[Owasp-leaders] Why it's ok to pay leaders
jim.manico at owasp.org
Thu Apr 12 05:42:20 UTC 2012
Thanks for your comments here.
May I ask, how is paying experts a fair wage to complete projects in
opposition to transparency and openness, or any other aspect of the OWASP
On Apr 11, 2012, at 11:23 PM, Dennis Groves <dennis.groves at owasp.org> wrote:
That is a brilliant opinion and I share your opinion, from a utilitarian
ethical perspective - it couldn't be more true. In a dictatorship or
corporation you are undeniably correct.
But we don't live there, OWASP is a democracy, or adhocracy - we value
openness and transparency, things that notoriously kill dictatorships,
corporations and corruption.
If anything we live in a tragedy of the commons. Thus, I need to understand
what you propose to solve each of the 15 problems that Dinis so eloquently
outlined, that prevent us from reaching the utilitarian ideal you propose.
OWASP is ahead of the curve in this thought, in 23 Things They Don't Tell
You About Capitalism by Ha-Joon
Chang<https://www.youtube.com/watch?v=hMqfCA5Nc78>one of the greatest
economic thinkers in the world, has published this very
idea as rule #2 of economics. He restates the idea as thus: "Companies
should not be run in the interest of their owners."
Before you answer be sure to be sure to watch TED: Moral Behavior in
How do you propose we pay leaders in Norway less that you will pay the
leaders in London, for the same work?
As you saw in the TED talk - even a monkey gets royally pissed off and
stops working when paid a cucumber for the same work another monkey is paid
Dennis Groves <http://about.me/dennis.groves>, MSc
dennis.groves at owasp.org
*This work is licensed under the Creative Commons
Attribution-NonCommercial-NoDerivs 3.0 Unported License. To view a copy of
this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/ or
send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain
View, California, 94041, USA.*
On Thu, Apr 12, 2012 at 04:25, Jim Manico <jim.manico at owasp.org> wrote:
> I've been watching the debate about paying leaders. And I for one want
> to state that I feel it's ok to pay leaders to complete key projects.
> "The mission" is way more important than an OWASP "social rule".
> I think we have been thinking about this topic, way too much, from an
> OWASP-centric perspective.
> You all know, I hope, that I bleed OWASP and care for the
> organization. But this "problem" of OWASP not meeting the obligation
> of its mission around AppSec awareness is NOT ABOUT OWASP. It's about
> the target of our mission; the many folks who are NOT aware of the
> systemic security problems that face web applications and the
> organizations that depend on them.
> Think about this from a software manager, corporate supporter, or
> other OWASP •consumer• point of view. Do they really care about some 3
> year old "social rule" that states we cannot pay leaders (aka: web sec
> experts)? Or do they care that that our guides are 5+ years out of
> date, that our "flagship software projects" have 2 year old unfixed
> bugs, that our project management has stagnated, or that our website
> is very complex to navigate successfully?
> Eoin has put forth a excellent plan to push funds directly into
> projects, and I support it.
> I feel we should stop blacklisting OWASP, it's not helpful to tell us
> what we can't do in support of our mission.
> Whitelist! Give us a powerful plan to serve "the mission" and make
> OWASP relevant again. I for one am willing to consider paying serious
> web security experts to help us update key projects, even if they are
> OWASP leaders.
> Jim Manico
> OWASP Connections Committee Chair
> (808) 652-3805
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders