[Evangelism] Hack Plone! Win a Mac!

Dylan Jay djay at pretaweb.com
Thu Nov 26 21:06:00 UTC 2009 

Worst case is really bad publicity.  But then is it?
If it got hacked we'd patch it immediatly and patch most systems out  
there and we'd explain how that system works in advance. Basically use  
it to explain how open source increases security and speed of patches.
It would also show that we take security seriously.

Dylan Jay
Technical solution manager
PretaWeb 99552830

On 27/11/2009, at 2:09 AM, Norman Fournier <norman at normanfournier.com>  
wrote:

> Hello,
>
> Worst case scenario. What if we are wrong?
>
> Some smart punk hacks the plone and posts the hack or hints  
> somewhere. How many Macs can we afford to give away? How long can we  
> afford to pay lawyers to fight spurious claims in court?
>
> A risk analysis should be air-tight before any contest is  
> publicized. Even the smallest give-aways are fraught with legal  
> complications which is why contest legal copy takes so much space on  
> an entry form.
>
> For me, I am not liking this idea at all. I think there may be more  
> positive ways for plone to get this message across without exposing  
> the software to a million punk hackers with a goad like both Screw  
> Plone and Win a Mac at the same time!
>
> My $.02.
>
> Norman
>
> On 2009-11-25, at 10:28 PM, Nate Aune wrote:
>
>> I think it's a great idea. Set up a server (perhaps using the
>> Hardening Plone howto below) and let the games begin!
>> http://plone.org/documentation/how-to/securing-plone/
>>
>> Nate
>>
>> On Wed, Nov 18, 2009 at 11:52 AM, Jan Ulrich Hasecke
>> <juhasecke at googlemail.com> wrote:
>>> Hi all,
>>>
>>> what do you think about a hacking contest? We setup a plain plone  
>>> site and who ever hacks it first wins a mac or a playstation or  
>>> whatever.
>>>
>>> All exploits must be documented of course so that we can fix them.
>>>
>>> We promote Plone as a secure system and can document it with the  
>>> CVE entries but often people say, yeah, but there are a lot less  
>>> installations of Plone than there are of PHP-systems, so you  
>>> cannot compare the figures.
>>>
>>> So lets challenge the hackers!
>>>
>>> This could be an online event with a great publicity effect may be  
>>> in the run-up to the World Plone Day.
>>>
>>> What do you think?
>>> juh
>>>
>>> Jan Ulrich Hasecke
>>> (DZUG e.V.)
>>>
>>> --
>>> DZUG e.V. (Deutschsprachige Zope User Group)
>>> www.dzug.org
>>> www.zope.de
>>>
>>>
>>> _______________________________________________
>>> Evangelism mailing list
>>> Evangelism at lists.plone.org
>>> http://lists.plone.org/mailman/listinfo/evangelism
>>>
>>>
>>
>>
>>
>> -- 
>> Nate Aune - natea at jazkarta.com
>> http://www.jazkarta.com
>> http://card.ly/natea
>> +1 (617) 517-4953
>>
>> _______________________________________________
>> Evangelism mailing list
>> Evangelism at lists.plone.org
>> http://lists.plone.org/mailman/listinfo/evangelism
>
>
> _______________________________________________
> Evangelism mailing list
> Evangelism at lists.plone.org
> http://lists.plone.org/mailman/listinfo/evangelism

More information about the Evangelism mailing list