>>> 
>>>>>>>>> Mais alguém interessado em participar?
>>>>>>>>> 
>>>>>>>>> Abraço,
>>>>>>>>> 
>>>>>>>>> On Wed, Apr 12, 2017 at 10:13 AM, Carlos Serrão
><carlos.serrao at owasp.org <mailto:carlos.serrao at owasp.org>> wrote:
>>>>>>>>> Caros membros,
>>>>>>>>> 
>>>>>>>>> foi lançada a mais recente versão do OWASP Top 10, e que está
>neste momento disponível para comentários.
>>>>>>>>> 
>>>>>>>>> Com os melhores cumprimentos,
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>>> Begin forwarded message:
>>>>>>>>>> 
>>>>>>>>>> From: Dave Wichers <dave.wichers at owasp.org
><mailto:dave.wichers at owasp.org>>
>>>>>>>>>> Subject: [Owasp-leaders] Released: OWASP Top 10 – 2017
>Release Candidate
>>>>>>>>>> Date: 10 April 2017 at 15:36:16 GMT+1
>>>>>>>>>> To: OWASP Leaders <owasp-leaders at lists.owasp.org
><mailto:owasp-leaders at lists.owasp.org>>, OWASP TopTen
><owasp-topten at lists.owasp.org <mailto:owasp-topten at lists.owasp.org>>
>>>>>>>>>> 
>>>>>>>>>> OWASP Leaders!
>>>>>>>>>> 
>>>>>>>>>> The Release Candidate for the OWASP Top 10 – 2017 is now
>available! (Attached)
>>>>>>>>>> 
>>>>>>>>>> It’s also available for Download here
><https://github.com/OWASP/Top10/raw/master/2017/OWASP%20Top%2010%20-%202017%20RC1-English.pdf>
>>>>>>>>>> 
>>>>>>>>>> Please forward to all the developers and development teams
>you know!! I’d love to get feedback from them too, and to start
>immediately raising awareness about what’s changed in this update to
>the OWASP Top 10. The primary change is the addition of two new
>categories:
>>>>>>>>>> 
>>>>>>>>>> 2017-A7: Insufficient Attack Protection
>>>>>>>>>> 2017-A10: Underprotected APIs
>>>>>>>>>> 
>>>>>>>>>> We plan to release the final version of the OWASP Top 10 -
>2017 in July or Aug. 2017 after a public comment period ending June 30,
>2017.
>>>>>>>>>> 
>>>>>>>>>> Constructive comments on this OWASP Top 10 - 2017 Release
>Candidate should be forwarded via email to OWASP-TopTen at lists.owasp.org
><mailto:OWASP-TopTen at lists.owasp.org>. Private comments may be sent to
>dave.wichers at owasp.org <mailto:dave.wichers at owasp.org> .  Anonymous
>comments are welcome.  All  non-private comments will be catalogued and
>published at the same time as the final public release.  Comments
>recommending changes to the items listed in the Top 10 should include a
>complete suggested list of changes, along with a rationale for any
>changes. All comments should indicate the specific relevant page and
>section.
>>>>>>>>>> 
>>>>>>>>>> Your feedback is critical to the continued success of the
>OWASP Top 10 Project. Thank you all for your dedication to improving
>the security of the world’s software for everyone.
>>>>>>>>>> 
>>>>>>>>>> Thanks, Dave
>>>>>>>>>> 
>>>>>>>>>> OWASP Top 10 Project Lead
>>>>>>>>> 
>>>>>>>>>> _______________________________________________
>>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>>> OWASP-Leaders at lists.owasp.org
><mailto:OWASP-Leaders at lists.owasp.org>
>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
><https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>>>>>>>> 
>>>>>>>>> Carlos Serrão
>>>>>>>>> OWASP <http://www.owasp.org/>.PT
><http://www.owasp.org/index.php/Portuguese> chapter
>>>>>>>>> 
>>>>>>>>>  <http://www.owasp.org/>
>>>>>>>>> blog <https://www.carlosserrao.net/> | skype <> | linkedin
><http://pt.linkedin.com/in/carlosserrao> | twitter
><http://twitter.com/#!/pontocom> | facebook
><https://www.facebook.com/carlosserrao> | google+
><https://profiles.google.com/u/0/carlos.j.serrao/about>
>>>>>>>>> 
>>>>>>>>> _______________________________________________
>>>>>>>>> Owasp-portuguese mailing list
>>>>>>>>> Owasp-portuguese at lists.owasp.org
><mailto:Owasp-portuguese at lists.owasp.org>
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
><https://lists.owasp.org/mailman/listinfo/owasp-portuguese>
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> --
>>>>>>>>> Paulo A. Silva
>>>>>>>>> http://tech.pauloasilva.com <http://tech.pauloasilva.com/>
>>>>>>>>> http://a-caminho.de <http://a-caminho.de/>
>>>>>>>>> http://linkedin.com/in/devpauloasilva/
><http://linkedin.com/in/devpauloasilva/>_______________________________________________
>>>>>>>>> Owasp-portuguese mailing list
>>>>>>>>> Owasp-portuguese at lists.owasp.org
><mailto:Owasp-portuguese at lists.owasp.org>
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
><https://lists.owasp.org/mailman/listinfo/owasp-portuguese>
>>>>>>>> Carlos Serrão
>>>>>>>> OWASP <http://www.owasp.org/>.PT
><http://www.owasp.org/index.php/Portuguese> chapter
>>>>>>>> 
>>>>>>>>  <http://www.owasp.org/>
>>>>>>>> blog <https://www.carlosserrao.net/> | skype <> | linkedin
><http://pt.linkedin.com/in/carlosserrao> | twitter
><http://twitter.com/#!/pontocom> | facebook
><https://www.facebook.com/carlosserrao> | google+
><https://profiles.google.com/u/0/carlos.j.serrao/about>
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> --
>>>>>>>> Paulo A. Silva
>>>>>>>> http://tech.pauloasilva.com <http://tech.pauloasilva.com/>
>>>>>>>> http://a-caminho.de <http://a-caminho.de/>
>>>>>>>> http://linkedin.com/in/devpauloasilva/
><http://linkedin.com/in/devpauloasilva/>
>>>>>>> Carlos Serrão
>>>>>>> OWASP <http://www.owasp.org/>.PT
><http://www.owasp.org/index.php/Portuguese> chapter
>>>>>>> 
>>>>>>>  <http://www.owasp.org/>
>>>>>>> blog <https://www.carlosserrao.net/> | skype <> | linkedin
><http://pt.linkedin.com/in/carlosserrao> | twitter
><http://twitter.com/#!/pontocom> | facebook
><https://www.facebook.com/carlosserrao> | google+
><https://profiles.google.com/u/0/carlos.j.serrao/about>
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> --
>>>>>>> Paulo A. Silva
>>>>>>> http://tech.pauloasilva.com <http://tech.pauloasilva.com/>
>>>>>>> http://a-caminho.de <http://a-caminho.de/>
>>>>>>> http://linkedin.com/in/devpauloasilva/
><http://linkedin.com/in/devpauloasilva/>_______________________________________________
>>>>>>> Owasp-portuguese mailing list
>>>>>>> Owasp-portuguese at lists.owasp.org
><mailto:Owasp-portuguese at lists.owasp.org>
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
><https://lists.owasp.org/mailman/listinfo/owasp-portuguese>
>>>>>> Carlos Serrão
>>>>>> OWASP <http://www.owasp.org/>.PT
><http://www.owasp.org/index.php/Portuguese> chapter
>>>>>> 
>>>>>>  <http://www.owasp.org/>
>>>>>> blog <https://www.carlosserrao.net/> | skype <> | linkedin
><http://pt.linkedin.com/in/carlosserrao> | twitter
><http://twitter.com/#!/pontocom> | facebook
><https://www.facebook.com/carlosserrao> | google+
><https://profiles.google.com/u/0/carlos.j.serrao/about>
>>>>>> 
>>>>>> _______________________________________________
>>>>>> Owasp-portuguese mailing list
>>>>>> Owasp-portuguese at lists.owasp.org
><mailto:Owasp-portuguese at lists.owasp.org>
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
><https://lists.owasp.org/mailman/listinfo/owasp-portuguese>
>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> Owasp-portuguese mailing list
>>>>>> Owasp-portuguese at lists.owasp.org
><mailto:Owasp-portuguese at lists.owasp.org>
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
><https://lists.owasp.org/mailman/listinfo/owasp-portuguese>
>>>>> 
>>>>> Carlos Serrão
>>>>> OWASP <http://www.owasp.org/>.PT
><http://www.owasp.org/index.php/Portuguese> chapter
>>>>> 
>>>>>  <http://www.owasp.org/>
>>>>> blog <https://www.carlosserrao.net/> | skype <> | linkedin
><http://pt.linkedin.com/in/carlosserrao> | twitter
><http://twitter.com/#!/pontocom> | facebook
><https://www.facebook.com/carlosserrao> | google+
><https://profiles.google.com/u/0/carlos.j.serrao/about>
>>>>> 
>>>>> _______________________________________________
>>>>> Owasp-portuguese mailing list
>>>>> Owasp-portuguese at lists.owasp.org
><mailto:Owasp-portuguese at lists.owasp.org>
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
><https://lists.owasp.org/mailman/listinfo/owasp-portuguese>
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> --
>>>>> Paulo A. Silva
>>>>> http://tech.pauloasilva.com <http://tech.pauloasilva.com/>
>>>>> http://a-caminho.de <http://a-caminho.de/>
>>>>> http://linkedin.com/in/devpauloasilva/
><http://linkedin.com/in/devpauloasilva/>_______________________________________________
>>>>> Owasp-portuguese mailing list
>>>>> Owasp-portuguese at lists.owasp.org
><mailto:Owasp-portuguese at lists.owasp.org>
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
><https://lists.owasp.org/mailman/listinfo/owasp-portuguese>
>>>> Carlos Serrão
>>>> OWASP <http://www.owasp.org/>.PT
><http://www.owasp.org/index.php/Portuguese> chapter
>>>> 
>>>>  <http://www.owasp.org/>
>>>> blog <https://www.carlosserrao.net/> | skype <> | linkedin
><http://pt.linkedin.com/in/carlosserrao> | twitter
><http://twitter.com/#!/pontocom> | facebook
><https://www.facebook.com/carlosserrao> | google+
><https://profiles.google.com/u/0/carlos.j.serrao/about>
>>>> 
>>>> 
>>>> 
>>>> --
>>>> Paulo A. Silva
>>>> http://tech.pauloasilva.com <http://tech.pauloasilva.com/>
>>>> http://a-caminho.de <http://a-caminho.de/>
>>>> http://linkedin.com/in/devpauloasilva/
><http://linkedin.com/in/devpauloasilva/>
>>> Carlos Serrão
>>> OWASP <http://www.owasp.org/>.PT
><http://www.owasp.org/index.php/Portuguese> chapter
>>> 
>>>  <http://www.owasp.org/>
>>> blog <https://www.carlosserrao.net/> | skype <> | linkedin
><http://pt.linkedin.com/in/carlosserrao> | twitter
><http://twitter.com/#!/pontocom> | facebook
><https://www.facebook.com/carlosserrao> | google+
><https://profiles.google.com/u/0/carlos.j.serrao/about>
>>> 
>>> 
>>> _______________________________________________
>>> Owasp-portuguese mailing list
>>> Owasp-portuguese at lists.owasp.org
><mailto:Owasp-portuguese at lists.owasp.org>
>>> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
><https://lists.owasp.org/mailman/listinfo/owasp-portuguese>
>> 
>> 
>> Carlos Serrão
>> OWASP <http://www.owasp.org/>.PT
><http://www.owasp.org/index.php/Portuguese> chapter
>> 
>>  <http://www.owasp.org/>
>> blog <https://www.carlosserrao.net/> | skype <> | linkedin
><http://pt.linkedin.com/in/carlosserrao> | twitter
><http://twitter.com/#!/pontocom> | facebook
><https://www.facebook.com/carlosserrao> | google+
><https://profiles.google.com/u/0/carlos.j.serrao/about>
>> 
>> 
>> _______________________________________________
>> Owasp-portuguese mailing list
>> Owasp-portuguese at lists.owasp.org
><mailto:Owasp-portuguese at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
><https://lists.owasp.org/mailman/listinfo/owasp-portuguese>
>> 
>> 
>> 
>
>Carlos Serrão
>OWASP <http://www.owasp.org/>.PT
><http://www.owasp.org/index.php/Portuguese> chapter
>
> <http://www.owasp.org/>
>blog <https://www.carlosserrao.net/> | skype <skype:pontocom73?call> |
>linkedin <http://pt.linkedin.com/in/carlosserrao> | twitter
><http://twitter.com/#!/pontocom> | facebook
><https://www.facebook.com/carlosserrao> | google+
><https://profiles.google.com/u/0/carlos.j.serrao/about>

-- 
Filipe Lacerda
Lusolabs

Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-portuguese/attachments/20170415/9daa2085/attachment-0001.html>


More information about the Owasp-portuguese mailing list