[Owasp-leaders] Why it's ok to pay leaders

Dave Wichers dave.wichers at owasp.org
Wed Apr 18 04:17:08 UTC 2012

I’m not sure if you are specifically proposing to fund the Top 10 project or not.


The Top 10 project is NOT inactive, it just gets updated every 3 years on a schedule. 2004, 2007, 2010, 2013, etc.


It’s on my plate to start up the next update to the Top 10 pretty soon so we have a complete draft available before end of 2012. And then we plan to have an open comment period just like we did last time and then release a final version sometime around late Q1 or early Q2 of 2013.


And I don’t need any funding. I just need time …




Dave Wichers

OWASP Board Member

OWASP Top 10 Project Lead



From: owasp-leaders-bounces at lists.owasp.org [mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Thomas Brennan
Sent: Friday, April 13, 2012 1:25 PM
To: Dale Castle; OWASP Leaders
Subject: Re: [Owasp-leaders] Why it's ok to pay leaders


Awesome throw down Dale!


NYC Chapter will add 25% also. Two bounty payments of $1337 to reward (2) project sprints that move a project from inactive/alpha to beta or a beta to release.

*chapter leaders* In support of the reboot will your chapter(s) also add 25% of you chapter bucket to the reboot initiative to incententivize volenteer efforts?




Not "paying" simply a less talk more *action* bounty. 

On Apr 13, 2012, at 4:31 PM, Dale Castle <dale.castle at owasp.org> wrote:

I am in the process of rebooting my chapter and find it frustrating to see many outdated projects. I agree that we need to focus on critical projects like OWASP top ten and those directly supporting that effort and archive others. I pledge 25% of my chapter funding to this effort.



Charlottesville Chapter Leader

On Friday, April 13, 2012, Eoin wrote:



The wiki page is here:



I think we have debated this enough, written blogs and had phone conversations.

I hope for the board to ratify, or not the proposal today.








On 13 April 2012 11:10, John Wilander <john.wilander at owasp.org> wrote:

I would prefer a referendum among leaders preceded by both sides presenting their side of the matter on a wiki tab each. We would also need a info page what is actually proposed. "Pay" is too vague. This is an important question for the foundation. If a majority of leaders vote the community will have a much easier time accepting the outcome than if the board decides.


If the board doesn't want a referendum I assume you will not take part in the discussion nor the vote, Eoin, since it's your proposal.


   Regards, John


My music http://www.johnwilander.com <http://www.johnwilander.com/> 

Twitter https://twitter.com/johnwilander

CV or Résumé http://johnwilander.se <http://johnwilander.se/> 

13 apr 2012 kl. 11:33 skrev Eoin <eoin.keary at owasp.org>:

Im afraid that is not true.....

The 2008 summer of code, leaders were paid.

Great projects were delivered.... check the wiki.


Can we let the board decide this matter? It is what the board is for.

On 12 April 2012 16:05, Dennis Groves <dennis.groves at owasp.org> wrote:

Its not open to all, OWASP leaders must not be paid by OWASP. Did you not read Dinis's message? You seem to fail to understand that OWASP has been down this route of paying its leaders at least twice and it failed both times. 

Once you go down that route you destroy OWASP's meritocracy and cease to be the an open social organization.  

You create a corporation; and corporations are closed not open. You don't for example share openly the salaries of all the different paid employees with each other. Why? Did you watch the TED talk about morality in animals? Even monkeys refuse to work under such conditions. So, you must start closing OWASP. This is no longer OWASP its CWASP.

You are right this shouldn't need to be up for discussion, but clearly some of members still fail to understand that this is the very fabric of OWASP and that we not only is paying OWASP leaders verboten; it is tantamount destroying OWASP, and I know you are not advocating this! :-)

*I have choose just a single problem,that would result - Dinis has identified over 15 in his email that would require resolutions to make it work* 

Dennis Groves <http://about.me/dennis.groves> , MSc 

dennis.groves at owasp.org




This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.

On Thu, Apr 12, 2012 at 15:08, Kenneth Van Wyk <ken at krvw.com> wro

OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120418/e0f0ae0e/attachment.html>

More information about the OWASP-Leaders mailing list