[Owasp-board] [Owasp-leaders] (Projects Reboot 2012) Re: OWASP 2014 - Strategic Goals

Jim Manico jim.manico at owasp.org
Wed Nov 13 16:53:34 UTC 2013


I know this is an incredibly stressful situation for you Eoin, but right
now Sarah is slammed working 80+ hours a week getting ready for AppSec
USA. Even if Dennis continues to - ahem - "critique" you over public
lists, can you please let it go until AppSec USA is over? Sarah does not
have time to deal with this right now. We need her focused on next week.
There are a million little details that need to be managed if we expect
to have a successful conference.

Dennis, you may not realize it, but your actions - right or wrong - are
having ripple effects adding stress to a lot of people at perhaps the
absolutely worst time.

Again, I am not making judgements as to who is right or wrong, I am just
politely asking everyone to take a break for a week.

So I ask you please, stand down for the next week. If you really need to
continue this, can you please wait until after AppSec USA, the biggest
OWASP conference we have seen to date?

And speaking of which, for anyone watching this list, it's not to late
to register for AppSec USA! More information can be found at
APPSECUSA.ORG. I hope to see you there! :)

Aloha,
Jim


> No- the policy was drafted because of you or any other one person. It
> was drafted because we are maturing as an organization and it is an
> appropriate policy to have in place , not to mention a specific item
> the it's looks for on the 990.
> 
> Sarah
> 
>> On Nov 13, 2013, at 6:18 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>>
>> Come on!!!
>> The policy was drafted because of me??
>> Sarah, please end these lies. This is totally unacceptable.
>>
>> Eoin Keary
>> Owasp Global Board
>> +353 87 977 2988
>>
>>
>>> On 13 Nov 2013, at 10:58, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>>>
>>> Hello Sarah,
>>>
>>> With all due respect, I genuinely wish such a thing were possible. As I have stated before, Eoin has many great qualities about him. I personally supported him in getting project reboot started, and his willingness to take action where others did not has led to many positive changes in the community.
>>>
>>> However, why would I ever choose to pick up a phone and call somebody who is so abusive to others?
>>>
>>> Eoin is so abusive that you personally had to draft an Anti-Harassment Policy specifically because of his behavior toward you and your staff (to say nothing of the volunteers). Eoin also consistently does not give credit where credit is due; he claims successes for himself. He does not take responsibility for his actions when things go wrong, rather he blames others.
>>>
>>> Those maybe great business skills, but OWASP marches to a different ethical drum. And since all of you agree with me in private, I know you that you know what I am saying is accurate. And why is that? It is because you have the same experiences!
>>>
>>> I just want Eoin to give credit where credit is due, and stop behaving poorly to others; two things I believe his consistent patterns of behavior seem to indicate he is incapable of doing.
>>>
>>> Therefore, I fully stand by my statement that a board level position requires a much higher standard of behavior than Eoin currently exhibits. Eoin can be a tremendous asset to the community, and I feel that he should continue to do so as a volunteer.
>>>
>>> This is my final public email on the subject, I suggest we all speak face to face at AppSec.
>>>
>>>
>>> Dennis
>>>
>>> P.S. Attached email - Evidentially, Eoin disagree's with me and claims he can spend OWASP foundation money however he chooses, and I rebut.
>>>
>>>
>>>> On 13 Nov 2013, at 1:32, Sarah Baso wrote:
>>>>
>>>> Thanks Josh.
>>>>
>>>> I wanted to echo Josh's sentiments and ask that you (Dennis and Eoin)
>>>> continue this conversation offline (if it is necessary).
>>>>
>>>> I think this back and forth has been a series of poor communication (or
>>>> lack of communication) and operating on different sets of assumptions.  As
>>>> a global community that works remotely and communicates via email, we all
>>>> need to try hard to pick up the phone where necessary and also I would like
>>>> to think we can give our colleagues and peers in OWASP the benefit of the
>>>> doubt. I don't think Eoin or anyone else was defrauding OWASP.
>>>>
>>>> The staff is working hard at setting better policies and financial
>>>> communication methods to help make sure that there isn't ongoing confusion
>>>> about who is getting what money and where guidelines we need to follow to
>>>> comply with terms of our grants as well as donor intent.  I would like to
>>>> see the board not be involved in the day to day management of funds going
>>>> forward, but instead directing questions and submitting expense requests
>>>> (as applicable) per the standard policies set for the organization.  I
>>>> think we are getting there....
>>>>
>>>> On a positive note, just think if this energy of all of us (staff, board
>>>> members, and volunteers) was spent working towards our mission instead of
>>>> rehashing the same argument in a nonproductive way 10 times!?
>>>>
>>>> Let's refocus on the strategic goal discussion -- and Eoin, i haven't seen
>>>> you bring up your cause of Developer Outreach that we discussed in Germany.
>>>> I assume you still feel strongly about that specifically being called out
>>>> in the goals for the upcoming year? (which i agree with).  Are there
>>>> certain metrics you think we could use to measure impact on the community
>>>> in this area?
>>>>
>>>> Regards,
>>>> Sarah
>>>>
>>>> --
>>>> Executive Director
>>>> OWASP Foundation
>>>>
>>>> sarah.baso at owasp.org
>>>> +1.312.869.2779
>>> .eml"
>>> Content-Type: message/rfc822
>>>
>>> Return-Path: <dennis.groves at owasp.org>
>>> Received: from [192.168.0.11] (ip70-176-208-182.ph.ph.cox.net. [70.176.208.182])
>>>       by mx.google.com with ESMTPSA id fk4sm64678399pab.23.1969.12.31.16.00.00
>>>       (version=TLSv1 cipher=RC4-SHA bits=128/128);
>>>       Thu, 10 Oct 2013 13:11:04 -0700 (PDT)
>>> From: "Dennis Groves" <dennis.groves at owasp.org>
>>> To: "Eoin Keary" <eoin.keary at owasp.org>
>>> Cc: "Michael Coates" <michael.coates at owasp.org>,
>>> "OWASP Foundation Board List" <owasp-board at lists.owasp.org>
>>> Subject: Re: [Owasp-board] Ciso project funding
>>> Date: Thu, 10 Oct 2013 13:09:53 -0700
>>> Message-ID: <026FAD87-AEB7-4FF3-B741-D7EF0B2FC9C7 at owasp.org>
>>> In-Reply-To: <575572C3-1E31-49F7-A3B6-86614CC6AB45 at owasp.org>
>>> References: <45D2D9EA-52A8-460F-899D-3EF272822446 at owasp.org>
>>> <CAAihoGvaNVwMB9BqvAYMaDQ0RtAfLrAnJ5++gL6swY0kRa3Sig at mail.gmail.com>
>>> <52558E35.1030800 at owasp.org>
>>> <CAKA9LHzrfasdZQRd_WJCbYUQv13=Q5NjPtyipKMKSkfJr+c6OQ at mail.gmail.com>
>>> <F217543E-1894-46BA-8E7E-E3EB35DF0870 at owasp.org>
>>> <CA+EttN9aUP7kQ9YwsJOu1SMWayq7WUt_zc2DGD0weY-QBHbmww at mail.gmail.com>
>>> <CAKA9LHw1NJgy0mnckB2-p+vh+6QPfjYipQ2aoioGeEn4041Gyw at mail.gmail.com>
>>> <CAB0dSK5wkTJEHDuvxwTSgQQZS-+6_95Lx8qcjHiz8fE8i+aHSw at mail.gmail.com>
>>> <CA+EttN-V-dqYERWKUdBnLAqeW-Npamw6QiLBd_MFMBXzBz2X2g at mail.gmail.com>
>>> <CAB0dSK7DJny0xAtx33LV4kHCkH+QWAaQDCe+DUPRH7h+iQeOcQ at mail.gmail.com>
>>> <CAKA9LHyZ6gpxw1CB2_7s1NDhUXA_gEWjbmNAf0b=J8agx==eRw at mail.gmail.com>
>>> <CAKA9LHxmP8QcdS0kHMKtkErFgS7oDpb2iWfNJn4PuBiMXh6CFQ at mail.gmail.com>
>>> <575572C3-1E31-49F7-A3B6-86614CC6AB45 at owasp.org>
>>> MIME-Version: 1.0
>>> Content-Type: multipart/alternative;
>>> boundary="=_MailMate_217E594D-4778-4A95-8257-48498648C9B4_="
>>> X-Mailer: MailMate (1.6r3549)
>>>
>>>
>>> --=_MailMate_217E594D-4778-4A95-8257-48498648C9B4_=
>>> Content-Type: text/plain; format=flowed; markup=markdown
>>>
>>>> On 10 Oct 2013, at 12:24, Eoin Keary wrote:
>>>>
>>>> I disagree. What are the chapter funds doing for our mission? $270k or
>>>> so?
>>>> OWASP has benefited the banks more than appsec.
>>>
>>> Disagree all you want. This is a matter of law in the USA. As a
>>> registered non-profit - we are actually already required by law to spend
>>> the money as earmarked by the donators. And not only must we do this we
>>> must be able to demonstrate our compliance with the donators wishes.
>>> Incidentally the IRS does audit for this regularly; and it is the
>>> fastest way to loose your non-profit status.
>>>
>>> For example: The DHS money is not available to spend as we like, no
>>> matter how much we need it for anything else; it must be spent as the
>>> DHS dictates, end of!
>>>
>>> *** OWASP can not continue to "spend" money earmarked for other purposes
>>> or we will be forced to stop trading! ***
>>>
>>>
>>> Respectfully,
>>>
>>>
>>> [Dennis Groves](http://about.me/dennis.groves), MSc
>>> [Email me](mailto:dennis.groves at owasp.org) or [schedule a
>>> meeting](http://goo.gl/8sPIy).
>>>
>>>    Unless someone like you...cares a whole awful lot...
>>>    nothing is going to get better...It's not."
>>>                                            -- The Lorax
>>> --=_MailMate_217E594D-4778-4A95-8257-48498648C9B4_=
>>> Content-Type: text/html
>>> Content-Transfer-Encoding: quoted-printable
>>>
>>> <div class=3D"markdown">
>>> <p dir=3D"auto">On 10 Oct 2013, at 12:24, Eoin Keary wrote:</p>
>>>
>>> <blockquote>
>>> <p dir=3D"auto">I disagree. What are the chapter funds doing for our miss=
>>> ion? $270k or so?<br>
>>> OWASP has benefited the banks more than appsec.</p>
>>> </blockquote>
>>>
>>> <p dir=3D"auto">Disagree all you want. This is a matter of law in the USA=
>>> =2E As a registered non-profit - we are actually already required by law =
>>> to spend the money as earmarked by the donators. And not only must we do =
>>> this we must be able to demonstrate our compliance with the donators wish=
>>> es. Incidentally the IRS does audit for this regularly; and it is the fas=
>>> test way to loose your non-profit status.</p>
>>>
>>> <p dir=3D"auto">For example: The DHS money is not available to spend as w=
>>> e like, no matter how much we need it for anything else; it must be spent=
>>> as the DHS dictates, end of!</p>
>>>
>>> <p dir=3D"auto">*** OWASP can not continue to "spend" money ear=
>>> marked for other purposes or we will be forced to stop trading! ***</p>
>>>
>>> <p dir=3D"auto">Respectfully,</p>
>>>
>>> <p dir=3D"auto"><a href=3D"http://about.me/dennis.groves">Dennis Groves</=
>>> a>, MSc<br>
>>> <a href=3D"mailto:dennis.groves at owasp.org">Email me</a> or <a href=3D"htt=
>>> p://goo.gl/8sPIy">schedule a meeting</a>.</p>
>>>
>>> <pre><code>Unless someone like you...cares a whole awful lot...
>>> nothing is going to get better...It's not."
>>>                                       -- The Lorax
>>> </code></pre>
>>>
>>> </div>
>>> --=_MailMate_217E594D-4778-4A95-8257-48498648C9B4_=--
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
> 



More information about the Owasp-board mailing list