[Governance] Termination - Request for Artifact(s)

Christian Heinrich christian.heinrich at cmlh.id.au
Sat Feb 22 05:01:12 UTC 2014


You "induced" an audio interview you refused to accept a written statement
by stating that this was the only way the OWASP Board would allow me to
tender a statement.

I was awarded a formal certificate int the conduct of witness interviews by
the Queensland Police and inducement is considered highly unethical and the
reason why it is clarified as [not] a condition of the interview as
demonstrated within

I have never been provided a list of questions otherwise I would have
provided written responses but you did provide one "surprise" question
without any reasonable notice period which I addressed too.

I have made numerous offers to schedule a conference call in which to
repeat the "*assist me with a number of very conservative clarifications of
my reputation with Brad Causey, Andre Ludwig, etc so they can act as my
referees and ambassadors within OWASP in the future*." statement I made
within http://lists.owasp.org/pipermail/governance/2014-February/000329.html
I don't know how I can make this intent appear any less conservative
non confrontational.

If you had nothing to hide then you would support Martin in undertaking an
independent inquiry of the termination process.

The conduct of the OWASP Board in conducting the termination is dubious at
best and you have again demonstrated the OWASP Board desire to take
shortcuts without consideration of the facts of the matter to arrive at an
premeditated outcome.

On Sat, Feb 22, 2014 at 2:36 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

> Christian,
> *I do not grant permission for the two interviews to be published to the
> public record.  Neither was I ever informed that their distribution was for
> the public record and I requested  that I *not* be recorded and any consent
> given is inducement.  You are more than welcome to schedule an interview
> for on the record comment provided a list of question are agreed upon
> beforehand?*
> This is fine.  My statement in each of the calls was that they were being
> recorded to preserve evidence on behalf of both yourself and OWASP and the
> contents would be provided to other Board members and our Executive
> Director in order to assist with your request for reinstatement.  The
> questions I asked were provided to you before the call with one exception
> that I offered you not to answer if you so chose.  You did, in fact, agree
> to the recording of the call (your consent is recorded).  Your claims of
> inducement are baseless as you were given the option as to whether you
> wanted to proceed or not.  There were no threats held over your head other
> than it needed to be recorded in order to obtain evidence for your request
> for reinstatement and no recording meant no evidence.  It would have been
> pointless.  So, to be clear, the recordings will absolutely be used by the
> Board in our decision making process.  We will not make the recordings
> public, per your request, but it will be made clear that the Board
> considered additional evidence that you requested not be made public in
> making our decision.
> My original offer to assist was to try to obtain evidence so that I could
> make an informed decision on your request for reinstatement.  Along the
> way, I did recognize that the Google Hacking Inquiry no longer served the
> purpose that it once did and I am happy to aide in having it removed so
> that you may move on with your life.  All of this other stuff that you are
> saying, all of the requests to pursue people based on allegations from
> years ago, I cannot support.  My goal was to find a peaceful resolution
> between yourself and OWASP.  I offered two plans that both received support
> from those outside of the Board, but it is clear that your quest for
> "justice" stands in the way of any attempts for a peaceful resolution.
> Thus, as I stated previously, I believe that our paths have diverged and I
> am incapable of aiding you going forward.  I thank you for taking the time
> to engage me both in e-mail and over the phone and feel that I now have
> enough information to make an informed decision on the subject.  I did
> request your additional supporting sources, to make sure I was as thorough
> as possible, but as you never provided these to me I'm afraid I will have
> to make due with the data that you have provided to me.  Feel free to pass
> those on if you feel so inclined, but otherwise, I don't think we have
> anything else to discuss.  I wish you all the best, Christian.
> ~josh
> On Fri, Feb 21, 2014 at 7:52 PM, Christian Heinrich <
> christian.heinrich at cmlh.id.au> wrote:
>> Martin,
>> I would to formally request that you to undertake an independent
>> review of my suspension and termination from OWASP.
>> The focus and scope will be on the within the e-mail I recently sent
>> to this [governance] mailing list and I have highlighted the major
>> points within
>> http://lists.owasp.org/pipermail/governance/2014-February/000326.html
>> (bolding may not render correctly as the e-mail was HTML).
>> I have no intention to rejoin OWASP until this matter is resolved but
>> I would like to participate as a member of the public and speak at
>> https://2014.appsec.eu/ and the OWASP Board have declared that in
>> light of the exclusion lapsing in January this will continue
>> indefinitely and therefore I am excluded from presenting at this
>> event.
>> Therefore, I don't want this drag out like the Inquiry Google Hacking
>> Project which should have taken "a few hours work" at most.
>> Is this timeline reasonable to you?
>> The issue related to SourceForge vs GitHub is secondary and I have
>> tendered the evidence that infers that Aspect Security sought to offer
>> their commercial services to SourceForge during the tender issued by
>> the OWASP GPC.
>> On Sat, Feb 22, 2014 at 12:49 AM, Martin Knobloch
>> <martin.knobloch at owasp.org> wrote:
>> > Hi Christian,
>> >
>> > Just to makes things clear, you do email me as in my role of compliance
>> /
>> > whistle blower officer?
>> > Please state clearly if this request to me as in my obligation of the
>> above
>> > mentioned, or as fellow OWASP member!
>> >
>> > Some parts of your email are not clear to me. Excuse if this is caused
>> my
>> > level of understanding the English language, I am not a native speaker
>> as
>> > you know.
>> > Therefore, I have to first ask you some questions, for me to fully
>> > understand your request:
>> >
>> > What is in your opinion the relation of the "Queensland and NSW State
>> > Governments"  regulations?
>> >
>> > As OWASP is not incorporated in Australia, I wonder about the relevance.
>> > With other words, do you suggest OWASP has to follow regulations
>> outside of
>> > the US?
>> >
>> > What does IRS stands for?
>> > In what view is the request of for information by Dinis, Dennis and
>> Josh you
>> > refer to, relevant?
>> >
>> > I fail to understand to point of this reference
>> >
>> > What artifact does not exist you refer to by "Michael has also been
>> offered
>> > the opportunity to state that this artifact does not exist..."?
>> >
>> > But most importantly, what it your request?
>> > I fail to understand your question:
>> >  "Can you assist so that the selective judgement of the OWASP Board
>> doesn't
>> > affect the well being of another OWASP member?"
>> > Could you rephrase your question please?
>> >
>> > Please understand, I am asking this in order to fully understand your
>> email.
>> > If you prefer, we can schedule a  call in private!
>> --
>> Regards,
>> Christian Heinrich
>> http://cmlh.id.au/contact
>> _______________________________________________
>> Governance mailing list
>> Governance at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/governance

Christian Heinrich

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140222/ba865e7c/attachment-0001.html>

More information about the Governance mailing list