[Owasp-leaders] Should OWASP make a statement on the Security of the Internet and Pervasive Monitoring?

Tony Turner tony.turner at owasp.org
Wed Nov 13 22:45:24 UTC 2013


I would say that we should support any efforts focused on visibility into
the risks associated with vulnerabilities being exploited or 3rd parties
handing over keys or surveillance data. We should NOT pass judgment on the
actions performed by legitimate(?) agencies engaged in these activities. We
need to tread carefully to keep our focus on the risk and visibility issues
and ensure that we stick to the facts and leave opinion and outrage out of
it.

I also agree these discussions should occur openly. It doesn't have to be
on the wiki, but it needs to be easily accessible.

--
Tony Turner
OWASP Orlando Chapter Leader
On Nov 13, 2013 5:32 PM, "Jason Johnson" <jason.johnson at owasp.org> wrote:

> I was just about to say the same... Josh you must type fast. This topic
> should not have been moved. I preach this all the time with my HIVE
> project. Ideas should always be heard... Bad form Martin, bad form sir...
>
> Jason Johnson
> OWASP
> Oklahoma City, OK
>  On Nov 13, 2013 4:12 PM, "Josh Sokol" <josh.sokol at owasp.org> wrote:
>
>> Martin,
>>
>> I am extremely disappointed in your efforts to stifle Tobias' efforts
>> before he even got started.  Everyone at OWASP should be encouraged to come
>> up with innovative ideas and ways to drive our mission forward without fear
>> of being bullied into submission.  And by immediately telling Tobias that
>> the wiki is not the right place for this discussion you are actually
>> violating the "openness" part of OWASP's core mission.  In my opinion,
>> discussion of topics like this should be done in full visibility of the
>> world at large.  This is not a political statement, but rather, one that is
>> tandem to OWASP's core mission of making application security more
>> visible.  Subversion of this process by any party, government or otherwise,
>> should not be tolerated.  I agree fully with Tobias that guidance on this
>> subject is in line with our mission and is worth our time and efforts.  Did
>> you even read what he wrote before you dismissed it?
>>
>> ~josh
>>
>>
>> On Wed, Nov 13, 2013 at 3:47 PM, <netherlands at owasp.org> wrote:
>>
>>> Hi Tobias,
>>>
>>> Before the question if OWASP should make a statement or not, by putting
>>> it on the OWASP Wiki, you already did. In my opinion this is very
>>> unfortunate!
>>>
>>> Second, I do not think OWASP as an non-political institution should make
>>> a statement in this matter. Even more as the subject itself is off OWASP
>>> topics and area.
>>>
>>> My 2 cents,
>>>
>>> Cheers,
>>> -martin
>>>
>>> Sent from my BlackBerry® smartphone
>>>
>>> -----Original Message-----
>>> From: Tobias <tobias.gondrom at owasp.org>
>>> Sender: owasp-leaders-bounces at lists.owasp.org
>>> Date: Wed, 13 Nov 2013 21:28:18
>>> To: <owasp-leaders at lists.owasp.org>
>>> Subject: [Owasp-leaders] Should OWASP make a statement on the Security of
>>>  the Internet and Pervasive Monitoring?
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131113/0c4f3e04/attachment.html>


More information about the OWASP-Leaders mailing list