Bonum Certa Men Certa

Sirius ‘Open Source’ Outsourcing Confidential Information to Spying Companies in Another Continent

Putin koala: I got all of his passwords! Not my fault!

Summary: The Sirius ‘Open Source’ management made the decision (without any consultation with the staff affected) to outsource key operations to foreign, third-party entities that are subjected to the US government's prying eyes and several of the National Security Agency's programs; this affected clients as well (usually without their awareness, let alone consent)

THIS is the last part of the third section of a report I left with the company before leaving at the start of this month. There will be a lot more information about this scandal next month. Recent E-mails are appended below (with certain stuff redacted for privacy's sake).

I cautioned about this repeatedly (for about 4 years) and suffered retribution, threats, and more. Nothing has improved since then.

As just a little sample, please see the E-mails at the bottom (recent); shared in the future will be some longer E-mails about this issue.

But first... the report.




The morale around that time was low, set aside COVID-19 becoming a growing problem, along with lock-downs. Roy noted that in order to comply with the law he cannot post clients' details on the Slack network. So he chose to obey the regulations and the law, in line with security standards. Stuff like "hi" is probably considered OK and safe enough for Slack, but not addresses, passwords etc. Things have not improved since, as the final section notes again (with examples).

This long section, along with written messages as evidence, is very important. Bad leadership worsened the corporate climate and changed how people viewed the company from within, if not from the outside as well.

This document now proceeds to a discussion about the latest and maybe the final blow. The company already had capacity issues (not enough staff to cover shifts) and now it's even worse.

Roy and Rianne hoped to prevent a 'death spiral' and ironically enough it seems like the company wants to accelerate its own 'death spiral', due to tactless, insensitive remarks.




One of many messages to that effect -- messages which I was sending for years to highlight the problem. Of course nothing was done about this; usually there was not even as much as a reply. Hush hush as a company-wide policy...

This one is from August of this year:

Date: Tue, 30 Aug 2022 09:00:50 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050317
 Thunderbird/1.0.2 Mnenhy/0.7.4.0
From: Roy Schestowitz
Subject: Handover to Shift 2 (30/08/22)
To: [whole team]



[...]

https://www.darkreading.com/cloud/lastpass-data-breach-source-code-stolen

users need to change all the passwords they have there and not keep them there if they value real security not paper mills.


Another one from August of this year:

Date: Thu, 11 Aug 2022 03:10:53 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050317
 Thunderbird/1.0.2 Mnenhy/0.7.4.0
Content-Language: en-US
From: Roy Schestowitz
Subject: Slack admits to leaking hashed passwords for five years
To: [whole team]
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit



https://nakedsecurity.sophos.com/2022/08/08/slack-admits-to-leaking-hashed-passwords-for-three-months/

Does not surprise me at all. They only admit this because they got caught, hence they need to spin this somehow, belittling the severity, just as LastPass did after several blunders (it had suffered a breach). The way forward is self-hosting and encrypting things (on server one controls, not leasing).

Recent Techrights' Posts

The World's 'Richest Country' Chooses GNU/Linux
This has gone on for quite some time
Apple's LLM Slop Told Us Luigi Mangione Had Shot Himself, BetaNews Used LLMs to Talk About a Dead Linus Torvalds
They can blame it on some bot
Technology: rights or responsibilities? - Part XI
By Dr. Andy Farnell
GNU/Linux and ChromeOS in Qatar Reach 4%, an All-Time High
Qatar has money to spend, but not much of it will be spent on Microsoft, or so one can hope
This 'Article' About "Linux Malware" is a Fake Article, It's LLM Slop (Likely Spewed Out by Microsoft Chatbot)
They're drowning out the Web
Early Retirement Age: Linus Torvalds Turns 55 Next Week
Now he's almost eligible for retirement in certain European countries
 
Links 23/12/2024: North Korean Death Toll in Russia at ~1,100, Oligarch Who Illegally Migrated/Stayed (Musk) Shuts Down US Government
Links for the day
Richard Stallman on Love
Richard Stallman's personal website includes a section that lists three essays on the subject of love
Microsoft, Give Me LLM Slop About "Linux" and "Santa", I Need Some Fake Article...
BetaNews is basically an LLM slop site
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 22, 2024
IRC logs for Sunday, December 22, 2024
Links 22/12/2024: Election Rants and More Sites Available via Gemini
Links for the day
Links 22/12/2024: North Pole Moving and Debian's Joey Hess Goes Solar
Links for the day
Gemini Links 22/12/2024: Solstice and IDEs
Links for the day
BetaNews: Microsoft Slop is Your "Latest Technology News"
Paid-for garbage disguised as "journalism"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 21, 2024
IRC logs for Saturday, December 21, 2024
Links 21/12/2024: EU on Solidarity with Ukraine, Focus on Illegal and Unconstitutional Patent Court in the EU (UPC)
Links for the day
[Meme] Microsofters at the End of David's Leash
Hand holding the leash. Whose?
Deciphering Matt's Take on WordPress, Which is Under Attack From Microsofters-Funded Aggravator
the money sponsoring the legal attacks on WordPress and on Matt is connected very closely to Microsoft
Gemini Links 21/12/2024: Projections, Dead Web ('Webapps' Replacing Pages), and Presentation of Pi-hole
Links for the day
American Samoa One of the Sovereign States Where Windows Has Fallen Below 1% (and Stays Below It)
the latest data plotted in LibreOffice
[Meme] Brian's Ravioli
An article per minute?
Links 21/12/2024: "Hey Hi" (AI) or LLM Bubble Criticised by Mainstream Media, Oligarchs Try to Control and Shut Down US Government
Links for the day
LLM Slop is Ruining the Media and Ruining the Web, Ignoring the Problem or the Principal Culprits (or the Slop Itself) Is Not Enough
We need to encourage calling out the culprits (till they stop this poor conduct or misconduct)
Christmas FUD From Microsoft, Smearing "SSH" When the Real Issue is Microsoft Windows
And since Microsoft's software contains back doors, only a fool would allow any part of SSH on Microsoft's environments, which should be presumed compromised
Paywalls, Bots, Spam, and Spyware is "Future of the Media" According to UK Press Gazette
"managers want more LLM slop"
Google Has Mass Layoffs (Again), But the Problem is Vastly Larger
started as a rumour about January 2025
On BetaNews Latest Technology News: "We are moderately confident this text was [LLM Chatbot] generated"
The future of newsrooms or another site circling down the drain with spam, slop, or both?
"The Real New Year" is Now
Happy solstice
Microsoft OSI Reads Techrights Closely
Microsoft OSI has also fraudulently attempted to censor Techrights several times over the years
"Warning About IBM's Labor Practices"
IBM is not growing and its revenue is just "borrowed" from companies it is buying; a lot of this revenue gets spent paying the interest on considerable debt
[Meme] The Easier Way to Make Money
With patents...
The Curse (to Microsoft) of the Faroe Islands
The common factor there seems to be Apple
Electronic Frontier Foundation Defends Companies That Attack Free Speech Online (Follow the Money)
One might joke that today's EFF has basically adopted the same stance as Donald Trump and has a "warm spot" for BRICS propaganda
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 20, 2024
IRC logs for Friday, December 20, 2024
Gemini Links 21/12/2024: Death of Mike Case, Slow and Sudden End of the Web
Links for the day