Bonum Certa Men Certa

Microsoft GitHub Exposé — Part X — Connections to the Mass Surveillance Industry (and the Surveillance State)

Series parts:

  1. Microsoft GitHub Exposé — Part I — Inside a Den of Corruption and Misogynists
  2. Microsoft GitHub Exposé — Part II — The Campaign Against GPL Compliance and War on Copyleft Enforcement
  3. Microsoft GitHub Exposé — Part III — A Story of Plagiarism and Likely Securities Fraud
  4. Microsoft GitHub Exposé — Part IV — Mr. MobileCoin: From Mono to Plagiarism... and to Unprecedented GPL Violations at GitHub (Microsoft)
  5. Microsoft GitHub Exposé — Part V — Why Nat Friedman is Leaving GitHub
  6. Microsoft GitHub Exposé — Part VI — The Media Has Mischaracterised Nat Friedman's Departure (Effective Now)
  7. Microsoft GitHub Exposé — Part VII — Nat Friedman, as GitHub CEO, Had a Plan of Defrauding Microsoft Shareholders
  8. Microsoft GitHub Exposé — Part VIII — Mr. Graveley's Long Career Serving Microsoft's Agenda (Before Hiring by Microsoft to Work on GitHub's GPL Violations Machine)
  9. Microsoft GitHub Exposé — Part IX — Microsoft's Chief Architect of GitHub Copilot Sought to be Arrested One Day After Techrights Article About Him
  10. YOU ARE HERE ☞ Connections to the Mass Surveillance Industry (and the Surveillance State)


GitHub: Where everything comes to die



Summary: Many people have long spoken about GitHub's ties to ICE; few have paid attention to intelligence ties, including the NSA and Nat Friedman's proximity to people from Palantir

"I saw your article expressing concerns about Nat Friedman's character on TechRights.org," a source has has told us. "I'm sure you're already aware of the various surveillance tech patents and his connections to Palantir."

"Over the past few years we've casually mentioned that -- putting programmes such as PRISM aside -- Microsoft hired from the NSA for leadership positions at GitHub."Those are software patents; some are connected to Novell. And there's also some interesting stuff in here. To quote: "During the course of a computer session, many actions may be performed on a computer. For several reasons, including increasing workforce productivity, it may be desirable to monitor these actions. Known applications enable monitoring of actions performed on the computer through logging of events, such as keystrokes, web sites visited, emails sent/received, windows viewed, and passwords entered. Known applications further enable capturing of screen shots at scheduled time intervals. Known event monitoring applications are typically run in stealth mode to make them undetectable to users of the monitored computer."

Spyware?

Well, purely moral objections aside, that one sounds like a software patent (which we oppose).

Over the past few years we've casually mentioned that -- putting programmes such as PRISM aside -- Microsoft hired from the NSA for leadership positions at GitHub. Moreover, GitHub introduced programmes wherein people's code will be silently 'fixed', without the developers' intervention. This exacerbated an already-worrying situation, as the NSA not only spies (through Microsoft) on everything in GitHub; it can control the supply chain and, in theory, can deliver specially-crafted downloads to people it wishes to spy on. Not an unprecedented strategy we might add...

As it turns out, there's more to it than we previously knew. We'll come to the 'meat' of it in just a moment.

"We remind readers that we wrote a great deal about Skype when Microsoft bought it, in effect taking a European company to the United States, then changing the network topology to make wiretapping easier."When you speak to people who have worked for a variety of companies and saw things from within you get to discover unwritten (mostly verbal) information. Our informants casually dropped some pointers. "Also want to say I have other tech abuses unrelated to these guys I've been exposed to that I wish were more reported on like ElasticSearch being a basically a public sector wing of the NSA..."

Well, the ElasticSearch story is also interesting, especially if we have documents related to this, because at my job we use ElasticSearch sometimes. I didn't know about connections to the NSA until those were shown to me. It's not imaginary; it's very real. "So I briefly worked with some former NSA people," a source told us, and "one of them said that people working at the NSA get tired of being restricted by federal law so they go into the private sector and turn surveillance into a product..."

We remind readers that we wrote a great deal about Skype when Microsoft bought it, in effect taking a European company to the United States, then changing the network topology to make wiretapping easier. About a year later, owing to Edward Snowden's NSA leaks, we saw that Microsoft had almost instantaneously added Skype to PRISM, a programmes in which Microsoft was the first (as if it was pioneered by Microsoft and the NSA).

"Another one [of the colleagues] said that ElasticSearch is significantly composed of ex-NSA."

"Well, almost nobody checks the binaries."So it's the same as Cloudera or Hortonworks (the company they bought; Red Hat's current CEO is coming from their board).

It's what some people call an "open secret"; a lot of companies in the US are connected to the military. A site called "Tech Inquiry" notes: "In the first of a two-part report, Easy as PAI (Publicly Available Information) dissects the subcontracting networks behind Project Maven, as well as its broader context in PAI aggregation within the Secure Unclassified Network (SUNet) and for US Special Operations Command (USSOCOM). We also map out the subcontracting networks involving US Department of Defense procurement of location-tracking technologies, including how they involve well-known think tanks."

"Elastic has Endgame now," our source noted, as "there's lots of stuff about them working with the NSA on their website; I don't know if there's any backdoors in their open source stuff but probably."

Well, almost nobody checks the binaries. It's just one among other issues and sadly a lot of people trust that anything they download from GitHub is 1) benign 2) received at the downloader's end with full integrity. In the age of 'Clown Computing' or 'SaaS' [sic] we're meant to just trust programs we have no control of and not even any real understanding of.

"In the age of 'Clown Computing' or 'SaaS' [sic] we're meant to just trust programs we have no control of and not even any real understanding of."On the subject of GitHub more specifically, "Nat Friedman has an executive assistant that worked at Palantir as Chief of Staff." Title is Chief of Staff to Global Head of Business Development at Palantir.

A close friend of Friedman has "also mentioned some friend of theirs that was an early employee at Palantir," according to the source, which "never got a name... told me he lives in Tarrytown and gave his wife a million dollars and she left him and he was selling his house..."

In the next part we'll continues to explore privacy/surveillance aspects. Also, there's a trial due one week from now.

If you know more, please get in touch with us. This is one of several parts about the "intelligence" ties of GitHub and other Microsoft tentacles.

Recent Techrights' Posts

Linux and the Freedom Paradox
Linux is losing freedom if some external actors who only use Microsoft tools for development wrest control
Watch the FSF Party Live (via Livestream)
It's in WebM format, which is widely supported by now
Advocacy of Software Freedom Changed, LUGs Became Less Relevant
The way we see it, support groups like LUGs sort of outlived their usefulness when it became easier to install GNU/Linux
For the Second Time in a Few Weeks Microsoft Lunduke Makes False Accusations Against Senior Red Hat Staff to Incite a Despicable 'Troll Army'
Nothing that Microsoft Lunduke claims or says can be trusted
Compromised by NVIDIA Proprietary Library
Meanwhile in Boston there are "[r]oundtable talk with FSF volunteers (both in-person and online)"
How Software Patents Were Viewed or Their General Status Changed Over Time
A rough summary
 
The Free Software Foundation's Livestream Has Ended, Video/s Might be Online Next
I've asked whether they'll upload video of some of the event; I still wait for an answer
The Register MS Does Not Know the Difference Between Microsoft GitHub and GitLab
At the time of writing (October 5) the article from "Thu 2 Oct 2025" remains uncorrected
"Bullshit Generators" (What RMS Calls LLMs) and Fake Images Already Target the FSF
Why does Google News promote fake articles about the FSF while omitting all the real ones?
Software Patents as a Bubble
Don't invest resources in hype; if you detect a bubble, run away from it
Links 05/10/2025: Political Leftovers, Climate Change, and Security Incidents
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 04, 2025
IRC logs for Saturday, October 04, 2025
When Microsoft "Integrates" Something With "AI" It Means It's Losing Money and Is Generally Hopeless
how did Bing fare after 36 months of LLM slop being hyped up as "replacement" for search?
Most Certificates Don't Improve Security, They Mostly Increase Downtime (for No Good Reason)
The 'Gemini sites' (capsules) are a growing force
The statCounter Site Has Data Integrity Problems
Maybe we'll get back to statCounter when its data becomes more "stable" again
10 Ways to Combat Software Patents
software patents are loathed also by proprietary software developers
"Just a Little Bit of Meat..."
Free software "absolutism" is not a radical stance, more so if the only "radical" belief the user possesses is that he or she must be in control of his or her software, and by extension his or her computer
Red Hat is Ignoring the Free Software Community, It's a "Fortune 1000" Vendor
Red Hat's blog also participates a lot in promoting of Wall Street's latest pump-and-dump "AI" scheme
Free Software Foundation Party Has Begun
We shall be focusing a lot on software patents today
Former Head of the Federal Trade Commission (FTC) Lina Khan Knows Whatever Microsoft Touches Will Die
Just like Skype (as recently as months ago) [...] When Microsoft grabs things, or when it buys things, it almost never ends well
Slopwatch: Fake Articles About LibreOffice in Austria and Wine 10.16
very short
Links 04/10/2025: "attempted Coup" Noted in Facebook, Russia Kills Journalists via Drones
Links for the day
Gemini Links 04/10/2025: Anesthesia and Baudpunk
Links for the day
Links 04/10/2025: "Privacy Harm Is Harm", Criticism Outlawed in US
Links for the day
Garmin Uses Linux for Some of the Garmin Products, Now It's Sued by Strava Using Software Patents
Software patents should never have been granted in the first place
Richard Stallman Will Give a Talk in Sweden in 6 Days
Dr. Stallman, despite his battle with cancer is still alive and mentally sharp
FSF Turns 40
We'll be focusing on patent-related topics this weekend
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, October 03, 2025
IRC logs for Friday, October 03, 2025
Gemini Links 04/10/2025: Distro Hopping and "Part Time"
Links for the day
We Are Turning 19 in One Month, FSF Turns 40 in 3 Hours (CET)
For our anniversary next month we still have no concrete plans
Patent Docs (or PatentDocs) Learned the Wrong Lessons From the Death of TypePad
Had they gone ahead with an SSG, they'd become a lot more future-proof
USPTO Patent Bubble Already Imploding, After Decades of Artificial Inflation, Entire Offices Close for Good
we can deduce that financial pressures (lack of "demand" for monopolies) play a role
TikTok is Not Harmless (Being CheeTok in the US Will Advance Orange Agenda)
Social control media isn't "fun and games"; it's a digital weapon that lets hostile groups or nations infiltrate others, then turn them against themselves
Andy Farnell and Helen Plews Explain What "Modern" Tech Does to Old People
Imposing terrible tech "religion" on people is not helping them
Tomorrow the Free Software Foundation (FSF) Turns 40 and Its Web Site is Still Slow Due to DDoS by LLM Slop Bots
For an advocacy group, uptime is important (for its message to remain accessible)
Slopwatch: Google News as a Firehose of LLM Slop About "Linux"
Google News is really bad
Datamation, Where I Used to Publish Articles, Appears to Have Been Sold to TechnologyAdvice Only to Become a Slopfarm
I'd prefer to not associate with that site anymore
Links 03/10/2025: "NPR’s Economics Lessons Come With Neoliberal Spin" and Canada Post at Risk
Links for the day
Gemini Links 03/10/2025: Panic Attacks and Food Adulteration
Links for the day
Links 03/10/2025: Lawyers Caught Using LLM Slop Explain Why They Did It, LibreSSL 4.1.1 and 4.0.1 Released
Links for the day
FSF Board Grew 50% Since Last Year, Has New President, Turns 40 in Two Days
It's a good move for the FSF and - by extension - for software freedom
Links 03/10/2025: Conflicts, Death of TypePad, and TikTok/CheeTok Gives a Boost to Far Right Groups in Europe
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 02, 2025
IRC logs for Thursday, October 02, 2025
Slopwatch: Linux Journal, Google News, and LinuxSecurity
They carry on polluting the Web with fake articles
Gemini Links 02/10/2025: Kubernetes With FreeBSD and robots.txt
Links for the day