[Owasp-leaders] OWASP American? [was: OWASP and WikiLeaks]
kate.hartmann at owasp.org
Tue Dec 7 15:51:12 EST 2010
OWASP is without a doubt an international organization. In 2008, the Global
Committees were created to help us make decisions that will be applicable to
all regions of the Globe. If you look at the Committee pages, you will see
that many of the committees are US heavy.
http://www.owasp.org/index.php/Global_Committee_Pages If there are area of
concern, specific to your region, please take this email as an invitation to
join a Committee and help the Foundation grow Globally.
One region that has stepped up and is working with their local government to
overcome many of the challenges that we all (global community) face is
Brazil. Congratulations to this group for collectively working on resolving
some fairly significant hurdles (finance, taxes, language, etc) to bring
OWASP into their country! They have now placed several chapter
leaders/participants on many of the global committees to help us continue to
overcome international challenges. For example, Gustavo Barbato has just
been approved for the Global Chapter Committee. In communicating with
Gustavo, he has told me that part of his purpose for joining this committee
is to help the foundation overcome international obstacles.
One note that I think Mark touched on and I sent a message out last week on
we are transitioning to a new vendor that will allow any
time zone and any language to be displayed for your local meetings. So,
this should resolve the language barriers on a local level. If you need
help getting set up or using the system, please send me an email and I will
work with you. So far we have the Malaysia, Alaska, Dublin, Atlanta,
Chennai, and the Orange County chapter leaders set up. I would like to see
100% of our chapter leaders able to use this system.
Yes, John, the Swedish, German, and Portuguese nametags are tough. J
From: owasp-leaders-bounces at lists.owasp.org
[mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of John Wilander
Sent: Tuesday, December 07, 2010 3:09 PM
To: owasp-leaders at lists.owasp.org
Subject: [Owasp-leaders] OWASP American? [was: OWASP and WikiLeaks]
Hi Daniel and all other leaders!
(Arturo, I decide to continue this discussion but change to the much more
interesting subject of OWASP and internationalization)
2010/12/7 daniel cuthbert <daniel.cuthbert at owasp.org>
"OWASP is American"
Excuse me????, I take offense at that remark. Many foreign people like
myself have been around since the start to make this project what it is
today and to class this project as American is both technically incorrect
and also offensive to the likes of us.
Sorry if I offended you, Daniel. I of course meant the foundation is
American since my thoughts were around liability and the US discussion
around the WikiLeaks non-profit organization. This is exactly what Jason
wrote. The wiki about OWASP: "The OWASP Foundation came online on December
1st 2001 it was established as a not-for-profit charitable organization in
the United States on April 21, 2004"
The project is much more international but still suffers from several issues
of internationalization. I'm Swedish myself and lead the Swedish chapter so
I notice how important things in the project remain English/American.
* You can't register for an OWASP AppSec conference with non-ASCII
letters. Loads of Swedish, Spanish, German, Norwegian, Danish etc attendees
got their names crippled during registration for this summer's AppSec ... in
Sweden. Kate was really considerate and tried hard to minimize the problems
* The OWASP jobs page has been discussed at length and I constantly
fail to convey that moving 500 km in Europe often means moving to another
country, another culture, another language, another tax system, another
currency etc. That is totally different to moving 500 km in the US.
Therefore "The single OWASP jobs page to rule them all" only serves people
who want to find work in the US in my opinion. We need to serve regions and
countries. Just look at the current list of offerings.
* "OWASP AppSec USA" is often shortened "OWASP AppSec" as if all the
other AppSecs are minor. I definitely don't think this is done to harm
anyone. But still, AppSec EU, AppSec Brasil or AppSec Asia would never skip
their national/regional names. Not that I know at least :).
* All money transfers go through the US which for instance meant we
couldn't benefit from being a non-profit organization when renting a
conference venue in Sweden. We had to pay 25 % VAT since the European and
American systems have not agreed on how to handle tax exempts. Should OWASP
exist as a European non-profit organization a lot of money could be saved
and used for better things.
Just to be clear: 1) I'm impressed and deeply respect all the work Americans
have put into OWASP, 2) I'm not against anyone or any part of the world. I
just want to help make OWASP more internationally compatible.
So, while my statement "OWASP is American" was about the foundation and
legal issues, I still think there's much of an American flavor to our
project. For better or worse ;).
Med vänliga hälsningar, John
John Wilander, https://twitter.com/johnwilander
Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
Co-organizer Global Summit, http://www.owasp.org/index.php/Summit_2011
Conf Comm, http://www.owasp.org/index.php/Global_Conferences_Committee
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders