[Owasp-leaders] Urgent** Get Connected and Status Update : Chapter Leaders only

Vaibhav Gupta vaibhav.gupta at owasp.org
Fri Jun 17 12:25:29 UTC 2016


Hi guys,

I can see owasp-leaders being marked in Prashant's email but can not find
this in the online archive. Is the leader list moderated?

http://lists.owasp.org/pipermail/owasp-leaders/2016-June/thread.html

Thanks
Vaibhav

twitter.com/VaibhavGupta_1

On Fri, Jun 17, 2016 at 1:16 PM, Prashant Kv <kvprashant at owasp.org> wrote:

> Hi,
> I am sorry to open this old thread but i would like to point to some
> developments. Please check the link below:
> https://twitter.com/defcon/status/743557391212437504
>
> Appsec India has been announced and i am not sure if anyone from defcon
> lucknow is still part of it. I will be very disappointed if some day OWASP
> has to take a similar step like defcon for any chapter or conference in
> India. I would request the chapter leads(if involved) and the organizers to
> be cautious and make sure that we uphold ourselves to atmost accountability.
>
> Regards
> Prashant
>
> On Fri, Apr 1, 2016 at 5:20 AM, Noreen Whysel <noreen.whysel at owasp.org>
> wrote:
>
>> Nitin joined on Milan's request. Nitin has received foundation report for
>> co-coordinated DefCon events in Lucknow for the past two or three years.
>> Despite controversy this year - that has been addressed and is resolved -
>> we were happy to have additional planning team support from an experienced
>> event producer and welcome others who would like to participate.
>>
>> Noreen Whysel
>> Community Manager
>> OWASP Foundation
>>
>> On Apr 1, 2016, at 8:02 AM, Akash Mahajan <akash.mahajan at owasp.org>
>> wrote:
>>
>> Hi Noreen,
>>
>> Thank you so much for your patience in explaining where things are. I
>> think it is safe to say that we all really appreciate the fact that you
>> have taken out time to address this vexing issue. I am greatly relieved to
>> know how things did progress and it was always the plan to give everyone a
>> chance to be a part of AppSec India.
>>
>> Getting a clear idea of how Milan reached at this point, is also very
>> useful to know.
>>
>> @Milan, could you help us understand how did Nitin join you in being the
>> leader for AppSec India as well. I guess at this point that is the only
>> remaining point of confusion for all of us.
>>
>> The sooner we get past that, sooner we can expect an email from your side
>> for a call for volunteers.
>>
>> Thank you.
>>
>>
>>
>> On 1 April 2016 at 17:09, Noreen Whysel <noreen.whysel at owasp.org> wrote:
>>
>>> As I said in my email, there is no OWASP India chapter and no leader who
>>> has oversight responsibilities for the country's chapters. We had an
>>> advisory group led by Dhruv Soi for some time but this has been inactive
>>> since he moved to Dubai.
>>>
>>> When Milan stepped forward to restart the AppSec India, he was a known
>>> leader and participant in OWASP Mobile Security project and Mobile Top Ten,
>>> and had been an invited speaker at OWASP Online Academy. We sought Dhruv's
>>> advice in the matter and allowed Milan to step into this role with the
>>> primary responsibility to restart AppSec India.
>>>
>>> My expectation was that there would be an announcement and call for
>>> volunteers from the foundation.
>>>
>>> Noreen Whysel
>>> Community Manager
>>> OWASP Foundation
>>>
>>> On Apr 1, 2016, at 1:58 AM, Akash Mahajan <akash.mahajan at owasp.org>
>>> wrote:
>>>
>>> Hello Noreen and Milan,
>>>
>>> Thank you so much for replying quickly and helping all of us understand
>>> what might be going on. I understand what we want to is work together
>>> towards an OWASP AppSec India. If the initial email from Milan had been
>>> about that to begin with, my assumption is that a lot of us would have
>>> responded a little differently. I know for sure, I would have.
>>>
>>> While Noreen in your email you clearly mention that the Indian board is
>>> dissolved, Milan still refers to himself as OWASP India Lead. So I am still
>>> confused about which is it?
>>>
>>> 1. Is there something like an OWASP India Chapter?
>>> 2. If there is how does one become a leader for OWASP India?
>>> 3. If any of this was being decided, why was this not on the chapters
>>> mailing list or the leaders mailing list?
>>> 4. Who are the people who decided that Milan, Nitin would become the new
>>> leaders and what was the process followed for their selection?
>>>
>>> Apologies for being a bit difficult, but to me community work is very
>>> important and most importantly it needs to be transparent and above board.
>>> Otherwise amongst other things this will lead to
>>>
>>> 1. Loss of morale for people who volunteer their time, effort,
>>> reputation to do OWASP community work
>>> 2. Confusion (already has) and anger at the perceived lack of
>>> transparency between leaders, board and other volunteers
>>>
>>> Do note, it was great that Milan has apologised but most of us weren't
>>> looking for an apology but clear answers. We are all mature individuals
>>> with good experience of doing community work without expecting any rewards
>>> so it wasn't ever about the tone (it is nice if the email was polite) but
>>> the meat of the problem is lack of clarity.
>>>
>>> Also at the risk of sounding preachy, burning bridges to start any
>>> community initiative or getting everyone on board is neither a sustainable
>>> strategy nor productive in the short term. It does call in question of the
>>> competence of the individuals with respect to being able to organise and
>>> lead a community initiative.
>>>
>>> Thank you.
>>>
>>>
>>>
>>> On 1 April 2016 at 09:46, Milan Singh Thakur <milan at owasp.org> wrote:
>>>
>>>> Thank you Noreen for clearing the misunderstandings that arose here.
>>>>
>>>> OWASP India will remain focused on organizing AppSec India event and
>>>> also coordinating/involving other chapters in India to come together in
>>>> this as a Strong Team.
>>>>
>>>> My Sincere Apologies to All Leaders again for my first mail.
>>>> Let us work together as Team and get past this difficult situation.
>>>>
>>>> Looking forward for your involvement in AppSec India event starting
>>>> this year.
>>>>
>>>> Regards,
>>>> Milan Singh Thakur
>>>> INDIA Leader
>>>> OWASP Foundation
>>>> Mob: +91 9405901005
>>>>
>>>> On Fri, Apr 1, 2016 at 3:06 AM, Noreen Whysel <noreen.whysel at owasp.org>
>>>> wrote:
>>>>
>>>>> Hi Milan and India leaders,
>>>>>
>>>>> Thank you for inviting me to comment on this thread. I have indeed
>>>>> received many inquiries from India leaders wondering where this
>>>>> announcement came from and I was frankly a bit surprised at the tone of his
>>>>> message as well. Milan and I had a brief email conversation and I think
>>>>> there is somewhat of a misunderstanding.
>>>>>
>>>>> There is no OWASP India chapter as a stand alone entity. This
>>>>> dissolved some time ago as chapter development grew throughout the country.
>>>>> You all have to congratulate yourselves on this growth as it has been truly
>>>>> amazing. There is also no governing body aside from the global foundation
>>>>> overseeing activity of individual chapters in India and has not been as far
>>>>> as I can tell since 2012.
>>>>>
>>>>> Milan may have been overly eager to engage active India chapter
>>>>> leaders in his conversation in advance of creating an AppSec India event. I
>>>>> can assure you that as volunteers, neither Milan nor any of you would have
>>>>> authority to bring a legal case against anyone on behalf of OWASP. Further,
>>>>> starting and dissolving OWASP chapters is the responsibility of the
>>>>> Community Manager alone.
>>>>>
>>>>> That said, there are many chapters in need of cleanup. Many who have
>>>>> received an appropriately stern message from me :) and many who are doing
>>>>> wonderful work as evidenced by so many reports from chapter leads that I
>>>>> had the pleasure to write about in the OWASP newsletters.
>>>>>
>>>>> My understanding is Milan has made apologies to people who have
>>>>> complained to him, which is a gracious and proper thing to do. We at the
>>>>> global foundation hope we all can get past this difficult spot and get back
>>>>> to the business of making application security visible in India and
>>>>> throughout the world.
>>>>>
>>>>> Thank you for your passion and your support of these endeavors.
>>>>>
>>>>> Noreen Whysel
>>>>> Community Manager
>>>>> OWASP Foundation
>>>>>
>>>>> On Mar 31, 2016, at 3:40 PM, Milan Singh Thakur <milan at owasp.org>
>>>>> wrote:
>>>>>
>>>>> Hi Team,
>>>>>
>>>>> I have already apologised for my initial mail.
>>>>> I am looping Noreen for further communications between us.
>>>>>
>>>>> I will send you copy of official mail received from Owasp Global Team
>>>>> for accepting my Leadership request that I had raised.
>>>>>
>>>>> Regards,
>>>>> Milan Singh Thakur
>>>>> INDIA Leader
>>>>> OWASP Foundation
>>>>> Mob: +91 9405901005
>>>>>
>>>>> On Fri, Apr 1, 2016 at 1:09 AM, Milan Singh Thakur <milan at owasp.org>
>>>>> wrote:
>>>>>
>>>>>> Hi Team,
>>>>>>
>>>>>> I have already apologised for my initial mail.
>>>>>> I am looping Noreen for further communications between us.
>>>>>>
>>>>>> I will send you copy of official mail received from Owasp Global Team
>>>>>> for accepting my Leadership request that I had raised.
>>>>>>
>>>>>> Regards,
>>>>>> Milan Singh Thakur
>>>>>> INDIA Leader
>>>>>> OWASP Foundation
>>>>>> Mob: +91 9405901005
>>>>>>
>>>>>> On Fri, Apr 1, 2016 at 1:06 AM, Krishnendu Paul <
>>>>>> krishnendu.paul at owasp.org> wrote:
>>>>>>
>>>>>>> Hi from OWASP Kolkata chapter,
>>>>>>>
>>>>>>>     We will be taking OWASP Bangalore path, by refusing to accept
>>>>>>> your authority and assertions - we don't have any official information from
>>>>>>> Global OWASP, and each of us contribute in our own way to OWASP following
>>>>>>> their official handbook, I never saw anything like your plan mentioned over
>>>>>>> there.
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Krishnendu Paul
>>>>>>> +91-98300-26324
>>>>>>>
>>>>>>> On Fri, Apr 1, 2016 at 12:59 AM, Akash Mahajan <
>>>>>>> akash.mahajan at owasp.org> wrote:
>>>>>>>
>>>>>>>> Hi Milan,
>>>>>>>>
>>>>>>>> I guess all discussion is moot, till you do answer the questions
>>>>>>>> asked of you.
>>>>>>>>
>>>>>>>> We at OWASP Bangalore are very keen to find out how you and Nitin
>>>>>>>> became India board members without anyone at OWASP Bangalore getting any
>>>>>>>> information at all about the selection/election/nomination process.
>>>>>>>>
>>>>>>>> Till you do answer the questions, OWASP Bangalore chapter will
>>>>>>>> refuse to accept your authority on any of the points you have raised in
>>>>>>>> your initial email.
>>>>>>>>
>>>>>>>> Not only do we refuse to accept your authority and assertions, we
>>>>>>>> are going to try and establish the exact sequence of events which have lead
>>>>>>>> to this for full transparency and the community we represent.
>>>>>>>>
>>>>>>>> I am hoping that before you plan/rebut/go on a tangent, you answer
>>>>>>>> all the questions posed to you by me personally and the other community
>>>>>>>> members.
>>>>>>>>
>>>>>>>> Thank you.
>>>>>>>>
>>>>>>>> On 1 April 2016 at 00:19, Milan Singh Thakur <milan at owasp.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hi Akash,
>>>>>>>>>
>>>>>>>>> Its good to hear from you.
>>>>>>>>> I know Bangalore chapter has been continuously improving Infosec
>>>>>>>>> community with their immense efforts (as many other chapters are also
>>>>>>>>> trying to).
>>>>>>>>>
>>>>>>>>> I agree my first mail was bit harsh, but it was to entice everyone
>>>>>>>>> to speak. Even I *Sincerely Apologise* for the tone of first mail
>>>>>>>>> that was sent out.
>>>>>>>>>
>>>>>>>>> 1. Will be answered 1-1 :)
>>>>>>>>> 2. I have been leading Mobile Security project for quite some time
>>>>>>>>> now.
>>>>>>>>> 3. Yes, we are not monitoring chapter leads. But we are looking
>>>>>>>>> into chapter activities. So that if a chapter is not getting sufficient
>>>>>>>>> resources to run programs, then we will help it out for sure.
>>>>>>>>> 4. As I clarified earlier, it was to entice people to speak. It
>>>>>>>>> worked, but went in a negative way. Nothing as such will happen in future :)
>>>>>>>>> 5. No one dictates in OWASP. So my intentions were clearly not to
>>>>>>>>> do any kind of dictatorship (neither I support it). But we went through all
>>>>>>>>> the chapter pages and found most of them were not updated, except for few.
>>>>>>>>>
>>>>>>>>> I understand that we all belong to same family. So let's work
>>>>>>>>> together and keep the wiki updated.
>>>>>>>>> If not then we can help to keep stuff updated on wiki and help all
>>>>>>>>> the chapters with resources.
>>>>>>>>>
>>>>>>>>> Requesting you all to not to take things personally and as Akash
>>>>>>>>> said "Let it be a fruitful discussion".
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>> Milan Singh Thakur
>>>>>>>>> INDIA Leader
>>>>>>>>> OWASP Foundation
>>>>>>>>> Mob: +91 9405901005
>>>>>>>>>
>>>>>>>>> On Thu, Mar 31, 2016 at 11:55 PM, Milan Singh Thakur <
>>>>>>>>> milan at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>>> Thank you Sastry :)
>>>>>>>>>>
>>>>>>>>>> I really appreciate work of all Chapter Leaders in India (and
>>>>>>>>>> entire community) and have deep respect for efforts required to hold the
>>>>>>>>>> flag on ground.
>>>>>>>>>>
>>>>>>>>>> The motto we all work for is same "Love, Dedication and Passion
>>>>>>>>>> for Infosec". Things that happened in past might have had bad impression,
>>>>>>>>>> but as of present and future We (Nitin, Me and Owasp Global Board) assure
>>>>>>>>>> you that any Owasp Chapter and any Infosec buddy will get full support from
>>>>>>>>>> us.
>>>>>>>>>>
>>>>>>>>>> This is the reason we needed to get all leaders to speak, so that
>>>>>>>>>> if there are any misunderstandings; they can be cleared/resolved.
>>>>>>>>>>
>>>>>>>>>> Everyone in Team please feel free to reach us for any help you
>>>>>>>>>> need.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> Milan Singh Thakur
>>>>>>>>>> INDIA Leader
>>>>>>>>>> OWASP Foundation
>>>>>>>>>> Mob: +91 9405901005
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Warm regards,
>>>>>>>> Akash Mahajan
>>>>>>>>
>>>>>>>> *That Web Application Security Guy* | +91 99 805 271 82
>>>>>>>> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
>>>>>>>> *OWASP Bangalore Chapter Lead | null Community Manager*
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Thanks & Regards,
>>>>>>>
>>>>>>> Krishnendu Paul
>>>>>>>
>>>>>>> ~~~~~~~~~~~~~~~~~~~~~~~~
>>>>>>> Phone: +91-9830026324
>>>>>>> http://in.linkedin.com/in/krishpaul/
>>>>>>> http://www.sillycon.org
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>>
>>> --
>>> Warm regards,
>>> Akash Mahajan
>>>
>>> *That Web Application Security Guy* | +91 99 805 271 82
>>> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
>>> *OWASP Bangalore Chapter Lead | null Community Manager*
>>>
>>>
>>
>>
>> --
>> Warm regards,
>> Akash Mahajan
>>
>> *That Web Application Security Guy* | +91 99 805 271 82
>> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
>> *OWASP Bangalore Chapter Lead | null Community Manager*
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160617/5bbacf18/attachment-0001.html>


More information about the OWASP-Leaders mailing list