Bonum Certa Men Certa

The ISO Delusion: When the Employer Doesn’t Understand the Company's Value Proposition (Building Systems) and Rejects Security

Probably the final week of this series

Sirius Open Source watersideSummary: Sirius 'Open Source' has failed to sell what it was actually good at; instead it hired unqualified people and outsourced almost everything

THIS is the part of this series where we focus on examples of Sirius failing on technical merits and compliance/conformance. Eventually we decided to show redacted E-mails on ISO along with my copied messages to management regarding bollocking and how it all started, me asking for an apology etc. Being accredited or recognised isn't the same as being capable and potent. As I mentioned in the very first post in this series, when I joined the company it was different beyond recognition. The company had its own hosting (in its own premises). In 2022 we were suffering habitual outages as we don't control our systems anymore (Slack, AWS downtimes were common; in prior years clients that relied on Clownflare also suffered outages due to Clownflare rather than their own hosting). To make matters worse, there were security breaches and the company ignored them. I kept bringing that to management's attention, only to be ignored or rebuffed. Remember this hoax of Citation/Atlas was covered in Techrights years ago. Sirius does not teach its staff real security and does not hire people who understand or value security.



"Sirius does not teach its staff real security and does not hire people who understand or value security."The company had a bizarre trajectory of moving from self-hosted (e.g. Asterisk), then outsourced (but still Free software, 'managed' Asterisk), then outsourced proprietary spyware like Google Voice. If "Open Source has won" and if Free software is becoming more widely used, then why is Sirius going in the exact opposite direction of what it was advocating? This is a management decision. It's not the fault of technical staff -- the staff which all along opposed this.

Notice the practice of password outsourcing. Here's a direct quote sent in a request to me personally: "Put the WordPress credentials (admin user, etc) in a lastpass note and share it with xxxxx (securely, within lastpass) and we'll be setting up a very temporary and basic portal to share info across the team, to help keep everyone better updated given how Absolutely Mentally Busy it is right now. It's entirely for internal use when on the VPN."

"It's not the fault of technical staff -- the staff which all along opposed this."It's another example of mishandling access credentials inside third parties (Slack, LastPass etc.), oftentimes not just rejecting "Open Source" but actively ripping apart Open Source things that work, replacing them with technically inferior and likely illegal (in some cases, due to data protection) proprietary stuff.

The management did even worse than this; it failed to do very basic things, such as sending payslips and sometimes paying the pension provider. Instead they made colourful excuses, so I decided to take photographs of letters from the pension provider, recalling those blunders and deciding that it's worth discussing belatedly (and maybe add E-mails also; there were loads of E-mails about payslips, not just pensions, spanning different years from 2018 until the present day; there were phonecalls too, but those aren't recorded).

The management was also bad at communication and correspondence. See the example below (2019):

Subject: Re: I need these tickets dealt with by support Date: Thu, 3 Oct 2019 11:15:56 +0100 From: Rianne Schestowitz xxxxxxx To: xxxxxxx CC: xxxxxxx

Hi xxxxxxx,

I responded to this email last weekend. Please check your inbox. If you haven't received it, I can send it again.

Many thanks,

Rianne

-- Rianne Schestowitz, NOC Extension 2834423 Sirius - stress free technology http://www.siriusopensource.com t: xxxxxxx

> Hi, > > I need these tickets dealt with by support. > > 1. Ticket#108642: Roy or xxxxxxx need to answer about security. > 2. Ticket#108813: Replied with more questions. Can't reproduce the > error so far. Back with Support, awaiting feedback. > 3. (Multiple) Tickets relating to masking - Code fix done, Release done > and in live. Check with each client once data reimported. Support > team can do this. xxxxxxx have already confirmed it works. > > 1. Ticket#108833: Already fixed, just needs a fresh xxxxxxx import. > 2. Ticket#108769: The masking fix is done, we just need to schedule a > reload. > > > > xxxxxxx xxxxxxx > Sirius - stress free technology > http://www.siriusopensource.com > Tel: xxxxxxx



This was the year bullying against staff started, not too long after Gates Foundation money had landed under an NDA and something called Sirius Open Source Inc. was quietly formed in the state of Washington (where Microsoft and Gates are).

"Inaction and retaliation led to what became of it, spilling the beans out in public."We spent nearly a month explaining what I had already written internally before resigning; we remembered to publish the entire PDF at the end (crossposted in my personal site too) as it is important to emphasise that I raised most of these concerns for years inside the company. Inaction and retaliation led to what became of it, spilling the beans out in public. I never did anything even remotely like this with any of my past employers.

Recent Techrights' Posts

Watch the FSF Party Live (via Livestream)
It's in WebM format, which is widely supported by now
Advocacy of Software Freedom Changed, LUGs Became Less Relevant
The way we see it, support groups like LUGs sort of outlived their usefulness when it became easier to install GNU/Linux
For the Second Time in a Few Weeks Microsoft Lunduke Makes False Accusations Against Senior Red Hat Staff to Incite a Despicable 'Troll Army'
Nothing that Microsoft Lunduke claims or says can be trusted
Compromised by NVIDIA Proprietary Library
Meanwhile in Boston there are "[r]oundtable talk with FSF volunteers (both in-person and online)"
How Software Patents Were Viewed or Their General Status Changed Over Time
A rough summary
 
Software Patents as a Bubble
Don't invest resources in hype; if you detect a bubble, run away from it
Links 05/10/2025: Political Leftovers, Climate Change, and Security Incidents
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 04, 2025
IRC logs for Saturday, October 04, 2025
When Microsoft "Integrates" Something With "AI" It Means It's Losing Money and Is Generally Hopeless
how did Bing fare after 36 months of LLM slop being hyped up as "replacement" for search?
Most Certificates Don't Improve Security, They Mostly Increase Downtime (for No Good Reason)
The 'Gemini sites' (capsules) are a growing force
The statCounter Site Has Data Integrity Problems
Maybe we'll get back to statCounter when its data becomes more "stable" again
10 Ways to Combat Software Patents
software patents are loathed also by proprietary software developers
"Just a Little Bit of Meat..."
Free software "absolutism" is not a radical stance, more so if the only "radical" belief the user possesses is that he or she must be in control of his or her software, and by extension his or her computer
Red Hat is Ignoring the Free Software Community, It's a "Fortune 1000" Vendor
Red Hat's blog also participates a lot in promoting of Wall Street's latest pump-and-dump "AI" scheme
Free Software Foundation Party Has Begun
We shall be focusing a lot on software patents today
Former Head of the Federal Trade Commission (FTC) Lina Khan Knows Whatever Microsoft Touches Will Die
Just like Skype (as recently as months ago) [...] When Microsoft grabs things, or when it buys things, it almost never ends well
Slopwatch: Fake Articles About LibreOffice in Austria and Wine 10.16
very short
Links 04/10/2025: "attempted Coup" Noted in Facebook, Russia Kills Journalists via Drones
Links for the day
Gemini Links 04/10/2025: Anesthesia and Baudpunk
Links for the day
Links 04/10/2025: "Privacy Harm Is Harm", Criticism Outlawed in US
Links for the day
Garmin Uses Linux for Some of the Garmin Products, Now It's Sued by Strava Using Software Patents
Software patents should never have been granted in the first place
Richard Stallman Will Give a Talk in Sweden in 6 Days
Dr. Stallman, despite his battle with cancer is still alive and mentally sharp
FSF Turns 40
We'll be focusing on patent-related topics this weekend
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, October 03, 2025
IRC logs for Friday, October 03, 2025
Gemini Links 04/10/2025: Distro Hopping and "Part Time"
Links for the day
We Are Turning 19 in One Month, FSF Turns 40 in 3 Hours (CET)
For our anniversary next month we still have no concrete plans
Patent Docs (or PatentDocs) Learned the Wrong Lessons From the Death of TypePad
Had they gone ahead with an SSG, they'd become a lot more future-proof
USPTO Patent Bubble Already Imploding, After Decades of Artificial Inflation, Entire Offices Close for Good
we can deduce that financial pressures (lack of "demand" for monopolies) play a role
TikTok is Not Harmless (Being CheeTok in the US Will Advance Orange Agenda)
Social control media isn't "fun and games"; it's a digital weapon that lets hostile groups or nations infiltrate others, then turn them against themselves
Andy Farnell and Helen Plews Explain What "Modern" Tech Does to Old People
Imposing terrible tech "religion" on people is not helping them
Tomorrow the Free Software Foundation (FSF) Turns 40 and Its Web Site is Still Slow Due to DDoS by LLM Slop Bots
For an advocacy group, uptime is important (for its message to remain accessible)
Slopwatch: Google News as a Firehose of LLM Slop About "Linux"
Google News is really bad
Datamation, Where I Used to Publish Articles, Appears to Have Been Sold to TechnologyAdvice Only to Become a Slopfarm
I'd prefer to not associate with that site anymore
Links 03/10/2025: "NPR’s Economics Lessons Come With Neoliberal Spin" and Canada Post at Risk
Links for the day
Gemini Links 03/10/2025: Panic Attacks and Food Adulteration
Links for the day
Links 03/10/2025: Lawyers Caught Using LLM Slop Explain Why They Did It, LibreSSL 4.1.1 and 4.0.1 Released
Links for the day
FSF Board Grew 50% Since Last Year, Has New President, Turns 40 in Two Days
It's a good move for the FSF and - by extension - for software freedom
Links 03/10/2025: Conflicts, Death of TypePad, and TikTok/CheeTok Gives a Boost to Far Right Groups in Europe
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 02, 2025
IRC logs for Thursday, October 02, 2025
Slopwatch: Linux Journal, Google News, and LinuxSecurity
They carry on polluting the Web with fake articles
Gemini Links 02/10/2025: Kubernetes With FreeBSD and robots.txt
Links for the day