[Owasp-leaders] RSA and the application of Justice

Michael Scovetta michael.scovetta at gmail.com
Wed Jan 8 16:17:26 UTC 2014


When this thread started, I was in favor of pulling out, but the slope is to slippery here. I believe the best option is to give the training as planned, and to come up with specific criteria that would preclude our participation at future events, if possible.


-----Original Message-----
From: "Bev Corwin" <bev.corwin at owasp.org>
Sent: ‎1/‎8/‎2014 6:17 AM
To: "Jim Manico" <jim.manico at owasp.org>
Cc: "OWASP Foundation Board List" <owasp-board at lists.owasp.org>; "OWASP Leaders" <owasp-leaders at lists.owasp.org>
Subject: Re: [Owasp-leaders] RSA and the application of Justice



On Wed, Jan 8, 2014 at 3:34 AM, Jim Manico <jim.manico at owasp.org> wrote:

The mythopoetical depiction of justice throughout history is an interesting study. The Roman depiction of Lady Justice is blindfolded. The Goddess Maat and Isis were depicted with balanced scales during Egyptian times. Lady Justice is also depicted with scales and sword as well as being blindfolded.
The point is that justice should be applied evenly, without regard to who the punished is, to be dispensed evenly to all, with the same kind of punishment.
Make no mistake, the public pull-out of our marketing co-agreement with RSA is a punishment that is harmful to the RSA brand.
What I feel we have done is enact “justice” through “the anger of the masses” on an issue where the information is still being sorted out and, ahem, *many* more are guilty of similar “sins” if not worse.
If we are to walk away from RSA, then we also need to give back or walk away from our Department of Homeland Security grants. To “slap” one while taking money from another I think is inconsistent wide-open targeted justice that will hurt more than help us in the end. This is not blind justice. I am NOT SAYING that RSA is innocent, in fact I am quite angry at what RSA is alleged to have done. I am saying that many more are guilty and we are not applying fair and consistent rules. We might also be acting “too soon” before all the facts are on the table. 
I am deeply in conflict of interest here because I am supposed to deliver this training and I’m also a professional trainer. But I wanted to state my nuanced position here that we should continue down the current path and decide in the future to cancel this agreement and other agreements once the facts are sorted out.
And last, we are supposed to be vendor-neutral. I am starting to question the entire commercial conference partnership program. https://www.owasp.org/index.php/Category:OWASP_AppSec_Conference We might want to cancel conference partnerships with any commercial conference due to the vendor neutrality rules in our bylaws.
Thanks for your consideration over this matter. It’s not an easy one.
Jim Manico
OWASP Board Member
(808) 652-3806

OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140108/488b0eac/attachment.html>

More information about the OWASP-Leaders mailing list