[Governance] JOSH SOKOL - CEASE AND DESIST CONTACT WITH CHRIS GATFORD

Josh Sokol josh.sokol at owasp.org
Wed Feb 26 04:20:38 UTC 2014


>
> All I have made NSW Police aware of is Chris' (or possibly the Police
> interpretation of Chris' complaint) is the indirect reference to
> "Internet Security" is OWASP.  For the record Chris has referred to
> OWASP as "Internet Security" in past Police complaints.
>

For someone who is infamous for providing multiple e-mail links to evidence
for what he is saying, Christian's well must have run dry on this one.
"Internet Security" is not, nor has it ever been, a DBA for the OWASP
Foundation.  We are missing two things here.  1) Evidence that Chris uses
the terms "Internet Security" and "OWASP" interchangeably and 2) Evidence
that Chris has referred to OWASP as "Internet Security" in past police
complaints.  Seems like more speculation from Christian.

As far as the NSW Police are concerned, if Josh has restated the claim
> made by Chris Gatford then that all that is required to correlate his
> version of events.
>

No legal system in the world that I am aware of works this way.  If I say
"Someone told me X", that doesn't make X a true statement.  Only the fact
that they said it is true.  Since the NSW Police have still not contacted
me, they have no statement from me, and therefore cannot say that I said
anything.

As I told Josh from the onset, I don't want to be recorded and this is
> the specific reason why.
>

At this point nobody outside of the OWASP Board has heard the recording so
this is largely irrelevant.  Personally, I didn't think that Christian said
anything bad in the recordings, at least up until the end of the second
call, but was even then still trying to negotiate a peaceful resolution to
this issue.  Based on what he has stated here, however, I believe the true
intent of not wanting to be recorded was so that he could say I said or did
things afterward that were blatantly false without my ability to disprove
them.  Fortunately, Tobias was on the calls as well, and while we've made
the decision to allow Christian to determine whether those recordings will
be released to the public, Tobias has clearly stated that Christian's
allegations are false.

Martin, I'd ask that you listen to the 15 minute call that I had with Chris
Gatford and determine whether there were any OWASP Code of Ethics
violations on that call so that we can lay these allegations to rest.

~josh


On Tue, Feb 25, 2014 at 6:01 PM, Christian Heinrich <
christian.heinrich at cmlh.id.au> wrote:

> As far as I am aware Chris may not have submitted the conference call
> as evidence since he is expecting the NSW Police to seek a confession
> from me in the first instance, which I can confirm was the purpose of
> their call on Sunday.
>
> All I have made NSW Police aware of is Chris' (or possibly the Police
> interpretation of Chris' complaint) is the indirect reference to
> "Internet Security" is OWASP.  For the record Chris has referred to
> OWASP as "Internet Security" in past Police complaints.
>
> As far as the NSW Police are concerned, if Josh has restated the claim
> made by Chris Gatford then that all that is required to correlate his
> version of events.  It is up to Chris if he desires to submit the
> conference call recording or not.  I suspect that he won't because his
> agenda is to cause me damage thought the repetition of hearsay, in
> this case from Josh Sokol and his complaint is not genuine.
>
> As I told Josh from the onset, I don't want to be recorded and this is
> the specific reason why.
>
> On Wed, Feb 26, 2014 at 10:29 AM, Josh Sokol <josh.sokol at owasp.org> wrote:
> > Evidence to Christian's first objection:
> >
> > Christian is now directly contradicting what he stated on an e-mail to
> the
> > governance list two days ago:
> >
> > "The root cause of this entire issue is that had Dinis Cruz provided me
> with
> > complaint by Andre Ludwig i.e.
> > http://lists.owasp.org/pipermail/owasp-board/2010-June/008481.html and
> > elected to investigate Chris Gatford of the OWASP Sydney Chapter as the
> > "unverified sources" then this entire issue would have been resolved
> without
> > the long term damage to my career and standing within the security
> community
> > in which Chris Gatford has subsequently formed relationship with at the
> > exclusion OWASP i.e. RUXCON, AusCERT, AISA, etc."
> >
> > ("Re: [Governance] Termination - Request for Artifact(s)" - Sun, Feb 23,
> > 2014 at 6:39 PM)
> > http://lists.owasp.org/pipermail/governance/2014-February/000342.html
> >
> > Regarding Christian's Second Objection:
> >
> > Now we have an indirect reference to me being "Internet Security"?  OK,
> I am
> > a lot of things, but I am clearly not "Internet Security".  This isn't
> > evidence.  This is ridiculous.
> >
> > Regarding Christian's Third Objection:
> >
> > Chris Gatford is actually the one who said that Christian attempted to
> pull
> > down his pants.  I was merely restating what I was told.  And not only
> was
> > Christian consulted on this, he provided a response to me and Tobias.
> > Again, contradicting himself.
> >
> > "You can see from the above that a reasonable person won't conclude
> > that his claim that I attempted to "pull down his pants" is just
> > another example of hearsay and rumour in which to divert the OWASP
> > Board attention from the evidence related to his direct involvement in
> > the Google Hacking Inquiry.
> >
> > Please keep this in mind next time you approach him."
> >
> > ("Re: Chris Gatford - False Claim of Assault" - Thu, Jan 30, 2014 at 9:18
> > PM)
> >
> > Once again, I will state that this is Christian making assumptions about
> > what was discussed in my interview with Chris Gatford.  As he was not
> there,
> > and has not heard the recording, this is false speculation.  I have asked
> > that he have the police contact me directly and have received no such
> > response.  I have asked for clarification and evidence regarding the
> claim
> > of "Code of Ethics violations" that Christian has made against me and
> have
> > received none.  In addition, I would like to point out that this is
> > Christian's attempt to seek vengeance upon me for my failed attempt to
> seek
> > peace between him and the OWASP Foundation.  Assuming that no evidence is
> > presented (it can't because it doesn't exist), and no crime has been
> > committed, I would like for this to be added to the official record for
> > consideration when judging Christian's contributions to the OWASP
> > Foundation.  It is yet another example of Christian's attempts to damage
> the
> > OWASP Foundation as indicated by him in a tweet to Jim Manico on
> 4/23/2013
> > 10:23 AM.  "@manico Then I'll just continue to damage @owasp but then
> again
> > it does damage itself so well already"  This attack on my integrity is
> > baseless and unfounded and should be summarily dismissed.
>
> --
> Regards,
> Christian Heinrich
>
> http://cmlh.id.au/contact
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/governance
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140225/4cbbcdde/attachment.html>


More information about the Governance mailing list