[Owasp-leaders] Thomas Ryan - OWASP - OccupyWallStreet - Gawker

Chris Schmidt chris.schmidt at owasp.org
Sun Oct 16 20:57:24 EDT 2011

Christian - your points are completely aside from the point of my
e-mail. I don't care where they got their facts and I don't care what
Tom did or did not do, this is not the place for such discussions. The
fact of the matter is that OWASP needs to inform Gawker that he is *not*
an OWASP board member so they can redact that part of the article for
sake of people that are *not* Gawker and *not* Tom, and *not* us. This
is not an attack on Tom, it is a reaction to a statement made in an
article that is incorrect that needs to be corrected, that is all -
please do not turn this into something else.

Thank you.

On 10/16/2011 6:49 PM, Christian Heinrich wrote:
> Chris,
> Also, it is worth considering that Tom might *not* have stated OWASP
> involvement i.e. the journalist looked at
> http://www.linkedin.com/in/tommyryan which quotes his former role on
> the Board of the OWASP NYC/NJ Chapter and simply made this correlation
> without his (Tom's) involvement or maybe they Loyd was the source of
> this "fact".
> Also, it is worth considering the retracts made by Tom at the end of
> the article which would indicate that Gawker deliberately delayed the
> publication of this article to attempt to make Tom appear evasive
> rather than Tom calmly reacting to realising their ulterior motive.
> On Mon, Oct 17, 2011 at 11:27 AM, Christian Heinrich
> <christian.heinrich at owasp.org> wrote:
>> Chris,
>> On Mon, Oct 17, 2011 at 11:08 AM, Chris Schmidt <chris.schmidt at owasp.org> wrote:
>>> "Ryan said he knows Loyd through their mutual involvement in the Open Web
>>> Application Security Project, a non-profit computer security group of which
>>> Ryan is a board member."
>> I would suspect that Tom Ryan was quoted out of context  i.e. Loyd
>> would have met Tom at the OWASP NYC/NJ Chapter based on the location
>> of the events that Tom was investigating.
>> From a PR standpoint it would be in the best interests of OWASP not to
>> comment because it will simply draw attention to OWASP and journalists
>> will commence quoting this thread as our position regardless of the
>> proposed PR states and therefore puts the OWASP Brand at risk.
>> Remember, OWASP is *not* the focus of Gawker and their ulterior motive
>> may have been to include create an emotional response (which appears
>> to have worked) to milk this for all it is worth.
>> --
>> Regards,
>> Christian Heinrich
>> http://www.owasp.org/index.php/user:cmlh

More information about the OWASP-Leaders mailing list