[WASC-WAFEC] "Aspect" the Worst

Rcbarnett rcbarnett at gmail.com
Sun Nov 18 08:13:11 EST 2012


Ok Christian, we get it. You have problems with OWASP.

Can we please shelve this whole WASC/OWASP item until AFTER we actually have WAFEC v2 completed?

Let's get to work. 

--
Ryan Barnett


On Nov 18, 2012, at 6:26 AM, Christian Heinrich <christian.heinrich at cmlh.id.au> wrote:

> Jeff,
> 
> On Thu, Nov 1, 2012 at 9:19 PM, Jeff Williams
> <jeff.williams at aspectsecurity.com> wrote:
>> Thanks for the laugh.  If OWASP can help promote WAFEC, then of course
>> you're welcome.
> 
> What I am actually laughing at is Aspect Security attempting to
> distance themselves from the OWASP Brand but still attempting to
> exploit it at the same time e.g.
> http://twitter.com/aspectsecurity/status/266633771326005250 (note that
> OWASP is not referenced at all) and I see you removed the quote of how
> Aspect profiteered from OWASP from
> https://www.owasp.org/index.php/User:Jeff_Williams
> 
> But lets not just take my word for it, rather that of former Aspect
> Security employees such as
> http://www.greebo.net/2011/03/18/owasp-podcast-82-authorship-of-owasp-top-10-2007/
> 
> I myself did enjoy participating in how the OWASP Board manipulated
> the selection Project Leader fo the "Aspect Security" Verification
> Standard (ASVS) in pre-selecting "surprise" Aspect Security without
> due process i.e.
> https://lists.owasp.org/pipermail/owasp-board/2010-July/008710.html
> 
> Then we have Pravir complaining about how Aspect Security are
> attempting to steal OpenSAMM i.e.
> https://lists.owasp.org/pipermail/owasp-leaders/2009-July/001785.html,
> oh of course you told him but care to justify why Pravir would host
> OpenSAMM independently of owasp.org at http://www.opensamm.org/
> 
> ... and my personal favoriate has to be
> http://lists.owasp.org/pipermail/owasp-board/2011-January/009563.html
> 
> Looks like I am not the only one who shares this view considering
> Andrew, Pravir and Yiannis have all expressed interest influencing the
> OWASP board position which would kind of indicate that there are
> serious governance issues.
> 
> 
> 
> -- 
> Regards,
> Christian Heinrich
> 
> http://cmlh.id.au/contact
> 
> _______________________________________________
> wasc-wafec mailing list
> wasc-wafec at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/wasc-wafec_lists.webappsec.org




More information about the wasc-wafec mailing list