Bonum Certa Men Certa

Debian Conflict of Interest Register

posted by Roy Schestowitz on Mar 13, 2024,
updated Mar 13, 2024

Reprinted with permission from Daniel Pocock.

Does Debian need a Conflict of Interest register?

People have asked for it several times. Cabal members have always refused.

Over the last few years, I've had various questions from people about how much they can really trust certain people in Debian.

Vigilantes claim to have a Code of Conduct for Debian. But a Code of Conduct is worthless without any process for managing Conflict of Interest. Last weekend the DebConf8 room allocation data was published somewhere on the Internet and this gives some scary insights into Conflict of Interest.

Privacy of accommodation data

Most people would assume that a data set like this is somewhat private and an organization like Debian would be competent in keeping it private.

Maintaining the privacy of the data requires both technical and social best practice. As we saw in the evidence about Debian harassment culture being a factor in suicides, it isn't the best social environment. A poor social environment is going to struggle to maintain effective privacy.

In relation to the privacy of DebConf personal data, one of the most glaring lapses came with the Albanian scandal. The former Debian Project Leader, Chris Lamb, first visited Albania in 2017. One of the women spent two years visiting events with Lamb. She was seated next to Lamb at the DebConf19 dinner in Brazil. Eight weeks later, she was selected for a $6,000 Outreachy internship.

When you look at the photos and travel itineraries, there is no evidence that the woman did anything wrong. There is a strong hint that Chris Lamb was smitten with this girl. All the rules on funding were relaxed.

When they gave the woman the Outreachy placement, she writes that she had to begin learning Git and at the same time, they simply gave her access to the DebConf Git repository. The repository contains a lot of private information about participants throughout the whole history of DebConf.

I do not believe this woman is any less trustworthy than any other volunteer. On the other hand, the ease with which Lamb gave a smiling newcomer access to this data and the manner in which funding rules were violated suggests that Debian security has some soft spots.

DebConf8 bed allocation: a fresh perspective on DebConf6 violence

A few weeks ago, I wrote about the manner in which two volunteers, Moray Allan and Holger Levsen, allegedly assaulted and physically expelled Ted Walther from DebConf6.

The summary of the incident includes the following text:

At this point Holger and Moray, as mentioned above, manhandled Ted across the dining hall to the door, where they were intercepted by John.

In my subsequent blog about the topic, I published an email from Amaya Rodrigo Sastre where she appears to be justifying violence towards Mr Walther, the victim:

I explained to her that what was going on had nothing to do with her, that it was a problem with Ted and that I believed Ted was a dangerous person and that she should be careful.

Amaya's defamatory emails have been made available to over 1,000 Debian Developers who have had access to the debian-private archives. 16 years have passed. Many people will not know or remember that Amaya had a conflict of interest.

In fact, Amaya had a relationship with Holger, one of the aggressors. She was writing these emails to disparage Mr Walther and take the pressure off her unstable boyfriend.

The relationship appears to be confirmed in the DebConf8 room list, here we see Amaya and Holger sharing a room:

Amaya Rodrigo Sastre, Holger Levsen, Margarita Manterola, Maximiliano Curia, Damian Viano, Martina Ferrari, Gregor Herrmann

Amaya could have added a disclaimer to her emails to declare a conflict of interest but she didn't do so. How can we ensure that people who see her emails in future will be aware of this vital fact?

Another thing to notice in the room list is that Margarita Manterola and Maximiliano Curia were able to share a room. Marga is the Google employee who sent me a hideous email telling me that Carla was not welcome to share the food at DebConf. Looking at the DebConf8 room list, we can see that these people behave like the pigs in Animal Farm. George Orwell has simplified the Code of Conduct down to just one sentence:

All animals are equal but some animals are more equal than others

This is significant for all users and contributors to Debian. This type of toxic social phenomena creates friction against innovation, it undermines privacy and it undermines security of the final software product.

Please see some of my other pages about how Outreachy fell into disrepute.

Other Recent Techrights' Posts

This Saturday It's Gonna be 3.5 Years* Since Russia Invaded Ukraine. No Microsoft Protests Against Microsoft Having Provided Russia With Services.
Companies do not have consistent policies and enforcement of "corporate values" is somewhat of an egg salad
Slopwatch: Sites Gone Rogue, Google Promoting Lies, and DDoS Attacks by Plagiarism Giants
Charlatans and frauds engage in a war against artistic industries, mislabeling plagiarism as "AI"
End of the Smartphone Era? No.
Maybe the media should focus on producing accurate, factual news
Latest Is Not Greatest: The Case of "Foldable" Tech
don't be shamed into abandoning old things just because the "fashion industry" of Apple and Samsung tells you to
 
Microsoft Has Issues in Guyana
It's not just Guyana
About 25% of the "Linux" News/Results in Google News Today Are LLM Slop, Almost 20% From the Same Rogue Operators of Slopfarms
Google, which tries to market itself as an LLM giant, apparently fails to understand what's wrong with it
Harassing People on Holiday
There are "no-go areas"; but that assumes all laws firms have ethical standards
The Great, Undeniable Value of Paper Trail, Not Purely Digital Systems
Suppose you have nothing but bits on someone else's computer and "word of mouth"...
The Company Behind Ars Technica, Reddit and Wired Caught Publishing LLM Slop (It Also Admits It Now)
Condé Nast busted
Links 22/08/2025: Lagrange 1.18.8, Wired Magazine and Business Insider Caught Resorting to LLM Slop
Links for the day
Links 22/08/2025: Cisco Layoffs, LA Times Says "AI Hype is Fading Fast"
Links for the day
Gemini Links 22/08/2025: K for Kentucky and Caddy Versus LLM Slopbots
Links for the day
The "End Software Patents" Initiative of the FSF Explains "WHY [to] ABOLISH SOFTWARE PATENTS"
We hope to cover patent-related issues more and more as the big anniversary of the FSF approaches
Freenode Sniffing
The grown-ups left the building
The Only Thing Worse Than Misinformation is Misinformation Sold to Everyone as "Intelligence"
Misplaced trust is worse than none at all
The Register MS Now Openly Admits LLM Hype Does Damage, But It's Also Being Paid to Participate in the LLM Hype (With Paid 'Articles' and 'Webcasts' for Paying Advertisers)
The Register MS gets paid to do this
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, August 21, 2025
IRC logs for Thursday, August 21, 2025
Enshittification of Airports, Airlines, and Airplanes
If people are willing to tolerate standard declines and enshittification (nowadays sold as "pivot to AI" or "replaced by AI" or "AI layoffs") they will pay for it some other way
Airlines and Their Tricks That Only Work in the 'Digital Age'
People sceptical of the direction technology has taken are not "Luddites"
Open Source Initiative (OSI), Which Became a Propaganda Front of Microsoft and "Hey Hi" (Hype, Misnomer), Wants You to Forget These Scandals
A lot of these issues won't be set aside until there's a resolution
The Culture of Overnight Coding
An industry-wise push-back is needed
Windows Down to New Lows in Guinea Bissau and Many Countries Around It
If Android is accounted for, Windows is down to about 10%
Gemini Links 21/08/2025: Modern Dating, Debian 13, and Apache
Links for the day
Microsoft Has Had About 10 Waves of Mass Layoffs So Far This Year (Not Two as Mainstream Media and Slopfarms Endlessly Claim)
Notice how the MSM (Mainstream Media) never mentions the debt of Microsoft. It is a conscious, deliberate decision.
Links 21/08/2025: Covid Cases on the Rise, "Social Media Trolls", Russia's Attacks Intensify
Links for the day
Gemini Links 21/08/2025: The Attraction of Back Alleys, Initramfs, and BSD ISPs
Links for the day
Links 21/08/2025: Stephanie Shirley Dies and "Groklaw Domain Hijacked?"
Links for the day
Search in 2025 (Age of DDoS Attacks Under the Guise of "AI" "Innovation")
One common concern when things go "live" is that any random bot out there can execute queries, pumping up RAM and CPU usage, as happened when we used MediaWiki and WordPress
Using Slop for Images Does Not Make Your Site Look Advanced or Witty, It Just Makes Your Whole Work Look Like Presumed Plagiarism
Lazy slobs and Serial Sloppers use the guise/excuse of "AI" to plagiarise and spam the Web
Financing of the "Hey Hi" (AI) Bubble by Those Who Profit From Planetary Destruction (Global Warming)
It's about personal gain, too
Richard Stallman Will Speak in Ethereum Cypherpunk Congress
it's good to see that the FSF pays considerable respect to it founder, who is moreover invited to speak at events
(At Least) Second Wave of Mass Layoffs in Microsoft This Month
This is not the first time this month that Microsoft has mass layoffs
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, August 20, 2025
IRC logs for Wednesday, August 20, 2025
IBM Operatives Inside The Register MS and More Shady Money to Follow
The Register MS bites every banknote it can sink its teeth into
On the Internet, Nobody Knows Microsoft and Windows Are Becoming Niche Players Until Data is Shown Correctly, Not Microsoft-Sponsored Articles in Microsoft Publishers
Microsoft controls a lot of publishers and thus it controls information
Slopwatch: Serial Sloppers and Slopfarms in Google News (e.g. Linux Journal and WebProNews)
Google plays an active role (if not deliberately then through utter neglect and carelessness) in plagiarism
Links 20/08/2025: Mass Surveillance Framed as "Artificial Intelligence" (All Old Things Reworded to Misframe Old Computer Issues), Europe Resists Capitulation to US(SR)
Links for the day
Gemini Links 20/08/2025: Trips and Permacomputing
Links for the day
Links 20/08/2025: Oracle Layoffs in India, "AI" Scammers/Profiteers Admit It's a "Bubble", Softbank-Saudi (Oil) Control Tech Companies
Links for the day
Social Control Networks Give You False Metrics to 'Addict' You To Them
Leaving social control media may seem hard, but the same is true for any other addiction
A Lot of What Happened in Twitter Was Bots, Botfarms, and Troll Farms. It's Even Worse Now (Under X.com) and People Are Noticing.
Last month we said the same was happening in YouTube
Microsoft May Have Become - at Least Partially - Like a Boiler Room Scam
Giving imaginary salaries using imaginary tokens based on imaginary value (with restrictions on conversion to cash)
In Vietnam, Microsoft's Search Engine "Market Share" Fell to Almost 0%, CocCoc More Than 5 Times Bigger
Why are people still investing in this company?
All That's Left of MSNBC (Microsoft-NBC) is Microsoft NOW
When plutocrats and large corporations (even deep in debt) buy all the communication channels
The Register MS, Paid to Promote "AI" Hype, Does "Sez" (Says) Pieces
every bubble-funded "news" site tries to make it a story about "AI"
Many Companies Are Run by Liars Who Ride Other People's Money
Or steal it
Before CoreAI There Was Builder.ai
GitHub isn't about "AI" (just a bunch of lies and storytelling for shareholders' patience)
Microsoft Windows in Croatia at New Lows
We've been keeping track of this trend for a while
Using the Best Tool/s for the Job: RSS Feeds and RSS Readers
Use RSS feeds. Reject those "modern" Web things
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, August 19, 2025
IRC logs for Tuesday, August 19, 2025
Gemini Links 20/08/2025: Neovim, XML, and Alhena 5.2.9
Links for the day