Josh Sokol josh.sokol at owasp.org
Mon Feb 24 06:34:13 UTC 2014


I never had contact with Chris before and I haven't had contact since.  It
would be completely unprofessional of me to have only considered your side
of all this as fact and not attempted to seek clarifications from others as
well.  Especially when the crux of your allegations is that Chris Gatford
was the one behind the "sock puppets".  I don't work for you and don't need
to seek your permission to speak with anyone, at any time, or anywhere.  As
for Chris calling the police, this is a natural reaction when someone
attempts to pull your pants down in public as he says you did to him.  I
had nothing to do with that.  Every person that I've spoken with and every
effort that I've made was in direct response to your request for
reinstatement.  In regards to your specific ethics complaints:

1) What law or ethical principle have I broken?
2) Where is my conflict of interest or how have I damaged the reputation of
employers, the profession, or the association?
3) How have I INTENTIONALLY injured or impugned the professional reputation
of colleagues, clients, or employers?  Who?
4) Who have I been disrespectful to and in what way?
5) What relationship do I have that impairs OWASPs objectivity and

Please be very specific citing any and all evidence that you have as these
are extremely serious allegations.  Throwing such allegations around
without proper supporting cause is pure libel.

As for the police, please do have them contact me as I would be more than
happy to provide all recordings to them along with email records, Skype
records, and social media.  I have done absolutely nothing wrong here in
maintaining my objectivity in order to make an informed decision on a
request that you made to the Board.  My correspondence with the Board will
show that I actually supported giving you another chance up until you began
attacking my integrity and rejected my attempts to find a peaceful way to
settle this.  Not only that, but it will also show where you made threats
to do exactly as you are doing now; attacking OWASP because we weren't
interested in caving to your will.  The Board is not interested in
compromising to those who bully or intimidate others in order to get their
way.  I look forward to speaking with the police and should have plenty of
time in the afternoon tomorrow to do so.  Please provide them with my email
and I will coordinate the call directly.  Thank you.


Josh Sokol
On Feb 23, 2014 11:18 PM, "Christian Heinrich" <
christian.heinrich at cmlh.id.au> wrote:

> Martin,
> I would like to bring to your attention the following statement made by
> Josh Sokol of *who did not seek my permission to contact Chris Gatford*:
> *---------- Forwarded message ----------*
> *From: Josh Sokol <josh.sokol at owasp.org <josh.sokol at owasp.org>>*
>  *Date: Thu, Jan 30, 2014 at 7:55 AM*
> *Subject: Topics of Discussion for This Weeks Call*
> *To: "christian.heinrich at cmlh.id.au <christian.heinrich at cmlh.id.au>"
> <christian.heinrich at cmlh.id.au <christian.heinrich at cmlh.id.au>>*
> *[SNIP - Content Irrelevant]*
> *I want to call out a specific section of the OWASP Code of Ethics
> (https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics
> <https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics>)
> that reads: "Treat everyone with respect and dignity".  In order to not
> serve any bias in my research, I had a call with Christ Gatford last night
> where he stated that you had a physical altercation with him very recently
> where you tried to pull down his pants.*
> *[SNIP - Content Irrelevant]*
> As of Friday my mother has complained to me about receiving continued
> telephone calls from a Constable at Manly Police Station.
> I spoke to the Constable yesterday (Sunday) just after 6PM and informed
> him that Josh Sokol of OWASP had made contact with Chris Gatford and this
> has prompted Chris Gatford to file a false allegation with NSW Police
> possibly due to Josh's continued and [false] claim that I am "seeking
> vengeance" against Chris Gatford which is nothing more than hearsay, false
> and untrue.
> I expect that the NSW Police will request the confidential recording of
> all conference calls so I will request that they are *not destroyed so
> they can be tendered into evidence*.  This is not permission to publish
> the conference call to the public of either Chris Gatford or I.
> I expect that as in the past that I the NSW Police have already determined
> due to lack of evidence that I am *innocent beyond a reasonable doubt* to
> yet another false allegation made by Chris Gatford to NSW Police that the
> rumour mill will once again attempt smear me with possible criminal dealing
> based on unwarranted and knee jerk decisions made by particular OWASP Board
> Members without any supporting evidence and regard to the fact that I have
> maintained an unblemished criminal record that has resulted in lost
> opportunities as Josh Sokol decided on a whim to contact with Chris Gatford
> who resigned from OWASP in August 2012 i.e.
> http://lists.owasp.org/pipermail/owasp-sydney/2013-January/000177.html
> As Josh's insists on citing
> https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethicsthen I would like to *formally
> request to bring Josh to account with his stated ethics* specifically:
>    - *Perform all professional activities and duties in accordance with
>    all applicable laws and the highest ethical principles;*
>    - *Refrain from any activities which might constitute a conflict of
>    interest or otherwise damage the reputation of employers, the information
>    security profession, or the Association;*
>    - *Not intentionally injure or impugn the professional reputation of
>    practice of colleagues, clients, or employers;*
>    - *Treat everyone with respect and dignity; and*
>    - *To avoid relationships that impair -- or may appear to impair --
>    OWASP's objectivity and independence.*
> I also want a condition placed on Josh Sokol revoked OWASP membership that *desists
> further contact with me and his unwarranted representation of me to Chris
> Gatford*.
> I would like to highlight that had Josh *not* ignored my continued warning
> then OWASP would not have been drawn into something that will cause it
> unwanted attention in the public domain as had been brought about with the
> OWASP Google Hacking Inquiry.
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/governance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140224/02d77c0d/attachment.html>

More information about the Governance mailing list