EPO Management Isn’t Listening to Staff, It’s Just Trying to Divide and Demoralise the Staff Instead

Posted in Europe, Patents at 9:03 am by Dr. Roy Schestowitz

Video download link | md5sum 32dd63c46bdd4b787727bd9782632766
EPO Divide-and-Rule
Creative Commons Attribution-No Derivative Works 4.0

Summary: “On 18 January 2023,” the staff representatives tell European Patent Office (EPO) colleagues, “the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced the major concerns of staff, the organization chaos and unrest caused by the project among teams and made concrete proposals.”

The Central Staff Committee (CSC) at Europe’s largest patent office — the EPOis again protesting the proposal put forth by António Campinos and his cronies. Remember that these cronies aren’t democratically elected; they’re in need of impressing nobody; they literally buy (bribe for) votes from the Council. It’s an oppressive force of corporate occupation, not leadership by any stretch of imagination. They openly promote utterly illegal and unconstitutional proposals. They refuse to obey orders from judges.

“Where’s the media in all this? Still ignoring what’s happening in Europe’s second-largest organisation?”Edda Franz, the EPO’s Principal Director General Administration, has left already, but this terrible proposal she’s responsible for goes ahead. This was covered here towards the end of last year.

Here’s the latest publication on the subject, noting that unrest and chaos soon followed:


“Bringing Teams Together”

Report on the Working Group meeting of
18 January 2023

On 18 January 2023, the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced major concerns of staff, the organisation chaos and unrest caused by the project among teams and made concrete proposals.

Dear Colleagues,

Compressing staff in less space than available

The administration announced in the meeting that:
− in The Hague, DG1 staff will be entirely moved to the New Main and the Shell building will be gradually emptied.
− in the Isar building, three floors have been emptied and will be used by three directorates of DG1.
− the Pschorr Höfe Parts 5 and 6 will be emptied for conversion work in order to increase the number of single offices (e.g. dividing current shared or meeting rooms in several smaller rooms). Staff will be moved to the lower floors 1 to 5 of Pschorr Höfe Parts 1-4. Higher floors will remain empty in order to compress staff as much as possible so that a global move back to Pschorr Höfe Parts 5 and 6 in two years will allow the administration to make another use of Pschorr Höfe Parts 1-4 (most likely renting out).

Radical changes and chaotic implementation

In the meeting, we referred to the CSC publication of 12 January 2023 pointing at the radical changes made to the project since December without consulting staff representation. Line managers are asked to proceed on the basis of quotas (70% of workplaces per directorate among which 50% can be allocated fixed) thereby triggering divisive discussions among staff. The implementation is chaotic and arbitrary with a broad range of diverging implementations on top of “managerial arbitrariness”. Here a non-exhaustive list:

• Some line managers decide to allocate only workplaces-for-the-day to everyone.
• Some line managers explain that only those agreeing to a shared office (e.g. two workplaces in the same room) could have an allocated fixed workplace.
• Some line managers allocate fixed workplaces only to those coming 5 days a week on the premises.
• Some line managers allocate a fixed workplace only to “high producers”.

We repeated that such implementations contradict the principle of individual workplace allocation promised by Mr Campinos, as well as the statement of Ms Simon (VP4) in the December Administrative Council meeting that “anyone coming at least three days per week will have an allocated fixed workplace”. Furthermore, a purely quota-based distribution of workplaces and allocated fixed workplaces cannot match the wishes of staff.

We stressed that staff are additionally worried that even allocated fixed workplaces must not be personalised, that they will have no keys and will furthermore only have limited storage space.

Impact study? Disengagement?

The administration confirmed that neither an impact study nor any proper needs assessment had been made before launching the project. In their view, the goal is to avoid a “ghost town” feeling because of low building occupancy when coming to the premises. Concerning the timing, the administration explained that it is not possible to wait forever before doing something nor to wait for the implementation to be agreed by all DGs. The guiding principle is to allocate fixed workplaces to people who come more often and bookable workplaces-for-the-day for those who come less frequently.

In our view, such a project requires an impact study to assess the effects on staff. How much working time will be lost for the moves (and in the prior divisive discussions)? How long will staff take to adapt to the system? How much time will be lost in resetting every day the individual ergonomics, computer and screen settings and locking all personal items when leaving the room?

It is easy to see that staff willing to come three days a week will resort to the minimum attendance of 60 days to avoid the hassle of workplace booking and the readjustment of ergonomics. Rather than “Bringing Teams Together”, the project will achieve the opposite, i.e. deter staff from coming to theOffice premises.

The latest Technologia Survey results already show a significant degradation of staff engagement. Disengagement of EPO staff increased from 13% of staff in 2016, and 19% in 2020, to 41% in 2022. An employer who tries to allocate impersonal workplaces-for-the-day even to those coming frequently to the Office premises (three days or more per week), is an employer showing staff that they do not count. The present project therefore is expected to only worsen the situation.

Concrete proposals

In the meeting, the administration asked whether we had any concrete proposal. We explained that:

− staff needs clear rules e.g. a three-day rule for having an allocated fixed workplace, as previously promised by Ms Simon (VP4),
− allocated fixed workplaces must have a key and storage space and personalisation should be allowed.

The administration promised follow-up meetings but no invitation was yet received. We remain ready for further discussions.

The Central Staff Committee

Where’s the media in all this? Still ignoring what’s happening in Europe’s second-largest organisation?

Links 30/01/2023: Coreboot 4.19 and Budgie 10.7

Posted in News Roundup at 4:12 am by Dr. Roy Schestowitz

  • GNU/Linux

    • 9to5Linux9to5Linux Weekly Roundup: January 29th, 2023

      This has been a fantastic week with lots of great news and releases, starting with Canonical’s Ubuntu Pro announcement and continuing with openSUSE Linux’s move to stronger security for its packages.

      Next week we got even more exciting news and releases, so stay close to 9to5Linux. Below, you can read the hottest news of the week and access all distro and software downloads available in 9to5Linux’s Linux weekly roundup for January 29th, 2023.

    • Kernel Space

      • LWNLinux 6.2-rc6
        Here we are, one week later, and rc6 is out.
        It's suspiciously small, but who am I to look a gift horse in the
        mouth? I'll take it and hope it's not an aberration, but instead a
        sign that 6.2 is shaping up nicely. Call me optimistic, call me naive,
        but let's enjoy it and hope the trend continues.
        The diffstat looks pretty normal too, with various driver fixes
        (networking, gpu, i2c and x86 platform drivers stand out) and
        netfilter fixes leading the pack. But there's the usual arch updates,
        random filesystem fixes, and misc other things going on too. The
        shortlog is appended for people who want to scan through the detailed
        I've already mentioned this a couple of times earlier: despite rc6
        being nice and small, I expect to drag 6.2 out to an rc8 just because
        of the time lost to the holidays. But I'll be much happier if we can
        *keep* the remaining rc's nice and small. Ok?
    • Applications

      • XRechnung Viewer

        The XRechnung format is a E-Government standard for electronic invoicing. At some point it will be mandatory for every company dealing with German governmental partners to send the invoices in this XML format.

        Many commercial vendors have already caught up and provide ways to generate XRechnung formatted documents with their software. However, to my knowledge, the availability of open source end user software is very limited. Since the standard itself is at least very open and transparently documented, so I think it is worthwhile to also support it with free software on the desktop.

      • TecMint5 Most Notable Open Source Centralized Log Management Tools


        Centralized logging, just like security, is a fundamental aspect of monitoring and sound management of core resources in an IT infrastructure including web applications and hardware devices. Competent operation teams always have in place

      • TecMint5 Open Source Log Monitoring and Management Tools for Linux

        These events may happen

    • Instructionals/Technical

      • It’s FOSSInstall and Setup ZSH on Ubuntu Linux

        Want a cool looking Linux terminal? Try Zsh. Learn how to set up Zsh on Ubuntu Linux with Oh My Zsh.

      • Matthew GarrettMatthew Garrett: Further adventures in Apple PKCS#11 land [Ed: Adventure in proprietary 'security', relying on companies that snitch to the NSA]
      • Network WorldUsing Linux hexedit and xxd commands to view and modify binary files | Network World

        The hexedit command provides a way to edit binary files, but to view and save the content in a file for later analysis without editing, try the xxd command.

      • DebugPointLearn Gzip Command in Linux with Examples

        Gzip command in Linux is a lossless compression algorithm based on encoding LZ77 (Lempel-Ziv of 1977). It is also known as LZ1 compression, which is the basis for many lossy formats.

        Compressing files using gzip creates a compressed archive with the extension .gz and preserves the file permissions, ownership modes (read/write/execute) and access/modify date timestamps. It compresses regular files and ignores symbolic links. The same program, gzip, can compress and decompress files in Linux.

        Let’s take a look at some working examples.

    • Desktop Environments/WMs

      • 9to5LinuxBudgie 10.7 Desktop Environment Adds Dual-GPU Support, New Power Dialog

        Budgie 10.7 arrives ten mounts after the Budgie 10.6 release and promises a more polished user experience thanks to the implementation of dual-GPU support in the Budgie Menu, allowing users to launch apps with a dedicated graphics card out of the box.

        The Budgie Menu also received a new “personal user menu” feature that promises to let you open a file manager straight to predefined directories like Home, Documents, Download, Video, or Music. Moreover, Budgie Menu now features new buttons for launching Settings, Control Center, and the new Power Dialog.

      • LinuxiacBudgie Desktop 10.7: A Sleek and Improved User Experience

        Budgie is a GTK-based desktop environment built on GNOME technologies by the Buddies of Budgie organization, traditionally associated with Solus as its flagship desktop environment. The desktop emphasizes simplicity, minimalism, and elegance, featuring some unique aspects, including a sidebar.

        The brand new Budgie Desktop 10.7, released today, offers a sleek and improved user experience that will impress both new and experienced users alike. So without further ado, let’s see what’s new.

  • Distributions and Operating Systems

    • New Releases

      • LibreELEC (Nexus) 11 Beta1 – LibreELEC

        With the new release cycle we add a Generic-Legacy image supporting nVidia cards, Chrome Browser add-on, and older hardware. We also reintroduce support for older Amlogic devices (S905, S905X/D, S912). If you use them make sure to read the paragraphs below.

        LibreELEC 10.0 installs will not automatically update, but you can manually update. Older LibreELEC installs must make a clean install due to the Python 3 changes since Kodi v19.

    • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

      • Distro WatchReview: OpenMandriva ROME

        The main characteristic of OpenMandriva, which kept coming up time and again, was that the distribution was unreliable – particularly early on. Sometimes the distribution failed to boot. Sometimes it failed to login. The Calamares installer failed on its first time through, but not future times with the same settings. Discover and DNF report the status of updates differently. The desktop crashed frequently, especially with compositing enabled. With the default settings, and whenever I used the Wayland session, the system would lock up if I tried to logout. Once I stood up to get a glass of water and left my computer unattended for two minutes and, when I returned, there were multiple error reports waiting, indicating Plasma had crashed twice while I was away. I’m not sure I’ve ever come across a desktop distribution which was so error prone and unreliable. To make matters worse, almost any time I launched a software management tool, such as DnfDrake, I’d be prompted for my admin password twice. Apparently once for the graphical tool and once for the underlying DNF utility.

        Once I had disabled compositing and installed updates the experience got measurably better, but it still wasn’t great. The desktop crashed less often and I was able to shutdown the system, but it still wasn’t stable.

    • Fedora Family / IBM

    • Canonical/Ubuntu Family

      • SJVNUbuntu Pro: Security updates for all your Linux and open-source desktop and server needs | Open Source Watch

        Canonical, Ubuntu Linux’s parent company, is offering a new security take on its popular Ubuntu desktop and server: Ubuntu Pro. This is an expanded security take on the Ubuntu Long-Term Support (LTS) releases. It offers expanded security coverage for critical, high, and medium Common Vulnerabilities and Exposures (CVEs) to all of Ubuntu’s open-source applications and toolchains for ten years.

        That’s right, you get security patches not just for the operating system, but for all of Ubuntu’s open-source applications for a decade. Most are server programs, such as Ansible, Apache Tomcat, Drupal, Nagios, Redis, and WordPress. But, it also includes such developer essentials as Docker, Node.js, phpMyAdmin, Python 2, and Rust.

        Altogether, with Ubuntu Pro, Canonical supports more than 23,000 packages. The standard Ubuntu Pro subscription covers the full security updates for all packages in Ubuntu Main and Universe repositories. In short, as Mark Shuttleworth, Canonical’s CEO, said, “Security coverage to every single package in the Ubuntu distribution.”

    • Devices/Embedded

    • Open Hardware/Modding

      • ArduinoLet your coworkers know how you feel with this stress level indicator

        Asking your boss for a raise when they are in a bad mood is not ideal, and this is what prompted Mark from element14 Presents to create a stress level indicating project that could show this mood to everyone else so they could avoid this awkward situation. Mark started this project by laser cutting several panels from

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Coreboot (Official)Announcing coreboot release 4.19 – coreboot

      The 4.19 release was completed on the 16th of January 2023.

      Since the last release, the coreboot project has merged over 1600 commits from over 150 authors. Of those authors, around 25 were first-time committers to the coreboot project.

      As always, we are very grateful to all of the contributors for helping to keep the project going. The coreboot project is different from many open source projects in that we need to keep constantly updating the codebase to stay relevant with the latest processors and technologies. It takes constant effort to just stay afloat, let alone improve the codebase. Thank you very much to everyone who has contributed, both in this release and in previous times.

    • Web Browsers/Web Servers

      • Mozilla

        • Computing UKIndia launches indigenous BharOS mobile operating system

          New open source OS, aimed at breaking Android’s dominance, is claimed to be incapable of running malware

          India on Tuesday unveiled BharOS, a new mobile operating system with a focus on security and privacy. BharOS is a project financed by the Indian government to create a free and open source operating system….

        • Mozilla#AskFirefox host Chenae Moore on internet pranks and losing sleep over recipe videos

          Here at Mozilla, we are the first to admit the internet isn’t perfect, but we are also quick to point out that the internet is pretty darn magical. The internet opens up doors and opportunities, allows for people to connect with others, and lets everyone find where they belong — their corners of the internet.

    • GNU Projects

      • GNU Image Manipulation Program (GIMP)2022 annual report – GIMP

        Pursuing the newfound tradition started a year ago, here is my report for past year 2022.

  • Leftovers

  • Gemini* and Gopher

    • Technical

      • Album #159: The Hissing Of Summer Lawns

        This album is an unhappy marriage of ’70s ‘folk’ and ‘world music’ with a touch of jazz. Like Paul Simon’s Graceland (⭐), the hodge-podge it creates is interesting only as a pointer to better, more interesting music. It never really melds together, feeling more like borrowing aspects of other music without properly incorporating it. I guess the same criticism is also valid for S&M by Metallica (⭐) – maybe fusion just does nothing for me.

      • Album #160: Beyoncé

        I came in to this one expecting not to enjoy it, having never having listened to a whole Beyoncé album.

      • A pull-er computing paradigm

        The unrestricted flow of information towards our computing devices needs to be stopped because it makes us lose control of the level of information we want to see, resulting in an informational overload.

        As I’m trying to switch to a more offline computing life style, I’ve found that once I go check for something (e.g. email, IRC ect.) I usually get blocked into that task and lose more time than I’d like to.

        So one day, when I was looking at my email, I thought, why not apply the pull principle of email to everything, instead of the default push? You connect once to the internet, you sync everything, and you can go on with your life just fine, not requiring a constant internet connection that is prone to kill your attention.

      • Internet/Gemini

        • Plain text is the best

          In the old days, we didn’t know any better than to use plain text:

          - email was just text, no html, no images
          - gopher was just text, sometimes you downloaded an image file
          - Usenet was just text, no html, no images
          - IRC was just plain text

          It took several years before email got poisoned with html, markup and images.

          Also it took some time before people started posting images, and other media on Usenet, and we got “binary” newsgroups.

        • Parasocial Blues

          Modern social media feels so hollow and sad. I seldom come away from it with the feeling of satisfaction in sharing one may from Smolnet/Pubnix. Strange, that. Fediverse often feels like the masked Hellfire Club in Eyes Wide Shut: perverse psychological fast food, empty communal calories. I may end up deleting it. I warrant we have all seen enough of the internet to know that one can have pseudonymity and intimacy both. But parasocial media is for the birds.

      • Programming

        • Re: Validate email address using Regex in C++

          This is well known to be impossible. The site that Martin links to claims 99.99% accuracy. Does that mean that for every billion addresses there’s 10 million that don’t match the regex!? I bet there are quite a few billion email addresses.

          And it’s not impossible just for regex reasons. Some addresses that work are invalid according to the RFC. Some addresses will be valid but not work. The way to validate an address is just to send email because it has to be handled correctly by whatever buggy mail software it passes through.

* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web
but a lot lighter.

IRC Proceedings: Sunday, January 29, 2023

Posted in IRC Logs at 3:17 am by Needs Sunlight

Also available via the Gemini protocol at:

Over HTTP:

HTML5 logs

HTML5 logs

#techrights log as HTML5

#boycottnovell log as HTML5

HTML5 logs

HTML5 logs

#boycottnovell-social log as HTML5

#techbytes log as HTML5

text logs

text logs

#techrights log as text

#boycottnovell log as text

text logs

text logs

#boycottnovell-social log as text

#techbytes log as text

Enter the IRC channels now

IPFS Mirrors

CID Description Object type
 QmPCXHd55Vb8mytjFpYiSnZGw6XGmr55iBNfbZthW3VojQ IRC log for #boycottnovell
(full IRC log as HTML)
HTML5 logs
 QmVwp8AJALZAWiCP7ZnHJehSiCeUeYfDgriFmPatBuTNzq IRC log for #boycottnovell
(full IRC log as plain/ASCII text)
text logs
 QmWUhd6BBNDsEe1pftXpqUSVnAdXaRamw2YapKHnkmXznQ IRC log for #boycottnovell-social
(full IRC log as HTML)
HTML5 logs
 QmZpSZcpEeexga2B6412gC93uVQAhpWoUVQbK2mY76P2pk IRC log for #boycottnovell-social
(full IRC log as plain/ASCII text)
text logs
 QmQTXH4uoai9SfxZ3UtBsJLDgJSBiZU5rv49VamctggtU9 IRC log for #techbytes
(full IRC log as HTML)
HTML5 logs
 QmSdFaUieDVF92Y6Gz6kksSskzvHjnGQ3oZCNtLJvGKnrm IRC log for #techbytes
(full IRC log as plain/ASCII text)
text logs
 QmXXmxEqHAgQgxdMVym5kSsL4FYwpKwKJREaZzmretGWSm IRC log for #techrights
(full IRC log as HTML)
HTML5 logs
 QmZh3799M12AyC8JwNn4RZUPJNaTCGh4mPmyt4qKnuSaJz IRC log for #techrights
(full IRC log as plain/ASCII text)
text logs

IPFS logo

Bulletin for Yesterday

Local copy | CID (IPFS): QmbFDooXZn997QjZY3cCKWM82PnZJjTTiaSSMufBXjiNXP

[Meme] With Superheroes Like These…

Posted in Deception, Free/Libre Software at 2:22 am by Dr. Roy Schestowitz

Sirius staff and Sirius manager

Summary: Ever since the new managers arrived the talent has fled the company that falsely credits itself with “Open Source”


Not Tolerating Proprietary ‘Bossware’ in the Workplace (or at Home in Case of Work-From-Home)

Posted in Deception, Free/Libre Software at 8:56 pm by Dr. Roy Schestowitz

Video download link | md5sum 9a90a5de7aacd9fc4b8847cf61321f6a
When Sirius Abandoned Jabber for Bossware
Creative Commons Attribution-No Derivative Works 4.0

Summary: The company known as Sirius ‘Open Source’ generally rejected… Open Source. Today’s focus was the migration to Slack.

THE above video discusses the migration/transition/downgrade from Jabber to a truly terrible, centralised, proprietary and vulnerable platform known as Slack. Aside from technical problems and various glaring limitations, Slack was a risk not just to Sirius ‘Open Source’ but also to its clients.

No matter the hard evidence and how much I pointed this out (maybe a dozen times, at personal risk), that always fell on deaf ears. The company was already governed by incompetent people.

“From what we can gather, Red Hat staff was subjected to similar treatment after IBM had bought the company.”It was abundantly clear that many colleagues did not like this. Some opposed this. Some faced disciplinary action for antagonising. That would include me. So in a company called “Open Source” we’re meant to assume that adopting proprietary software — and not because some client requires it — is considered acceptable. Whereas insisting on the company’s values is considered an offense.

From what we can gather, Red Hat staff was subjected to similar treatment after IBM had bought the company. It’s hard to believe that later this year it will be 5 years since that announcement.

The ISO Delusion: A Stack of Proprietary Junk (Slack) Failing Miserably

Posted in Deception, Free/Libre Software at 5:47 pm by Dr. Roy Schestowitz

And the management that chose this junk resorts to blaming the victims

“Giving the Linus Torvalds Award to the Free Software Foundation is a bit like giving the Han Solo Award to the Rebel Alliance.”

Richard Stallman

Summary: When the company where I worked for nearly 12 years spoke of pragmatism it was merely making excuses to adopt proprietary software at the expense of already-working and functional Free software

LAST night we covered the use of Microsoft Skype in Sirius ‘Open Source’. It only happened once, but that was enough to damage the brand and injure some workers’ morale. Why would a company called “Open Source” something be eager to abandon Free/Open Source software, opting for proprietary stuff of the most vicious rival? What message does that send to longstanding clients or existing staff? What about potential/prospective/future clients and staff?

“Why would a company called “Open Source” something be eager to abandon Free/Open Source software, opting for proprietary stuff of the most vicious rival?”Slack on GNU/Linux is a mess. Slack on Free/libre browsers is almost an impossibility. So why on Earth would Sirius move away from Jabber and force/impose the use of Slack? I’ve uploaded 2 images from several years back; they’re screenshots of what happened when I tried accessing Slack from a GNU/Linux PC using a decent Web browser that isn’t controlled by spying firms:

Slack on GNU/Linux PC

Broken Slack

That does not seem like it’s going to work, does it? This is from 2019. It has only gotten worse since.

So we’ve just belatedly used two screenshots of what Slack looks like on GNU/Linux with a proper (Free/libre) browser; “bossware” that insists on browsers which spy on their users. Using some User Agent (UA) sniffing they try to undermine or prevent access with perfectly capable browsers (if the UA is faked, there’s a way to get in).

Back then I wrote to an incompetent manager who threatened me repeatedly for not using Slack: “I tried to access my account from two computers, from two browsers, including Chrome. It’s not working. See screenshots. It only works from Rianne’s laptop.”

At one point they agrees to let me use Rianne’s laptop, but then they “changed their minds” (in other words, they had lied to me right to my face in the illegal contract-signing). I got this:

xxxx wrote on 21/07/2019 02:23:
> Hi Roy,
> You need to fix this problem and use Slack.
> You are a well qualified tech who can fix this issue and comply with
> management’s request.
> As I have explicitly explained to you that you need to have your log in
> for Slack and not use Rianne’s. Yet today you’re logged in via Rianne’s
> and not using yours even though you sent me details of your own log in.
> To refresh your memory, this is from my previous email.

I need to install a new OS or a new browser for this.

Remember that the company never even paid us for any of our hardware purchases (for our work machines). That seems unreasonable.

“Slack itself has been having issues and it was sold to Salesforce.”In hindsight, it seems clear this manager scared away almost all the technical people. The damage was irreversible.

Slack itself has been having issues and it was sold to Salesforce. The New York Times reported Salesforce layoffs earlier this month. The Wall Street Journal published this article noting that Slack just made bloated proprietary junk nobody truly wants to depend on:

When Salesforce Inc. bought the messaging application Slack for $27.7 billion almost two years ago, it said the marriage would “transform the way everyone works in the all-digital, work-from-anywhere world.” Corporate technology buyers so far aren’t impressed, analysts said.

The acquisition sought to capture the fast-growing market for communications and collaboration software during the Covid-19 pandemic, as employers sent workers home and shifted to remote systems.

Today, companies in the market for customer-relationship management software — Salesforce’s signature product — don’t appear to be swayed one way or another by the addition of messaging and collaboration features, said Liz Herbert, a vice president and principal analyst at information-technology research firm Forrester Research Inc.

“We don’t really see, when it comes to Slack, any pent up demand from Salesforce’s base for a tool like that,” Ms. Herbert said. “It really hasn’t become something compelling,” she said.

Salesforce bought itself a dud and in December of last year the CEO said that he would leave this month.

From what we can gather, the decision to adopt Slack came from the CEO, who posted Trump support tweets while encouraging staff to use pictures of superheroes in Slack. How childish and unprofessional. What a betrayal of Free software. Is this really the same person who became a patron of the Free Software Foundation? Maybe his personal life took him on a crazy ride — a subject we might revisit some other day in another month.

To be clear, Slack doesn’t do anything that Free software cannot do. It’s bloated and it is not secure. It also has security breaches.

Just two days before the above E-mail message (from a manager) I received this:

——– Forwarded Message ——–
Subject: 💥 Slack Security Incident
Date: Fri, 19 Jul 2019 16:58:59 +0000
From: Keybase <notify@keybase.io>
To: r@schestowitz.com


We’ve been getting questions about this, so an announcement for everyone.

Today, Slack announced that a break-in from 2015 was possibly more
severe than previously announced. A lot of people have been getting
emails today. It seems 1% of Slack users still had compromised accounts
(after 4 years); but more seriously, Slack has not disclosed what
percent of Slack teams had their messages stolen. Also, if a small
fraction of users have had compromised accounts, that may still mean a
majority of teams were compromised.

We’re sending this note because people are now asking if this could
happen with Keybase teams. Simple answer: no. While Keybase now has all
the important features of Slack, it has the only protection against
server break-ins: *end-to-end encryption*.

Keybase’s CEO, Max, just wrote how this Slack incident personally
affected him *in a new blog post* <https://keybase.io/blog/slack-incident>.

tl;dr. Hackers who break into Keybase’s servers could not read your
company’s, family’s, friend’s, or community’s messages. Hope this simple
update answers everyone’s questions.


And Keybase is free!
❤️ the Keybase team

Slack took over Keybase and Slack itself was a vulnerable piece of garbage with habitual data breaches. The Keybase reputation was tarnished and not many people seem to be using it anymore, certainly not me.

I eventually responded to the manager as follows:

> Hi Roy,
> You need to fix this problem and use Slack.
> You are a well qualified tech who can fix this issue and comply with
> management’s request.
> As I have explicitly explained to you that you need to have your log in
> for Slack and not use Rianne’s. Yet today you’re logged in via Rianne’s
> and not using yours even though you sent me details of your own log in.
> To refresh your memory, this is from my previous email.

I’m going to try to install another browser, as Chome and other browsers
don’t work for me. They don’t show anything when I log in (I sent you
screenshots). Maybe I’ll be logged in with my username in a few hours
when it’s installed (if that works).

In the meantime, I have to raise other concerns.

The inevitable has happened to Slack. They announced it days and and
they can be held criminally accountable

To say that Slack got merely “compromised” would be an understatement
Yes, it did in fact get compromised, but it’s a lot worse. It’s far
worse than a compromise per se. I’m going to explain, starting with the

Slack accumulates all data and never deletes any of it. GDPR should be
applicable here and I suspect that EU authorities have not assessed that
aspect just yet. What Slack is to users isn’t what it is to Slack, the
company. The Electronic Frontier Foundation (EFF) issued strongly-worded
warnings about Slack and even Microsoft utright banned Slack for
security reasons. They very much foresaw the latest disaster. It’s
difficult to assess or measure because it’s almost impossible to track
the sources of rogue actors’ data.

Slack did not have a mere ‘incident’. They knew about it for quite some
time (at higher levels, too). It’s the complete doomsday scenario, an
equivalent of having one’s own Jabber server completely and totally
hijacked, and all communications in it (names, passwords) stolen. But in
the case of Slack millions of businesses are affected. In one fell
swoop. Just like that. Even the public sector. Military, hospitals, you
name it…

Slack got cracked, but they won’t admit that. They will lie about the
extent of the damage, just like Yahoo and Equifax did (each time waiting
months before revealing it was orders of magnitude worse). They game the
news cycle that way. People must assume that all data is compromised.
Businesses and their clients’ data is on Slack. Even HR stuff, which
gets passed around in internal communications. Super-sensitive things
like passwords, passports and so on.

Who was Slack data copied by? Mirrored or ‘stolen’, to put it another
way? Possibly by rogue military actors that can leverage it for
espionage and blackmail, as many do. Covertly. You rarely hear about
blackmail because that’s just the nature of the blackmail. It happens
silently. Some would say Slack got “hacked” (they typically mean
cracked). But it’s actually a lot worse than getting cracked! I’ll
explain further…

About a month ago Slack got to its IPO milestone. But it committed an
actual crime by not informing the customers of the breach. They would
change passwords etc. had they known. But Slack did not obey the law. It
did not inform customers. It announced all this after the IPO, in order
to make shareholders liable, and it did so late on a Friday (to minimise
press coverage about this likely crime). The shareholders too should sue
for concealment of critical information.

Slack knew what had happened and why it waited all this time. This
scandal can unfold for quite some time to come.

It would be wise to move to locally-hosted FOSS. However, that would not
in any way undo the damage of having uploaded piles of corporate data to
Slack and their compromised servers. In the coming days many companies
will come to realise that for years they tactlessly and irresponsibly
gave piles of personal/corporate data to Slack and now a bunch of
crackers around the world have this data.

You can expect Slack to stonewall for a while, saying that it’s the
weekend anyway. When it comes to Slack, expect what happened with
Yahoo; First they say it’s a small incident; Months pass; Then they toss
out a note to say it was actually big; A year later (when it’s “old
news”): 3 BILLION accounts affected.

Now, like Yahoo, they will downplay scope of impact. A lot of companies
can suffer for years to come (e.g. data breaches, identity theft).

I have great concern for the company where I’m working for almost a
decade, including our compliance with the law and our clients’
compliance with the law. This is why I bring this up.

I’m going to install something new and see if I can somehow logged in. I
already tried, unsuccessfully, from two of my laptops.

In summary, Slack is a pile of garbage. With Slack, Sirius too became a pile of garbage. They deserve each other.

A few weeks ago John Goerzen wrote: “I loaded up this title with buzzwords. The basic idea is that IM systems shouldn’t have to only use the Internet.”

Slack does not work when the company has downtime. It happened several times, which meant people could not speak to colleagues for hours. Why was our Jabber server shut down? Surveillance through Slack?

Remember that Sirius kept promoting fake security as if the company is a bunch of people who never used computers before. When clients ask about ISO certification (not an isolated incident) they don’t seem to understand what truly happens inside Sirus. There’s spying, outsourcing, security breaches and so on. Someone needs to talk about this.

Debian 11 on My Main Rig: So Far Mostly OK, But Missing Some Software From Debian 10

Posted in Debian, GNU/Linux at 1:01 pm by Dr. Roy Schestowitz

Video download link | md5sum 76599171df667cb220bae1c371058d11
My Life With Debian 11 on Main Laptop
Creative Commons Attribution-No Derivative Works 4.0

Summary: Distributions of GNU/Linux keep urging us to move to the latest, but is the latest always the greatest? On Friday my Debian 10 drive died, so I started moving to Debian 11 on a new drive and here’s what that did to my life.

THIS household isn’t unfamiliar with Debian 11. My wife’s Raspberry Pi (400) has had it since 11 months ago and my own Pi has had it for over a year. But our main working machines were running Debian 10 for 3 years already. It worked really well. My sister recently moved from Debian 10 to 11 and complained about it; her colleagues had suffered the same and she was pressured to ‘upgrade’ regardless. Some people in IRC say that moving from 10 to 11 caused them problems, partly overcome by moving to 12 (testing).

“My move to Debian 11 wasn’t entirely voluntary.”The video above explains that some of my main problems with Debian 11 is software that’s no longer supported, causing me to make rather big changes, as happened this morning. Time will tell if any other issues may be coming up. The Debian repository is still very extensive, but any change can be disruptive. The Pis with Debian 11 aren’t used as traditional laptops, so that never bothered us (my wife uses 3 computers that are switched on all the time; I use 5). My move to Debian 11 wasn’t entirely voluntary. My hard drive died and it make no sense to stay on Debian 10 given its limited support plan (remaining time). The same is true for my Pi; after the hardware was damaged it made sense to move to the latest stable version of Debian, i.e. 11.

Over the past year I heard and read many stories about Debian upgrades, especially from 10 to 11. On our Pis it didn’t seem so disruptive and so far on my desktop/laptop I’m pleased with this latest version. In all cases — two Pis and a laptop — those were ‘clean installs’; I’ll probably report again on my experiences in weeks or months. Two days is way to little to properly assess a distro.

Stigmatising GNU/Linux for Not Withstanding Hardware Failures

Posted in Deception, FUD, GNU/Linux, Hardware, Microsoft at 11:25 am by Dr. Roy Schestowitz

Video download link | md5sum 06304c0f6049081e578bb696a000a942
Making Linux Sound Culpable for Hardware Issue
Creative Commons Attribution-No Derivative Works 4.0

Summary: Nowadays “the news” is polluted with a lot of GNU/Linux-hostile nonsense; like with patents, the signal-to-noise ratio is appalling and here we deal with a poor ‘report’ about “Linux servers” failing to work

THE OTHER day in IRC we discussed this article that mentions “Linux” many times when in fact mentioning a hardware incident. “Are Microsofters trying to generate bad press for Linux?” we asked. “This is a hardware problem, not at all related to GNU/Linux. Maybe some Microsofters are trying to undermine the teaching of GNU/Linux there?”

The video above discusses what’s in the article and why it’s a tad suspicious. It is reminiscent of some FUD campaigns we saw before. “Third-year Rohan Gupta reported that, in addition to the CS website, he was also unable to access his classes’ Linux servers,” it says. Well, hardware dies sometimes. My laptop died some days ago (Friday), but within 2-3 hours I replaced the physical drive and began installing the latest Debian. This can take time.

The media still loves to stigmatise GNU/Linux as not secure, not reliable etc. But for much of the time they would be better off focusing on Microsoft’s reliability and insecurity issues, including last week’s massive Clown Computing outage at Microsoft. The media barely covered it.

« Previous Page« Previous entries « Previous Page · Next Page » Next entries »Next Page »

Further Recent Posts

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts