[Owasp-board] [Governance] OWASP statement on security: your opinion? - until Monday 14:00 CST

Wed Jan 29 22:56:08 UTC 2014

I know "bobby tables" ill talk to him. He's Irish.
The cso article heading is misleading i that what he is referring to? Seems we don't get to proof read articles before they launch. 

Eoin Keary
Owasp Global Board
+353 87 977 2988

On 29 Jan 2014, at 22:51, Tobias <tobias.gondrom at owasp.org> wrote:

> I totally agree with Michael. 
> No message is "fool-proof". With every message there are always a few who don't read carefully enough and then jump to wrong conclusions. This is normal. So in these single instances we just clarify with the right information. 
> 
> And overall, I am actually quite happy with the reception and feedback from the general security community and beyond. 
> 
> Best regards, Tobias
> 
> 
> On 29/01/14 22:36, Michael Coates wrote:
>> Sure, some people got the wrong impression without reading the whole story. But these things happen and I followed up with people to clarify. I also sent the owasp link with all the info. Overall I think the main message is getting out there nicely.
>> 
>> I'm not concerned about sending clarifications myself. We're just providing information to be sure people are aware of all the details.
>> 
>> -Michael
>> 
>> 
>> --
>> Michael Coates
>> @_mwc
>> 
>> 
>> 
>> On Wed, Jan 29, 2014 at 2:13 PM, Christian Heinrich <christian.heinrich at cmlh.id.au> wrote:
>>> Tobias,
>>> 
>>> Due to the public perception that OWASP has re-associated itself the
>>> RSA Conference after condemning it two weeks before I strategically
>>> withhold my public comment for the the moment.
>>> 
>>> Negative public sentiment such as
>>> https://twitter.com/info_dox/status/428278242378661888 wouldn't have
>>> occurred had the OWASP Board followed my advice and cancelled the
>>> training for February 2014. Furthermore, Michael's clarification
>>> achieves nothing because he is perceived as bias due to being an
>>> instructor and OWASP Board Member, you need an independent             third party
>>> (e.g. WASC) to issuing this clarification on your behalf.
>>> 
>>> Subsequently the message of
>>> http://owasp.blogspot.com/2014/01/owasp-statement-on-security-of-internet.html
>>> has been lost since the creditability of OWASP is now brought into
>>> question.  Hence the reason I am strategically withhold my public
>>> comment until this background noise dies down as my public comment
>>> will have more impact after this negative public sentiment while
>>> ensuring that the public will question OWASP creditability again.
>>> 
>>> Hopeful next time I provide you with advice you will consider that I
>>> have already foreseen the bad outcome for OWASP, just like when I
>>> explained to Dinis at Hack in the Box Amsterdam that the Google
>>> Hacking Inquiry will result in smear that is for the ulterior motive
>>> of Chris and Jody.
>>> 
>>> 
>>> On Wed, Jan 29, 2014 at 11:36 PM, Tobias <tobias.gondrom at owasp.org> wrote:
>>> > Christian,
>>> > yes. This is the released statement.
>>> > http://owasp.blogspot.com/2014/01/owasp-statement-on-security-of-internet.html
>>> > Best regards, Tobias
>>> >
>>> >
>>> > On 28/01/14 23:52, Christian Heinrich wrote:
>>> >> Tobias,
>>> >>
>>> >> I just want to make sure that I respond to the correct statement which
>>> >> I am lead to believe is
>>> >> http://owasp.blogspot.pt/2014/01/owasp-statement-on-security-of-internet.html,
>>> >> is this correct?
>>> >>
>>> >> On Tue, Jan 28, 2014 at 11:48 AM, Christian Heinrich
>>> >> <christian.heinrich at cmlh.id.au> wrote:
>>> >>> I look forward to its release and I will continue my offer to receive
>>> >>> it under embargo in the interim if you decide to release it to me.
>>> >>
>>> >
>>> 
>>> 
>>> 
>>> --
>>> Regards,
>>> Christian Heinrich
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140129/7f49b158/attachment.html>