[Owasp-board] Reputation - Re: A shame: OWASP event in Barcelona...

Josh Sokol josh.sokol at owasp.org
Thu Nov 9 22:48:39 UTC 2017


Albert,

I took a look at the article you sent.  I don't see this gentleman's name
mentioned in there at all.  I also don't see the charges that you mention.
The closest I see is that a politician said they would be taking the case
to the public prosecutor.  Of course, this article is from 2013, so I'm
sure a lot has happened since then.  Has this gentleman actually been
convicted of a crime at this point?  If not, what you're asking is for the
OWASP Foundation to take action based on an accusation.  A person is
presumed innocent until proven guilty.  If that has happened, please
provide the evidence so we can evaluate taking action on it.

As Board members of an international foundation, we act based on existing
policy, not on accusation or allegation.  I pointed you earlier to our Code
of Ethics.  Tom has pointed you to both our Whistleblower Policy and
Chapter Leader Handbook.  Can you please provide evidence that this
gentleman is in violation of one of OWASP's policies?  Again, if you can
provide this, we can evaluate taking action on it.

Outside of this individual having been convicted of a crime, or having
violated our Foundation policies, I'm not sure there is anything that we
can do here.  Are there chapter members who have expressed that they feel
this presentation or presenter is inappropriate?  Is having him present
somehow a risk to the safety of our members?  You're threatening to take
this to the media, which is certainly your right, but I don't think you've
adequately expressed to us the risk requiring that the OWASP Foundation
take action here.

Sincerely,

Josh Sokol

On Thu, Nov 9, 2017 at 11:18 AM, Albert Gabàs | Astabis IRM <
agabas at astabis.com> wrote:

> OWASP is your brand, you must take care of your reputation, the reputation
> of your events, and the reputation of the panellists in your events if want
> a good reputation.
>
> But do not worry, if you consider this panellist a good panellist, *is
> your Brand in risk in Spain*.
>
> The charges are:
>
> 1.- Unlawful spying the citizens from CESICAT CERT and corruption.
> 2.- And Mr. Panadero is also charged of a crime, unlawfull interception of
> telecommunications (mails, etc.) in the Catalonia Government internet
> domain.
>
> https://elpais.com/elpais/2013/12/05/inenglish/1386264718_921213.html
>
> And the CESICAT-CERT was the genesis of the unlawful spy agency of the
> Catalan Goverment (Spanish region), *now raided by the Spanish Police*.
>
> I advise the Spanish Police and the raid is based in my criminal complaint
> against CESICAT CERT and and people like Mr. Panadero.
>
> King regards,
> Albert Gabàs
>
> ------------------------------
> *De: *"Tom Brennan, OWASP" <tomb at owasp.org>
> *Para: *"Albert Gabàs" <agabas at astabis.com>
> *CC: *"Tom Brennan, OWASP" <tomb at owasp.org>, "Matt Konda" <
> Matt.Konda at owasp.org>, "OWASP List" <owasp-board at lists.owasp.org>, "Josh
> Sokol" <josh.sokol at owasp.org>, "vicente aguilera" <
> vicente.aguilera at owasp.org>
> *Enviados: *Jueves, 9 de Noviembre 2017 17:54:30
> *Asunto: *Re: A shame: OWASP event in Barcelona...
>
> Albert, you seem very passionate about this and I encourage you to meet
> with the multiple chapter leaders and members of the chapter to voice your
> concerns or join the team.  OWASP Members can leverage the items I provided
> below, however...... after a quick check of membership roster, I don't see
> your name Albert Gabàs or Vicente Aguilera on the roster.
>
> https://docs.google.com/spreadsheets/d/1WN07dNGBldvYC_
> RmTKKsrYdguSUghlLP5A7QfQa6G9M/edit#gid=0
>
> This fact does open up additional questions IMHO about the chapter and the
> upcoming event, chapter management etc., but I defer that to our chapter
> handbook and community manager who has a full-time focus on issues like
> this.
>
> For tracking purposes, submit your request here to open up an
> actionable inquiry action: https://www.tfaforms.com/308703 this is also
> accessible from www.owasp.org and contact us.
>
>
> On Thu, Nov 9, 2017 at 10:46 AM, Albert Gabàs | Astabis IRM <
> agabas at astabis.com> wrote:
>
>> In Spain a people under investigation and charged is a people with proven
>> evidence of committing a crime.
>>
>> The court action is in the legal domain.
>>
>> But the plausible breach of professional code of conduct, and ethics is
>> in another domain, and the charges must be a clear evidence of the breach
>> to stop the participation of this panellist in any OWASP events until their
>> charges will be removed by the court.
>>
>> If there is a penal code, why you need a Ethics Code in your Association?
>> Are not the same, and you are not stupid.
>>
>> But the charges are not linked to the political situation or driving
>> drunk, the charges are:
>>
>> 1.- Unlawful spying the citizens from CESICAT CERT and corruption.
>> 2.- And Mr. Panadero is also charged of a crime, unlawfull interception
>> of telecommunications (mails, etc.) in the Catalonia Government internet
>> domain.
>>
>> I have attached the act dictated by the court to open the trial against
>> Mr. Panadero.
>> And also Mr. Panadero was jailed by the Spanish Police in the 2000 in
>> another raid against telecom fraud.
>>
>> Mr. Aguilera knows all the details, are true.
>> The participation of this trash-man as panellist, is an offence to all
>> ethical professionals and serious professionals that follow OWASP with
>> admiration.
>>
>> Kind regards,
>> Albert Gabàs
>>
>> ------------------------------
>> *De: *"Tom Brennan - OWASP" <tomb at owasp.org>
>> *Para: *"Albert Gabàs" <agabas at astabis.com>
>> *CC: *"Matt Konda" <Matt.Konda at owasp.org>, "OWASP List" <
>> owasp-board at lists.owasp.org>, "Tom Brennan" <Tom.Brennan at owasp.org>,
>> "Josh Sokol" <josh.sokol at owasp.org>, "vicente aguilera" <
>> vicente.aguilera at owasp.org>
>> *Enviados: *Jueves, 9 de Noviembre 2017 15:14:15
>> *Asunto: *Re: A shame: OWASP event in Barcelona...
>>
>> Perhaps his talk/story will speak to software security?
>>
>> Re the conference / event / seminar / meeting what ever you call it
>> locally is compliant with the chapter guideline/handbook see:
>> https://www.owasp.org/index.php/Category:Chapter_Handbook that should be
>> examined
>>
>> All cited policy violations can be directed to our staff members for
>> assistance / review.
>>
>> You feel that there is a whistleblower incident as defined here
>> https://www.owasp.org/index.php/Governance/Whistleblower_Policy formally
>> address it.
>>
>> Regarding your question of under investigation and charged.  In legal
>> actions, guilty until proven innocent in a court of law is always my
>> posistion.
>>
>> Try to work together, the world is full of hate, and people casting
>> stones. OWASP’s mission is to raise visibility for software security focus
>> on that aspect and encourage local face to face discussion, email is not
>> helpful in fixing these type of issues
>>
>> You asked, there is my 2 cents
>>
>> - Brennan
>>
>>
>> On Thu, Nov 9, 2017 at 6:58 AM Albert Gabàs | Astabis IRM <
>> agabas at astabis.com> wrote:
>>
>>> Dear Mr. Brennan, Mr. Sokol, Mr. Konda,
>>>
>>> https://twitter.com/OWASPSpain/status/928235840043737090
>>>
>>> Do you think that a person under investigation and charged with various
>>> crimes must be a panellist in the next OWASP Spain event?
>>>
>>> I have warned Mr. Vicente Diaz, but he don't know your code of ethics.
>>> Is a shame for your professional association to host a person that
>>> breach the law and breach all professional ethical principles.
>>>
>>> But why Mr. Vicente Aguilera invite a trash-man to the next OWASP event
>>> in Barcelona? Because is a good client of their enterprise.
>>> These stupid movement from OWASP Spain will be reflected in the Spanish
>>> media the next week. I will work for a massive media coverage, taking
>>> advantage of the political situation.
>>>
>>> I repeat: Do you think that a person under investigation and charged
>>> with various crimes must be a panellist in the next OWASP Spain event?
>>>
>>> Kind regards,
>>> Albert Gabàs
>>>
>> --
>> *Tom Brennan*
>> *Proactive RISK*
>> www.proactiverisk.com
>> Mobile: 973-202-0122 <(973)%20202-0122> | Schedule a Meeting
>> <https://secure.scheduleonce.com/proactiverisk>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20171109/f2a04d59/attachment.html>


More information about the Owasp-board mailing list