Actions

Difference between revisions of "Contributors"

From Mahara Wiki

(44 intermediate revisions by 2 users not shown)
Line 28: Line 28:
 
* Anurag Srivastava - [https://twitter.com/hexachordanu @hexachordanu]
 
* Anurag Srivastava - [https://twitter.com/hexachordanu @hexachordanu]
 
* C Vishnu Vardhan Reddy (Vishnu_dfx) - [https://www.facebook.com/vishnu.dfx Facebook]
 
* C Vishnu Vardhan Reddy (Vishnu_dfx) - [https://www.facebook.com/vishnu.dfx Facebook]
 +
* chbi - [https://chbi.eu/ personal website]
 +
* 陈瑞琦 (Chen Ruiqi) - [http://www.codesafe.cn/ team website]
 
* Dushyant Sahu
 
* Dushyant Sahu
 
* Dylan S. Hailey - [http://www.twitter.com/tibitximer @TibitXimer]
 
* Dylan S. Hailey - [http://www.twitter.com/tibitximer @TibitXimer]
Line 37: Line 39:
 
* Jaume Llopis Pujal - [https://twitter.com/JKS___ @JKS___]
 
* Jaume Llopis Pujal - [https://twitter.com/JKS___ @JKS___]
 
* Kamil Sevi - [https://twitter.com/kamilsevi @kamilsevi]
 
* Kamil Sevi - [https://twitter.com/kamilsevi @kamilsevi]
 +
* Kirtikumar Anandrao Ramchandani - [https://m.facebook.com/kirti.ar Facebook]
 +
* M.R.Vignesh Kumar - [https://twitter.com/vigneshkumarmr @vigneshkumarmr]
 
* Mahmut Esat Yildirim - [http://www.mahmutesat.com personal website]
 
* Mahmut Esat Yildirim - [http://www.mahmutesat.com personal website]
 
* Mike Haworth
 
* Mike Haworth
 +
* Mushraf Mustafa - [http://Facebook.com/mushrafmustafaofficial Facebook]
 
* Narendra Bhati (R00t Sh3ll), Web Security Geeks - [https://twitter.com/NarendraBhatiB @NarendraBhatiB]
 
* Narendra Bhati (R00t Sh3ll), Web Security Geeks - [https://twitter.com/NarendraBhatiB @NarendraBhatiB]
* M.R.Vignesh Kumar - [https://twitter.com/vigneshkumarmr @vigneshkumarmr]
 
 
* Nitin Goplani - [https://www.linkedin.com/in/nitingoplani LinkedIn]
 
* Nitin Goplani - [https://www.linkedin.com/in/nitingoplani LinkedIn]
 
* Prashant Negi - [https://twitter.com/prashantnegi_ @prashantnegi_]
 
* Prashant Negi - [https://twitter.com/prashantnegi_ @prashantnegi_]
 
* Rafay Baloch - [http://rafayhackingarticles.net personal website]
 
* Rafay Baloch - [http://rafayhackingarticles.net personal website]
 
* Roman Mironov - [http://uk.linkedin.com/in/rmironov LinkedIn]
 
* Roman Mironov - [http://uk.linkedin.com/in/rmironov LinkedIn]
 +
* SaifAllah benMassaoud - [https://www.facebook.com/WhiteHatSecuri Facebook]
 +
* Sajibe Kanti - [https://www.facebook.com/sajibe.kanti Facebook]
 
* Saurabh Chandrakant Nemade - [https://facebook.com/saurabh.nemade Facebook]
 
* Saurabh Chandrakant Nemade - [https://facebook.com/saurabh.nemade Facebook]
 
* Sergey Markov
 
* Sergey Markov
 
* Siddhesh Gawde - [http://www.facebook.com/pen3t3r Facebook]
 
* Siddhesh Gawde - [http://www.facebook.com/pen3t3r Facebook]
 
* Tom Forbes - [http://tomforb.es personal website]
 
* Tom Forbes - [http://tomforb.es personal website]
 +
* Vineet Kumar - [https://twitter.com/the_real_clown Twitter]
 
* Wan Ikram - [https://twitter.com/rinakikun @rinakikun]
 
* Wan Ikram - [https://twitter.com/rinakikun @rinakikun]
 
* Wen-Chang Chien (簡文章) - [https://launchpad.net/~wcchien Launchpad]
 
* Wen-Chang Chien (簡文章) - [https://launchpad.net/~wcchien Launchpad]
 
* Yuji Tounai - [https://twitter.com/yousukezan @yousukezan]
 
* Yuji Tounai - [https://twitter.com/yousukezan @yousukezan]
 +
* Zeeshan - [http://fb.com/zeex.zeeshan Facebook]
  
 
== Mahara project infrastructure ==
 
== Mahara project infrastructure ==
This second list is of security researchers who have found security issues with the infrastructure of the Mahara project which can include all the websites (mahara.org, wiki.mahara.org, manual.mahara.org, langpacks.mahara.org, reviews.mahara.org, git.mahara.org, test.mahara.org), the servers that host those websites, and any auxillary tools (such as launchpad for bug tracking, github.com for git hosting).
+
This second list is of security researchers who have reported security issues with the configuration or version of software used on the infrastructure of the Mahara project which can include all the websites (mahara.org, wiki.mahara.org, manual.mahara.org, langpacks.mahara.org, reviews.mahara.org, git.mahara.org, test.mahara.org) and the servers that host those websites.
  
 
These people have followed the [[Security | responsible disclosure practise after finding security vulnerabilities in the Mahara project infrastructure]].
 
These people have followed the [[Security | responsible disclosure practise after finding security vulnerabilities in the Mahara project infrastructure]].
Line 75: Line 83:
 
* SSL configuration on mahara.org still allowing TLSv1 128 bit RC4-SHA
 
* SSL configuration on mahara.org still allowing TLSv1 128 bit RC4-SHA
 
** SaifAllah benMassaoud (https://www.facebook.com/WhiteHatSecuri)
 
** SaifAllah benMassaoud (https://www.facebook.com/WhiteHatSecuri)
 +
* SSL configuration on mahara.org still allowing TLS_RSA_WITH_RC4_128_SHA and TLS_ECDHE_RSA_WITH_RC4_128_SHA
 +
** Shawar Khan (http://shawarkhan.com)
 +
* <span id="error-page-phishing">mahara.org printing full requested URL on error pages, which could potentially be part of a very weak phishing attack</span>
 +
** Girish Sp - [https://twitter.com/Girish0777 @Girish0777]
 +
* X-XSS-Protection header is not set ([https://bugs.launchpad.net/mahara/+bug/1531987 Bug report to improve security allaround])
 +
** SaifAllah benMassaoud - [https://www.facebook.com/WhiteHatSecuri Facebook]
 +
** Zeeshan - [http://fb.com/zeex.zeeshan Facebook]
 +
* SPF record for mahara.org breaks length limit
 +
** Rohit Kumar - [https://twitter.com/rohittourister @rohittourister] [https://facebook.com/rohitcoder Facebook] https://www.infooby.com
 +
* Some 301 redirects on mahara.org used Host field of HTTP request rather than hard-coded URL; potential for a cache poisoning attack
 +
** Vikram Singh Rathore of [https://www.torridnetworks.com/home Torrid Networks Pvt Ltd]
 +
* Content spoofing on 404 page
 +
** Taimoor Abid - [https://www.facebook.com/T4YM.phtml Facebook]
 +
* Strict-Transport-Security header was not set
 +
** Kyaw Thiha - [https://www.linkedin.com/in/kyawthiha89 Linkedin]
 +
* Extend spam protection with DMARC / DKIM
 +
** Pal Patel - [https://www.facebook.com/sam.patel.9822 Facebook]
 +
* Proxy protection to prevent bypassing of X-Frame-Options
 +
** Mushraf Mustafa - [http://Facebook.com/mushrafmustafaofficial Facebook]
 +
* Set Certificate Authority Authorization
 +
** Shwetabh Suman - [https://www.facebook.com/profile.php?id=100011024580051 Facebook]
 +
* DNSSEC and Domain Registry Protection (DRP is not available for .org domains though)
 +
** Kirtikumar Anandrao Ramchandani - [https://m.facebook.com/kirti.ar Facebook]
 +
* Preloading of HSTS and increasing max age for wiki.mahara.org
 +
** Ratnadip Gajbhiye - [https://m.facebook.com/Mr.Ch4rLi3 Facebook]
  
 
=Organizations=
 
=Organizations=
Line 80: Line 113:
 
A large part of the development on Mahara would not be possible without the funding from institutions and organizations.
 
A large part of the development on Mahara would not be possible without the funding from institutions and organizations.
  
 +
== Mahara 18.04 (not yet released) ==
 +
 +
* [http://catalyst.net.nz Catalyst]
 +
* [http://phbern.ch PH Bern]
 +
 +
== Mahara 17.10 ==
 +
 +
* [http://aut.ac.nz Auckland University of Technology]
 +
* [http://anu.edu.au/ Australian National University]
 +
* [http://blackboard.com/ Blackboard]
 +
* [http://carleton.ca Carleton University]
 +
* [http://catalyst.net.nz Catalyst]
 +
* [http://cqu.edu.au Central Queensland University]
 +
* [http://dcu.ie Dublin City University]
 +
* [http://eticeo.fr Eticeo]
 +
* [https://education.govt.nz New Zealand Ministry of Education]
 +
* [http://www.switch.ch SWITCH]
 +
* [http://tc.columbia.edu Teachers College, Columbia University]
 +
* [https://www.totaralms.com Totara LMS]
 +
* [http://umontreal.ca Université de Montréal]
 +
* [http://uqam.ca/ Université du Québec à Montréal]
 +
* [http://usq.edu.au University of Southern Queensland]
 +
* [http://sussex.ac.uk University of Sussex]
 +
 +
&nbsp;
 +
 +
== Mahara 17.04 ==
 +
 +
* [http://catalyst.net.nz/ Catalyst]
 +
* [http://catalyst.net.nz/academy Catalyst Open Source Academy]
 +
* [http://donau-uni.ac.at/ Donau-Universität Krems] / [http://ats2020.eu/ ATS2020 Project]
 +
* [http://instructure.com/ Instructure]
 +
* [http://kineo.co.nz/ Kineo (Pacific)]
 +
* [http://www.kpu.ca Kwantlen Polytechnic University]
 +
* [http://www.minedu.govt.nz/ New Zealand Ministry of Education]
 +
* [http://northlanddhb.org.nz/ Northland District Health Board]
 +
* [http://povsod.com/ Povsod]
 +
* [http://www.switch.ch/ SWITCH]
 +
* [http://ecnz.ac.nz Te Rito Maioha Early Childhood New Zealand]
 +
* [http://umontreal.ca/ Universit&eacute; de Montréal]
 +
 +
&nbsp;
 +
 +
== Mahara 16.10 ==
 +
 +
* [http://athabascau.ca/ Athabasca University]
 +
* [http://anu.edu.au Australian National University]
 +
* [http://catalyst.net.nz/ Catalyst]
 +
* [https://www.phbern.ch/ PH Bern]
 +
* [http://www.switch.ch/ SWITCH]
 +
* [https://www.dvt.at/services/tsn-tiroler-schulnetz/ Tiroler Schulnetz]
 +
* [http://uqam.ca Université du Québec à Montréal]
 +
 +
&nbsp;
 +
 +
== Mahara 16.04 ==
 +
 +
* [http://athabascau.ca/ Athabasca University]
 +
* [http://cardiff.ac.uk/ Cardiff University]
 +
* [http://catalyst.net.nz/ Catalyst]
 +
* [http://catalyst.net.nz/academy Catalyst Open Source Academy]
 +
* [http://federation.edu.au/ Federation University Australia]
 +
* [http://pace.edu/ Pace University]
 +
* [http://povsod.com/ Povsod]
 +
* [http://tirol.gv.at/ Province of Tirol]
 +
* [http://solent.ac.uk/ Southampton Solent University]
 +
* [http://www.switch.ch/ SWITCH]
 +
* [http://umontreal.ca/ Universit&eacute; de Montreal]
 +
* [http://yale.edu/ Yale University]
 +
* [https://www.zhaw.ch/en/university/ Zurich University of Applied Sciences]
 +
 +
&nbsp;
  
 
== Mahara 15.10 ==
 
== Mahara 15.10 ==
Line 234: Line 339:
 
The [http://www.gla.ac.uk/ University of Glasgow] have funded several pieces of work for us, including View Templates, part of Import/Export (the HTML export is thanks to them), and various bug fixes.
 
The [http://www.gla.ac.uk/ University of Glasgow] have funded several pieces of work for us, including View Templates, part of Import/Export (the HTML export is thanks to them), and various bug fixes.
  
[http://www.galeaders.org/ GLISI]/[http://ralphmerrill.com/ Ray Merrill] funded enhancements to Mahara's groups, and Ray has provided much invaluable guidance around Mahara's usability.
+
[http://www.galeaders.org/ GLISI] / Ray Merrill funded enhancements to Mahara's groups, and Ray has provided much invaluable guidance around Mahara's usability.
  
 
With JISC funding we were able to add import/export functionality to the Mahara e-portfolio system, as part of the 1.2 release. This work was sponsored by the [http://www.ulcc.ac.uk/ University of London Computer Centre], University of Glasgow and [http://wiki.cetis.ac.uk/PIOP_Mahara JISC Cetis].
 
With JISC funding we were able to add import/export functionality to the Mahara e-portfolio system, as part of the 1.2 release. This work was sponsored by the [http://www.ulcc.ac.uk/ University of London Computer Centre], University of Glasgow and [http://wiki.cetis.ac.uk/PIOP_Mahara JISC Cetis].

Revision as of 15:01, 14 February 2018

Mahara is developed by a world-wide team of programmers, translators, designers and enthusiastic amateurs. Many individuals and groups have contributed to Mahara so far.

Core Teams

Community

Security researchers

Mahara code

This is a list of security researchers that have contributed to Mahara itself. These people have followed the responsible disclosure practise after finding security vulnerabilities in the Mahara codebase.

Mahara project infrastructure

This second list is of security researchers who have reported security issues with the configuration or version of software used on the infrastructure of the Mahara project which can include all the websites (mahara.org, wiki.mahara.org, manual.mahara.org, langpacks.mahara.org, reviews.mahara.org, git.mahara.org, test.mahara.org) and the servers that host those websites.

These people have followed the responsible disclosure practise after finding security vulnerabilities in the Mahara project infrastructure.

Organizations

A large part of the development on Mahara would not be possible without the funding from institutions and organizations.

Mahara 18.04 (not yet released)

Mahara 17.10

 

Mahara 17.04

 

Mahara 16.10

 

Mahara 16.04

 

Mahara 15.10

 

Mahara 15.04

Mahara 15.04 was released on 17 April 2015.

 

Mahara 1.10

Mahara 1.10 was released on 21 October 2014.

 

Mahara 1.9

Mahara 1.9 was released on 15 April 2014.

 

Mahara 1.8

Mahara 1.8 was released on 24 October 2013.

 

Mahara 1.7

Mahara 1.7 was released on 19 April 2013.

 

Mahara 1.6

Mahara 1.6 was released on 17 April 2012.

 

Mahara 1.5

Mahara 1.5 was released on 13 June 2011.

 

Pre Mahara 1.5

The University of Glasgow have funded several pieces of work for us, including View Templates, part of Import/Export (the HTML export is thanks to them), and various bug fixes.

GLISI / Ray Merrill funded enhancements to Mahara's groups, and Ray has provided much invaluable guidance around Mahara's usability.

With JISC funding we were able to add import/export functionality to the Mahara e-portfolio system, as part of the 1.2 release. This work was sponsored by the University of London Computer Centre, University of Glasgow and JISC Cetis.

A collaborative group in the State of New Hampshire funded the ability to submit Mahara Views for assessment in Moodle, through a grant from the New Hampshire Department of Education.

Cambridge University School of Clinical Medicine sponsored the development of the plugin Problems & Conditions.

The BScE at the University of Luxembourg funded the development of the tag cloud, improvements to the feedback function in the 1.2 and 1.3 releases, and bug fixes for Mac servers.

Birmingham City University funded the initial development work for Collections and Plans (new features in Mahara 1.3). They also supported the development of locking down blog posts and files that are used in submitted views.

Lancaster University Network Services (LUNS Ltd.) was funded by Cumbria and Lancashire Education Online (CLEO) to design several features.

The New Zealand Ministry of Education funded a large number of features and usability changes to Mahara 1.4 and 1.5 that were implemented by Catalyst IT