[Governance] Fwd: [Owasp-leaders] My views on the OWASP SamanthaGate (10 points and ideas for OWASP)

Michael Coates michael.coates at owasp.org
Wed Jun 18 18:47:14 UTC 2014


Bil,

To your first point on the compliant:
Correct. I cc'ed Martin on the email. I'm waiting for his response.
I don't necessary think governance has a role to play. But if this were to
be discussed anywhere, this would be the appropriate place.

On your second point - O-Open:
I think this is a great idea! I'm going to push back a bit though. We've
got a great idea, now we need people that want to make it a reality. Is
this something you want to lead and draw together other interested
owasp'ers? I think governance list is a good spot to start (with an
announcement on leaders for anyone to join over here if interested).



--
Michael Coates
@_mwc



On Wed, Jun 18, 2014 at 4:29 AM, Bil Corry <bil.corry at owasp.org> wrote:

> Hi Michael,
>
>
>
> I believe the complaint should be delivered to the Compliance Officer to
> handle per the process.  What role do you see the Governance list playing
> in the complaint?
>
>
>
> On a more general level, I'll make the observation that there is a very
> wide gap in beliefs about just how transparent OWASP should be.  That gap
> shows up in a multitude of ways, such as the email from Denis that has
> spawned this complaint.
>
>
>
> I recommend organizing a committee to work out a specific, explicit policy
> on what is and is not "open."  This is a hotly contested area within OWASP
> and my guess is unless it's written down, some may wave the "O is for Open"
> banner when disclosing anything of their choosing.
>
>
>
>
>
> - Bil
>
>
>
> *From:* governance-bounces at lists.owasp.org [mailto:
> governance-bounces at lists.owasp.org] *On Behalf Of *Michael Coates
> *Sent:* Tuesday, June 17, 2014 10:48 PM
> *To:* governance at lists.owasp.org; Martin Knobloch
> *Subject:* [Governance] Fwd: [Owasp-leaders] My views on the OWASP
> SamanthaGate (10 points and ideas for OWASP)
>
>
>
> Governance,
>
> I'm forwarding this to the governance list. I've already reached out to
> Dinis and optionally Yvan to begin a discussion. I'll also confer with
> Martin to determine if he is still available to assist.
>
>
>
> --
> Michael Coates
> @_mwc
>
>
>
> ---------- Forwarded message ----------
> From: *Yvan Boily* <yvanboily at gmail.com>
> Date: Tue, Jun 17, 2014 at 8:42 AM
> Subject: Re: [Owasp-leaders] My views on the OWASP SamanthaGate (10 points
> and ideas for OWASP)
> To: Dinis Cruz <dinis.cruz at owasp.org>
> Cc: "owasp-leaders at lists.owasp.org" <owasp-leaders at lists.owasp.org>
>
> In the last several days, and over the course of the last several months
> Dinis Cruz has posted messages that have taken an internal matter and made
> it a public embarrassment to OWASP.
>
> Since I know there are people on the sidelines reading I want to be clear:
>
> * There should be a proper investigation of the claims that Samantha has
> made
>
> * Regardless of the outcome of that investigation, the community should
> expect those responsible for misconduct or unlawful behaviour to be held
> accountable
>
> * We, as a community, should expect a strong statement from the board
> supporting inclusiveness and equality, and supporting this should be an
> expectation of everyone who opts to be a leader
>
> I am requesting that the board consider issuing a warning and/or a
> temporary ban on Dinis Cruz.  I am requesting a warning or temporary ban
> because I believe that Dinis was genuinely trying to help, and he has been
> a long standing member of the community advocating for positive change.
> This request stems from a desire to illustrate that we will hold our
> members accountable for ethical violations and not out of any malice.
>
> In the last 48 hours Dinis has sent messages which violate the following
> items from the Code of ethics
>
> *1. Perform all professional activities and duties in accordance with all
> applicable laws and the highest ethical principles;*
>
>
> *3. Maintain appropriate confidentiality of proprietary or otherwise
> sensitive information encountered in the course of professional activities;**
> Forwarding confidential information and defamatory messages to mailing list
> comprised of tens of thousands of people is not in accordance with ethical
> principles.
>
>
>
> *6. Refrain from any activities which might constitute a conflict of
> interest or otherwise damage the reputation of employers, the information
> security profession, or the Association;9. Not intentionally injure or
> impugn the professional reputation of practice of colleagues, clients, or
> employers;*
>
> * The reputations of several board members have been publicly maligned, as
> has Samantha Groves.  Since the messages were sent in the sense of openness
> and in the message this is in response to, he claims to have had the desire
> to allow the opportunity to respond to the claims, that this was done
> intentionally.
>
> * This incident may have caused irreparable damage to the community.
>
>
> *10. Treat everyone with respect and dignity;*
>
>
>
> * airing unproven allegations to the community undermines the dignity of
> long-time contributors
>
> The OWASP community is huge, and has garnered an impressive amount of
> influence.  If we fail to hold ourselves, the board, the staff, and each
> other accountable, then that influence will be squandered.
>
> Dinis - please accept my apologies for sending this email, but in my
> opinion it is a necessary action.
>
> Regards,
> Yvan Boily
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140618/92c6b261/attachment-0001.html>


More information about the Governance mailing list