[Owasp-leaders] Why it's ok to pay leaders

Eoin eoin.keary at owasp.org
Thu Apr 12 13:44:17 UTC 2012


This shall be decided by the board.
I have requested to board to vote on this.
Eoin



On 12 April 2012 14:34, Dinis Cruz <dinis.cruz at owasp.org> wrote:

>  Absolutely not, it must apply to all 'Owasp leaders' (which
> theoretically is everybody in this list)
>
> Please read my post again!
>
> Owasp cannot pay 'ANY' type of Owasp leader (chapter, project,
> conferences, committees, etc...)
>
> It's one of the 'privileges' that you get by being an Owasp leader :)
>
> Dinis Cruz
>
> On 12 Apr 2012, at 13:51, eoin keary <eoin.keary at owasp.org> wrote:
>
>   I believe, if this is going to be the case, and agreed by the board, it
> should be project leaders only.
>
> -ek
>
>
> On Thu, Apr 12, 2012 at 1:26 PM, Sherif Koussa <sherif.koussa at owasp.org>wrote:
>
>> Just a quick question. By Leaders, do you guys mean the project leaders
>> or anybody on this list?
>>
>> Sherif
>>
>>
>> On Thu, Apr 12, 2012 at 3:18 AM, John Wilander <john.wilander at owasp.org>wrote:
>>
>>>  There are many more important questions to address (see Dinis' list).
>>>
>>> The ones I'm most worried about is (by "paid" I mean "paid by OWASP"):
>>>
>>> How to handle leaders who've done or do excellent work on A-level
>>> projects without pay? Start paying them too or "save" that money?
>>>
>>> How to handle substandard deliveries on paid projects? That's a whole
>>> new problem we face. "One strike and you're out?" QA votes among leaders
>>> and demands to return the money? Payment only after some committee accepts
>>> the outcome?
>>>
>>> What does this money do with our meritocracy? It used to be leaders who
>>> deliver the most are most highly regarded. That's a proven model in FOSS.
>>> But if a fraction of those are paid by the foundation?
>>>
>>> However, I've been trying to take the projects' perspective instead of
>>> the leaders' perspective. Here's my suggestion:
>>>
>>> We first identify the projects who've proven to not get updated despite
>>> serious tries. We briefly interview the leaders who tried to see if it's
>>> about project size, lack of admin support, fading interest or what.
>>>
>>> Once we have a list we do fundraising with a commitment to deliver if we
>>> reach a certain level. Here OWASP can actually use its funds to match
>>> whatever funds we raise (not that I prefer it).
>>>
>>> Then leaders can form teams, apply for the job and suggest how their
>>> team would like to use the money (hackathon, hourly pay, pay on delivery
>>> etc). The GPC decides which teams get green light.
>>>
>>>    Regards, John
>>>
>>> --
>>> My music http://www.johnwilander.com
>>> Twitter https://twitter.com/johnwilander
>>> CV or Résumé http://johnwilander.se
>>>
>>> 12 apr 2012 kl. 08:49 skrev AF <antonio.fontes at owasp.org>:
>>>
>>>   Hi Jim,
>>>
>>> From my understanding, he didn't mean that paying someone is in
>>> opposition with our values. He meant that paying leaders unequally is, and
>>> that this "un-equality situation" is unavoidable once we start paying
>>> volunteers with cash, at a worldwide level.
>>>
>>> We can rephrase otherwise: how equally would you reward two leaders that
>>> spent the same time on the same kind of work when they come from countries
>>> with very different levels of income? It is not a "values" issue but a
>>> "human/psychological issue".
>>>
>>> Have you found a working model that would solve this?
>>>
>>> --
>>> Sent from my Android phone with K-9 Mail. Please excuse my brevity.
>>>
>>> Jim Manico <jim.manico at owasp.org> wrote:
>>>>
>>>> Dennis,
>>>>
>>>> Thanks for your comments here.
>>>>
>>>> May I ask, how is paying experts a fair wage to complete projects in
>>>> opposition to transparency and openness, or any other aspect of the OWASP
>>>> mission?
>>>>
>>>> Cheers Dennis,
>>>>  --
>>>> Jim Manico
>>>> (808) 652-3805
>>>>
>>>> On Apr 11, 2012, at 11:23 PM, Dennis Groves <dennis.groves at owasp.org>
>>>> wrote:
>>>>
>>>>  Jim,
>>>>
>>>> That is a brilliant opinion and I share your opinion, from a
>>>> utilitarian ethical perspective - it couldn't be more true. In a
>>>> dictatorship or corporation you are undeniably correct.
>>>>
>>>> But  we don't live there, OWASP is a democracy, or adhocracy - we value
>>>> openness and transparency, things that notoriously kill dictatorships,
>>>> corporations and corruption.
>>>>
>>>> If anything we live in a tragedy of the commons. Thus, I need to
>>>> understand what you propose to solve each of  the 15 problems that Dinis so
>>>> eloquently outlined, that prevent us from reaching the utilitarian ideal
>>>> you propose.
>>>>
>>>> OWASP is ahead of the curve in this thought, in 23 Things They Don't
>>>> Tell You About Capitalism by Ha-Joon Chang<https://www.youtube.com/watch?v=hMqfCA5Nc78>one of the greatest economic thinkers in the world, has published this very
>>>> idea as rule #2 of economics. He restates the idea as thus: "Companies
>>>> should not be run in the interest of their owners."
>>>>
>>>> Before you answer be sure to be sure to watch TED: Moral Behavior in
>>>> Animals<https://www.ted.com/talks/frans_de_waal_do_animals_have_morals.html>.
>>>> How do you propose we pay leaders in Norway less that you will pay the
>>>> leaders in London, for the same work?
>>>>
>>>> As you saw in the TED talk - even a monkey gets royally pissed off and
>>>> stops working when paid a cucumber for the same work another monkey is paid
>>>> a grape.
>>>>
>>>>
>>>> --
>>>> Dennis Groves <http://about.me/dennis.groves>, MSc
>>>> dennis.groves at owasp.org
>>>>
>>>>  <http://www.owasp.org/>
>>>>
>>>> *This work is licensed under the Creative Commons
>>>> Attribution-NonCommercial-NoDerivs 3.0 Unported License. To view a copy of
>>>> this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/or send a letter to Creative Commons, 444 Castro Street, Suite 900,
>>>> Mountain View, California, 94041, USA.*
>>>>
>>>>
>>>>
>>>> On Thu, Apr 12, 2012 at 04:25, Jim Manico <jim.manico at owasp.org> wrote:
>>>>
>>>>> I've been watching the debate about paying leaders. And I for one want
>>>>> to state that I feel it's ok to pay leaders to complete key projects.
>>>>> "The mission" is way more important than an OWASP "social rule".
>>>>>
>>>>> I think we have been thinking about this topic, way too much, from an
>>>>> OWASP-centric perspective.
>>>>>
>>>>> You all know, I hope, that I bleed OWASP and care for the
>>>>> organization. But this "problem" of OWASP not meeting the obligation
>>>>> of its mission around AppSec awareness is NOT ABOUT OWASP. It's about
>>>>> the target of our mission; the many folks who are NOT aware of the
>>>>> systemic security problems that face web applications and the
>>>>> organizations that depend on them.
>>>>>
>>>>> Think about this from a software manager, corporate supporter, or
>>>>> other OWASP •consumer• point of view. Do they really care about some 3
>>>>> year old "social rule" that states we cannot pay leaders (aka: web sec
>>>>> experts)? Or do they care that that our guides are 5+ years out of
>>>>> date, that our "flagship software projects" have 2 year old unfixed
>>>>> bugs, that our project management has stagnated, or that our website
>>>>> is very complex to navigate successfully?
>>>>>
>>>>> Eoin has put forth a excellent plan to push funds directly into
>>>>> projects, and I support it.
>>>>>
>>>>> I feel we should stop blacklisting OWASP, it's not helpful to tell us
>>>>> what we can't do in support of our mission.
>>>>>
>>>>> Whitelist! Give us a powerful plan to serve "the mission" and make
>>>>> OWASP relevant again. I for one am willing to consider paying serious
>>>>> web security experts to help us update key projects, even if they are
>>>>> OWASP leaders.
>>>>>
>>>>> --
>>>>> Jim Manico
>>>>> OWASP Connections Committee Chair
>>>>> (808) 652-3805
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>
>>>>  _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
>
> --
> Global Board Member (Vice Chair)
>
>  _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Eoin Keary
OWASP Global Board Member (Vice Chair)

https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120412/69fa4b08/attachment-0001.html>


More information about the OWASP-Leaders mailing list