Bonum Certa Men Certa

Microsoft GitHub Exposé — Part X — Connections to the Mass Surveillance Industry (and the Surveillance State)

Series parts:

  1. Microsoft GitHub Exposé — Part I — Inside a Den of Corruption and Misogynists
  2. Microsoft GitHub Exposé — Part II — The Campaign Against GPL Compliance and War on Copyleft Enforcement
  3. Microsoft GitHub Exposé — Part III — A Story of Plagiarism and Likely Securities Fraud
  4. Microsoft GitHub Exposé — Part IV — Mr. MobileCoin: From Mono to Plagiarism... and to Unprecedented GPL Violations at GitHub (Microsoft)
  5. Microsoft GitHub Exposé — Part V — Why Nat Friedman is Leaving GitHub
  6. Microsoft GitHub Exposé — Part VI — The Media Has Mischaracterised Nat Friedman's Departure (Effective Now)
  7. Microsoft GitHub Exposé — Part VII — Nat Friedman, as GitHub CEO, Had a Plan of Defrauding Microsoft Shareholders
  8. Microsoft GitHub Exposé — Part VIII — Mr. Graveley's Long Career Serving Microsoft's Agenda (Before Hiring by Microsoft to Work on GitHub's GPL Violations Machine)
  9. Microsoft GitHub Exposé — Part IX — Microsoft's Chief Architect of GitHub Copilot Sought to be Arrested One Day After Techrights Article About Him
  10. YOU ARE HERE ☞ Connections to the Mass Surveillance Industry (and the Surveillance State)


GitHub: Where everything comes to die



Summary: Many people have long spoken about GitHub's ties to ICE; few have paid attention to intelligence ties, including the NSA and Nat Friedman's proximity to people from Palantir

"I saw your article expressing concerns about Nat Friedman's character on TechRights.org," a source has has told us. "I'm sure you're already aware of the various surveillance tech patents and his connections to Palantir."

"Over the past few years we've casually mentioned that -- putting programmes such as PRISM aside -- Microsoft hired from the NSA for leadership positions at GitHub."Those are software patents; some are connected to Novell. And there's also some interesting stuff in here. To quote: "During the course of a computer session, many actions may be performed on a computer. For several reasons, including increasing workforce productivity, it may be desirable to monitor these actions. Known applications enable monitoring of actions performed on the computer through logging of events, such as keystrokes, web sites visited, emails sent/received, windows viewed, and passwords entered. Known applications further enable capturing of screen shots at scheduled time intervals. Known event monitoring applications are typically run in stealth mode to make them undetectable to users of the monitored computer."

Spyware?

Well, purely moral objections aside, that one sounds like a software patent (which we oppose).

Over the past few years we've casually mentioned that -- putting programmes such as PRISM aside -- Microsoft hired from the NSA for leadership positions at GitHub. Moreover, GitHub introduced programmes wherein people's code will be silently 'fixed', without the developers' intervention. This exacerbated an already-worrying situation, as the NSA not only spies (through Microsoft) on everything in GitHub; it can control the supply chain and, in theory, can deliver specially-crafted downloads to people it wishes to spy on. Not an unprecedented strategy we might add...

As it turns out, there's more to it than we previously knew. We'll come to the 'meat' of it in just a moment.

"We remind readers that we wrote a great deal about Skype when Microsoft bought it, in effect taking a European company to the United States, then changing the network topology to make wiretapping easier."When you speak to people who have worked for a variety of companies and saw things from within you get to discover unwritten (mostly verbal) information. Our informants casually dropped some pointers. "Also want to say I have other tech abuses unrelated to these guys I've been exposed to that I wish were more reported on like ElasticSearch being a basically a public sector wing of the NSA..."

Well, the ElasticSearch story is also interesting, especially if we have documents related to this, because at my job we use ElasticSearch sometimes. I didn't know about connections to the NSA until those were shown to me. It's not imaginary; it's very real. "So I briefly worked with some former NSA people," a source told us, and "one of them said that people working at the NSA get tired of being restricted by federal law so they go into the private sector and turn surveillance into a product..."

We remind readers that we wrote a great deal about Skype when Microsoft bought it, in effect taking a European company to the United States, then changing the network topology to make wiretapping easier. About a year later, owing to Edward Snowden's NSA leaks, we saw that Microsoft had almost instantaneously added Skype to PRISM, a programmes in which Microsoft was the first (as if it was pioneered by Microsoft and the NSA).

"Another one [of the colleagues] said that ElasticSearch is significantly composed of ex-NSA."

"Well, almost nobody checks the binaries."So it's the same as Cloudera or Hortonworks (the company they bought; Red Hat's current CEO is coming from their board).

It's what some people call an "open secret"; a lot of companies in the US are connected to the military. A site called "Tech Inquiry" notes: "In the first of a two-part report, Easy as PAI (Publicly Available Information) dissects the subcontracting networks behind Project Maven, as well as its broader context in PAI aggregation within the Secure Unclassified Network (SUNet) and for US Special Operations Command (USSOCOM). We also map out the subcontracting networks involving US Department of Defense procurement of location-tracking technologies, including how they involve well-known think tanks."

"Elastic has Endgame now," our source noted, as "there's lots of stuff about them working with the NSA on their website; I don't know if there's any backdoors in their open source stuff but probably."

Well, almost nobody checks the binaries. It's just one among other issues and sadly a lot of people trust that anything they download from GitHub is 1) benign 2) received at the downloader's end with full integrity. In the age of 'Clown Computing' or 'SaaS' [sic] we're meant to just trust programs we have no control of and not even any real understanding of.

"In the age of 'Clown Computing' or 'SaaS' [sic] we're meant to just trust programs we have no control of and not even any real understanding of."On the subject of GitHub more specifically, "Nat Friedman has an executive assistant that worked at Palantir as Chief of Staff." Title is Chief of Staff to Global Head of Business Development at Palantir.

A close friend of Friedman has "also mentioned some friend of theirs that was an early employee at Palantir," according to the source, which "never got a name... told me he lives in Tarrytown and gave his wife a million dollars and she left him and he was selling his house..."

In the next part we'll continues to explore privacy/surveillance aspects. Also, there's a trial due one week from now.

If you know more, please get in touch with us. This is one of several parts about the "intelligence" ties of GitHub and other Microsoft tentacles.

Recent Techrights' Posts

We Covered UEFI 'Secure Boot' Scandals. The World Listened.
To hell with UEFI 'secure boot'
Fake News With Fake Numbers About Microsoft
"This is what happens when the world's economy is governed by sick old men"
Slopwatch: "Google News" is Fast Becoming a Mashup of Slopfarms, Linux Journal ("LJ") is a Dump of LLM Slop
Well done, Google News. Google itself can flourish as a slopfarm mashup.
Torturing Users Who Just Want to Run GNU/Linux on Their Own PC
"Linux does not want to install"
European Authorities, Already Bribed and Infiltrated by Microsoft, Won't Help You Find BigBlueButton, Jami, Ring, and Jitsi
Because they're paid by Microsoft and are Microsoft 'addicts' themselves
Moving From Content Management Systems (CMSs) to Static Site Generators (SSGs) Saves You Time, Makes You a Lot More Productive
try to reduce the cost (financial and computational) of running your site
Leak: European Patent Office (EPO) is Now Attacking Amicale Clubs
corruption has become the norm and scientists are robbed of any dignity
Oracle Fraud (or Defrauding Shareholders)
"the obvious [lie] is that watts are (wasted) electricity [and] and FLOPS are computing capacity"
Explaining (in Length and Depth) the Damage Matthew Garrett Did to Linux and to GNU/Linux Users
no matter how many threats we receive
 
Microsoft is Rapidly Dropped From Web Servers, Shows Survey
Microsoft lost about 8% "market share" in just 3 months
Many GNU/Linux Users Report MOK (Machine Owner Key) Issues in Recent Days
many people don't report this online and never post in Reddit
Links 13/09/2025: Escalations in East Europe and POTUS’ Health Cover-Up
Links for the day
Gemini Links 13/09/2025: Lagrange Turns 5 and Lagrange 1.19.2 Released
Links for the day
Microsoft Inside Your Linux: "Security vulnerability that allowed an attacker to bypass UEFI Secure Boot."
2 hours ago
A New Low for "Linux Journal": Promoting MICROSOFT WINDOWS Using LLM Slop
They've just jumped the shark entirely
The Register MS Still Takes Money to Hype Up "AI" in Articles by Microsoft Resellers With the Term "AI" 30+ Times in Them
Notice how many times they mention "AI"
The Apache Logo News is VERY Old, Racists and 'Anti-Woke' Bigots Look for Something to Incite Other Bigots With
Nothing to see here, move along
Linux Mint 9/11: "4th One Today..." (in Reddit)
Remember that not everyone having an issue reports it to social control media like Reddit
Nepal Will Fall Without a Single Shot Fired, Thanks to Social Control Media
Or very few shots (by the authorities)
European Corruption in the European Patent Office (EPO) Targets Culture
"In reality, the project includes a new “legal instrument” shifting administrative burden and liability on EPO staff while creating new uncertainty and externalising Amicale activities."
UEFI Secure Boot Failing, as Expected for Nearly 15 Years Already (Techrights Said This Since 2012)
in the media
Debian 9/11
people report this issue
Gemini and Web Links 13/09/2025: MElon's Slop Grift and "Autonomous Trains"
Links for the day
Pursuing Peace Through Violence
You cannot "see" a person's mind, until the mouth opens
Can We Please Stop Celebrating Shooters?
"An important point to hammer on is that CoCs were never intended for uniform or symmetric application"
Geminispace is Growing Faster in 2025 Than It Did in 2024
What matters is that corporations haven't ruined it and LLM slop is extremely rare
Links 13/09/2025: China Punishes for 'Negative' Posts, US Police Unable to Find Shooter
Links for the day
Who's the Mystery Financier of SLAPP Against Techrights and Is That a Millionaire/Billionaire?
Whose idea was it to fund meritless lawsuits against my wife and I?
Slopwatch: Slow Slop Day
This distracts from or may take traffic away from the original articles, actually written by actual people
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 12, 2025
IRC logs for Friday, September 12, 2025
CoC Gone Wrong: Celebrating Murder OK, Complaining About the Celebration Gets You Banned
Hopefully the NixOS Foundation will have a word with (maybe replace) the moderator/s
Gemini Links 12/09/2025: Familiarity and Secondary Dominants
Links for the day
Links 12/09/2025: "Bad Reviews" as Extortion Weapon, "Free Speech At Risk in America’s Schools" According to ACLU
Links for the day
Only One Speaker Does Not Do Sharecropping for MElon (in X.com)
The man who puts principles before PR/optics
The Mind of the 'Hulk Hogan of UEFI'
in a nutshell
A Day After "UEFI 9/11": UEFI Secure Boot Bypass
In the news today (right now), as published in the past few hours
Links 12/09/2025: Slop Code as Liability, Microsoft Outlook Down for Many
Links for the day
It's Still Not to Late to Turn Off "Secure Boot"
If people reboot their PC or server today, and it relies on "Secure Boot" on Sept. 12 or later, then depending on the firmware there may be trouble ahead
Links 12/09/2025: Shira Perlmutter is Back, “Software Per Se” Patent Rejections in In re McFadden
Links for the day
Slopwatch: Linux Plagiarism, Slopfarms Still Infesting Google News, Many Images Are Fake
Google is promoting plagiarism
"This Morning Might Turn Out to be an Interesting One for System Admins Who Haven't Updated Their Devices' Secure Boot Certificate" (If They Reboot)
Who asked for this anyway?
Gemini Links 12/09/2025: Metric System, Dumping Windows, and Software Architecture is Dead
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 11, 2025
IRC logs for Thursday, September 11, 2025
Microsoft Admits the Workers Have Lost Trust (Endless Layoffs, 12-13 Rounds of Layoffs This Year), So Now It's Trotting out Its Peter Bright-Like Media Prop Jordan Novet
What they don't want people to pay attention to right now
Links 11/09/2025: Windows TCO and Russian Drones Invading Poland (EU/NATO)
Links for the day
Gemini Links 11/09/2025: xkcd, misfin, and Alhena 5.3.2
Links for the day
Repetition of Last Summer (Microsoft Breaking Dual-Boot Systems)
UEFI 9/11 is about to kick in
UEFI 'Secure Boot' Boiling Frogs (Cannot Turn Off 'Secure Boot')
"MSI laptop is locked on Secure Boot and doesn't allow me to turn it off"
UEFI 9/11 Aftermath - Part IV: The 'Hulk Hogan of UEFI' and His 'Hideout' Holiday (Retreat From Reality)
Let's keep an eye on what matters
UEFI 9/11 Aftermath - Part III: Mr. 'Secure Boot' (Shim) and His Fake 'Holiday' (Sending My Wife and I Threatening E-mails on 9/11)
despite being on holiday, according to him, he finds time to instruct lawyers to contact my wife
UEFI 9/11 Aftermath - Part II: "The SecureBoot Thing Got Out of Hand."
The next few weeks might be... interesting
UEFI 9/11 Aftermath - Part I: "I Believe This Affects Thousands of Devices... Because Multiple Devices I Checked, Whether Client or Server [...] Affected."
Most people aren't even aware that this is happening or about to happen
The UEFI 9/11 - Part X - An Outline of the Series About Microsoft Sabotaging GNU/Linux (With Ramifications to Unfold Online in Coming Weeks as People Reboot)
Today is UEFI 9/11 (9/11/2025)
Ron Wyden: Microsoft Should be Held Accountable for Security Breaches (He Has Said This for Years Already, It Never Happens)
Negative media coverage isn't a fine and it does nothing to compensate Microsoft's billions of victims
Culture of silence: Ubisoft harassment convictions, Mozilla, Sylvestre Ledru & Debian make no comment
Reprinted with permission from Daniel Pocock
Disable 'Secure Boot' (If It Lets You)
it doesn't put you in control
Links 11/09/2025: "Hey Hi" Ponzi Schemes at Oracle (Unpaid Contracts) and Cindy Cohn is Leaving the EFF
Links for the day
Longtime Red Hat Staff: Maybe Just Disable 'Secure Boot'
A refreshing take from Adam Williamson
Gemini Links 11/09/2025: Playdate Console, Dichotomy between the Real and the Digital
Links for the day
A Dozen Observations About "UEFI 9/11" Deflections
What we are expected to see, tentatively
The Microsoft AstroTurfing and Microsoft-Led Blame-Shifting Tactics Are Ahead of Us
Of course it has nothing to do with security, it's about control, i.e. them controlling everything
Celebrating Assassination is Bad Because It Legitimises Assassination of the People You Like, Too
Condoning or even celebrating political assassinations is bad optics (and taste)
The World's Richest Ponzi Scheme (Faking Value Using Net Waste)
The higher they go the harder they fall
We Could Dual-Boot Back in the 1990s, Why Has This Become So Difficult?
And prone to breakage
Being Conditioned to Accept Unreliable Computer Systems That Fail With Black Screen of Death (BSoD)
Welcome to 2025
Slopwatch: Google News is Still Promoting Many Fake Articles About "Linux", in Effect Rewarding Misinformation and Plagiarism
things continue to deteriorate
New Series: The Coup Against GNU/Linux Has Begun
today, this year in particular, we shall also focus on Secure Boot, which is sold based on a lie and tortures many computer user
New Paper on "BYOVD, but in firmware. Signed UEFI shells, vulnerable modules offer new paths for Secure Boot bypasses."
One might say digital "security theatre"
Links 11/09/2025: Oracle Layoffs, Drunk Pilots in Japan Airlines, US-Korea Tensions Grow
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 10, 2025
IRC logs for Wednesday, September 10, 2025