[Owasp-board] Apology from Jim Manico

Fri Jan 10 04:10:50 UTC 2014

Christian,

My mind was changed when you told me you were intentionally trying to
harm OWASP. It's my legal responsibility as a non-profit board member to
protect the organization from harm. So I'm no longer objective, which is
why I support Josh's committee for inquiry.

And another thing Christian, if I were you and found out someone was
recording me I would be PISSED OFF as well. I don't blame you for being
upset about the recording.

I really did not mean to record you. As soon as I realized it, I told
you, stopped doing it, and deleted the file. I never threatened you in
any way with the recording. No, I deleted it right away after your
requested that I do so.

Now if I took the recording and used it against you in some way, that
would be an entirely different matter.

So Christian, I understand why you are upset. But again, no recording.
Just my word.

Aloha,
Jim

> Michael,
> 
> On Fri, Jan 10, 2014 at 12:09 PM, Michael Coates
> <michael.coates at owasp.org> wrote:
>> To make sure I understand correctly.
>>
>> You are asking the owasp board to force jim to issue a public apology, on
>> behalf of a company, regarding the culture stated in an article and the
>> public perception of the company's culture?
>>
>> Did I capture that request correctly?
> 
> As you may recall, Jim Manico made several requests for an inquiry in
> relation to the events of May 2011 i.e.
> https://lists.owasp.org/pipermail/owasp-leaders/2011-May/005295.html
> https://lists.owasp.org/pipermail/owasp-leaders/2011-May/005299.html
> https://lists.owasp.org/pipermail/owasp-leaders/2011-May/005301.html
> https://lists.owasp.org/pipermail/owasp-leaders/2011-May/005306.html
> https://lists.owasp.org/pipermail/owasp-leaders/2011-May/005308.html
> https://lists.owasp.org/pipermail/owasp-leaders/2011-May/005315.html
> 
> My request for an apology from Jim Manico is supported by two
> statement he made during this time:
> 1. "As a prominent member of OWASP what you do reflects on OWASP
> wether you like it or not." to quote Jim's own statement within
> https://lists.owasp.org/pipermail/owasp-leaders/2011-May/005301.html
> 2. "I'm trying to protect a OWASP member who feels very attacked and
> violated" to quote Jim's own statement within
> https://lists.owasp.org/pipermail/owasp-leaders/2011-May/005315.html
> 
> Jim Manico has made these statements in his capacity as an OWASP Board
> Member his employer benefitted from the exposure.  Therefore, I am
> entitled to receive a public apology from Jim Manico on behalf of
> OWASP and WhiteHat Security.
> 
> I will remind the OWASP Board that Dinis Cruz was allowed to undertake
> an inquiry against me even though the "Steven Steggles, Brad Empeigne
> and George Anelopolis" are are each listed as an "unverified source"
> within https://www.owasp.org/index.php/OWASP_Inquiries/Google_Hacking_Project
> and therefore indicates that these people did not exist and that the
> accusations were baseless and made without any supporting body of
> evidence.
> 
> If Dinis Cruz is allowed to conduct an inquiry under these
> extraordinary circumstances without any regard to natural justice then
> why am I not entitled to an apology from Jim Manico?
> 
> However, in light of the overwhelming evidence against Aspect Security
> and their commercial business partner, Sonatype you elected not to
> undertake an inquiry of the OWASP Top Ten even thought several well
> known (I mean alive) OWASP members made complaint as documented within
> https://www.owasp.org/index.php/Issues_Concerning_The_OWASP_Top_Ten_2013
> 
> Can clarify this discrepancy involving Dinis and Jim, Michael?
> 
> I look forward to receiving a public apology from Jim Manico, can it
> be printed on both OWASP and WhiteHat Security letterhead please?
> 
> 