-- Leo's gemini proxy
-- Connecting to gemini.techrights.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Gemini version available ♊︎
Posted in Free/Libre Software, Microsoft, Novell, Patents, Red Hat at 3:28 am by Dr. Roy Schestowitz
Series parts:
> Image: GitHub: Where everything comes to die
Summary: Many people have long spoken about GitHub's ties to ICE; few have paid attention to intelligence ties, including the NSA and Nat Friedman’s proximity to people from Palantir
“I saw your article expressing concerns about Nat Friedman’s character on TechRights.org,” a source has has told us. “I’m sure you’re already aware of the various surveillance tech patents and his connections to Palantir.”
> “Over the past few years we’ve casually mentioned that — putting programmes such as PRISM aside — Microsoft hired from the NSA for leadership positions at GitHub.”
Those are software patents; some are connected to Novell. And there’s also some interesting stuff in here. To quote: “During the course of a computer session, many actions may be performed on a computer. For several reasons, including increasing workforce productivity, it may be desirable to monitor these actions. Known applications enable monitoring of actions performed on the computer through logging of events, such as keystrokes, web sites visited, emails sent/received, windows viewed, and passwords entered. Known applications further enable capturing of screen shots at scheduled time intervals. Known event monitoring applications are typically run in stealth mode to make them undetectable to users of the monitored computer.”
Spyware?
Well, purely moral objections aside, that one sounds like a software patent (which we oppose).
Over the past few years we’ve casually mentioned that — putting programmes such as PRISM aside — Microsoft hired from the NSA for leadership positions at GitHub. Moreover, GitHub introduced programmes wherein people’s code will be silently ‘fixed’, without the developers’ intervention. This exacerbated an already-worrying situation, as the NSA not only spies (through Microsoft) on everything in GitHub; it can control the supply chain and, in theory, can deliver specially-crafted downloads to people it wishes to spy on. Not an unprecedented strategy we might add…
As it turns out, there’s more to it than we previously knew. We’ll come to the ‘meat’ of it in just a moment.
> “We remind readers that we wrote a great deal about Skype when Microsoft bought it, in effect taking a European company to the United States, then changing the network topology to make wiretapping easier.”
When you speak to people who have worked for a variety of companies and saw things from within you get to discover unwritten (mostly verbal) information. Our informants casually dropped some pointers. “Also want to say I have other tech abuses unrelated to these guys I’ve been exposed to that I wish were more reported on like ElasticSearch being a basically a public sector wing of the NSA…”
Well, the ElasticSearch story is also interesting, especially if we have documents related to this, because at my job we use ElasticSearch sometimes. I didn’t know about connections to the NSA until those were shown to me. It’s not imaginary; it’s very real. “So I briefly worked with some former NSA people,” a source told us, and “one of them said that people working at the NSA get tired of being restricted by federal law so they go into the private sector and turn surveillance into a product…”
We remind readers that we wrote a great deal about Skype when Microsoft bought it, in effect taking a European company to the United States, then changing the network topology to make wiretapping easier. About a year later, owing to Edward Snowden’s NSA leaks, we saw that Microsoft had almost instantaneously added Skype to PRISM, a programmes in which Microsoft was the first (as if it was pioneered by Microsoft and the NSA).
“Another one [of the colleagues] said that ElasticSearch is significantly composed of ex-NSA.”
> “Well, almost nobody checks the binaries.”
So it’s the same as Cloudera or Hortonworks (the company they bought; Red Hat's current CEO is coming from their board).
It’s what some people call an “open secret”; a lot of companies in the US are connected to the military. A site called “Tech Inquiry” notes: “In the first of a two-part report, Easy as PAI (Publicly Available Information) dissects the subcontracting networks behind Project Maven, as well as its broader context in PAI aggregation within the Secure Unclassified Network (SUNet) and for US Special Operations Command (USSOCOM). We also map out the subcontracting networks involving US Department of Defense procurement of location-tracking technologies, including how they involve well-known think tanks.”
“Elastic has Endgame now,” our source noted, as “there’s lots of stuff about them working with the NSA on their website; I don’t know if there’s any backdoors in their open source stuff but probably.”
Well, almost nobody checks the binaries. It’s just one among other issues and sadly a lot of people trust that anything they download from GitHub is 1) benign 2) received at the downloader’s end with full integrity. In the age of ‘Clown Computing’ or ‘SaaS’ [sic] we’re meant to just trust programs we have no control of and not even any real understanding of.
> “In the age of ‘Clown Computing’ or ‘SaaS’ [sic] we’re meant to just trust programs we have no control of and not even any real understanding of.”
On the subject of GitHub more specifically, “Nat Friedman has an executive assistant that worked at Palantir as Chief of Staff.” Title is Chief of Staff to Global Head of Business Development at Palantir.
A close friend of Friedman has “also mentioned some friend of theirs that was an early employee at Palantir,” according to the source, which “never got a name… told me he lives in Tarrytown and gave his wife a million dollars and she left him and he was selling his house…”
In the next part we’ll continues to explore privacy/surveillance aspects. Also, there’s a trial due one week from now.
If you know more, please get in touch with us. This is one of several parts about the “intelligence” ties of GitHub and other Microsoft tentacles. █
Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
Permalink > Image: Mail
Send this to a friend
----------
➮ Sharing is caring. Content is available under CC-BY-SA.
-- Response ended
-- Page fetched on Thu May 23 14:56:25 2024