[Owasp-board] FW: Tix to Irvine

Jeff Williams jeff.williams at owasp.org
Mon Aug 23 21:10:39 UTC 2010



I'm disappointed that you would accuse the board of not looking after the
OWASP Leaders.  The sarcasm undercuts your argument considerably.   I find
it ironic that you're using some rather inelegant sophistry to call us
sophists.  Plato is rolling in his grave.


> my fundamental problem with this thread is the fact

> that I'm having to justify what you call these 'perks'...


The essence of leadership is to be compelling about what you want to
accomplish. Our job on the board is to consider ideas like this carefully
and make good decisions.  If you want us to approve your nutcase ideas, then
convince us. That does not mean a long-winded rambling email.  Spend some
time to *craft* your argument. Think about Dave's objections in advance.
Make us share your vision. 


To me this is a simple question of maximizing the use of our dollars in
accomplishing our mission.  Dinis is provocatively arguing that investing
this money in our leaders will grow OWASP.  Others are thinking that this
money could be better spent.


Now I'd appreciate it if we could get a little reality.  What do you think
the maximum cost to OWASP actually is?  Does anyone know if leaders pay to
attend classes?  I bet not too many.  I'm quite sure that NONE of the all
stars that Dinis listed would pay to take a class. So that leaves the cost
of leaders blocking out paying students. Most of our classes aren't totally
full, right?


This is a tempest in a teapot.  Let a few leaders fill empty seats in
classes for free.  We won't lose money and we get the benefit.




From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of dinis cruz
Sent: Monday, August 23, 2010 11:55 AM
To: Kate Hartmann
Cc: OWASP Foundation Board List
Subject: Re: [Owasp-board] FW: Tix to Irvine


my fundamental problem with this thread is the fact that I'm having to
justify what you call these 'perks'...


I would be more than happy if your collective answer was "...great idea,
lets try it and cap it at 5000 USD..."


or even better:


"...great idea and lets use the OotM money since it doesn't look like it is
being spent..."


Are we really saying that OWASP doesn't have 5000 USD to try this out? 


Am I the only one that the the massive connections and business
opportunities that this these simple ideas have? (both leaders on training
and 'developers for owasp conferences')




On 23 Aug 2010, at 16:25, Kate Hartmann <kate.hartmann at owasp.org> wrote:

We have Dave, Eoin, Matt, and Tom vote no

Jeff suggests "stand by"

Seba is on vacation for another week

Dinis is very much a Yes


I will recommend that since this has already been promised to Tony we pay
the trainer fees out of Dinis' budget for Tony's class and then discuss in
CA ways to reward our chapter leaders for their efforts in the future.
Would like to get Seba's input on the progress of the restart of the chapter


I think we agree that the chapter leaders are the heart and soul of the
foundation.  I'm disappointed that the chapter committee faded away because
this is where the chapter leaders will have their voice and can initiate a
program to reward themselves and their peers.

With all due respect, any business (which OWASP ultimately is) can only
reward their "employees" when business is profitable.  With the exception of
the banking industry in the US (i.e. economic meltdown) when the company
breaks even or loses money during any given fiscal year, the entire
organization needs to tighten their belts and work on recovery.  Once that
recovery is made (and not before) is it time to once again dole out the

2009 was not a good year for OWASP.  2010 is much better, but is not


I think I can confidently say that no one is looking to punish the chapter
leaders or increase their burden of responsibility.  There is no caveat that
even implies that the position will be rewarded.  Our chapter leaders, our
members, and our community join up because they are passionate about what
they do and because they want to make a difference by supporting the mission

That being said, and returning to the single point of this thread, it is not
about providing freebies to our chapter leaders.  Conference admission is
free.  However, unless we have a revenue source other than conferences,
training, and membership or one of these can compensate for the other, then
we are risking our own stability to reverse a revenue stream.  By providing
"free conference training" to our chapter leaders (this is training offered
at conferences provided by commercial trainers) we not only risk plugging up
a very important source of funding for our mission, but actually turning a
source of revenue into an expense since we are obligated to pay the


Kate Hartmann

Operations Director


www.owasp.org <http://www.owasp.org/>  

Skype:  Kate.hartmann1


From: dinis cruz [mailto:dinis.cruz at owasp.org] 
Sent: Monday, August 23, 2010 7:05 AM
To: Dave Wichers
Cc: Kate Hartmann; OWASP Foundation Board List
Subject: Re: [Owasp-board] FW: Tix to Irvine


Wow, what about making our leaders pay a fee for the priviledge of being an
owasp leader and doing all that work for free!!! That would also be a
revenue source!


And Dave, how much money do you want to make from the conferences? I thought
that 118k from the EU conference was pretty good. 


What is the profit number that will make you consider sharing some of that
with our hard working leaders? 250k? 500k? 1M? Never?


Sorry for the rant, but sometimes it is hard to be the only one around here
that (on the record) is trying to look after our owasp leaders (who are the
heart and soul of this organization). It really hurts when I have to justify
issues like this to the board

Dinis Cruz

On 23 Aug 2010, at 04:08, Dave Wichers <dave.wichers at owasp.org> wrote:

I vote no. That we do NOT comp OWASP leaders to our commercially provided
training events. These are intended to be significant revenue generators for




From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Kate Hartmann
Sent: Friday, August 20, 2010 5:02 PM
To: OWASP Foundation Board List
Subject: [Owasp-board] FW: Tix to Irvine
Importance: High


Board, can we vote on this?  Perhaps this is an exception to be made pending
a universal decision?


I will go to the trainer and see if he will comp Tony's class, but in case
he will not, we will be paying him.


Kate Hartmann

Operations Director



Skype:  Kate.hartmann1


From: Tony UV [mailto:tonyuv at owasp.org] 
Sent: Friday, August 20, 2010 1:05 AM
To: 'Kate Hartmann'
Subject: Tix to Irvine


Morning Kate,


Just wanted to see if there was an official word on whether or not I can
attend the training since I need to finalize my travel for that week.
Thanks so much for checking in to this and hope that it won't be a problem. 


Thanks for all your efforts on the org's behalf.





Tony UcedaVelez, CISM, CISA, GSEC

Chapter Lead

OWASP Atlanta


Twitter: @versprite


Owasp-board mailing list
Owasp-board at lists.owasp.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100823/f1be3eb8/attachment-0002.html>

More information about the Owasp-board mailing list