Implementing Reading Lists

TMContent / Lib_Docs

Creative Commons Zero v1.0 Universal

1 stars 2 forks source link

Implementing Reading Lists #20

Open BendixSpring opened 11 years ago

BendixSpring commented 11 years ago

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

tlaloc75 commented 11 years ago

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris notifications@github.com wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

BendixSpring commented 11 years ago

Jason:

Since I am not totally familiar with Learning Paths or how they will be implemented, forgive me if I am missing the point.

If the user only has TeamMentor, there is still an overwhelming amount of information to contend with. I’m suggesting having something directly in TM to help a user figure out where to start.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Friday, May 17, 2013 1:27 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris notifications@github.com wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18074817 .

tlaloc75 commented 11 years ago

I think that actually is the landing pages. The topics are the libraries, folders, views, etc. and the landing pages are the 'guide' into these topics.

On May 17, 2013, at 12:13 PM, Danny Harris notifications@github.com wrote:

Jason:

Since I am not totally familiar with Learning Paths or how they will be implemented, forgive me if I am missing the point.

If the user only has TeamMentor, there is still an overwhelming amount of information to contend with. I’m suggesting having something directly in TM to help a user figure out where to start.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Friday, May 17, 2013 1:27 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris notifications@github.com wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18074817 . — Reply to this email directly or view it on GitHub.

romichg commented 11 years ago

I think I see Danny's point. Say I am a developer that is looking to build a basic web site which collects some information. I want to be a good citizen so I want to make sure it is secure. I convince my boss to get single user license on TM because I heard its a great tool for securing applications. I log in.. and... where do I begin? I don't want to go through a whole TP course, I don't have a specific vulnerability I am concerned about (yet), I just want the top 5 things I should do as a developer building a simple web site. I want to make sure I know how to prevent SQL Injeciton, XSS, how to validate input etc. but I don't know where to begin and what exactly I need to search for.

This is something similar that we've talked about, specifically, to be able to pivot the content based on the problem a customer is solving. We are doing it with Landing Pages for specific vulnerabilities, where the vulnerability is the problem. This is more of a Landing Page for a customer design/coding problem.

Danny, correct me if I am wrong with this assumptions.

On Fri, May 17, 2013 at 10:59 PM, tlaloc75 notifications@github.com wrote:

I think that actually is the landing pages. The topics are the libraries, folders, views, etc. and the landing pages are the 'guide' into these topics.

On May 17, 2013, at 12:13 PM, Danny Harris notifications@github.com wrote:

Jason:

Since I am not totally familiar with Learning Paths or how they will be implemented, forgive me if I am missing the point.

If the user only has TeamMentor, there is still an overwhelming amount of information to contend with. I’m suggesting having something directly in TM to help a user figure out where to start.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Friday, May 17, 2013 1:27 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris notifications@github.com wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub < https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18074817> . — Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHubhttps://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18079937 .

tlaloc75 commented 11 years ago

This an interesting problem because it is easy to overwhelm someone with information intended to help, and the amount and type of information needed varies from person to person and over time for an individual. If you were talking to someone, the conversation would be: "I want to know about software security. ... What do you want to know? ... What do know already? ... Do you like to read or would you prefer some lab exercises? ... Maybe you should start reading this book and when you start to feel overwhelmed, go to this book that has lots of hands on exercises to help your understanding."

The difficulty lies in making a Learning Path that will help someone create their own Learning Path that works for them. The two extremes are the traditional linear, classroom approach where the students don't make any decisions, and the personal learning journey where there are lots of choices and the student picks and chooses with maybe a little guidance. Somewhere in there is the right solution for each person. In many professional situations, the current learning requirement is very specific because it reflects a work problem, but we know they need the background.

I would like to hear any and all comments that students make about the the current set of courses and learning aids, since it helps us make decisions about learning scenarios. If we had student ratings for each TP and TM use, and we could associate it with a particular learning path that brought the user to that point, we could make better suggestions.

gary

On 5/17/2013 11:26 AM, Jason Taylor wrote:

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris notifications@github.com wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

BendixSpring commented 11 years ago

Roman:

I think you are correct. There is simply too much content, and it is overwhelming. Here are some thoughts:

In a “getting started” or “explore the topic” page, make recommendations based on the top 5 articles + fundamentals + advanced articles. This should be a roadmap, so that someone could come up to speed quickly after reading the top 5 articles. Or a newbie could learn the basics after reading the articles in the fundamentals list.

Here is an example of a “getting started” or “explore the topic” page:

Encryption (data in motion)

This section deals with encryption of data in motion. For information about encryption for data at rest, see here [link].

Top 5 Articles

 Does the Network Provide Secure Communication?

 A Certificate Is Installed on the Database Server to Support SSL

Communication

 Configure a Wireless Access Point for PCI DSS

```
 Etc
```
```
 Etc
```

Fundamentals

```
 First article to get started
```
```
 2nd article
```
```
 3rd article
```

Advanced

```
 First article to get started
```
```
 2nd article
```
```
 3rd article
```

[rant] I went to the TM site and did a search on encryption. 200 items came back. Way too many. OK, so I tried to narrow the search. I added “SSL”. No results. I added “motion”. No results. I added “at rest”. No results. The search engine functionality is not very good. So it is critical that we help out the end user by doing something like this. It is also critical to have search engine that works, too [/rant]

Different, but related topic:

I think it would be helpful to dynamically build an index page based on the filters. A user would select a library called “Index”, and it would have an alphabetical list of the topics covered in TM, say authentication, authorization, passwords, input filtering, encoding, buffer overflows, encryption, etc. So a user would click on that topic and the system would dynamically build a “getting started” page based on the filters selected. So if Java was checked, only Java articles and landing pages would be listed.

I think a default page should be displayed (and a “home” button or some other link fixed on the site to allow that page to always be displayed if a user clicks on the button or link). This page should have a 2 or 3 sentence “How to use TM” with a link to more details and use cases. Then include the Top 5 articles. Discuss what landing pages are vs articles vs explore a topic page.

--Danny

From: Roman Garber [mailto:notifications@github.com] Sent: Saturday, May 18, 2013 6:12 AM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

Danny, correct me if I am wrong with this assumptions.

On Fri, May 17, 2013 at 10:59 PM, tlaloc75 <notifications@github.com mailto:notifications@github.com > wrote:

I think that actually is the landing pages. The topics are the libraries, folders, views, etc. and the landing pages are the 'guide' into these topics.

On May 17, 2013, at 12:13 PM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

Jason:

Since I am not totally familiar with Learning Paths or how they will be implemented, forgive me if I am missing the point.

If the user only has TeamMentor, there is still an overwhelming amount of information to contend with. I’m suggesting having something directly in TM to help a user figure out where to start.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Friday, May 17, 2013 1:27 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub < https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18074817> . — Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub<https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18079937

.

— Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18098350 . https://github.com/notifications/beacon/5F2_eRmNmMOSmJQY77zQB7Urm4mdAJLBuw9 AjIGhM7BrCkYkO0hhd3h0kI6eMco9.gif

BendixSpring commented 11 years ago

Gary:

I’ve suggested that since each user logs in, we should have a customized profile for that user.

They should be able to indicate things such as:

  what they want the UI to look like (panels open, closed, expanded, minimized, etc)

```
  which libraries to load
```
```
  what order to display them
```
```
  to show the article history
```
```
  to show the search history
```
```
  to comment on each article
```

  to create their own libraries by dragging and dropping articles they like or use

  to have their own set of bookmarks for things they like, etc.

  to edit articles (or at least add code or other comments to the bottom of articles)

Anyway, by tracking feedback (“this helped me”, “this did not help me”), we could build lists of popular articles and use that for learning. If people could make their own libraries, we’d be able to look at them and get ideas of what people are doing and then make these libraries available to other folks.

But we have to provide guidance to help address the information overload and the “where do I start” problems.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Saturday, May 18, 2013 1:20 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

gary

On 5/17/2013 11:26 AM, Jason Taylor wrote:

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18104741 . https://github.com/notifications/beacon/5F2_eRmNmMOSmJQY77zQB7Urm4mdAJLBuw9AjIGhM7BrCkYkO0hhd3h0kI6eMco9.gif

tlaloc75 commented 11 years ago

We are, quite understandably, confusing terms. This is probably because we keep changing them, but that's for another discussion :).

What we used to be calling landing pages, are now called Vulnerability articles. These are the point of entry for a user who wants to see how to solve a problem caused by a vulnerability. Could be a link from a PR, from a tool, or from a colleague.

The feature requested by Services team, and something we've batted around for a while, is a completely new UI feature in which you would have landing pages for each 'node' in the tree. When you hit that node you see this Landing Page instead of the first article in the list view. The Landing Page would be an article who's purpose is to give that node context and purpose. So for the ASP.NET node you'd have a page describing security practices for ASP.NET and links to relevant articles. For the OWASP Top 10 node you would have a list of the top concepts and articles relevant to the OWASP Top 10.

I think this solves the problem. What do you think?

Jason

On May 18, 2013, at 4:11 AM, Roman Garber notifications@github.com wrote:

I think I see Danny's point. Say I am a developer that is looking to build a basic web site which collects some information. I want to be a good citizen so I want to make sure it is secure. I convince my boss to get single user license on TM because I heard its a great tool for securing applications. I log in.. and... where do I begin? I don't want to go through a whole TP course, I don't have a specific vulnerability I am concerned about (yet), I just want the top 5 things I should do as a developer building a simple web site. I want to make sure I know how to prevent SQL Injeciton, XSS, how to validate input etc. but I don't know where to begin and what exactly I need to search for.

This is something similar that we've talked about, specifically, to be able to pivot the content based on the problem a customer is solving. We are doing it with Landing Pages for specific vulnerabilities, where the vulnerability is the problem. This is more of a Landing Page for a customer design/coding problem.

Danny, correct me if I am wrong with this assumptions.

On Fri, May 17, 2013 at 10:59 PM, tlaloc75 notifications@github.com wrote:

I think that actually is the landing pages. The topics are the libraries, folders, views, etc. and the landing pages are the 'guide' into these topics.

On May 17, 2013, at 12:13 PM, Danny Harris notifications@github.com wrote:

Jason:

Since I am not totally familiar with Learning Paths or how they will be implemented, forgive me if I am missing the point.

If the user only has TeamMentor, there is still an overwhelming amount of information to contend with. I’m suggesting having something directly in TM to help a user figure out where to start.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Friday, May 17, 2013 1:27 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris notifications@github.com wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub < https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18074817> . — Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHubhttps://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18079937 .

— Reply to this email directly or view it on GitHub.

BendixSpring commented 11 years ago

Jason:

No, I don’t believe this solves my problem, although it is helpful.

So a Vulnerability article will serve as an entry point for a user that wants to solve a problem caused by a certain vulnerability. I assume this page will gather all the links that apply to solving the problem caused by X. If this is correct, there is still going to be too much information presented at once.

The solution for Services is still a bit closer to what I am suggesting.

But I think the tool needs to accommodate different use cases. People will want to use it as it is now – click a filter, type a search, and the end user will select the articles to read from the search/filter results. The use case I am trying to describe is where someone knows they have to fix XSS, but there are too many articles. This use case is designed to avoid information overload and to point the user to a reasonable starting point. And it is not just about vulnerabilities. It is also about good coding, design, architecture, etc practices. So there should be an index of topics, and for each topic there is a “getting started” page that provides a very abbreviated jumping off point – just a few articles to get started. If they want more, they can have it by using the filters and search engine.

Does this help?

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Monday, May 20, 2013 4:24 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

We are, quite understandably, confusing terms. This is probably because we keep changing them, but that's for another discussion :).

I think this solves the problem. What do you think?

Jason

On May 18, 2013, at 4:11 AM, Roman Garber notifications@github.com wrote:

I think I see Danny's point. Say I am a developer that is looking to build a basic web site which collects some information. I want to be a good citizen so I want to make sure it is secure. I convince my boss to get single user license on TM because I heard its a great tool for securing applications. I log in.. and... where do I begin? I don't want to go through a whole TP course, I don't have a specific vulnerability I am concerned about (yet), I just want the top 5 things I should do as a developer building a simple web site. I want to make sure I know how to prevent SQL Injeciton, XSS, how to validate input etc. but I don't know where to begin and what exactly I need to search for.

This is something similar that we've talked about, specifically, to be able to pivot the content based on the problem a customer is solving. We are doing it with Landing Pages for specific vulnerabilities, where the vulnerability is the problem. This is more of a Landing Page for a customer design/coding problem.

Danny, correct me if I am wrong with this assumptions.

On Fri, May 17, 2013 at 10:59 PM, tlaloc75 notifications@github.com wrote:

I think that actually is the landing pages. The topics are the libraries, folders, views, etc. and the landing pages are the 'guide' into these topics.

On May 17, 2013, at 12:13 PM, Danny Harris notifications@github.com wrote:

Jason:

Since I am not totally familiar with Learning Paths or how they will be implemented, forgive me if I am missing the point.

If the user only has TeamMentor, there is still an overwhelming amount of information to contend with. I’m suggesting having something directly in TM to help a user figure out where to start.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Friday, May 17, 2013 1:27 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris notifications@github.com wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub < https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18074817> . — Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub<https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18079937

.

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18170279 .

tlaloc75 commented 11 years ago

There are two concepts here: 1) Vulnerability page - gathers all the information for a vulnerability 2) Landing page - gathers all the information for a 'node' in the tree

I think I'm not expressing #2 well enough, because I believe we are saying virtually the same things. Let's talk live :).

On May 20, 2013, at 2:53 PM, Danny Harris notifications@github.com wrote:

Jason:

No, I don’t believe this solves my problem, although it is helpful.

So a Vulnerability article will serve as an entry point for a user that wants to solve a problem caused by a certain vulnerability. I assume this page will gather all the links that apply to solving the problem caused by X. If this is correct, there is still going to be too much information presented at once.

The solution for Services is still a bit closer to what I am suggesting.

But I think the tool needs to accommodate different use cases. People will want to use it as it is now – click a filter, type a search, and the end user will select the articles to read from the search/filter results. The use case I am trying to describe is where someone knows they have to fix XSS, but there are too many articles. This use case is designed to avoid information overload and to point the user to a reasonable starting point. And it is not just about vulnerabilities. It is also about good coding, design, architecture, etc practices. So there should be an index of topics, and for each topic there is a “getting started” page that provides a very abbreviated jumping off point – just a few articles to get started. If they want more, they can have it by using the filters and search engine.

Does this help?

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Monday, May 20, 2013 4:24 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

We are, quite understandably, confusing terms. This is probably because we keep changing them, but that's for another discussion :).

What we used to be calling landing pages, are now called Vulnerability articles. These are the point of entry for a user who wants to see how to solve a problem caused by a vulnerability. Could be a link from a PR, from a tool, or from a colleague.

The feature requested by Services team, and something we've batted around for a while, is a completely new UI feature in which you would have landing pages for each 'node' in the tree. When you hit that node you see this Landing Page instead of the first article in the list view. The Landing Page would be an article who's purpose is to give that node context and purpose. So for the ASP.NET node you'd have a page describing security practices for ASP.NET and links to relevant articles. For the OWASP Top 10 node you would have a list of the top concepts and articles relevant to the OWASP Top 10.

I think this solves the problem. What do you think?

Jason

On May 18, 2013, at 4:11 AM, Roman Garber notifications@github.com wrote:

I think I see Danny's point. Say I am a developer that is looking to build a basic web site which collects some information. I want to be a good citizen so I want to make sure it is secure. I convince my boss to get single user license on TM because I heard its a great tool for securing applications. I log in.. and... where do I begin? I don't want to go through a whole TP course, I don't have a specific vulnerability I am concerned about (yet), I just want the top 5 things I should do as a developer building a simple web site. I want to make sure I know how to prevent SQL Injeciton, XSS, how to validate input etc. but I don't know where to begin and what exactly I need to search for.

This is something similar that we've talked about, specifically, to be able to pivot the content based on the problem a customer is solving. We are doing it with Landing Pages for specific vulnerabilities, where the vulnerability is the problem. This is more of a Landing Page for a customer design/coding problem.

Danny, correct me if I am wrong with this assumptions.

On Fri, May 17, 2013 at 10:59 PM, tlaloc75 notifications@github.com wrote:

I think that actually is the landing pages. The topics are the libraries, folders, views, etc. and the landing pages are the 'guide' into these topics.

On May 17, 2013, at 12:13 PM, Danny Harris notifications@github.com wrote:

Jason:

Since I am not totally familiar with Learning Paths or how they will be implemented, forgive me if I am missing the point.

If the user only has TeamMentor, there is still an overwhelming amount of information to contend with. I’m suggesting having something directly in TM to help a user figure out where to start.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Friday, May 17, 2013 1:27 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris notifications@github.com wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub < https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18074817> . — Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub<https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18079937

.

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18170279 . — Reply to this email directly or view it on GitHub.

BendixSpring commented 11 years ago

Are you available by skype? My cell phone reception is poor. My skype handle is Elbowroom3000.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Monday, May 20, 2013 4:58 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

There are two concepts here: 1) Vulnerability page - gathers all the information for a vulnerability 2) Landing page - gathers all the information for a 'node' in the tree

I think I'm not expressing #2 well enough, because I believe we are saying virtually the same things. Let's talk live :).

On May 20, 2013, at 2:53 PM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

Jason:

No, I don’t believe this solves my problem, although it is helpful.

So a Vulnerability article will serve as an entry point for a user that wants to solve a problem caused by a certain vulnerability. I assume this page will gather all the links that apply to solving the problem caused by X. If this is correct, there is still going to be too much information presented at once.

The solution for Services is still a bit closer to what I am suggesting.

But I think the tool needs to accommodate different use cases. People will want to use it as it is now – click a filter, type a search, and the end user will select the articles to read from the search/filter results. The use case I am trying to describe is where someone knows they have to fix XSS, but there are too many articles. This use case is designed to avoid information overload and to point the user to a reasonable starting point. And it is not just about vulnerabilities. It is also about good coding, design, architecture, etc practices. So there should be an index of topics, and for each topic there is a “getting started” page that provides a very abbreviated jumping off point – just a few articles to get started. If they want more, they can have it by using the filters and search engine.

Does this help?

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Monday, May 20, 2013 4:24 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

We are, quite understandably, confusing terms. This is probably because we keep changing them, but that's for another discussion :).

What we used to be calling landing pages, are now called Vulnerability articles. These are the point of entry for a user who wants to see how to solve a problem caused by a vulnerability. Could be a link from a PR, from a tool, or from a colleague.

The feature requested by Services team, and something we've batted around for a while, is a completely new UI feature in which you would have landing pages for each 'node' in the tree. When you hit that node you see this Landing Page instead of the first article in the list view. The Landing Page would be an article who's purpose is to give that node context and purpose. So for the ASP.NET node you'd have a page describing security practices for ASP.NET and links to relevant articles. For the OWASP Top 10 node you would have a list of the top concepts and articles relevant to the OWASP Top 10.

I think this solves the problem. What do you think?

Jason

On May 18, 2013, at 4:11 AM, Roman Garber <notifications@github.com mailto:notifications@github.com > wrote:

I think I see Danny's point. Say I am a developer that is looking to build a basic web site which collects some information. I want to be a good citizen so I want to make sure it is secure. I convince my boss to get single user license on TM because I heard its a great tool for securing applications. I log in.. and... where do I begin? I don't want to go through a whole TP course, I don't have a specific vulnerability I am concerned about (yet), I just want the top 5 things I should do as a developer building a simple web site. I want to make sure I know how to prevent SQL Injeciton, XSS, how to validate input etc. but I don't know where to begin and what exactly I need to search for.

This is something similar that we've talked about, specifically, to be able to pivot the content based on the problem a customer is solving. We are doing it with Landing Pages for specific vulnerabilities, where the vulnerability is the problem. This is more of a Landing Page for a customer design/coding problem.

Danny, correct me if I am wrong with this assumptions.

On Fri, May 17, 2013 at 10:59 PM, tlaloc75 <notifications@github.com mailto:notifications@github.com > wrote:

I think that actually is the landing pages. The topics are the libraries, folders, views, etc. and the landing pages are the 'guide' into these topics.

On May 17, 2013, at 12:13 PM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

Jason:

Since I am not totally familiar with Learning Paths or how they will be implemented, forgive me if I am missing the point.

If the user only has TeamMentor, there is still an overwhelming amount of information to contend with. I’m suggesting having something directly in TM to help a user figure out where to start.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Friday, May 17, 2013 1:27 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub < https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18074817> . — Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub<https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18079937 <https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18079937 >

.

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18170279 . — Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18173751 . https://github.com/notifications/beacon/5F2_eRmNmMOSmJQY77zQB7Urm4mdAJLBuw9AjIGhM7BrCkYkO0hhd3h0kI6eMco9.gif

tm-bot commented 11 years ago

What I think Danny is talking about are 'Customized views of TM content' which is for me how TeamMentor can be really valuable.

Think about is as : "The really value of TeamMentor is 20 to 40 articles, the challenge is finding them"

The current layout is ok but is massively overwhelming. In fact it is only good to show how big the TM Library is :)

When a developer (like me) wants to look at a topic (or wants to receive guidance on a topic/vuln) what is really needed is a very laser sharp and focused view into that topic.

The good news is that we already have a lot of that content in TM, the hard part is finding those 20 articles and creating a gui with it.

TM will really add value when it is easy to package its content in a simple 20 to 40 article view, which in fact was the inspiration of the 'Reading View', see: https://services.teammentor.net/teamMentor#load:22dc0732-ec5e-4600-9a1c-97d0f83545f7&showFilters:false&showTree:false&centerGuidanceItems:true

This of course will aided by those landing/vulnerability pages, since the 20 articles that I'm talking about will all be full of hyperlinks. But if we want to give a list/view to a developer/user it should be as focused and customized as possible.

For example the 20 articles to give to a SuperSecureBank developer that is responsible for fixing those bugs, should be the articles that contain code samples customized for SuperSecureBank

I.e. what we want is to the create the '20ish TM articles in context for the target audience'

which if you think about it, is what usually security teams try to do in their reports :)

Dinis

On 20 May 2013, at 22:00, Danny Harris notifications@github.com wrote:

Are you available by skype? My cell phone reception is poor. My skype handle is Elbowroom3000.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Monday, May 20, 2013 4:58 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

There are two concepts here: 1) Vulnerability page - gathers all the information for a vulnerability 2) Landing page - gathers all the information for a 'node' in the tree

I think I'm not expressing #2 well enough, because I believe we are saying virtually the same things. Let's talk live :).

On May 20, 2013, at 2:53 PM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

Jason:

No, I don?t believe this solves my problem, although it is helpful.

So a Vulnerability article will serve as an entry point for a user that wants to solve a problem caused by a certain vulnerability. I assume this page will gather all the links that apply to solving the problem caused by X. If this is correct, there is still going to be too much information presented at once.

The solution for Services is still a bit closer to what I am suggesting.

But I think the tool needs to accommodate different use cases. People will want to use it as it is now ? click a filter, type a search, and the end user will select the articles to read from the search/filter results. The use case I am trying to describe is where someone knows they have to fix XSS, but there are too many articles. This use case is designed to avoid information overload and to point the user to a reasonable starting point. And it is not just about vulnerabilities. It is also about good coding, design, architecture, etc practices. So there should be an index of topics, and for each topic there is a ?getting started? page that provides a very abbreviated jumping off point ? just a few articles to get started. If they want more, they can have it by using the filters and search engine.

Does this help?

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Monday, May 20, 2013 4:24 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

We are, quite understandably, confusing terms. This is probably because we keep changing them, but that's for another discussion :).

What we used to be calling landing pages, are now called Vulnerability articles. These are the point of entry for a user who wants to see how to solve a problem caused by a vulnerability. Could be a link from a PR, from a tool, or from a colleague.

The feature requested by Services team, and something we've batted around for a while, is a completely new UI feature in which you would have landing pages for each 'node' in the tree. When you hit that node you see this Landing Page instead of the first article in the list view. The Landing Page would be an article who's purpose is to give that node context and purpose. So for the ASP.NET node you'd have a page describing security practices for ASP.NET and links to relevant articles. For the OWASP Top 10 node you would have a list of the top concepts and articles relevant to the OWASP Top 10.

I think this solves the problem. What do you think?

Jason

On May 18, 2013, at 4:11 AM, Roman Garber <notifications@github.com mailto:notifications@github.com > wrote:

I think I see Danny's point. Say I am a developer that is looking to build a basic web site which collects some information. I want to be a good citizen so I want to make sure it is secure. I convince my boss to get single user license on TM because I heard its a great tool for securing applications. I log in.. and... where do I begin? I don't want to go through a whole TP course, I don't have a specific vulnerability I am concerned about (yet), I just want the top 5 things I should do as a developer building a simple web site. I want to make sure I know how to prevent SQL Injeciton, XSS, how to validate input etc. but I don't know where to begin and what exactly I need to search for.

This is something similar that we've talked about, specifically, to be able to pivot the content based on the problem a customer is solving. We are doing it with Landing Pages for specific vulnerabilities, where the vulnerability is the problem. This is more of a Landing Page for a customer design/coding problem.

Danny, correct me if I am wrong with this assumptions.

On Fri, May 17, 2013 at 10:59 PM, tlaloc75 <notifications@github.com mailto:notifications@github.com > wrote:

I think that actually is the landing pages. The topics are the libraries, folders, views, etc. and the landing pages are the 'guide' into these topics.

On May 17, 2013, at 12:13 PM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

Jason:

Since I am not totally familiar with Learning Paths or how they will be implemented, forgive me if I am missing the point.

If the user only has TeamMentor, there is still an overwhelming amount of information to contend with. I?m suggesting having something directly in TM to help a user figure out where to start.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Friday, May 17, 2013 1:27 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

? Reply to this email directly or view it on GitHub.

? Reply to this email directly or view it on GitHub < https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18074817> . ? Reply to this email directly or view it on GitHub.

? Reply to this email directly or view it on GitHub<https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18079937 <https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18079937 >

.

? Reply to this email directly or view it on GitHub.

? Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18170279 . ? Reply to this email directly or view it on GitHub.

? Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18173751 . https://github.com/notifications/beacon/5F2_eRmNmMOSmJQY77zQB7Urm4mdAJLBuw9AjIGhM7BrCkYkO0hhd3h0kI6eMco9.gif ? Reply to this email directly or view it on GitHub.

DinisCruz commented 11 years ago

These (see bellow) are really cool ideas.

Roman, do we have them captured as issues/ideas?

Dinis Cruz

On 19 May 2013, at 04:53, Danny Harris notifications@github.com wrote:

Gary:

I’ve suggested that since each user logs in, we should have a customized profile for that user.

They should be able to indicate things such as:

what they want the UI to look like (panels open, closed, expanded, minimized, etc)

which libraries to load

what order to display them

to show the article history

to show the search history

to comment on each article

to create their own libraries by dragging and dropping articles they like or use

to have their own set of bookmarks for things they like, etc.

to edit articles (or at least add code or other comments to the bottom of articles)

Anyway, by tracking feedback (“this helped me”, “this did not help me”), we could build lists of popular articles and use that for learning. If people could make their own libraries, we’d be able to look at them and get ideas of what people are doing and then make these libraries available to other folks.

But we have to provide guidance to help address the information overload and the “where do I start” problems.

--Danny

From: tlaloc75 [mailto:notifications@github.com] Sent: Saturday, May 18, 2013 1:20 PM To: TMContent/Lib_Docs Cc: Danny Harris Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

This an interesting problem because it is easy to overwhelm someone with information intended to help, and the amount and type of information needed varies from person to person and over time for an individual. If you were talking to someone, the conversation would be: "I want to know about software security. ... What do you want to know? ... What do know already? ... Do you like to read or would you prefer some lab exercises?
... Maybe you should start reading this book and when you start to feel overwhelmed, go to this book that has lots of hands on exercises to help your understanding."

The difficulty lies in making a Learning Path that will help someone create their own Learning Path that works for them. The two extremes are the traditional linear, classroom approach where the students don't make any decisions, and the personal learning journey where there are lots of choices and the student picks and chooses with maybe a little guidance. Somewhere in there is the right solution for each person. In many professional situations, the current learning requirement is very specific because it reflects a work problem, but we know they need the background.

I would like to hear any and all comments that students make about the the current set of courses and learning aids, since it helps us make decisions about learning scenarios. If we had student ratings for each TP and TM use, and we could associate it with a particular learning path that brought the user to that point, we could make better suggestions.

gary

On 5/17/2013 11:26 AM, Jason Taylor wrote:

This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor.

Jason

On May 17, 2013, at 6:57 AM, Danny Harris <notifications@github.com mailto:notifications@github.com > wrote:

You might think this is like the landing page concept, but I will explain.

I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first."

Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing.

There could be the "Fundamentals" Reading lists and an "Advanced" reading list.

Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc.

It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color.

--Danny

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18104741 . https://github.com/notifications/beacon/5F2_eRmNmMOSmJQY77zQB7Urm4mdAJLBuw9AjIGhM7BrCkYkO0hhd3h0kI6eMco9.gif — Reply to this email directly or view it on GitHub.

DinisCruz commented 11 years ago

Actually this looks more like a story we should add (if we decide to)

Users should be able to customize the look and feel of the UI for them.

panels open, closed, expanded, minimized
which libraries to load and what order to display them
to show the article history
to show the search history
to create their own libraries by dragging and dropping articles they like or
to have their own set of bookmarks for things they like, etc.

-----Original Message----- From: Dinis Cruz [mailto:dinis@ddplus.net] Sent: Tuesday, May 21, 2013 6:26 PM To: TMContent/Lib_Docs Cc: Roman Garber Subject: Re: [Lib_Docs] Implementing Reading Lists (#20)

These (see bellow) are really cool ideas.

Roman, do we have them captured as issues/ideas?

Dinis Cruz

On 19 May 2013, at 04:53, Danny Harris notifications@github.com wrote:

Gary: 

I’ve suggested that since each user logs in, we should have a customized profile for that user. 

They should be able to indicate things such as: 

* what they want the UI to look like (panels open, closed, expanded, minimized, etc) 

* which libraries to load 

* what order to display them 

* to show the article history 

* to show the search history 

* to comment on each article 

* to create their own libraries by dragging and dropping articles they like or use 

* to have their own set of bookmarks for things they like, etc. 

* to edit articles (or at least add code or other comments to the bottom of articles) 

Anyway, by tracking feedback (“this helped me”, “this did not help me”), we could build lists of popular articles and use that for learning. If people could make their own libraries, we’d be able to look at them and get ideas of what people are doing and then make these libraries available to other folks. 

But we have to provide guidance to help address the information overload and the “where do I start” problems. 

--Danny 

From: tlaloc75 [mailto:notifications@github.com] 
Sent: Saturday, May 18, 2013 1:20 PM 
To: TMContent/Lib_Docs 
Cc: Danny Harris 
Subject: Re: [Lib_Docs] Implementing Reading Lists (#20) 

This an interesting problem because it is easy to overwhelm someone with 
information intended to help, and the amount and type of information 
needed varies from person to person and over time for an individual. If 
you were talking to someone, the conversation would be: "I want to know 
about software security. ... What do you want to know? ... What do know 
already? ... Do you like to read or would you prefer some lab exercises? 
... Maybe you should start reading this book and when you start to feel 
overwhelmed, go to this book that has lots of hands on exercises to help 
your understanding." 

The difficulty lies in making a Learning Path that will help someone 
create their own Learning Path that works for them. The two extremes 
are the traditional linear, classroom approach where the students don't 
make any decisions, and the personal learning journey where there are 
lots of choices and the student picks and chooses with maybe a little 
guidance. Somewhere in there is the right solution for each person. In 
many professional situations, the current learning requirement is very 
specific because it reflects a work problem, but we know they need the 
background. 

I would like to hear any and all comments that students make about the 
the current set of courses and learning aids, since it helps us make 
decisions about learning scenarios. If we had student ratings for each 
TP and TM use, and we could associate it with a particular learning path 
that brought the user to that point, we could make better suggestions. 

gary 

On 5/17/2013 11:26 AM, Jason Taylor wrote: 
> This is a problem that we are planning to solve with Learning Paths. They will refer to TM topics (along with other resources) and exist outside of TeamMentor. 
> 
> Jason 
> 
> On May 17, 2013, at 6:57 AM, Danny Harris <notifications@github.com <mailto:notifications@github.com> > wrote: 
> 
>> You might think this is like the landing page concept, but I will explain. 
>> 
>> I think there is value in creating reading lists for a variety of topics (maybe these things should be called "explore the topic"). Anyway, there is a fundamental problem with TM as it exists currently. Ironic as it may seem, there is too much information! I understand that the filtering is supposed to help, but it still seems overwhelming. One of the comments from my students at a previous job was, "this [very long] list of references is great. Just tell me the top 3 I should look at first." 
>> 
>> Having a reading list or a short "jump start" document for various topics would be another way to help out people. These lists would have things that we humans recommend as good starting points (articles on TM) as well as documents (hosted on TM) that are source information or the classic article on the subject. I also think the lists should include content that other TM users recommend (this would mean having some type of system for saying whether an article was helpful or not). The list would be built dynamically, based on what users are doing. 
>> 
>> There could be the "Fundamentals" Reading lists and an "Advanced" reading list. 
>> 
>> Topics would include things like authentication, hashing passwords, input filtering, encoding, buffer overflows, etc. 
>> 
>> It would be even better if a user would be able see what they've read. Since every user has to login, we could track which articles have been read, so when they go to the reading list page, the unread articles would be displayed in a different color. 

>> 
>> --Danny 
>> 
>> — 
>> Reply to this email directly or view it on GitHub. 
>> 
> 
> 

— 
Reply to this email directly or view it on GitHub <https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18104741> . <https://github.com/notifications/beacon/5F2_eRmNmMOSmJQY77zQB7Urm4mdAJLBuw9AjIGhM7BrCkYkO0hhd3h0kI6eMco9.gif> 

—
Reply to this email directly or view it on GitHub <https://github.com/TMContent/Lib_Docs/issues/20#issuecomment-18111966> . <https://github.com/notifications/beacon/x_I9xJzfDnnC31jxJxVEAulqw5SiHzyImjk3stwYgdecOdwMB21nplLfwbZzXTMd.gif>