[Owasp-leaders] Thomas Ryan - OWASP - OccupyWallStreet - Gawker

Christian Heinrich christian.heinrich at owasp.org
Tue Oct 18 00:55:54 EDT 2011


Chris,

http://seclists.org/fulldisclosure/2011/Oct/681 -> can you please tell
Jeffrey Walton to keep a lid on it since he cites correspondance with
you on this matter?

On Mon, Oct 17, 2011 at 4:37 PM, Chris Schmidt <chris.schmidt at owasp.org> wrote:
> Try rereading my email please.
>
> On Oct 16, 2011 10:04 PM, "Christian Heinrich"
> <christian.heinrich at owasp.org> wrote:
>>
>> Chris,
>>
>> On Mon, Oct 17, 2011 at 2:48 PM, Chris Schmidt <chris.schmidt at owasp.org>
>> wrote:
>> > I have brought this *back* into the open forum of OWASP where it
>> > belongs.
>> >
>> > Now to pose the question, what, if anything, does anything in your
>> > response
>> > have to do with the issue at hand.
>> >
>> > Let me just re-paste the quote in question here to eliminate *any*
>> > question
>> > whatsoever about what I am referring to:
>> > "Ryan said he knows Loyd through their mutual involvement in the Open
>> > Web
>> > Application Security Project, a non-profit computer security group of
>> > which
>> > Ryan is a board member."
>> >
>> > This is about the outward image of the OWASP organization, not YOU or
>> > whatever it is that you have done/are doing/will do. As such a valuable
>> > contributor who has been around since before *I* even knew about OWASP I
>> > can
>> > imagine that you understand my concerns about OWASP as an organization
>> > being
>> > associated with either side of this debate or any other political
>> > debate.
>> >
>> > So can we please move past the debate of what you did or didn't do and
>> > move
>> > on to the topic of what this email was originally talking about, fixing
>> > the
>> > quote in an article that could align OWASP as an ORGANIZATION with the
>> > actions described in the article? I am sorry you have recieved
>> > threatening
>> > emails. It would be equally unjust if OWASP became the target of these
>> > threats, or even worse - if people within the organization became
>> > targets
>> > simply because they are affiliated with this organization.
>> >
>> > I simply want to make sure the organization and OWASP brand is protected
>> > from the actions of ANY member, and I brought this up at the board
>> > meeting
>> > in MN last month.
>> >
>> > Thank you for you response, perhaps we can move on to the real issue
>> > now?
>> >
>> > Again, this has nothing to do with your OWASP involvement - this is
>> > about
>> > misinformation in an article that happens to be about you that is
>> > potentially damaging to the OWASP brand and organization, as well as
>> > potentially other individuals that are part of the organization.
>>
>> The facts are: 1. that no one other than OWASP members have reacted to
>> the mention of the OWASP "Brand " and 2. the rumor mill will now be
>> kicked into motion because of Thomas' Ryan emotive e-mail caused as he
>> is now under duress - note that Thomas completely revealed more than
>> he had too and neither did he address what you believed you have a
>> right to know.
>>
>> Those who participate in open communities still have the fundamental
>> right to keep aspects of their life private from the public.
>>
>> I would suggest that you sleep on it and if you believe there is an
>> issue tomorrow than you can discuss it with Tom Brennan.
>>
>>
>> --
>> Regards,
>> Christian Heinrich
>> http://www.owasp.org/index.php/user:cmlh
>



-- 
Regards,
Christian Heinrich
http://www.owasp.org/index.php/user:cmlh


More information about the OWASP-Leaders mailing list