[Owasp-leaders] Proposal: Remove all commercial/non-OWASP logos from OWASP.org

Seba seba at owasp.org
Thu Apr 4 10:56:03 UTC 2013

how about the sponsor logos on the conference / chapter pages?
they represent a significant budget to keep our events afloat



On Thu, Apr 4, 2013 at 12:00 PM, Dinis Cruz <dinis.cruz at owasp.org> wrote:

> *(Resending this email, since for some reason I got a bounce from the
> email I sent to owasp-leaders a couple days ago).*
>  *(I also blogged this at
> http://blog.diniscruz.com/2013/04/proposal-remove-all-commercialnon-owasp.html, and there are already a couple good comments in there from Michael and
> Mark)*
> Following the recent threads about the commercialization of OWASP, I think
> the time as come for a simple move, that will be a little bit painful, but
> will clear the water and send a nice big message of what OWASP stands for.
> *Remove all commercial/non-owasp-projects logos from OWASP.org*
> This move has a log of advantages:
>    - it is generic so it doesn't single out anybody
>    - it can be done since there are no 'real' contractual obligations for
>    OWASP to put company's XYZ logo on the OWASP site
>       - note that OWASP can change the content of any content hosted on
>       owasp.org , as long as the changed content is released in an
>       compatible license :)
>       - in fact anybody can start the http://owasp-without-logos.org site
>       with all content from owasp.org, expect the 3rd party logos
>    - it will push the cases where sponsor-logos are expected to exist, to
>    be placed in separate/dedicated 3rd party websites (like what happens with
>    AppSec conferences)
>       - and if there ARE execptions, they should be treated as one-of
>       exceptions (and be fully documented)
>    - it will stop the current *'F1/NASCAR logo parade'* that is the OWASP
>    main page, and some of its projects
>    - it will stop the nasty and non-productive *"hey that
>    company shouldn't have their logo in that project"* threads
>    - it will send a strong message that OWASP is about sharing
>    information and all information/tools/projects that are 'donated' to owasp
>    are supposed to be shared in a no-strings/logos attached mode
>    - it will clarify that *the OWASP logo, name, tools and content CAN be
>    used in commercial situations, as long as it is done outside of OWASP.org
>    *
>    - it shows a sign of maturity for OWASP, where OWASP doesn't need
>    (anymore) to sell a bit of its soul in exchange for good content and tools
>    - it shows that OWASP's value to the corporate sponsors, is NOT a logo
>    on owasp.org, but the amazing value provided by the multiple OWASP
>    activities, events and projects.
>    - it shows that OWASP can learn from others, and in this case, follow
>    (as Jim recommended) the Apache foundation example (see
>    http://www.apache.org/foundation/marks/responsibility.html )
> There are a couple disadvantages:
>    - Some OWASP leaders and supporting companies will be annoyed and fell
>    that *'OWASP changed the value-added they would get by contributing to
>    OWASP'*
>    - Some OWASP corporate sponsors might even be so angry that they don't
>    renew their anual membership
>    - Some OWASP leaders might be so annoyed that they stop contributing
>    at all to OWASP
>    - This is one of those issues that has the potential to generate a
>    gazilion of emails, with lots of opinions and no decisions in the end. Btw,
>    the faster 'a' decision is made the better (Yes or No).
> I believe that OWASP today (April 2013) is in the perfect situation to
> make this move. There is enough money to sustain any financial loss (which
> I don't think will happen) and the OWASP projects are still in a state
> where a drop of a couple OWASP leaders wouldn't have a dramatic effect
> (which again i don't think will happen)
> So what do you say, fellow OWASP friends, should we make this jump?
> *My vote is YES, lets get rid of the commercial logos in OWASP and start
> a new generation of OWASP content and tools*
> Dinis Cruz
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130404/812a5c4c/attachment.html>

More information about the OWASP-Leaders mailing list