A year ago I quit Twitter.

A month ago Musk attacked Twitter users some more.

It shows.

I’m not posting anything, but participation goes down noticeably.

Summary: Sirius ‘Open Source’ has adopted shoddy practices that impede audits, undermine security, and subvert proper inspection of the network; outsourcing is not security, and “clown computing” is more like an “acceptable” security breach (giving some shady companies control over your systems and data), but that’s not something today’s Sirius ‘Open Source’ can still grasp (Intel experienced something similar when geeks left)

THE previous part spoke about a lack of real security and today we turn our attention to GAFAM-friendly policies which wrongly assume that VPN or GAFAM mean security. They don’t. VPN, like a firewall, makes false assumptions. And outsourcing assumes that some other companies are in fact security-oriented and respecting of privacy. They’re neither. Sending passwords from one’s local network (already access-restricted on several levels, namely access credentials and IP address) to something like LastPass is beyond insane. But good luck explaining that to people who worship brands instead of technology and find appeal in anything “new” (for no actual reasons other than perceived novelty).

Here is the relevant part of the report sent at the start of this month.

Band-Aid Instead of Robust Policies

Speaking of security breaches, some of the company’s Ubuntu servers are using very old — even way outdated — versions, as noted by the company itself (it’s also controlled by a host in another country, which poses another attack surface issue).

Security isn’t taken seriously enough and VPN is presented as ad hoc Band-Aid. VPN is not the solution, it’s a hallmark or a symptom of neglect at the intranet (internal) level. Firewalling and restrictions, for instance, have unusual exceptions. Since “Google is your friend”, for instance, Google IP addresses are allowed. As if Google never spies or collaborates with spy agencies (or even suffers security breaches). So Sirius VPN does not trust BBC network, but does trust (or whitelists) Google/Alphabet.

The neglect extends outwards, i.e. outside internal infrastructure of Sirius. For instance, in the past some staff transmitted in plain text messages (via E-mails) with passwords to accounts and servers of a very large client that is the target of foreign operations and aggressive spies (political espionage operations of this type are very common with clients such as these).

There are even very recent examples, so there’s no need to go far back; a colleague who is close to management dared suggest — only months ago — that an entire political Web site (including user details, passwords etc.) be migrated by dumping a lot of data into Google Drive, without any encryption either, clearly not comprehending that “Google is your friend” is a laughable fallacy (an understatement; Google is legally obligated, through US Clarifying Lawful Overseas Use of Data Act or CLOUD Act 2018, to give full access to the US government and more).

It wouldn’t be controversial to state that such practices can be off-putting to clients, e.g. when decision makers in Sirius have rather poor grasp or appreciation for privacy and security, let alone critical care by introspection (staff cautioning about this is subjected to gaslighting at best or even outright threats).

If Sirius views itself as a champion of “Alexa” and “OK Google”, then the company should seriously consider a rebrand.

I quit Twitter at the start of the year, but…

Usually I get a notification each day. Now… nothing in days:

People leaving so far this month:

In the past 28 days:

Those aren’t people who become inactive. They’re usually those who delete their account or get banned.

Just published:

Description:

WHO and YT

https://www.who.int/teams/digital-health-and-innovation/digital-channels/combatting-misinformation-online

WHO works with social media policy departments to ensure company policy and guidelines for content providers are fit for purpose.

John’s e mail

enquiries@drjohncampbell.co.uk

https://www.who.int/campaigns/connecting-the-world-to-combat-coronavirus/how-to-report-misinformation-online

WHO provide a helpful guide on how to report misinformation online

Inaccurate information spreads widely and at speed,

making it more difficult for the public to identify verified facts and advice from trusted sources, such as their local health authority or WHO.

https://support.google.com/youtube/answer/9795167?hl=en

As a starting point in the UK, only NHS organisations are being invited to self-certify against the NHS Standard for Creating Health Content.

By completing the self-certification process, an NHS organisation channel will be eligible for information panels indicating NHS credibility.

From FDA to MHRA: are drug regulators for hire?

https://www.bmj.com/content/377/bmj.o1538.full

Regulatory agencies, large proportions of their budgets,

funded by the industry they are sworn to regulate

US Food and Drug Administration (FDA)

1992, Prescription Drug User Fee Act, allowing industry to fund the US Food and Drug Administration (FDA) directly through “user fees”

Net PDUFA fees collected

$29m in 1993

$884m in 2016 (65% of budget)

FDA, 9 out of 10 of its past commissioners between 2006 and 2019 went on to secure roles linked with pharmaceutical companies

European Medicines Agency (EMA)

Industry fees funded 20% European Medicines Agency (EMA), in 1995

By 2010, 75%

Today, 89%

Medicines and Healthcare Products Regulatory Agency (MHRA)

86% of funding from Pharmaceutical Industry

Australia

https://www.tga.gov.au

Proportion of TGA budget derived from industry, 96%

WHO funding

https://app.powerbi.com/view?r=eyJrIjoiNzNmNTRkMWEtNmZjMS00NzdjLWEyMDYtYWExYzA4NzVhZGQwIiwidCI6ImY2MTBjMGI3LWJkMjQtNGIzOS04MTBiLTNkYzI4MGFmYjU5MCIsImMiOjh9

https://www.weforum.org/agenda/2020/04/who-funds-world-health-organization-un-coronavirus-pandemic-covid-trump/

The second-largest funder is the Bill and Melinda Gates Foundation, which provides 9.8% of the WHO’s funds

Appendix

https://genius.com/George-orwell-nineteen-eighty-four-appendix-the-principles-of-newspeak-annotated

https://www.orwell.ru/library/novels/1984/english/en_app

It was expected that Newspeak would have finally superseded Oldspeak (or Standard English, as we should call it) by about the year 2050

The purpose of Newspeak was not only to provide a medium of expression for the world-view and mental habits proper to the devotees of Ingsoc, but to make all other modes of thought impossible.

The C vocabulary was supplementary to the others and consisted entirely of scientific and technical terms. These resembled the scientific terms in use today, and were constructed from the same roots, but the usual care was taken to define them rigidly and strip them of undesirable meanings.

War is peace, freedom is slavery, ignorance is strength

Next Monday, 14th November, evidence based medicine confrence

https://www.eventbrite.co.uk/e/has-big-pharma-hijacked-evidence-based-medicine-tickets-444525075467

From our wedding (and beyond) album

VER a decade ago the mainstream (corporate) media brainwashed people into thinking they needed to hand over their personal photos to surveillance companies. In return, they would get “likes”. Is this a good exchange? No!

Less than a decade ago I set up this album for our wedding. It wasn’t the first as I had already set up a similar album in 2004 (last updated 2005 or more than 17 years ago!).

A few weeks ago our wedding (and beyond) album exceeded 5,000,000 views. We didn’t need anything like Facebook/Instagram or Flickr to share our photos. This site is not self-hosted in the sense that I host it from home (sending large images upstream from a residential copper connection would not work); but at least it’s controlled by us at the domain level. More people should quit social control media (I did completely, only months ago) and invest in their own presence online. Stop renting. Take control. There is no such thing as free hosting. The Net is not a charitable project.

ROUND AUTUMN of 2002, when work at the Office (MCC) was relatively quiet and I had spare time, I set myself up with a scholarly-type Web page. The page has since then morphed into this thing and it was moved to its own domain more than a year later. The blog was set up in 2004 along with many other MySQL-powered pieces of software.

This site is not my first site because I also had a webspace in Geocities (since around 1996 or 1997), but it was the first “proper” personal site. Later came Techrights, which isn’t about myself but about issues. Moreover, TuxMachines turns 18 in a number of days, but it was inherited, not founded.

his site, SCHESTOWITZ.COM, started in 2001 or in 2002. It used to be hosted on another domain before I registered SCHESTOWITZ.COM and moved everything over to it. As I remember it, I started developing just an academic-style profile page while I was at work and it developed a lot over time. I was about 20 at the time. SCHESTOWITZ.COM turned 18 a couple of weeks ago and later this year — in June — TUXMACHINES.ORG will also turn 18.

My first Web site was in Geocities. I was 15 or 16 at the time and I still have a copy, which might be partial/incomplete. That does not matter much as the original content in there was small and barely significant.

This domain became more active in recent weeks because I abandoned all social control media and decided to just blog more, instead. We need to bring back some of the older “web culture”, which includes simpler Web pages and RSS feeds. The corporations may not like that, governments find it harder to censor that, but that’s actually a badge of endorsement for the way things used to be.