[Owasp-board] [Owasp-leaders] OWASP.next

Michael Coates michael.coates at owasp.org
Thu Apr 10 21:56:39 UTC 2014


Abbas,

Let's definitely bring up issues that are causing problems. Lets have a
discussion and see how they should change. Please don't feel that the lack
of a formal veto mechanism means there's no way to revisit a previous
decision. Just like I pointed out in my post - we must be ready to try
things and fail. We have many successes and also some failures. We
shouldn't let a bad decision continue to have bad impacts on our
organization.

Side note: If you have a specific example can you change the subject line?
As you know email threads are hard enough to follow as is.




--
Michael Coates
@_mwc



On Thu, Apr 10, 2014 at 2:46 PM, Abbas Naderi <abiusx at owasp.org> wrote:

> Josh,
> If you remember, I had similar ideas for the board, as I was running for
> it as well. My idea was to allow a veto role for the community, because it
> is not viable and clever to ask for community polls on typical matters, as
> it does not involve everyone, and they clearly won't participate when they
> are not involved.
>
> But a veto role, is a different matter. If someone in the community feels
> undermined by a process enforced by the board, they can run their campaign,
> get more votes and undo the decision they though was wrong in the first
> place. This is what we need, and those decisions are really hurting people,
> making them lose hope for the better in this community.
>
> Unfortunately the previous board and the current board haven't done
> anything significant towards this, and it seems to me that no priority
> effort is being made.
>
> Thanks
> -Abbas
> ______________________________________________________________
> *Notice:* This message is *digitally signed*, its *source* and *integrity* are
> verifiable.
> If you mail client does not support S/MIME verification, it will display a
> file (smime.p7s), which includes the X.509 certificate and the signature
> body.  Read more at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
> AbiusX.com
>
> On Apr 10, 2014, at 5:42 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>
> Abbas,
>
> One of the ideas that I (and I believe Tobias as well) championed when
> running for the Board was the idea of bringing the power back to the
> community.  I have raised this as an item to the Board with the hopes of
> adding a sort of community referendum to the election later this year.  In
> the meantime, you have seen several examples of polling the community for
> input on various topics and we are working to bring you a new voting
> platform that will allow even more of this type of community inquiry.  The
> caveat is that people have to actually vote and, as is the case with the
> latest poll, our "turnout" numbers have been relatively low.  Since the
> community is made up of more than just leaders, you've seen Michael's
> proposal to transition to a full community involvement model instead of
> just having a leaders list and hopefully this will increase those poll
> numbers even more.  In my opinion, the issues that you bring up are in
> large part due to actions by the Board in the past and I do see the current
> Board trying to address them.  Change won't happen overnight, but I do see
> us moving in the right direction.  Hopefully you can stick around long
> enough for us to right the ship.
>
> ~josh
>
>
> On Thu, Apr 10, 2014 at 4:28 PM, Abbas Naderi <abiusx at owasp.org> wrote:
>
>> Dennis,
>> That is a perfectly valid explanation. I have been faced with several of
>> these myself, and it has really affected the way I love and contribute to
>> OWASP. Now when I have an idea, instead of making it an OWASP project, I
>> look elsewhere for a platform, and all of you people know me and probably
>> are aware of the contributions I have made to the community over several
>> years.
>>
>> The list you provided is most of the cases, but there are definitely
>> cases not mentioned there, like manipulating and forcing decisions and
>> actions at the board level.
>>
>> I believe we need a change of management model for OWASP. This is clearly
>> not working (IMHO) and these days I have a deep sensation of leaving it all
>> for good and spending my time somewhere more productive.
>>
>> Thanks
>> -Abbas
>>      ______________________________________________________________
>> *Notice:* This message is *digitally signed*, its *source* and
>> *integrity* are verifiable.
>> If you mail client does not support S/MIME verification, it will display
>> a file (smime.p7s), which includes the X.509 certificate and the signature
>> body.  Read more at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
>> AbiusX.com <http://abiusx.com/>
>>
>> On Apr 10, 2014, at 5:06 PM, Dennis Groves <dennis.groves at owasp.org>
>> wrote:
>>
>> Michael,
>>
>> I applaud you Michael for taking the reigns of leadership and setting
>> both a vision and a positive example for OWASP. What a great post! You
>> have really captured the spirit of OWASP and I hope you succeed in keeping
>> it alive. Like you, I stand behind both the awesome staff and community of
>> OWASP.
>>
>> However, I have great concerns about the future of OWASP, because the
>> board serves as an example for the community. As you have indicated you
>> cannot do this alone, we all have to pitch in. Not everybody on the board
>> is a rotten apple, most of you are awesome. Unfortunately it only takes one
>> rotten apple to spoil the whole barrel.
>>
>> Some examples I have observed of rotten leadership:
>>
>>    - Publicly undermining OWASP employees by an OWASP Board member.
>>    - Publicly undermining OWASP volunteers by an OWASP Board member.
>>    - Privately undermining OWASP leaders by an OWASP Board member.
>>    - Privately undermining OWASP employees by an OWASP Board member.
>>    - Publicly undermining OWASP projects by an OWASP Board member.
>>    - Privately undermining OWASP projects by an OWASP Board member.
>>
>>
>>    - OWASP Board members have caused OWASP to lose money from conference
>>    revenues.
>>    - OWASP Board members have caused OWASP to lose corporate
>>    sponsorship's.
>>    - OWASP Board members have caused OWASP to lose projects.
>>
>>
>>    - OWASP Board members have harassed OWASP employees privately.
>>    - OWASP Board members have abused OWASP employees publicly.
>>
>> All of these things have gone on habitually. Most of the time they are
>> thinly veiled under the guise of 'ethics' and yet all of these behaviors
>> are in direct conflict with the duty of loyalty to the OWASP foundation. *Additionally,
>> it sets up an unprofessional example of 'standard of behavior' for the
>> community to follow, and this is exactly what is happening.*
>>
>> I regularly hear from both sponsors and leaders that no longer want to
>> participate in OWASP anymore due to the examples I have cited above. I
>> spend my OWASP donation hours managing fires like this, when I could be
>> building and contributing to the community with my precious little free
>> time.
>>
>> It has come to a point that I may no longer recommend that the public
>> join or support OWASP because of the unprofessional behavior emanating from
>> the board. *And I feel it is a very sad day when I can not recommend
>> OWASP, something I genuinely want to be proud to be a part of, to people I
>> love and respect.*
>>
>>
>> --
>> Dennis Groves <http://about.me/dennis.groves>, MSc
>> Email me, <dennis.groves at owasp.org> or schedule a meeting<http://goo.gl/8sPIy>
>> .
>> *This email is licensed under a CC BY-ND 3.0
>> <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license.*
>> Stand up for your freedom to install free software.<http://www.fsf.org/campaigns/secure-boot/statement>
>> Please do not send me Microsoft Office/Apple iWork documents.
>> Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>>
>> <http://www.owasp.org/>
>>  _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140410/ec7f324a/attachment-0001.html>


More information about the Owasp-board mailing list