[Owasp-leaders] Fwd: Stepping down as Board Member

Seba seba at owasp.org
Mon Feb 14 08:30:15 EST 2011


John,

You are hitting the nail on the head!
The challenge of further building the OWASP 'platform' is to make sure
developers and people with creative idea's feel at home.
One of the basic principles should be that the services provided by
OWASP are always opt-in and never try to 'harnass' the project/chapter
leaders into stringent project or governance rules.

--Seba

On Mon, Feb 14, 2011 at 2:15 PM, John Wilander <john.wilander at owasp.org> wrote:
> 2011/2/14 Konstantinos Papapanagiotou <conpap at di.uoa.gr>
>>
>> John,
>>
>> I don't mean to underestimate the value that tech people and
>> corresponding projects bring to an organization like OWASP but if we
>> want to reach out to governments, standards organizations and key
>> industry players we need those formal document-policy-oriented
>> projects because that's the language that they understand.
>
> I too think we need document and policy-oriented projects. But making OWASP
> itself more formal will fend off tech people.
>
> When a community hero as Michal Zalewski starts an email with "Oh, that
> OWASP thing still around?;-)" I get worried.
>
> I've seen it happen loads of times. A bunch of enthusiastic people start a
> community. Some are technically driven and publish a lot of code and/or
> tools. Then comes the process, policy, and document people to provide
> structure. That far, all good. But the structure people attract more
> structure people who in turn attract more document people. Suddenly the code
> people feel alienated and leave.
>
> Read "How Software Companies Die" by Orson Scott Card (1995) and you'll
> understand what I mean. Relevant excerpts:
>
> Here's the secret that every successful software company is based on: You
> can domesticate programmers the way beekeepers tame bees. You can't exactly
> communicate with them, but you can get them to swarm in one place and when
> they're not looking, you can carry off the honey.
>
> Here's the problem that ends up killing company after company. All
> successful software companies had, as their dominant personality, a leader
> who nurtured programmers. But no company can keep such a leader forever.
> Either he cashes out, or he brings in management types who end up driving
> him out, or he changes and becomes a management type himself. One way or
> another, marketers get control.
>
> But...control of what? Instead of finding assembly lines of productive
> workers, they quickly discover that their product is produced by utterly
> unpredictable, uncooperative, disobedient, and worst of all, unattractive
> people who resist all attempts at management. Put them on a time clock,
> dress them in suits, and they become sullen and start sabotaging the
> product. Worst of all, you can sense that they are making fun of you with
> every word they say.
>
> The shock is greater for the coder, though. He suddenly finds that alien
> creatures control his life. Meetings, Schedules, Reports. And now someone
> demands that he PLAN all his programming and then stick to the plan, never
> improving, never tweaking, and never, never touching some other team's code.
>
> http://www.zoion.com/~erlkonig/writings/programmer-beekeeping.html
>
>    Regards, John
>
> --
> John Wilander, https://twitter.com/johnwilander
> Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
> Co-organizer Global Summit, http://www.owasp.org/index.php/Summit_2011
> Conf Comm, http://www.owasp.org/index.php/Global_Conferences_Committee
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


More information about the OWASP-Leaders mailing list