[GPC] [Owasp-google-hacking] Update Needed

dinis cruz dinis.cruz at owasp.org
Wed Jul 28 13:36:26 EDT 2010

(CCing the owasp-leaders list (just FYI and please wait for the enquiry to
provide your 'on-the-record' comments and views))

Brad is spot on in his response (below),.Christian you need to take a step
back and realize that emails like the last one you sent are completely out
of order and do not help your case at all.

Since the beginning I have taken the position that you are innocent until
proven guilty, and have been working very hard with Paulo in the creation of
a inquiry process that will give this (complex) case the most fair hearing
possible. I know you are being placed in a though spot and have lost your
job, but you have to realize that we need to get this right since there have
been some very serious accusations made about your conduct and the Google
Hacking Project.

In fact your last email just re-enforces the need that we have to create a
solid and transparent process. There are lots of variables at play here and
there are numerous conflicting statements being made (by whom will be
determined during the enquiry).

Paulo, in addition to the number of other things that he is working on, has
been doing an extended research on the best way to create a workflow and
wiki-documentation to support this case (and there is not a lot of good
examples in the Open Source community).

I know it is taking longer than you wished for, but that is exactly what
happens in the real world, and these things take time.

Btw, on a recent OWASP board email thread, I defended that since we need to
take into account that you are 'innocent until proven guilty' you should
still be included in the OWASP-leaders list. Please don't send emails like
the one below to that list and respect your fellow OWASP Leaders (who are
trying to help you)

Finally, Christian, since we have marked the OWASP Google Hacking project as
discontinued (see
http://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project), I
think it time that you dropped the tag *"OWASP "Google Hacking" Project Lead
- http://sn.im/owasp_google_hacking"* from your email signature.

Dinis Cruz

On 28 July 2010 16:25, Brad Causey <bradcausey at owasp.org> wrote:

> Christian,
> There are a number of reasons that your project is being marked as
> inactive. Not in the least, your attitude about all of this raises concerns.
> Some legitimate issues were raised regarding the status of your code, and
> your project overall. Rather than addressing these concerns, you've
> attempted to divert the process by complaining about harassing emails and
> twitter feeds, while blaming others for your lack of action.
> I suggest you worry less about Tom, Towny Roberto, and others, and look
> closely at your actions and attitude, as well as the project and
> organization that you've used to gain visibility in the application security
> space.
> -Brad Causey
> http://www.owasp.org
> --
> "Si vis pacem, para bellum"
> --
> On Tue, Jul 27, 2010 at 11:52 PM, Christian Heinrich <
> christian.heinrich at owasp.org> wrote:
>> Paulo,
>> On Tue, Jul 13, 2010 at 4:51 AM, Paulo Coimbra <paulo.coimbra at owasp.org>
>> wrote:
>> > As for your answer, below, I believe it is the appropriate time to say
>> that
>> > I don’t think your facts’ narrative always entirely captures the essence
>> of
>> > the email-thread you refer. However, I suggest we further clarify the
>> matter
>> > in the context of the inquiry process in course so as to assure the
>> > situation is handled with the care, respect and factualness it deserves.
>> I disagree and my interpretation is supported by
>> http://faculty.chicagobooth.edu/nicholas.epley/EpleyKruger.pdf and the
>> responses to Tom's comment on
>> http://taosecurity.blogspot.com/2010/06/publicly-traded-companies-read-this.html
>> The question is if it wasn't someone from Google then who is the
>> person in question that raised this with Tom Brennan mentioned in the
>> thread from July 2009.
>> I am also trying to gauge the benefit to my project from the attached
>> email threat in light of the fact that I had agreed to discretely
>> replace the source code - or what I thought might be the source code
>> [1] - when I returned to Australia rather then play into the hands of
>> trolls [2]
>> I have no doubt that the inquiry has been delayed so it will be
>> twisted to ensure maximum damage to my reputation while OWASP attempts
>> to distance itself from its lack of action during the entire lifetime
>> of this project such as the continued removal from the OWASP Leaders
>> List and recently marking my project inactive (not in September 2009
>> when requested).
>> [1]
>> https://lists.owasp.org/pipermail/owasp-google-hacking/2010-June/000023.html
>> [2] http://twitter.com/TownyRoberto/status/17237972489
>> --
>> Regards,
>> Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
>> OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking
>> _______________________________________________
>> Global-projects-committee mailing list
>> Global-projects-committee at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/global-projects-committee
> _______________________________________________
> Global-projects-committee mailing list
> Global-projects-committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global-projects-committee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20100728/7b26c12d/attachment.html 

More information about the Global-projects-committee mailing list