[Owasp-leaders] Would the real OWASP please stand up!

daniel cuthbert daniel.cuthbert at owasp.org
Thu Sep 24 03:00:44 EDT 2009

This isn't something new, it's been happening since the late 90's.
IT has always been full of people who might be technically gifted but often
lacking in basic social skills. When we started OWASP back in the day, it
wasn't about ego, or being leet, it was about helping fix the poor state of
web 1.0. Many people rely on what we do, so who really gives a monkeys about
what others think?

2009/9/23 Arturo 'Buanzo' Busleiman <buanzo at buanzo.com.ar>

> Hash: SHA512
> I really hate it when "real" security professionals look down to me and say
> "oh, you're the owasp
> guy". For instance, and I was talking the other day with someone from
> another webappsec
> organization, and basicly, he said: "Sorry, you're an OWASP guy, I can't
> talk to you". My answer
> was: "Oh, I wasn't aware kindergarden had webappsec groups".
> Lots of people on the industry dislike my project just because it's OWASP
> sponsored. And I don't
> give a **** about the opinion of those individuals.
> The real OWASP is the people who can see beyond the stupidity and jealousy
> of others, and kick it
> away and continue to love OWASP and support it. I've been in the IT
> security business since 1996 (I
> was 14 years at that time), when I hacked into Argentina's presidency's
> email server and contacted
> their "systems guy" and told him how to reproduce the attack, how to fix it
> (it was an IRIX 5.3
> operating system running a very vulnerable set of cgi scripts), and how to
> start thinking about
> security in a more open way ("use linux" - back in 1996 that was a blast
> :P).
> And the past 3 years I've seen a big change in the industry. Lots of "floss
> activists" becoming
> "security experts", advanced "windows power users" becoming IT security
> developers, and things like
> that. And I sense that the hacker philosophy is being lost in a big noisy
> inter-group flamewar full
> of politics and bureaucratic stuff, when we should be focusing on
> developing tools, analyzing
> malware, educating programmers on how to write secure code, educating
> users, and HACKING STUFF UP.
> And I've found LOTS of that kind of people in OWASP: real hackers with real
> hacker philosophy and
> code of ethics, great programmers. And that is why I'll continue to support
> (And I know, you, the childish guy-leader from the other webappsec group,
> are reading this: grow up).
> And this will be my only public rant :)
> - --
> Arturo "Buanzo" Busleiman / Arturo Busleiman @ 4:900/107
> Independent Linux and Security Consultant - SANS - OISSG - OWASP
> http://www.buanzo.com.ar/pro/eng.html
> Mailing List Archives at http://archiver.mailfighter.net
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> iEYEAREKAAYFAkq6m4wACgkQAlpOsGhXcE2BiwCfbeJQ1Xb4bFYaGCyiHYlxwOpd
> QW0An1ZAv+ILzaki6QO39rkA7oxfYSEN
> =n7ij
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090924/6c6946d5/attachment-0001.html 

More information about the OWASP-Leaders mailing list