[Owasp-board] Fwd: OWASP Board decision that I don't agree with

Tom Brennan - OWASP tomb at owasp.org
Sat Jan 4 18:25:08 UTC 2014


http://www.rsaconference.com/events/us14/agenda


> On Jan 4, 2014, at 12:53 PM, Tobias <tobias.gondrom at owasp.org> wrote:
> 
> No. There was no vote. 
> 
> And to be clear, my understanding was that everyone would be attending as individuals and not as representatives of the board or OWASP. 
> 
> I am not quite sure how this perception came about. But we may       have to take clarifying action. 
> If other board members would concur, I would propose to make a simple statement that OWASP leaders and members speaking at the RSA conference do so as individuals and not in their function as representatives of OWASP. 
> 
> Best regards, Tobias
> 
> 
> OWASP Global Board Member and Secretary of the Board
> 
> 
> 
> 
>> On 04/01/14 17:39, Tom Brennan - OWASP wrote:
>> There was a vote ?
>> 
>> On Jan 4, 2014, at 12:31 PM, Eoin Keary <eoin.keary at owasp.org> wrote:
>> 
>>> Many negative tweets re RSA an OWASP. (below).
>>> As I brought this up already, are we sure we are making the right decision by pushing forward with this?
>>> 
>>> 
>>> 
>>> 
>>> Eoin Keary
>>> Owasp Global Board
>>> +353 87 977 2988
>>> 
>>> 
>>> Begin forwarded message:
>>> 
>>>> From: Sastry Tumuluri <sastry.tumuluri at owasp.org>
>>>> Date: 4 January 2014 16:48:50 GMT
>>>> To: "Kanwal Singh (WebMentors)" <kanwalsb at gmail.com>, Ravdeep Sodhi <ravdeep.sodhi at ecoretechnos.com>, "Nishant Johar (EMOBX)" <nj at emobx.com>, Rochak Chauhan <rochak.chauhan at owasp.org>
>>>> Cc: "Jim Manico (OWASP)" <jim.manico at owasp.org>, "Eoin Keary (OWASP)" <eoin.keary at owasp.org>
>>>> Subject: OWASP Board decision that I don't agree with
>>>> Friends,
>>>> 
>>>> Please see the following full conversation on twitter: 
>>>> https://twitter.com/EoinKeary/status/419111748424454145
>>>> 
>>>> Eoin Keary and Jim Manico (both OWASP board members) will be presenting/conducting 4 hrs of free-of-cost AppSec training at the RSA Conference, 2014. Michael Coates, Chairman of the OWASP Board is also said to be present. Apparently, this was discussed at the OWASP board level; and the board has decided to go ahead, keeping in mind the benefit to the attending developers.
>>>> 
>>>> As you are aware, RSA is strongly suspected (we'll never be 100% sure, I'm afraid) of being complicit with NSA in enabling fatal weakening of crypto products. RSA has issued a sort of a denial that only deepens the mistrust. As a protest, many leading speakers are cancelling their talks at the upcoming RSAC 2014. Among them are (to my knowledge) Mikko Hypponen, Jeffrey Carr and Josh Thomas.
>>>> 
>>>> At such a time, I am saddened by the OWASP board decision to support RSAC by their presence. At a time when they had the opportunity to let the world know how much they care for the Information Security profession (esp., against weakening crypto); and how much they care about the privacy of people (against NSA's unabashed spying on Americans & non-Americans alike), the board has copped out using a flimsy rationalization ("benefit of (a few) developers", many of who would rethink their attendance had OWASP and more organizations didn't blink!"). 
>>>> 
>>>> I'm sure there was a heated debate. I'm sure all angles were considered. However, this goes too deep for me to take it as "better men than me have considered and decided". As a matter of my personal values, if the situation doesn't change, I would no longer wish to continue as the OWASP Chapter Lead. Please let me know if any of you would like to take over from me. 
>>>> 
>>>> I will also share my feelings with fellow chapter members at our next chapter meeting on Jan 21st. Needless to say, no matter how things go, I remain committed to the principles of our open and open-source infosec community.
>>>> 
>>>> Best regards,
>>>> 
>>>> ==Sas3==
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>> 
>> 
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140104/5b833c68/attachment-0001.html>


More information about the Owasp-board mailing list