[Owasp-board] Long time no talk

dinis cruz dinis.cruz at owasp.org
Thu Jun 24 07:38:05 UTC 2010


Me, Tom and Matt talked about this and yes I agree that we should
start the inquire

Tom will lead the inquire and Matt will help him with the process

 From a project and GPC point of view, I asked Paulo to confirm that
the source code is not available , and (as is the case) if it is not
available, we will start the process to kill the project (and delete
those pages)

Dinis Cruz

On 24 Jun 2010, at 03:03, Jeff Williams <jeff.williams at aspectsecurity.com
 > wrote:

> Hey Dinis,
>
> Have you looked into the Christian "Google Hacking" guy? Andre is a
> good
> guy and wouldn't bring this up if it wasn't a problem.  I think it's
> reasonable to start a formal inquiry and see where it goes.
>
> --Jeff
>
>
> -----Original Message-----
> From: Andre Ludwig [mailto:aludwig at packetspy.com]
> Sent: Wednesday, June 23, 2010 9:36 PM
> To: Jeff Williams
> Subject: Long time no talk
>
> Jeff,
>
> I hate to contact you out of the blue on such a crummy topic but I
> figured you may want to know about this. It looks like someone in Au
> who
>
> is involved in OWASP is becoming a bit notorious there.  Unfortunately
> this came up in some discussions with one party in regards to web
> application security, and was verified in talks with several other
> independent groups in the AU (including gov/private industry).  It
> seems
>
> that this individual has been presenting on several OWASP topics, and
> drumming up publicity for himself while not actually producing or
> sharing any code with the community. Now this in and of its self may
> be
> fine for commercial organizations, but in my humble view it only
> detracts from the mission and reputation of OWASP as a whole.  I am
> not
> sure what you can do about it, but i was more then a bit surprised to
> hear such a chorus of "that guy is a douche bag, and makes OWASP look
> bad" from just about every contact i have in Australia.
>
> While it seems peoples issues vary from lack of sharing of source
> code,
> to "he is a media/glory whore", one thing remains constant. It makes
> OWASP and everyone related to it look like a bunch of fools.  The
> ultimate calling of OWASP is to be a central location for knowledge
> and
> tool sharing, having individuals like this affiliated with the group
> is
> cancerous to the overall effectiveness of its mission.  While I
> unfortunately can not provide you with a fix for this situation, I
> would
>
> advise a serious review of what exactly this individual has
> contributed
> to OWASP and the community as a whole. Based on some of the
> presentation
>
> videos i have watched he appears solely focused on pushing himself
> forward and not OWASP or the frontiers of knowledge. (i have yet to
> see
> anything beyond slides and videos where he mentions his linkedin
> profile).
>
> Other then the above, i hope all is going well with you and your
> crew at
>
> aspect! I do fondly miss the old days of running meetings and the
> quality discussions that came from them!
>
> Andre Ludwig



More information about the Owasp-board mailing list