[Owasp-leaders] Vendor Neutrality

Tony UV tonyuv at owasp.org
Tue Feb 19 12:17:18 UTC 2013


I just had a chance to read this thread.  At first take, I didn’t see
anything wrong with Tom’s email.  It didn’t scream ’shameless plug’ in my
mind.  Then I read John’s email response about how this would be blocked in
Sweden and I had to slowly read the company references that didn’t
initially stand out.  It could be that (a) I don’t care about what is
referenced or (b) the initial impression that I got was not that I was
being solicited to, either consciously or subconsciously.  I think a more
likely option is that no clear intent was apparent to me in reading this
original email that represented misuse of vendor mentioning, while
masquerading as an OWASP email.

If mailing list moderation is to perform a type of regex on simply company
names w/o considering the intent of a volunteer OWASP member who doesn't
have time to weigh every choice word on a training announcement where some
cost savings were being shared, then we should extend that sort of
moderation to other types of non-topical areas.  Now, I’m not naive on the
way coupon codes work and presuming that contact info would be required,
the email still didn’t spell ’subtle solicitation’ for me, but as we all
know, these things are relative, which really undermines this whole back
and forth on the thread, b/c it’ll still be a polarizing, although low
priority topic.

Overall, if company names are to be excluded completely from within email
posts b/c they are non-germane to the OWASP mission, I’d like to add that
we include personal posturing as well b/c just like most of us don’t care
where most of us work, I personally don’t care about seeing references to
blogs, twitter sites, musical compilations, online CVs, or anything
in-between.  This is of course if we want to exclude reason and the ability
to decipher context and intent of what is being said, for which I still
think is the most reasonable way to approach apparent violations of company
plugging.  Where there is pattern, we can question intent and then raise
individually and thereafter in small circles, with the offender.

Tony UV
Atlanta Chapter Leader

Sent from tablet device - please excuse any typos

 *From:* John Wilander <john.wilander at owasp.org>
*Sent:* February 15, 2013 11:14 AM
*To:* Jim Manico <jim.manico at owasp.org>
*CC:* owasp-leaders at lists.owasp.org
*Subject:* Re: [Owasp-leaders] Vendor Neutrality

Tom's email in its form below would have been rejected by the moderators of
the OWASP Sweden mailing list. We would have suggested a rephrasing to make
it more about OWASP and the class, and less about SpiderLabs and Trustwave.

I suggest OWASP leaders refrain from emailing about our own businesses or
employers to lists that we moderate ourselves. Instead we should ask a
co-moderator to review the text and send it. Simple.

   Regards, John

--
My music http://www.johnwilander.com
Twitter https://twitter.com/johnwilander
CV or Résumé http://johnwilander.se

14 feb 2013 kl. 02:37 skrev Jim Manico <jim.manico at owasp.org>:

> Hey folks,
>
> Please see the email at the bottom of this message.
>
> This email hit the NYC chapter list today and we discussed it through the
board list earlier. I feel this is an abuse of the OWASP brand and vendor
neutrality rules to some degree, but other board members politely disagreed
with me. That's fair.
>
> Can you please chime in here? Am I off-base or do you feel this is OWASP
brand or vendor neutrality abuse?
>
> I know this is a specific example, but I think it's very important to the
organization. So far, I feel like I stand alone when complaining about
these situations and I'd appreciate your feedback. If you have the time,
please click deeper into the email below and investigate a bit.
>
> I am happy to back away from the issue of vendor neutrality if you think
I am off base.
>
> Thanks all,
> Jim Manico
> @Manicode
> (808) 652-3805
>
> ***********
>
>
> From: Tom Brennan <tomb at owasp.org>
> Date: Tuesday, February 12, 2013 6:56 PM
> To: "OWASPNYCMETRO-announce at meetup.com" <OWASPNYCMETRO-announce at meetup.com
>
> Subject: [OWASPNYCMETRO] NYC March 13th Training
>
> Its coming....INSTRUCTOR LED TRAINING IN NYC
>
> Details: https://www.owasp.org/index.php/NYC
>
> As a special introduction to the SpiderLabs instructor led course I would
like to extend to you a $500 discount code “TRUSTWAVE_500OFF” to be used
during check-out.
>
> Hack Your Own Code: Advanced Training for Developers (2 Day Training
Course)
> This class provides security developers an exciting chance to hone their
programming skills while also learning to exploit common web
vulnerabilities.
>
> For more information on the (3) training classes available visit:
>
> https://www.owasp.org/index.php/NYC
>
>
> Have additional questions?
>
> Call 973-202-0122 to discuss
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130219/c10ab54d/attachment.html>


More information about the OWASP-Leaders mailing list