• Living in the MCHD world, ...

    Living in the MCHD world, ...

  • ... ,I am passionate about innovation, people and life.

    ... ,I am passionate about innovation, people and life.

Open Innovation: OWASP Community

Background and community introduction

In January 2003, The New York Times, having been the victim of persistent attacks, experienced a breach which lasted four months. In February, Twitter, Pinterest and Tumblr inadvertently suffered a breach after their customer service system got hacked. In October, the Federal Reserve Bank blizz-security33[1]website was hacked by Anonymous; the political hactivist group. A little bit before Christmas, cyber-thieves stole nearly 40 million target customers’ credit and debit card numbers along with the PIN numbers used to directly access bank accounts. In many other cases, however, there is no hacker involved. In June 2013, a system bug exposes over 6 million Facebook users’ personal data. Luckily this bug has not been exploited maliciously. 2013 has been clearly a terrible year for data security and privacy. Unfortunately 2014 is not going to different with hackers developing new methods to bypass security restriction and take advantage of security bugs.

The first connotation when thinking about hacker is a bad one but that not always the case. There are surprisingly different kinds of hackers who break into systems but don’t necessarily destroy them, who have the public’s best interest at heart. These people are white-hackers, or “good hackers”, also known as ethical hackers. Some of those hackers are working for a leading security company and some other are volunteering in the OWASP foundation.

The OWASP Foundation (www.owasp.org) was established as a non-for-profit charitable organization in the USA on April, 2004. OWASP is an open community dedicated to promoting security awareness and enabling organizations to develop and maintain secured and trusted applications.

Participation in the OWASP community and the way it affects innovation

Who participates? OWASP is very organized and structured organization. Regardless, almost everyone associated with OWASP is a volunteer, including the OWASP Board, Global Committees, Chapter Leaders, Project Leaders, and Project members. Anyone who is passionate about security owasp_logo[1]or who want to leverage natural hacking skills for a good cause can join OWASP. Who does not participate? OWASP are very strict about keeping themselves free from commercial pressures to ensure their long-term success. This allows them to provide unbiased and practical information about application security. As such, OWASP is not affiliated with any technology company, although they do offer corporate membership which is reserved to companies who annually donate money to keep the organization going.

What are the formal rules that guide participation? Members must agree to follow the organization’s ethics and principles which are based on four core values; open, innovation, global, and integrity. To submit new ideas or creative material contributors should first become a member by paying a membership as individual, corporate, academic center, government or supporter. The ideas can be received through different channels; forums, projects, chapters, and conferences. OWASP uses the wiki platform as the online collaboration tool to collect the ideas from the members. To take an idea to the next level, members can opt to participate in a collaborative projects. These projects are where the innovation occur. Everyone can start a new project; application developer, software architecture, authors, or individuals who would like to support the community. Projects can start from scratch or build upon ideas of other members. Projects are well structured and governed by project managers. Overarching all those projects is the OWASP project manager who is elected as part of the OWASP operation staff annual election.

The Open Innovation Argument and OWASP

Solving security issues is a constant chase in which all the companies participate. OWASP realize that most of the knowledge needed to solve the security challenge does not reside inside those companies. The only way to maintain a comprehensive knowledge about security and the newly gushing threats is by having variance in sources of information. OWASP community includes members in 75+ countries and 6 continents with wide range of backgrounds; developers; security audit, law enforcement, legal audits, risk managers, executive managers, press and entrepreneurs. This special blend enhances the population of innovative solutions to tackle even the hardest security issues. Moreover security knowledge is becoming more specialized; mobile security, cloud computing security, financial security and more. This specialized knowledge resides only in communities such as OWASP and cannot possibly exist in one firm/company.

Both firms and individuals benefit from the engagement with the OWASP community. OWASP financial team (part of annually elected operation management team) support innovative security research with grants. This allows the community to vote for important issues and help the main contributors by having OWASP financially supporting these efforts. Additionally, the OWASP IT team provide technical infrastructure (e.g. virtual labs) for community teams.

Most importantly, all of the OWASP tools, documents, forums, and chapters are free and open to ANYONE interested in improving application security.

Building organizational capabilities inside OWASP

OWASP is a well-structured organization. The internal boundaries structure enables the organization to scale and grow. To cope with the challenge of specialized security areas, OWASP community knowledge is funneled through projects and strategic areas (see: Process below).

The security tools that created by the community are shared across functions inside OWASP. This help groups to focus on specific areas on one hand but also to enjoy the fruits of other groups on the other hand. The external boundaries are extended through global conferences and local chapters in more than 64 countries. The diversity of the OWASP community serves as the vehicle for cross-pollination and synthesization of ideas generated by the community. However this is also where the innovation capabilities within OWASP community can be improved. Although OWASP is strictly refrain from any specific technological affiliation in order to remain authentic and unbiased, they should find a way to embrace knowledge created by organizations and professionals. Companies like Symantec, Kaspersky Lab and others who specialized in niche areas (e.g. viruses and malwares) have access to substantial amount of money for R&D purposes. Given that the IP issues can be solved, composing team of community members and professionals from these companies can create complementary pairs.



· Top 9 security breach in 2003 by Lauren C. Williams. ThinkProgress

· The world’s biggest data breaches and hacks of 2013. ZDNet

· Federal Reserve Bank website hacked by Anonymous. CNN

· Why good hackers make good citizens. Catherine Bracy. TED Talk Sep 2013

· OWASP Website

· OWASP Initiatives group website

· OWASP Governance and policy website

· OWASP Core values and code of ethics website

Kobi (Yacov) Magnezi, קובי מגנזי

Snapchat rejected $3 Billion Acquisition Offer from Facebook

Founded in 2011, Snapchat.com[1] is a photo messaging application (Exhibit 2) especially popular with teenagers and young adults. Using the app, users can take photos, record videos, add text and drawings, and send them to a list of recipients. These sent photographs and videos are known as “Snaps”. Users set a time limit for how long recipients can view their, after which they will be hidden from the recipient’s device and deleted from the Snapchat server.

The founder and the CEO of the company, Evan Spiegel, dropped out of Stanford University in 2012 amidst of his Product Design studies and moved back to his father’s house to work on Snapchat.snapchat[1]

In a recent secret negotiation process, Spiegel spurned an all-cash acquisition offer from Facebook for close to $3 billion. At that price, it would be Facebook’s largest acquisition, more than double its nearly $1 billion deal for Instagram in 2012. This offer was followed by a previous rejected offer Facebook made for more than $1 billion.

Researching further about the offer, the stakeholders and the timing provides insights about the nature of the negotiation although its secrecy. Moreover, mapping the pieces of information from this widely cover case to the concepts we learned is valuable to form a cohesive analysis.

The first $1B offer made by Facebook was allegedly a probing offer which is an important step in an investigative negotiation. Given that no other company initiated a negotiation process with Snapchat, this was a smart move to test the water; acquiring and clarifying information from Snapchat. Moreover, Facebook knew that the company has raised about $70 million in venture funding from investors such as Institutional Venture Partners and Benchmark Capital because of a valuation expectation of $1B.

Reaching an impasse in the first offer, Facebook made another offer for $3B which clearly didn’t follow the stages concession strategy. The threefold offer is not a modest move but a huge leap. Nevertheless since the $1B didn’t make the concession look painful for Snapchat, Facebook has to come up with new extreme offer that would increase Snapchat satisfaction in the deal. Unfortunately Facebook played in a NOPA game although they were thinking they had the right BATNA (Exhibit 1).

Analyzing this case using the 7-elements of negotiation framework shows why this impasse is somewhat predictable.

Interests: Facebook is interested in Snapchat because more of its users are tapping the service via smartphones, where messaging is a core function. Facebook has rapidly increased the share of its revenue coming from mobile advertising, but said last month that fewer young teens were using the service on a daily basis. Facebook assumed that Snapchat interest is to merge with Facebook in order to rapidly increase their customer base whereas [3] Snapchat believe that Facebook is a terrible fit for them. Snapchat is succeeding because it is actually the anti-Facebook. Unlike most social networks, Snapchat emphasizes privacy.

Alternative: Facebook already set high bar by their previous $1B acquisition of Instagram. Moreover, they have enough cash to even go beyond their BATNA and Snapchat know that. More importantly, Snapchat is being wooed [2] by other investors and potential acquirers. Chinese e-commerce giant Tencent Holdings had offered to lead an investment that would value two-year-old Snapchat at $4 billion. This is why Facebook current strategy result in NOPA.

Options: From Snapchat perspective, monetary offers don’t meet with their interests. The tradeable issue for Facebook is to offer Snapchat autonomy in keeping their operations intact although the acquisition. This is because Spiegel[8] is clearly dreaming of becoming the next Google. From his perspective, upon selling the company, that dream dies. Moreover, cashing the company in means limiting how big Snapchat could become.

Relationship: this is also a hurdle for Facebook[5]. Facebook CEO Mark Zuckerberg was 22 when he turned down a $1 billion offer from Yahoo to buy Facebook. He was fortune because he has done great since. The problem is that everyone knows that story[4], including Spiegel and he is wise to learn from the history of the man sitting across the negotiation table from him. Unfortunately, this place Facebook in unfavorable starting point for initiating these relationship.

In conclusion, Facebook should have done better work in understanding and targeting Snapchat interests but there’s no going back now. History will reveal whether Evan Spiegel is one of the most brilliant entrepreneurs ever who came up with a new better social network, or whether is he a fool who used no negotiation strategy.

Kobi (Yacov) Magnezi, קובי מגנזי

Exhibit 1


Exhibit 2








About SnapChat



“Snapchat Spurned $3 Billion Acquisition Offer from Facebook” By Evelyn M. Rusli and Douglas MacMillan

Wall Street Journal

Nov 13, 213


“Snapchat’s 23-year-old CEO was smart to turn down a $3 billion offer” by Matt Mcfarland

The Washington Post

Nov 14, 2013


Another Aspect of Considering a Fantasitc Deal: $3B for Buying Snapchat

UBC Blogs site

Nov 15, 2013


“Why Snapchat’s Evan Spiegel knocked back Facebook’s $3 billion purchase offer” by Rob Chester

Courier mail Australia

Nov 19, 2013


“Meet the 23-Year-Old Kid Who Turned Down $3 Billion for Snapchat” By Jeff Macke

Yahoo! Finance

Nov 15, 2013


Matt Yglesias applauds Snapchat’s chutzpah for turning down Facebook’s offer.


Nov 13, 2013


“Finally, a Tech CEO With Style: A Closer Look at Snapchat’s Evan Spiegel” by Natalie Matthews


Nov 14, 2013

Doing the Impossible on iOS

Man holding iPhoneLinkedIn released a new product called LinkedIn Into https://intro.linkedin.com.
This cool feature is an essential add-on to the mail app, providing information about the sender; his network and contact info.

Even more amazing is the fact that turning this concept into reality is a hard nut to crack because Apple basically deny any external extension from its built-in mail app.

Luckily, thinking out of the box served very well the LinkedIn team which find a pretty elegant bypass to the Apple restriction. To install this feature, LinkedIn will install a new profile on your iOS device which will essentially install a new mailbox account. From now on, all the emails received will be funnel through LinkedIn proxy server which intelligently infuse HTML5 into your emails. This allows LinkedIn Intro to appear on every email as if it was a fully integrated feature.

Well done, LinkedIn folks. Great feature, Awesome implementation!

Kobi (Yacov) Magnezi, קובי מגנזי

Facebook Content Sentiment Analysis

We all know those FB posts about our friends important moments in life (birthday, graduation, new baby etc.). The ones that get much attention, hundreds likes and comments.

Interestingly, I noticed today that while I was commenting on such post, FB offered me to get a gift to my friend. Clearly there was some text analysis going on here behind the scene in which FB “understands” the sentiment of the greetings and implies that this is the right place to target the audience with the ability to purchase a gift.

Very convenient indeed but it also makes you wonder what else is going on behind the scene…


Kobi (Yacov) Magnezi, קובי מגנזי

The Future of Cloud Computing

Internet of things, Big Data, Cross channels, universal storage and many more.
More exciting trends are being created in the Cloud Computing.
What would be the next big thing?

Kobi (Yacov) Magnezi, קובי מגנזי

Trying Google Glass

IMG_4480-ggOne of the highlight moments in the TechCrunch Disrupt NY 2013 event was testing the new Google glass. Thanks to the awesome guys from twilio, which offers cool cloud APIs, I had the opportunity to try this glasses on. After few instructions, I could easily navigate the apps by sliding my fingers on the metal frame. The voice activation is a bit tricky and frankly feels a bit weird when you have to start every command by saying “Ok, Glass” Smile Regardless it was amazing experience.

To the same point, Saturday night live show did great job demonstrating the capabilities of the new glass:

Kobi (Yacov) Magnezi, קובי מגנזי

Digital kids – Yes I am a bit concerned

My 1.9 years old daughter does not speak full sentences but she knows how to ask for the iPad. Sliding her little fingers right and left on the touch screen, she manage to operate this device and play her favorite games. As her parents, we are not encouraging this activity nor preventing it. In general, we think it’s a good practice to have your activities varied and balanced. Finally, we really hope not to be in the following situation… Smile

Kobi Magnezi, קובי מגנזי

What kind of entrepreneur are you

kind of ent

(Translated from Hebrew, by Merage)

Kobi Magnezi, קובי מגנזי

Halo, Halo, Daddy (Father 2.0)














Kobi Magnezi, קובי מגנזי

Ok, I admit it. I am totally cloud junky


Kobi Magnezi, קובי מגנזי