[Owasp-leaders] OWASP "branded" apps in application stores

Jim Manico jim.manico at owasp.org
Wed Apr 3 02:38:01 UTC 2013


Kelly,

I know that the banner ads drive income, but I think it would look a bit more "vendor neutral" if we removed them from the website. Now of course we have contracts with our advertisers which we must honor and complete.

But I hate to have first time viewers of OWASP.org see advertisements in the top 20% of the homepage when they first visit us. This is just my personal opinion, and by all means it is not my decision.

I look to other technical non profits, especially Apache, as a guide. Check out http://apache.org/ , https://www.isc2.org/ and http://www.redcross.org/ - None of these organizations advertise vendors on their homepage.

Our mission is to serve the community and expect nothing in return. That's the foundation of charity. This move would also be very helpful in terms of fine-tuning our image as a neutral authority on web security.

Again, we really need our sponsors to survive. My goal is to level the playing field. I think between removing the banner ads and moving all sponsor logos to a dedicated sponsor page such as http://www.apache.org/foundation/thanks.html that ALL projects can link to, we would move in a very positive direction regarding our image. We can even put this sponsorship link on the home page navigation bar. We can even have project deliverables link back to the sponsorship page.

Cruz has a conjecture that this would help DRIVE MORE income. I think he is right. Look at how Apache does sponsorships for vendors and other organizations. There are several "tiers" of sponsorship. And top tier sponsors are listed at the top. Platinum sponsors of Apache pay 100,000$ USD per year. Our TOP sponsorship rate is 5,000$ USD per year.

Kelly, I really appreciate what you do for us at OWASP and I hope you find this conversation constructive. In my opinion these are the exact kinds of conversations we should be having on "leaders".

Aloha,
Jim Manico
@Manicode



> Jim,
> 
> I agree with you that the corporate member logos on the home page does look
> a bit like NASCAR and we are working on a solution.
> 
> I am curious as to why you would like to "kill the banner ads"?  Are you
> suggesting to get rid of them all together or for just the Corporate
> Members who get a 30 day complimentary banner ad?  Working with our
> corporate members on a day to day basis, I know that that is one of the
> benefits they find valuable. Additionally, we have companies who choose to
> pay for them and we have used the banner ads as a benefit when working with
> companies on forming co-marketing agreements.
> 
> I look forward to hearing your thoughts on killing the banner ads.
> 
> Regards,
> 
> 
> 
> On Tue, Apr 2, 2013 at 10:53 AM, Jim Manico <jim.manico at owasp.org> wrote:
> 
>>
>>> I like that model too, and that is something that OWASP should do
>> (ban/limit all logos usage on owasp.org website)
>>
>> Agreed. We still need to honor our sponsors, perhaps just move them to a
>> dedicated sponsorship page like Apache? And for bonus points I'd also like
>> to kill the banner ads.
>>
>>> But again, that wouldn't prevent the commercial use (or resell) of OWASP
>> materials by 3rd parties :)
>>
>> I agree. Especially for BSD licensed OWASP projects, they are MEANT for
>> commercial use. If folks on the outside want to use the OWASP brand in
>> their projects, that's a fight for another day I think. I'm only concerned
>> about how OWASP presents itself to the world for now, especially around
>> projects.
>>
>> Again, see http://www.apache.org/foundation/marks/pmcs and
>> http://www.apache.org/foundation/marks/responsibility.html (particularly
>> the section on "Present an independent face to your project")
>>
>> Aloha,
>> Jim
>>
>>>
>>> Dinis Cruz
>>>
>>> On 2 Apr 2013, at 15:30, Jim Manico <jim.manico at owasp.org> wrote:
>>>
>>>> I *really* like how Apache handles this. They really thought this
>> through and spent years battling the same issues regarding vendor
>> neutrality.
>>>>
>>>> Here are the basics:
>>>>
>>>> 1) Sponsors of Apache and recognized on ONE page only:
>> http://www.apache.org/foundation/thanks.html
>>>> 2) All Apache projects link back to this sponsorship page.
>>>> 3) Corporate logos are not allowed on any Apache project
>>>> 4) All project contributors are recognized as *individuals only* in a
>> tabular list (without logos) which can include the company name they work
>> for. For example: http://hadoop.apache.org/who.html
>>>>
>>>> This seems to be a great way to fully recognize sponsors while still
>> remaining neutral on a per-project basis.
>>>>
>>>> - Jim
>>>>
>>>> PS: See http://www.apache.org/foundation/marks/pmcs and
>> http://www.apache.org/foundation/marks/responsibility.html (particularly
>> the section on "Present an independent fact to your project")
>>>>
>>>>
>>>>
>>>>> On 02/04/2013 14:48, Dinis Cruz wrote:
>>>>>> There is nothing wrong with using OWASP materials for financial gain,
>>>>>> in fact our licenses encourage that.
>>>>>>
>>>>>> The only issue is if the material created are not public/open, which
>>>>>> in some cases is against the licence of the original material (Apache
>>>>>> 2 allows closing but GPL doesn't)
>>>>>>
>>>>>> Now on the 'TOP 10 LogoGate thread' it is an issue of 'who put the
>>>>>> work in' and 'what is accepted by the community' :)
>>>>> The NASCAR like corporate branding of OWASP materials is both ugly, and
>>>>> unnecessary. There must be a better way forward. Branding is offensive
>>>>> and aggressive.
>>>>>
>>>>> OWASP is a charity - you don't feed children in Africa by first making
>>>>> them watch Monsanto, Kellog's and McDonald's advertisements so they
>> know
>>>>> who their 'food' was provided by. Instead you tell people who care by
>>>>> pointing out your charity work.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Dennis
>>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
> 
> 
> 



More information about the OWASP-Leaders mailing list