This Isn't the First Time the Site of Greater London Authority Improperly Set Permissions

Dr. Roy Schestowitz

2023-07-16 05:08:17 UTC
Modified: 2023-07-16 05:08:17 UTC

But this time it became a blunder in the media:

Summary: Greater London Authority (GLA) does not know how to manage its Web site properly and it's causing a lot of pain to victims of crimes; maybe it's time for GLA to assess how it manages its Web site and how it treats victims of crimes, including its own tech staff

MANY are aware by now of GLA because of crimes at Sirius 'Open Source', a large GLA contractor. Typically I'd not open my mouth and led this one slide, but GLA does not care about its own IT workers being defrauded (and does not get the police, which it oversees, to actually do something about it), so I'll say what I know for sure, with witnesses who saw the same.

"This was noticed and mentioned internally."The above article speaks of a permission issue, which in effect enabled access to hostile parties and potentially did a lot of damage. They'll probably try to paint this as a one-off incident, but I recall several other instances of this, especially with Drupal used incorrectly. Back then we had a chance to correct it before a breach or before unauthorised access was detected. This was noticed and mentioned internally. Back in the days of Mantis for ticketing, not JIRA bloatware.

"More incidents like the above may as well recur."What's the cause of this? Well, it did not help that the company had people with no clue in computers dealing with computer-related tasks, including Sirius management with no suitable qualifications overseeing things. GLA fared not much better and their skilled IT people kept leaving. Maybe they couldn't stand clueless managers, but maybe it was something else.

More incidents like the above may as well recur. This can continue to happen because of weakly-enforced rules and procedures. When I did deployments to the site I was typically all on my own, testing was limited, and there was no supervision by security-savvy site engineers. It was all very improvised. This won't improve until or unless there are changes at the top. ⬆

Recent Techrights' Posts

Legal Letters Are Not Postcards: It seems like intimidation, nothing more
IAM Magazine is in Effect Dead, It's Now Fused Into Microsoft's Patent Troll (Which It Has Promoted All Along): Microsoft-connected patent trolls in Europe [...] Now, in his new job, Wild can use his 'expertise' to help guide blackmail/extortion to better harm Europe's industry
A Huge Proportion of 'Articles' in The Register MS Are Actually Paid Spam of the Communist Party of China, Selling Compromised (for Wiretapping) Technology: The Register MS is having a go at becoming a marketing company or "B2B"
Top Officials Have Just Left Microsoft, Layoffs in Anything But Name: Microsoft's debt is very fast-growing
Local Staff Committee The Hague (LSCTH) Meets "Alicante Mafia" at the European Patent Office (EPO): Report on meeting with VP1 and his team on 21 April 2026
UbuntuPit (ubuntupit.com) Has Deleted Slop Pages, Its Slopfarm Experiment Has Failed (Like Always!): Turning one's site into a slopfarm is a death knell
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, May 23, 2026: IRC logs for Saturday, May 23, 2026
The "Next Big" Bonus for IBM's CEO Apparently Comes From American Taxpayers While Veteran IBMers Are PIP'd and RA'd (Laid Off): the next big thing will be the CEO's bonus
Links 23/05/2026: Starbucks Scraps Disastrous Slopfest, Colbert’s Final ‘Late Show’: Links for the day
Gemini Links 23/05/2026: Poetry, Hobbies, ROOPHLOCH, and More: Links for the day
Government Bailouts Won't be Enough to Save IBM: Bailouts from taxpayers in the US
Links 23/05/2026: Social Media Bans and Demise of Userbase of LLM Chatbots: Links for the day
SLAPP Censorship - Part 85 Out of 200: The United Kingdom's Rating for Press Freedom Has Improved, But We Can Do Even Better: we see the US at #64
Sites Realise That Becoming More Active by Using Bots (LLM Slop) is Self-Destructive: We'll soon (maybe next year) also show that some of the 85+ KG of legal papers sent our way are computer-generated garbage, which might run afoul of some rules
European Patent Office (EPO) Strikes Persist, EPO Management Tries to Give False Impression of "Happy Staff": EPO is trying to broadcast to the world a totally phony image of itself
Gemini Links 23/05/2026: Patience, LLM Chatbts Being Bad, and Unexpected Computer Surgery: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, May 22, 2026: IRC logs for Friday, May 22, 2026
Links 22/05/2026: Ebola Crisis and Samsung Averts a Walkout With Big Bonuses: Links for the day
The End of FOSSPost (fosspost.org), It Has become an LLM Slopfarm Like FOSSLinux: These sites will never get lucky with slop. These experiments always end badly.
Links 22/05/2026: Inflation Fears and Thailand Tightens Visa Rules for Tourists From Dozens of Nations: Links for the day
EPO Staff Representation Speaks of This Week's Discussion With the EPO's Budget and Finance Committee (BFC) Amid Mass Strikes: The Central Staff Committee's outline (prepared in a rush) or the "flash report"
SLAPP Censorship - Part 84 Out of 200: New Legislation Against SLAPPs on the Way (After We Reached Out to Ministers): They dealt with the matter individually too, but we won't share this in public, at least not at this time
The Corrupt Lecture the Non-Corrupt - Part XXX - Where Was "The Ethics and Compliance Team" When the Family of EPO President Campinos Was Caught Doing Cocaine?: It remains to be seen if national delegates will tolerate this in future meetings
Gemini Links 22/05/2026: Esperanto Music History, Suspicious Adoption of Signal, and Unauthorised LLM Slop in Code: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, May 21, 2026: IRC logs for Thursday, May 21, 2026