Web Application Security
Re: Shameless plug: OWASP Board Elections Oct 22 2014 05:53PM
Brian Zaugg (bzaugg authentic8 com) (1 replies)
Here! Here! I like the idea of making the list more active and useful.
And, a good article on cross-domain policy and CSRF is a great start.

Brian

>
> On Tue, Oct 21, 2014 at 9:01 AM, Robin Wood <robin (at) digi (dot) ninj [email concealed]a> wrote:
>>
>> Hi
>> I'd love to see the list going again and getting more use. I think my
>> reason for not using it is that it isn't being used so I forget about
>> it, it needs traffic to gain some traction and remind people it
>> exists.
>>
>> I'll make sure that I post some questions when they come up, see if we
>> can get it moving again.
>>
>> As a start, I've just watched this brilliant explanation of why an
>> open crossdomain policy file is bad, I'd really recommend it to any
>> app testers.
>>
>> http://www.irongeek.com/i.php?page=videos/derbycon4/t505-swf-seeking-laz
y-admin-for-cross-domain-action-seth-art
>>
>> Robin
>>
>> PS, as I've just found out, the list doesn't like MIME encoded mails
>> so if you are sending through Gmail make sure you set the mail to
>> plain text. I can't find a way to do this through the Android Gmail
>> client though so if anyone knows how please share.
>>
>> On 21 October 2014 03:46, Andrew van der Stock <vanderaj (at) greebo (dot) net [email concealed]> wrote:
>> > Hi there,
>> >
>> > Apologies for complete self interest where the list admin (me) pushes
>> > a personal interest (OWASP). However, I believe the Open Web
>> > Application Security Project is on topic for the web application
>> > security mail list, and I wouldn't normally do it (you can check -
>> > I've been moderator since 2004), but it's important.
>> >
>> > Beyond the plug below - I am very interested in ways we can revitalise
>> > this list. I don't know about you, but getting CFPs and not much else
>> > is getting old. Please reply and discuss how we might achieve that,
>> > because the list has become pretty moribund.
>> >
>> > Shameless plug-a-rama:
>> >
>> > Full disclosure: not only is OWASP a long standing personal interest
>> > of mine, I'm
>> > also standing for the Board. That said, I'm not asking you to vote for
>> > me (although that would be lovely!), I *am* asking you to vote if you
>> > are an OWASP member!
>> >
>> > For those list members who are also OWASP members, please be aware
>> > that there was a technical issue in relation to expired members not
>> > getting a renewal notice, and thus not getting a ballot to vote. That
>> > issue should be resolved now. You have until the 24th to renew and
>> > then vote. More details:
>> >
>> > http://lists.owasp.org/pipermail/owasp-community/2014-October/000399.htm
l
>> >
>> > The election has been extended to October 31 for all electors to cope
>> > with renewals and then give you time to make an informed vote.
>> >
>> > Please review the candidate interviews, and then place your vote.
>> > HIstorically, our elections have been not representative of the OWASP
>> > global membership as for whatever reason, members outside of the US
>> > chose not to vote as often as OWASP US members. Let's get out the
>> > vote!
>> >
>> > Look through these interviews, work out who are your favorite three
>> > candidates, and vote for OWASP's future!
>> >
>> > https://www.owasp.org/index.php/2014_Board_Elections#2014_Board_Candidat
e_Interviews
>> >
>> > End shameless plug
>> >
>> > thanks,
>> > Andrew
>> >
>> >
>> >
>> > This list is sponsored by Cenzic
>> > --------------------------------------
>> > Let Us Hack You. Before Hackers Do!
>> > It's Finally Here - The Cenzic Website HealthCheck. FREE.
>> > Request Yours Now!
>> > http://www.cenzic.com/2009HClaunch_Securityfocus
>> > --------------------------------------
>> >
>>
>>
>>
>> This list is sponsored by Cenzic
>> --------------------------------------
>> Let Us Hack You. Before Hackers Do!
>> It's Finally Here - The Cenzic Website HealthCheck. FREE.
>> Request Yours Now!
>> http://www.cenzic.com/2009HClaunch_Securityfocus
>> --------------------------------------
>>
>

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]
Re: Shameless plug: OWASP Board Elections Oct 24 2014 08:35PM
Seth Art (sethsec gmail com) (1 replies)
Re: Shameless plug: OWASP Board Elections Oct 27 2014 09:26AM
Robin Wood (robin digi ninja)


 

Privacy Statement
Copyright 2010, SecurityFocus