[Owasp-leaders] Thomas Ryan - OWASP - OccupyWallStreet - Gawker

Mark Bristow mark.bristow at owasp.org
Mon Oct 17 09:57:15 EDT 2011

So this is an interesting (and completely irrelevant to OWASP)
discussion on the state of the online press that while I find
interesting doesn't change the central point here.  The point is that
Gawker has incorrectly "printed" that Mr Ryan is a OWASP board member.
 Wither you agree with his actions, who said what first and when, is
completely irrelevant.

As an organization we have a responsibility to correct factual errors
that are reported about OWASP.  Mr. Ryan is not a board member, nor is
he a paid member of OWASP although he has made a number of
contributions to OWASP over the years and is a member of this
community.  I'm of the opinion that the board should reach out to
Gawker to ask that a correction be made.

On Mon, Oct 17, 2011 at 1:37 AM, Chris Schmidt <chris.schmidt at owasp.org> wrote:
> Try rereading my email please.
> On Oct 16, 2011 10:04 PM, "Christian Heinrich"
> <christian.heinrich at owasp.org> wrote:
>> Chris,
>> On Mon, Oct 17, 2011 at 2:48 PM, Chris Schmidt <chris.schmidt at owasp.org>
>> wrote:
>> > I have brought this *back* into the open forum of OWASP where it
>> > belongs.
>> >
>> > Now to pose the question, what, if anything, does anything in your
>> > response
>> > have to do with the issue at hand.
>> >
>> > Let me just re-paste the quote in question here to eliminate *any*
>> > question
>> > whatsoever about what I am referring to:
>> > "Ryan said he knows Loyd through their mutual involvement in the Open
>> > Web
>> > Application Security Project, a non-profit computer security group of
>> > which
>> > Ryan is a board member."
>> >
>> > This is about the outward image of the OWASP organization, not YOU or
>> > whatever it is that you have done/are doing/will do. As such a valuable
>> > contributor who has been around since before *I* even knew about OWASP I
>> > can
>> > imagine that you understand my concerns about OWASP as an organization
>> > being
>> > associated with either side of this debate or any other political
>> > debate.
>> >
>> > So can we please move past the debate of what you did or didn't do and
>> > move
>> > on to the topic of what this email was originally talking about, fixing
>> > the
>> > quote in an article that could align OWASP as an ORGANIZATION with the
>> > actions described in the article? I am sorry you have recieved
>> > threatening
>> > emails. It would be equally unjust if OWASP became the target of these
>> > threats, or even worse - if people within the organization became
>> > targets
>> > simply because they are affiliated with this organization.
>> >
>> > I simply want to make sure the organization and OWASP brand is protected
>> > from the actions of ANY member, and I brought this up at the board
>> > meeting
>> > in MN last month.
>> >
>> > Thank you for you response, perhaps we can move on to the real issue
>> > now?
>> >
>> > Again, this has nothing to do with your OWASP involvement - this is
>> > about
>> > misinformation in an article that happens to be about you that is
>> > potentially damaging to the OWASP brand and organization, as well as
>> > potentially other individuals that are part of the organization.
>> The facts are: 1. that no one other than OWASP members have reacted to
>> the mention of the OWASP "Brand " and 2. the rumor mill will now be
>> kicked into motion because of Thomas' Ryan emotive e-mail caused as he
>> is now under duress - note that Thomas completely revealed more than
>> he had too and neither did he address what you believed you have a
>> right to know.
>> Those who participate in open communities still have the fundamental
>> right to keep aspects of their life private from the public.
>> I would suggest that you sleep on it and if you believe there is an
>> issue tomorrow than you can discuss it with Tom Brennan.
>> --
>> Regards,
>> Christian Heinrich
>> http://www.owasp.org/index.php/user:cmlh
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org

More information about the OWASP-Leaders mailing list