[Owasp-testing] OSSTMM manual
daniel.cuthbert at owasp.org
Fri Jan 19 09:18:59 EST 2007
rage? me? pfft you haven't met me yet, i rarely get angry.
All i was saying was that OWASP and the OSSTM have different
ideologies. As it was just pointed out, they use the term open source
very very very loosely.
If it was open source, why can i not get hold of a copy of the RC
beta for version 3 right now and look at it?
Sorry if you thought i was angry, it was totally the opposite and
called sarcasm :0)
Personally i want to stay FAR away from OSSTM and since 2001, we have
never joined forces and worked with Pete
On 19 Jan 2007, at 20:44, Matteo G.P. Flora wrote:
> On Jan 19, 2007, at 2:32 PM, Daniel Cuthbert wrote:
>> Hang on one moment on the group hug there busta!!
> Daniel, I really don't understand your rage, but I'll try (again)
> to cope with anger. Anger has always been the worst of the counselors.
>> The latest version is OSSTMM.3.0 (which is in RC mode). Now to
>> access this you need to be a GOLD, or Silver, member and Gold
>> costs $259 and Silver $49
>> If you want the free version, well thats stuck at ver 2.0 and has
>> been for years now.
> OSSTMM is in RC and will see the light in just a few time.
> You can rest assured of this since I've talked with Pete about that
> a lot of times. (And is someone care I perfectly agree on "2.0
> sucks", while 3.0 is another thing at all...).
>> If you are saying we collaborate, and i have no issue with this,
>> then something needs to be done.
> I'm sure we can find an accommodation and I'm sure I'll be able to
> provide the 3.0 for review to a panel of OWASP... Or so I think...
> I may have to press Pete a little, but I'm sure that's feasible.
> And I don't really believe in "insurmountable" tasks.
>> It might say open source on the tin, but from where im sitting it
>> looks like a pay as you go open source and im sorry, none of the
>> content i have written will ever be charged for and this is one of
>> the sole reasons i joined with Mark and Jeff when OWASP was
>> started back in the day.
> No one told you to give content to OSSTMM.
> We were discussing in "taking" content from OSSTMM acknowledging
> the source and have OSSTMM "refer" to code within OWASP.
> Sorry if my bad english went in the way and you were lead to think
> I'd give your work for a paid submission.. That wasn't my idea.
> Hope this explain it all... And sorry again for my "spaghetti
> english" ;)
> Matteo G.P. Flora | mf at matteoflora.com | www.MatteoFlora.com
> Pres. Milano AIP-ITCS #2657 | IEEE CS Member #80409490 | WOT Notary
> Direttore Tecnico Osservatorio Permanente Privacy e Sicurezza (OPSI)
> Privacy & Security Consultant | Forensic Examiner | SEO Expert
> Secure Channel | pgp F3B6BC10 | 1984-at-nym.hush-dot-com
More information about the Owasp-testing