[Owasp-board] [Governance] OWASP statement on security: your opinion? - until Monday 14:00 CST

Michael Coates michael.coates at owasp.org
Wed Jan 29 23:01:45 UTC 2014


I followed up with the author to clarify the situation. But we certainly
don't proof any articles - people can write what they want. It's good
visibility and the title can be a bit misleading, such is life though.


--
Michael Coates
@_mwc



On Wed, Jan 29, 2014 at 2:56 PM, Eoin Keary <eoin.keary at owasp.org> wrote:

> I know "bobby tables" ill talk to him. He's Irish.
> The cso article heading is misleading i that what he is referring to?
> Seems we don't get to proof read articles before they launch.
>
>
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
>
>
> On 29 Jan 2014, at 22:51, Tobias <tobias.gondrom at owasp.org> wrote:
>
> I totally agree with Michael.
> No message is "fool-proof". With every message there are always a few who
> don't read carefully enough and then jump to wrong conclusions. This is
> normal. So in these single instances we just clarify with the right
> information.
>
> And overall, I am actually quite happy with the reception and feedback
> from the general security community and beyond.
>
> Best regards, Tobias
>
>
> On 29/01/14 22:36, Michael Coates wrote:
>
>  Sure, some people got the wrong impression without reading the whole
> story. But these things happen and I followed up with people to clarify. I
> also sent the owasp link with all the info. Overall I think the main
> message is getting out there nicely.
>
>  I'm not concerned about sending clarifications myself. We're just
> providing information to be sure people are aware of all the details.
>
>  -Michael
>
>
> --
> Michael Coates
> @_mwc
>
>
>
> On Wed, Jan 29, 2014 at 2:13 PM, Christian Heinrich <
> christian.heinrich at cmlh.id.au> wrote:
>
>> Tobias,
>>
>> Due to the public perception that OWASP has re-associated itself the
>> RSA Conference after condemning it two weeks before I strategically
>> withhold my public comment for the the moment.
>>
>> Negative public sentiment such as
>> https://twitter.com/info_dox/status/428278242378661888 wouldn't have
>> occurred had the OWASP Board followed my advice and cancelled the
>> training for February 2014. Furthermore, Michael's clarification
>> achieves nothing because he is perceived as bias due to being an
>> instructor and OWASP Board Member, you need an independent third party
>> (e.g. WASC) to issuing this clarification on your behalf.
>>
>> Subsequently the message of
>>
>> http://owasp.blogspot.com/2014/01/owasp-statement-on-security-of-internet.html
>> has been lost since the creditability of OWASP is now brought into
>> question.  Hence the reason I am strategically withhold my public
>> comment until this background noise dies down as my public comment
>> will have more impact after this negative public sentiment while
>> ensuring that the public will question OWASP creditability again.
>>
>> Hopeful next time I provide you with advice you will consider that I
>> have already foreseen the bad outcome for OWASP, just like when I
>> explained to Dinis at Hack in the Box Amsterdam that the Google
>> Hacking Inquiry will result in smear that is for the ulterior motive
>> of Chris and Jody.
>>
>>
>> On Wed, Jan 29, 2014 at 11:36 PM, Tobias <tobias.gondrom at owasp.org>
>> wrote:
>> > Christian,
>> > yes. This is the released statement.
>> >
>> http://owasp.blogspot.com/2014/01/owasp-statement-on-security-of-internet.html
>> > Best regards, Tobias
>> >
>> >
>> > On 28/01/14 23:52, Christian Heinrich wrote:
>> >> Tobias,
>> >>
>> >> I just want to make sure that I respond to the correct statement which
>> >> I am lead to believe is
>> >>
>> http://owasp.blogspot.pt/2014/01/owasp-statement-on-security-of-internet.html
>> ,
>> >> is this correct?
>> >>
>> >> On Tue, Jan 28, 2014 at 11:48 AM, Christian Heinrich
>> >> <christian.heinrich at cmlh.id.au> wrote:
>> >>> I look forward to its release and I will continue my offer to receive
>> >>> it under embargo in the interim if you decide to release it to me.
>> >>
>> >
>>
>>
>>
>>  --
>> Regards,
>> Christian Heinrich
>>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140129/2e0b4cf2/attachment-0001.html>


More information about the Owasp-board mailing list