[Owasp-board] Getting it all out in the open

Josh Sokol josh.sokol at owasp.org
Sun Feb 16 05:39:54 UTC 2014


Unfortunately, you are not in a position to give the OWASP Board
ultimatums.  I have already effectively offered you #1, but you disagreed
with the message to replace the inquiry and you fail to understand that no
OWASP member is without restriction.  All of us are bound by the OWASP Code
of Ethics.  So your request to rejoin without restriction is a paradox that
we are incapable of entertaining.  Especially in knowing that your intent
is to continue to pursue a vengeance campaign against Chris Gatford which
is in direct violation of our Code of Conduct.

In addition, your return represents a significant amount of risk given your
behavior in both the far and recent past and you have yet to show any
effort to prove otherwise.  To the contrary, your last two e-mails show a
clear intention to threaten OWASP if a decision is not made in your favor.
You have what I believe to be two reasonable offers of peaceful
co-existence that have already received votes of support from Dennis Groves
and Martin Knobloch.  If you're unable to meet these terms, then I'm afraid
we have nothing left to discuss as your desire is to proceed in a direction
that I believe is unhealthy for both yourself and OWASP.  That said, I do
appreciate your time and wish you all the best going forward.


On Sat, Feb 15, 2014 at 10:19 PM, Christian Heinrich <
christian.heinrich at cmlh.id.au> wrote:

> Josh,
> The Google Hacking Inquiry concluded that the Chapter Committee would
> undertake an investigation of the Australian Chapters and unverified
> sources.
> The OWASP Board is well aware that I made several positive
> contributions to OWASP prior to the OWASP Google Hacking Inquiry,
> which resulted in being defamed due to a lack of due diligence
> undertakenby
> http://blog.diniscruz.com/2012/10/why-do-others-think-that-im-hard-to.html
> which would have proven my innocence beyond a reasonable doubt.
> The OWASP Board has two choices:
> 1. Fix the root cause of the OWASP Google Hacking Inquiry in a non
> confrontation manner (including clarification with people who have
> made a complaint outside of Chris Gatford) and allow me to rejoin
> without restriction because the perception that OWASP Members are
> attempting to attack me is now gone as we are back to being friends
> now.  I will also issue public apologies to Jim Manico, Sarah Baso,
> Jeff Williams, Dinis Cruz, Brad Causey, Tom Brennan, Arshan
> Dabirsiaghi, etc because their misunderstanding of me has been
> clarified.
> 2. Let the end result of Chris Gatford's ulterior motive persist i.e.
> create ongoing conflict between OWASP and I with the use of
> "unverified sources" to defame me in order to downgrade and distract
> the OWASP Board from the urgent and ongoing issues with the Sydney
> Chapter
> If I was an OWASP Board Member I would pick 1.
> On Sun, Feb 16, 2014 at 1:44 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
> > The problem that we have run into is that you have bullied and
> intimidated
> > people to the point where others are not willing to be publicly
> acknowledged
> > out of fear of retribution by you.  This is why I summarized the
> collective
> > feedback from everyone into the statement in my original e-mail.
>  Nothing in
> > there was single-sourced.  In fact, I'd venture to say that there is a
> > relative consensus from everyone that I've spoken with in that regard.
>  And
> > while I'd love to give you the opportunity to "cross examine the
> witnesses",
> > it's just not possible in this situation.  Hence, why I stuck to
> generalized
> > thoughts and feelings rather than specific accusations.  This isn't an
> > inquiry anymore.  This isn't a trial.  You don't have to prove your
> > innocence or guilt.  At present, you're not even an OWASP member and
> despite
> > being advised by some that talking with you wasn't even a worthwhile
> > exercise, I maintained that I wanted to give you every opportunity
> possible
> > to move forward in a positive fashion.
> >
> > This isn't a game Christian.  Right now I believe that I am quite
> literally
> > the only person who is actively trying to get you reinstated.  As our
> > discussions progress, it becomes more and more clear to me that it is
> your
> > aggression and quest for vengeance that has turned people away.  Yes, I
> can
> > tailor some search results to bring up the Google Hacking Inquiry, but
> > that's not the point.  No perspective employer is ever going to type that
> > query into Google.  It is far more likely that they will search, as I
> did,
> > and come up with all of the other things I mentioned previously.  As I
> said
> > earlier, you need to take responsibility for your own actions and quit
> > blaming others.  Sure, others may have taken their "shot" at you, but the
> > only one currently keeping you down is you.
> >
> > There were two points in your last e-mail where you outright threatened
> > additional negativity if OWASP does not do as you demand.  While I have
> told
> > you all along that I seek a positive outcome here, I absolutely do not
> > tolerate threats and I believe I've made that clear.  I offered two plans
> > which both offer a peaceful, mutually beneficial solution, albeit with
> some
> > conditions, and you have opted, instead, to continue down the same path
> of
> > threats and anger.  There was nothing there that was overly burdensome
> and
> > nothing that I consider too extreme given the issues we've had in the
> past,
> > regardless of the root cause.  I cannot support your request for
> > reinstatement under your terms, and since you've rejected my two
> proposals
> > for peace with additional negative sentiment, I'm unsure that there is
> > enough common ground for us to continue forward.  I feel that you are
> > heading in a direction that is clearly not aligned with OWASP's values
> and
> > ethics and can no longer support this effort.  I sincerely do appreciate
> > your time and willingness to speak openly and candidly with me and I wish
> > you all the best.
> --
> Regards,
> Christian Heinrich
> http://cmlh.id.au/contact
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140215/b4953701/attachment-0001.html>

More information about the Owasp-board mailing list