[Owasp-leaders] Thomas Ryan - OWASP - OccupyWallStreet - Gawker

Chris Schmidt chris.schmidt at owasp.org
Tue Oct 18 01:10:46 EDT 2011

Hash: SHA1
I will do no such thing. I have been in contact with Jeff, and he is
free to say whatever he wishes.
On 10/17/2011 10:55 PM, Christian Heinrich wrote:
> Chris,
> http://seclists.org/fulldisclosure/2011/Oct/681 -> can you please tell
> Jeffrey Walton to keep a lid on it since he cites correspondance with
> you on this matter?
> On Mon, Oct 17, 2011 at 4:37 PM, Chris Schmidt
<chris.schmidt at owasp.org> wrote:
>> Try rereading my email please.
>> On Oct 16, 2011 10:04 PM, "Christian Heinrich"
>> <christian.heinrich at owasp.org> wrote:
>>> Chris,
>>> On Mon, Oct 17, 2011 at 2:48 PM, Chris Schmidt <chris.schmidt at owasp.org>
>>> wrote:
>>>> I have brought this *back* into the open forum of OWASP where it
>>>> belongs.
>>>> Now to pose the question, what, if anything, does anything in your
>>>> response
>>>> have to do with the issue at hand.
>>>> Let me just re-paste the quote in question here to eliminate *any*
>>>> question
>>>> whatsoever about what I am referring to:
>>>> "Ryan said he knows Loyd through their mutual involvement in the Open
>>>> Web
>>>> Application Security Project, a non-profit computer security group of
>>>> which
>>>> Ryan is a board member."
>>>> This is about the outward image of the OWASP organization, not YOU or
>>>> whatever it is that you have done/are doing/will do. As such a valuable
>>>> contributor who has been around since before *I* even knew about
>>>> can
>>>> imagine that you understand my concerns about OWASP as an organization
>>>> being
>>>> associated with either side of this debate or any other political
>>>> debate.
>>>> So can we please move past the debate of what you did or didn't do and
>>>> move
>>>> on to the topic of what this email was originally talking about, fixing
>>>> the
>>>> quote in an article that could align OWASP as an ORGANIZATION with the
>>>> actions described in the article? I am sorry you have recieved
>>>> threatening
>>>> emails. It would be equally unjust if OWASP became the target of these
>>>> threats, or even worse - if people within the organization became
>>>> targets
>>>> simply because they are affiliated with this organization.
>>>> I simply want to make sure the organization and OWASP brand is
>>>> from the actions of ANY member, and I brought this up at the board
>>>> meeting
>>>> in MN last month.
>>>> Thank you for you response, perhaps we can move on to the real issue
>>>> now?
>>>> Again, this has nothing to do with your OWASP involvement - this is
>>>> about
>>>> misinformation in an article that happens to be about you that is
>>>> potentially damaging to the OWASP brand and organization, as well as
>>>> potentially other individuals that are part of the organization.
>>> The facts are: 1. that no one other than OWASP members have reacted to
>>> the mention of the OWASP "Brand " and 2. the rumor mill will now be
>>> kicked into motion because of Thomas' Ryan emotive e-mail caused as he
>>> is now under duress - note that Thomas completely revealed more than
>>> he had too and neither did he address what you believed you have a
>>> right to know.
>>> Those who participate in open communities still have the fundamental
>>> right to keep aspects of their life private from the public.
>>> I would suggest that you sleep on it and if you believe there is an
>>> issue tomorrow than you can discuss it with Tom Brennan.
>>> --
>>> Regards,
>>> Christian Heinrich
>>> http://www.owasp.org/index.php/user:cmlh
Version: GnuPG v2.0.14 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

More information about the OWASP-Leaders mailing list