[Owasp-testing] WARNING: Dummies & Managers Ahead (aka my 2 cents for you...)

Eoin eoinkeary at gmail.com
Wed Oct 18 13:42:26 EDT 2006


HI Matteo,
If the majority of the team wish to add the "idiots guide" (this makes me
smile), then so be it, cool.

I think we should be carefull that we dont reinvent  the wheel or repeat
definitions that we already have on the site. We can simply add a URL to a
section on the OWASP site to the same information.?

Matteo (Meucci), as technical AoC lead, its your call, if thats  ok with
everyone?

Eoin




On 18/10/06, Matteo G.P. Flora <mf at matteoflora.com> wrote:
>
> On 10/18/06, Eoin <eoinkeary at gmail.com> wrote:
> ...
> > I think the  agreement already is to stick to the "how to test"
> information
> > and leave the theory and background other section of the site which
> already
> > exist.
>
> Hi Eoin and thanx for the answer,
>
> sorry for being blunt, but I humbly think this way you'll just loose
> 80% of the audience.
> The world isnt' made by pentest-geniouses and while I don't suggest to
> explain "what a cookie is" I strongly suggest to give the idiots a
> chance...
>
> "That's, of course, just my 2eurocents, but you can't suppose everyone
> will know everything and all the document risks to be setted in a
> corner for reference only by managers. And this means it will be
> setted in a corner by decision makers. And this means less and less
> adoption...
>
> That's, of course, just my opinion having to handle to tenths of
> organizations that choose ISO27001 over OSSTTMM for VA only because
> thay understand the former and not the latter...
>
> This said it's not a religious belief on my side and I may be (and
> probabily am) wrong...
>
> Think about how many people know laws... And what's the problem of laws?
>
> "The former article XXX of YYY is changed according to YYY and XXX
> while articole WWW will modify TTT to be real at EEE on ZZZ."
>
>
>
> My 2eurocents as always and I'll not pursue this more.
>
> MgpF
>
> --
> Matteo G.P. Flora | mf at matteoflora.com | www.MatteoFlora.com
> Pres. Milano AIP-ITCS #2657 | IEEE CS Member #80409490 | WOT Notary
> Direttore Tecnico Osservatorio Permanente Privacy e Sicurezza (OPSI)
> Privacy & Security Consultant | Forensic Examiner | SEO Expert
> Secure Channel | pgp F3B6BC10 | 1984-at-nym.hush-dot-com
>



-- 
Eoin Keary OWASP - Ireland
http://www.owasp.org/local/ireland.html
http://www.owasp.org/index.php/OWASP_Testing_Project
http://www.owasp.org/index.php/OWASP_Code_Review_Project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-testing/attachments/20061018/1bb53af1/attachment-0002.html 


More information about the Owasp-testing mailing list