This Isn't the First Time the Site of Greater London Authority Improperly Set Permissions

Dr. Roy Schestowitz

2023-07-16 05:08:17 UTC
Modified: 2023-07-16 05:08:17 UTC

But this time it became a blunder in the media:

Summary: Greater London Authority (GLA) does not know how to manage its Web site properly and it's causing a lot of pain to victims of crimes; maybe it's time for GLA to assess how it manages its Web site and how it treats victims of crimes, including its own tech staff

MANY are aware by now of GLA because of crimes at Sirius 'Open Source', a large GLA contractor. Typically I'd not open my mouth and led this one slide, but GLA does not care about its own IT workers being defrauded (and does not get the police, which it oversees, to actually do something about it), so I'll say what I know for sure, with witnesses who saw the same.

"This was noticed and mentioned internally."The above article speaks of a permission issue, which in effect enabled access to hostile parties and potentially did a lot of damage. They'll probably try to paint this as a one-off incident, but I recall several other instances of this, especially with Drupal used incorrectly. Back then we had a chance to correct it before a breach or before unauthorised access was detected. This was noticed and mentioned internally. Back in the days of Mantis for ticketing, not JIRA bloatware.

"More incidents like the above may as well recur."What's the cause of this? Well, it did not help that the company had people with no clue in computers dealing with computer-related tasks, including Sirius management with no suitable qualifications overseeing things. GLA fared not much better and their skilled IT people kept leaving. Maybe they couldn't stand clueless managers, but maybe it was something else.

More incidents like the above may as well recur. This can continue to happen because of weakly-enforced rules and procedures. When I did deployments to the site I was typically all on my own, testing was limited, and there was no supervision by security-savvy site engineers. It was all very improvised. This won't improve until or unless there are changes at the top. ⬆

Recent Techrights' Posts

What EPO Staff, the Staff Union of the European Patent Office (SUEPO), and Europe Want and Need: Who should be served by patents?
Gemini Links 19/04/2026: Big Brother and the Telescreen, Syncing Gemini Capsule With a Makefile: Links for the day
Links 19/04/2026: Introducing “Fighting Fascism” Podcast and Kyiv Mass Shooting: Links for the day
Links 19/04/2026: Mass Layoffs at GAFAM Again (10% Laid Off), Azure Capacity Problems (Enshittification): Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, April 18, 2026: IRC logs for Saturday, April 18, 2026
GAFAM Decided to Stop 'Old' Formats From Working, Format-Shifting Treadmills Resemble the Certificate Cartel Keeping Everybody Forever Chasing Rotations: Lots of extra chores because those who control the browsers decided that "too much choice" is bad, so they'll break "old" sites and make multimedia that's "old" not work anymore (not playable)
Nothing But Vapourware Since XBox Leadership Ousted and Mass Layoffs Will Come Soon: We just don't know the exact date/s... yet
Gemini Links 18/04/2026: Guix and WikiReader: Links for the day
Network Maintenance Next Friday: We must be doing a terrific job so far given how much money gets spent trying to silence us
"The Work-to-rule is Having Effect" at the European Patent Office (EPO): The media knows how to contact SUEPO, but it's clearly not doing it
Improving the Sites, Not Bloating Them: Sites need to evolve over time. Many conflate evolution with bloat (as if more complexity is desirable).
SLAPP Censorship - Part 50 Out of 200: The Time Staff of Law Firm Burgess Mee Was Showing Up in Letters Sent for a Serial Strangler From Microsoft: Family-friendly? No.
Next Week the Star of the "EPO Reality TV Show" Will Likely be Absent (Absconding the Tough Reality of Widespread Unrest): He tarnishes the legacy of that surname and the country's image by spouting out lies and hurling abusive insults (lots of the "f word") at staff
Speculations That IBM's CEO is on His Way Out: IBM has mass layoffs, but the media is not covering this [...] IBM is a company in the loo, a firm in a state of rapid disintegration
Slopwatch Was Deprecated, It's Not Coming Back: LLMs that produce many words very fast (and waste a lot of energy in the process) cannot compete with authentic news sites
WELCOME to The Cyber|Show @ Geminispace!: Andy set things up this past week
Links 18/04/2026: Microsoft's PR Department (Waggener Edstrom) and CEO's Wife Buys NPR (BillPR, Now BallmerPR) as Independent/Public Service Media Dims Down: Links for the day
Gemini Links 18/04/2026: Chronic Pain and CodingFont Game: Links for the day
Links 17/04/2026: "I Hate the Internet" and Fake Wallet in Apple App Store: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, April 17, 2026: IRC logs for Friday, April 17, 2026
European Patent Office (EPO) Strikes and Other Industrial Actions Are Working: Patent Application Grants Have Collapsed: Even before the strikes happened any day of the week
SLAPP Censorship - Part 49 Out of 200: Two Americans, One Case, Recycled for Low Budget at Brett Wilson LLP and 5RB Barristers: Change one character, bill the client tens or hundreds of thousands of US dollars
Pension Contribution Increases as Another Attack on Compensation for EPO Staff (Mostly Patent Examiners): Pension contribution increases!
Almost 1,000 IBM Layoffs Not Newsworthy (Nobody Covers It), Unlike When Snap Does It and Mentions a Celebrated - or Reviled - Buzzword: not a word regarding IBM layoffs
Behind the Scenes With Richard Stallman: If you support his ideas, even if you dislike him as a person, then you'll welcome his ability to speak about those ideas
Gemini Links 17/04/2026: "Many Problems and Inequities in the Legal System", "No Place to Hide": Links for the day
Links 17/04/2026: SRA Breaks Its Own Rules as Solicitor Attempts Suicide, IPv6 Barely Hits 50% After 20+ Years: Links for the day
ActBlue former IT boss disappearance: Decklin Foster & Debian, Harvard suicide lab, Chris Gleason is wife, whistleblower or both?: Reprinted with permission from Daniel Pocock
Gemini Links 17/04/2026: Getting competent in NixOS and Alhena 5.5.6 Released: Links for the day
Links 17/04/2026: "We Cannot Lose Sight of Ukraine" and "When Leaders Should Resign": Links for the day
GizChina Appears to Have Become a Slopfarm, I.e. Fake News Site With Fake Text: Don't waste a moment reading LLM slop, as at the very least it rewards plagiarism [...] Deemed to be slop also by two human beings, not just two scanners
Massive, Cross-Site Strike at the EPO Today: There's coordination across sites for maximal pressure
Dr. Andy Farnell Says "AI" is "Only a Marketing Term" for Things That Exist for "Entertainment Purposes Only": distortion or misuse of the term (now buzzword/s) "AI"
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, April 16, 2026: IRC logs for Thursday, April 16, 2026