[Owasp-leaders] Why it's ok to pay leaders

AF antonio.fontes at owasp.org
Thu Apr 12 06:49:12 UTC 2012


Hi Jim,

>From my understanding, he didn't mean that paying someone is in opposition with our values. He meant that paying leaders unequally is, and that this "un-equality situation" is unavoidable once we start paying volunteers with cash, at a worldwide level.

We can rephrase otherwise: how equally would you reward two leaders that spent the same time on the same kind of work when they come from countries with very different levels of income? It is not a "values" issue but a "human/psychological issue". 

Have you found a working model that would solve this?

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Jim Manico <jim.manico at owasp.org> wrote:

Dennis,


Thanks for your comments here.


May I ask, how is paying experts a fair wage to complete projects in opposition to transparency and openness, or any other aspect of the OWASP mission?


Cheers Dennis,

--

Jim Manico

(808) 652-3805


On Apr 11, 2012, at 11:23 PM, Dennis Groves <dennis.groves at owasp.org> wrote:

Jim,

That is a brilliant opinion and I share your opinion, from a utilitarian ethical perspective - it couldn't be more true. In a dictatorship or corporation you are undeniably correct. 

But  we don't live there, OWASP is a democracy, or adhocracy - we value openness and transparency, things that notoriously kill dictatorships, corporations and corruption.

If anything we live in a tragedy of the commons. Thus, I need to understand what you propose to solve each of  the 15 problems that Dinis so eloquently outlined, that prevent us from reaching the utilitarian ideal you propose. 

OWASP is ahead of the curve in this thought, in 23 Things They Don't Tell You About Capitalism by Ha-Joon Chang one of the greatest economic thinkers in the world, has published this very idea as rule #2 of economics. He restates the idea as thus: "Companies should not be run in the interest of their owners."

Before you answer be sure to be sure to watch TED: Moral Behavior in Animals. How do you propose we pay leaders in Norway less that you will pay the leaders in London, for the same work? 

As you saw in the TED talk - even a monkey gets royally pissed off and stops working when paid a cucumber for the same work another monkey is paid a grape. 


-- 
Dennis Groves, MSc

dennis.groves at owasp.org


 


This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.




On Thu, Apr 12, 2012 at 04:25, Jim Manico <jim.manico at owasp.org> wrote:

I've been watching the debate about paying leaders. And I for one want
to state that I feel it's ok to pay leaders to complete key projects.
"The mission" is way more important than an OWASP "social rule".

I think we have been thinking about this topic, way too much, from an
OWASP-centric perspective.

You all know, I hope, that I bleed OWASP and care for the
organization. But this "problem" of OWASP not meeting the obligation
of its mission around AppSec awareness is NOT ABOUT OWASP. It's about
the target of our mission; the many folks who are NOT aware of the
systemic security problems that face web applications and the
organizations that depend on them.

Think about this from a software manager, corporate supporter, or
other OWASP •consumer• point of view. Do they really care about some 3
year old "social rule" that states we cannot pay leaders (aka: web sec
experts)? Or do they care that that our guides are 5+ years out of
date, that our "flagship software projects" have 2 year old unfixed
bugs, that our project management has stagnated, or that our website
is very complex to navigate successfully?

Eoin has put forth a excellent plan to push funds directly into
projects, and I support it.

I feel we should stop blacklisting OWASP, it's not helpful to tell us
what we can't do in support of our mission.

Whitelist! Give us a powerful plan to serve "the mission" and make
OWASP relevant again. I for one am willing to consider paying serious
web security experts to help us update key projects, even if they are
OWASP leaders.

--
Jim Manico
OWASP Connections Committee Chair
(808) 652-3805
_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120412/f94da5d0/attachment-0001.html>


More information about the OWASP-Leaders mailing list