Video download link | md5sum cc29a588d814b375a666bda5d567b58f
What Sirius Teaches Us About ISO
Creative Commons Attribution-No Derivative Works 4.0

Summary: Based on my experiences inside Sirius ‘Open Source’ — as I was there for nearly 12 years — I finally tell what I’ve witnessed about ISO certification processes (see ISO wiki for prior experiences)

Sirius ‘Open Source’ taught me a whole bunch of things; some were valuable technical skills, but many were negative experiences that I can finally explain out in the open, expressing in words various ideas that I formed (or formulated) years ago.

The above video concerns ISO and it is relatively long because it covers two parts instead of just one, starting with background and proceeding to real-life examples in the form of redacted E-mails.

The conclusion I reached years ago is that ISO is somewhat of a scam. It creates a barrier that mostly protects monopoly and it makes a lot of money by giving worthless papers, essentially turning managerial ‘religion’ into a fat cash cow. If more people understood the business model of ISO, maybe there would be no ISO anymore.

Summary: Before we proceed to showing how Sirius ‘Open Source’ blatantly ignored security and privacy we wish to show how ISO (see ISO wiki) basically ‘sold’ a certificate to Sirius — this is like a “diploma mill” but something that’s for businesses, not individuals

THIS is today’s second article on this topic. We’ve found some spare time for faster progression and in-depth coverage. As I noted yesterday, my wife had more direct and indirect experience (decades ago) with ISO being a bunch of meaningless hooey. So did I (having stumbled upon classical ‘box tickers’ or worse). Sirius is just another reminder of that. Hence this series and its relevance. It seems like a lot of people in technical fields separately and independently reached the conclusion that ISO is overhyped, overvalued, and mostly a waste of time and money (unless you have a ‘bullshit job’ to justify).

“This isn’t science. It’s like calling “economics” a science. It is not. It’s more like religion.”“My dad complained about the ISO in the 90s,” Ryan said in IRC an hour or so ago. “He constantly made fun of all of their “standards” for management of a company that didn’t mean anything but go on and on. It’s a sort of code so that managers sound smarter than they are. “We’re ISO-Whatever compliant with our handling of the TPS reports.” And the ISO standards can be wrong and never revised. Microsoft implemented the standard for MP3 and so did LAME, and then the result was they were both correct and Windows XP crashed. Part of the standard about what constituted the maximum size for a frame could be calculated one of two ways.Microsoft chose the more constrained way and it resulted in a buffer overflow with some files that crashed Windows Media Player. LAME had chosen the method that resulted in a slightly larger permissible frame size. The outcome was LAME had to be changed to use the Microsoft calculation to avoid crashing Windows, and that meant a reduction in audio quality under some circumstances, with padded bytes instead of data. Later, they changed to use the VBR bit allocator, even in a CBR file, and it mostly avoids the situation by its method of action. It can cleverly use the bit reservoir in ways that the former bit allocator that was only for CBR files couldn’t. Naturally, they never delete anything, so you can still demand the old model. It’s just an absolute nightmare of options switches. It’s the worst thing I’ve ever seen in a utility its size. ISO is kind of the stuff of Pointy Haired Bosses when it comes to Management Theory being standardized.”

Well, this whole “Management Theory” is what we’re dealing with here.

This isn’t science. It’s like calling “economics” a science. It is not. It’s more like religion.

Here’s what happened in Sirius (in mostly logical/chronological order):

Subject: ISO
Date: Mon, 29 Jul 2019 15:47:43 +0100
From: xxxx
To: xxxx

Hey All,

As you know we are going through the ISO processes – I have been asked to gather some information from everyone at Sirius to create a list of all assets used by employees of Sirius whether it belong to the company or the employee so if I can have the item name and serial number that would be great. They have also asked which anti virus you all use.

Are you all able to send me the required information ASAP please?

Thanks,

xxxx

Yes, because a bunch of serial numbers would mean so much! Of people devices at home… for the most part.

“They would nag us to do the same ‘course’ every year, even though it is dumb and we ‘passed’ it already.”A month later came “You have been registered for a Training course – Information Security” (no, not really security but this hoax instead). We’ll deal with that another day…

They would nag us to do the same ‘course’ every year, even though it is dumb and we ‘passed’ it already. This is compliance???

??”This is something that will be done annually for our ISO process,” I was told, “so please complete this on your next shift.”

??Way to waste people’s time, doing and passing a total hoax over and over again (details on why it’s a hoax were covered here before).

??Notice the threats being sent to ALL staff:

Hi All,

As you will all be aware we have been implementing new policies and procedures in order to become ISO 9001 and ISO 27001 compliant. Part of this entailed changing our HR company to xxxx who use the online portal Atlas to provide an easier method to roll out training. I have checked and there is still a substantial amount that has still not been completed.

ALL training sent out by myself needs to be passed and completed by the _*25th November 2019*_. This is to ensure we meet our deadline for the final stage of ISO audits.

Failure to comply with this request may result in disciplinary action. For those of you that have completed the training, please ignore this message and thank you.

Kind Regards,

xxxx

“Failure to comply with this request may result in disciplinary action,” it says. They kept making veiled and explicit threats. Sometimes this culminated in actual bullying, false accusations, and blame-shifting witch-hunts.

Of course the portals failed to even work properly. For instance:

> ALL training sent out by myself needs to be passed and completed by the
> _*25th November 2019*_. This is to ensure we meet our deadline for the
> final stage of ISO audits.

I was able to open all the documents and read them. The animated things,
or training sessions, get stuck. I tried each one of them about 5 times
(>each<) and they get stuck somewhere along the way. I tried this on
multiple machines. Rianne told she too had some difficulties.

I will try again on my next shift, but these technical issues do merit a
mention. They also rely on plugins Adobe no longer supports, posing
security risk (an issue aside from the bugs).

Kind regards,

[Roy]

Her answer was: “Have you tried using a different web browser?”

Of course she wasn’t using GNU/Linux or anything “Open Source”. This does not constitute an actual solution.

In 2020 the following was sent:

——– Forwarded Message ——–
Subject: xxxx – Things to do
Date: Thu, 26 Nov 2020 11:38:01 +0000
From: xxxx
To: xxxx
CC: xxxx

Hi All,

In October I issued Linux Training via xxxx. Can you all please ‘acknowledge’ this on your portal to show that you have opened and read it.

I also need you to ensure ALL training modules issued on xxxx i.e information security and documents issued i.e IMS Awareness presentation have been completed by the end of your next shift.

It is essential these tasks are carried out prior to our ISO Audit next week.

Kind Regards,

Well, those training modules and ISO guidelines weren’t even followed by Sirius. We gave examples of this before. In some cases, there were efforts to meet standards only after a certificate had been granted.

Sheesh. I’m not supposed to say this in public, am I?

What did those audits mean anyway? What did the above “ISO Audit” actually check? That the cookie drawer is properly locked when Office staff goes to retrieve some hot chocolate milk from the machine?

“In the next few parts we’ll show what Sirius did in practice, not in theory, and what it told staff, not ISO auditors.”Some other messages were banal. They indicated a certificate had been granted (in other words, Sirius basically bought one) after minimal so-called ‘audits’ and staff sending a bunch of numbers from the back of computers (as if that means anything at all).

ISO is a joke. When it comes to this administrivia, ISO created just another ‘cash cow’ for itself.

In the next few parts we’ll show what Sirius did in practice, not in theory, and what it told staff, not ISO auditors. It’s one heck of a clusterf**k with the company’s data scattered all over the place. That includes clients’ data, even private keys and passwords.

Summary: Sirius ‘Open Source’ has long used “ISO” — and sometimes “GDPR” — as catch-all excuses for all sorts of nonsensical policies; does ISO realise the degree to which it is being misused by incompetent ‘box tickers’?

“The ISO will basically standardize anything they’re paid to even if it’s impossible for anyone else to implement the standard, for any reason,” Ryan said in IRC yesterday. “They’re a corrupt group that will do anything for money.”

To make matters worse, ISO facilitated epic Microsoft corruption. ISO still enables crime. It didn’t seem to mind it or worry about it. It only worried about the impact on its image/reputation. The EPO‘s management also habitually uses “ISO” to distract from the EPO’s crimes. We covered several examples several years ago. “The ISO hoards “standards” and won’t let you read them for free,” Ryan said moments ago. “So on top of patents, things only Microsoft can implement, etc. There’s this. Unless you tore apart LAME’s source code and tried to write new documentation for MP3, you can’t share high level documents with anyone. I doubt that the paywall is a huge cash cow for them. You still can’t share the official MP3 specification. The source code to LAME or Helix are the specification you can see without ponying up almost $300 iirc for a specification that describes it at a high level. By looking at source code, you can’t clearly understand every part of it unambiguously unless you’re a Mentat or something. The developers of LAME buy the PDFs but how much revenue is five people buying PDFs? Or maybe a dozen people even?”

Here’s one example from Sirius: Nothing to do with ISO, yet “ISO” gets mentioned all the time — the go-to excuse for everything. Any terrible policy…. such as classic “bullshit jobs” (making lists of tickets aside from the ticketing system, for no actual purpose other than to keep us extra busy).

Skip to the bold bits for the ‘short’ story or the gist:

Ticket Review – This is priority and compulsory

——– Forwarded Message ——–
Subject: Re: Ticket Review – This is priority and compulsory
Date: Fri, 31 May 2019 12:45:09 +0100
From: xxxxx

xxxx,

Support is contracted to work 8 hours. This time should be used productively for the company’s requirements and business needs. And right now business needs this report from every shift to update the clients. We are also going through quality control for ISO purposes [Ed: emphasis ours]. This makes it even more important.

This is how your shift should really go:

1. Start shift
2. Read Handover
3. Respond to any emails
4. Ticket review
5. As and when new tickets are added to xxxx – enter these onto the relevant ticket review reports on the fileserver for each customer – whilst doing the ticket review, update if status has changed to either open – ongoing OR closed.6. Work on tickets/check monitoring etc for rest of your shift
7. Write detailed handover and send
8. Finish shift

It is not an unreasonable requirement from management.

If you have anymore issues email me directly or xxxx and do not cc anyone else as I don’t want a long email thread which is going to take focus away from objective.

Kind Regards,

xxxx

> xxxx wrote:
>
> I’m sorry you don’t want my input, but I think this is a very important point that needs making. The trouble is that I can’t see how this is going to improve the amount of tickets that we have open at the moment. What is needed is for each of us to actually work on the tickets.
>
> On 31-05-2019 11:35, xxxxx wrote:
>
>> Hi xxxx,
>> The status box requires open/ ongoing or closed. It doesn’t require details.
>> Please read my email again and follow instructions.
>> This is compulsory and required from each of you.
>> This really is not open for discussion.
>
> [...]
>
>> wrote:
>>
>> I understand. But it would be helpful for me if you would would
>> clarify what exactly is required by a Ticket Review. For me,
>> there’s no point writing largely irrelevant or obvious comments
>> at the bottom of each ticket. What is needed is to actually work
>> on each ticket and resolve it so it can be closed.

Well, that stopped getting done when they decommissioned our last server. So that clearly had nothing to do with “ISO”. The management lied to us and misused the “ISO” straw man.

Does ISO deserve to know this?

Another unqualified “manager” did the same with “GDPR”. To provide some context (2020 E-mails):

> Hi Roy,
>
> Why was this handover sent at 1:03 am – your shift is meant to be
> finished at 1:30 am.
>
> What is the reason for this?

Again, I think this is a misunderstanding. Check the past 8 years’ worth
of handovers at 1-1:30am. Look at the time pattern.

Did you send a similar message to all my NOC colleagues as well?

Regards,

She didn’t ‘get’ the message. I did nothing wrong at all. We all did the same thing even close to a decade earlier. She wrote:

Hi Roy,

Why did you leave your shift at 1:14 am (Tuesday 3rd March 2020)?
Your shift is meant to be until 1:30 am.
There was no prearranged time change request with management or request to leave 15 mins early in writing from you in our records.

I am concerned with this issue. Would you kindly clarify?

I responded again:

> Hi Roy,
>
> Thanks for your email.
>
> I raised these questions yesterday as I noticed that you said bye on
> your slack convo at 1:14 am (I have sent you a screen shot in previous
> email) that made me investigate further and I came across your handover
> times. Hence all these questions.
>
> We would request you to complete your full shift as prescribed and not
> leave early in future.

My handover times are not different from my colleagues’.

Can you explain further please?

Regards,

I responded yet again:

> Hi Roy,
>
> Why did you leave your shift at 1:14 am (Tuesday 3rd March 2020)?
> Your shift is meant to be until 1:30 am.
> There was no prearranged time change request with management or request
> to leave 15 mins early in writing from you in our records.
>
> I am concerned with this issue. Would you kindly clarify?

This is a very surprising message.

For the 9+ years I’ve been in the company we all (always) handed over at
1 to 1:30am, often leaving before 1:30. The above is not at all out of
the ordinary. For any of us…

Regards,

At this point, bearing in mind the previous year’s bullying by her, I kept a copy of the message as a reference (HR, hired by Sirius, advised me to keep copies of key correspondence due to perceived witch-hunts).

To quote the Office Manager on “GDPR” (message redacted a little):

Hi Roy,

When on the 3rd shift (17:30 – 01:30) your shift finishes at 01:30 not beforehand.

xxxx simply requested that you comply with your correct working hours as we could see on slack and your time tracker that you have not been working up until the end of your shift. This isn’t an unreasonable request and doesn’t need to be questioned, its quite simple, finish your shift on time.

I understand the handover being sent over between 01:00 – 01:30 as that allows the colleague next on shift the opportunity to read the handover and discuss anything with you.

On another note, if you can please keep these emails within the company – I can see you have responded/cc’d from your personal email. With GDPR being very important, I do not want any of our client/Sirius data being available on your personal email so its essential to keep work-related correspondence to work emails.

I hope this clears everything up for you.

Kind Regards,

xxxx

I also said:

>> Hi Roy,
>>
>> Thanks for your email.
>>
>> I raised these questions yesterday as I noticed that you said bye on
>> your slack convo at 1:14 am (I have sent you a screen shot in previous
>> email) that made me investigate further and I came across your handover
>> times. Hence all these questions.
>>
>> We would request you to complete your full shift as prescribed and not
>> leave early in future.
>
> My handover times are not different from my colleagues’.
>
> Can you explain further please?

I have received no reply for a day.

I am used to that.

This is not the first time I get unwarranted bollocking and it’s the
kind of thing that can drive away experienced and crucial colleagues
over time.

What I did wasn’t wrong; it doesn’t hurt to get an apology for trying to
shame me in front of the CEO for something I did which was not wrong.

Kind regards,

Of course she never bothered to apologise. She just vanished. Her sidekick had to audacity to say that slang like “bollocking” was rude, ignoring how rude the bullying was and instead focusing on style and choice of words (that British slang isn’t even rude, unlike “bullocks”). It should be noted that the bullying did not start and stop in 2019; it carried on well into 2020. The above example is one of several.

In summary, what we deal with here is two people bullying staff. They’re not qualified for any management role, but they seem to enjoy the ‘thrill’ of pretending that they are. It would become a more persistent problem as new imposters would attempt to cover up the company’s gross understaffing, e.g. a person without knowledge and ill-equipped or unequipped on the beat, pretending to cover a NOC shift or offer a service (that’s the CEO).

The company was lying to clients.

Remember that this is a company where there’s no chance at progression except through nepotism (like family/kinship and sex). At the moment it’s very hard to know what happens in the company, but that’s hardly different from how it was before, as a cabal was working behind the scenes and behind our backs, scheming to do all sorts of illegal things while lying to us (about who left, who was becoming a client and so on)

Sirius has a culture of extreme secrecy, even for insiders. Someone needs to show the ‘dirty laundry’.

In closing, to quote Ryan again (as other than Microsoft’s OOXML crimes there’s the MPEG cartel ISO controversy): “The ISO is still impeding LAME because someday they’ll lose all of the people who understand the code and then someone will have to fix it up to continue working. I’d argue that you almost can’t have standards with ISO. You have to publish them without ISO into the public domain to truly call them standards. People should get these Public Domain documents and decide whether it’s a standard themselves or not, like ZIP or Opus. You’ll notice they didn’t go to the ISO with Opus. They went to the IETF. The IETF standard, you can read. You can read every draft copy too so you know how it changed along the way if you care to. The ISO won’t give you drafts of a standard even if you pay so there’s no seeing how the process evolved. The ISO is probably even nasty in ways that I can’t fathom. But the ones that I know of are bad enough. FhG was not happy about LAME, I can tell you that much. Not happy at all. Even though it made MP3 hugely popular. They don’t acknowledge it even once on their Web site, even their little “MP3 History” museum, which I don’t even think mentions music piracy either. So that’s kind of like “Wikipedia-izing the History of MP3″. We’ll just gloss over Napster and LAME. Wasn’t important. Not gonna go how the format would have failed completely. We marketed it brilliantly and it was a hit out of the ballpark based on secret documents and patents, and ISO. Secret documents, patents, and ISO are in the way of progress, constantly, and the secret documents and ISO can be cut out of the process a lot easier than reforming the patent system.”

How about “ISO” being leveraged to lie to staff?

Video download link | md5sum 07a2f3b98615ee2d67a59e46c7ac4f8e
ISO as Meaningless Certificates Mill
Creative Commons Attribution-No Derivative Works 4.0

Summary: Sirius ‘Open Source’ has used “ISO” as a catch-all talking point since 2019 in spite of doing illegal, unethical and truly dubious things while failing really badly at security

IN OUR last post we started the first part of several parts about ISO, commencing a separate (sub)series of posts that may take about a week to finish.

Sirius ‘Open Source’ disregards security advice, deems commentary that it lacks security staff to be “defamatory” (actually it’s perfectly factual), and moreover it is ignoring advice from technical people who do have a clue — all this while failing to do basic things like change passwords after a major breach.

If ISO considers that to be “OK”, then that says a lot about ISO.

Summary: Sirius ‘Open Source’ has long misused “ISO” to do all sorts of dubious things, including cover-up and frustration of staff; the time has come to explain what happened and maybe eventually report the matter to ISO itself

THOSE who have followed this series carefully enough know that pretty much all the communication tools of Sirius ‘Open Source’ had been outsourced to proprietary vendors (voice, text etc.) without bothering to ask staff, which complained only after the fact. Too late. It’s a decree, not a proposal. Instead of self-hosting Asterisk and relying on Jabber (among other things) the company was sending its workflow to Google, Zoom, Slack (Salesforce) and even Skype (Microsoft) while publicly floating ISO logos.

Over the coming week or so we’ll show this ugly façade of a company that still uses the term “Open Source” — a thing that it is rejecting internally. It’s not about doing what clients require; this is about what the company chooses for itself, as it’s headed by managers who neither use nor support Open Source. It’s a façade.

The Office Manager will be a recurring theme here, as she was part of this façade. What is an Office Manager anyway when the company [cref 167181 does not have an actual office]? David Graeber’s thesis would classify it as a ‘bullshit job’ [1, 2], probably the “box tickers” kind. To quote Wikipedia, we deal here with “box tickers, who create the appearance that something useful is being done when it is not, e.g., survey administrators, in-house magazine journalists, corporate compliance officers, quality service managers…”

As noted here right from the start (a day after resignation), the company was hardly compliant with anything sensible, including security and ethics. Last year I was asked to study logs for some anti-abortion group (without telling me where those logs had come from). What next? Would I be getting assigned jobs like checking logs for Oath Keepers or Proud Boys, seeing that anti-abortion groups were starting paying for “services” last year? (Off the record)

Anyway, yesterday this good article mentioned LastPass, another company that the stubborn new management decided to hand over to not only our own passwords but clients’ too (even private keys!!!), insisting that [cref 168024 according to LastPass] the LastPass breach wasn’t a big deal. Sirius did not even bother resetting passwords after I had repeatedly urged for this to be done (and, as a possible bonus, to dump LastPass altogether). In yesterday’s article the author says: “I’d like to talk about some of my experiences with this topic, as well as recent events in the security community.”

“Before I describe my experience,” he says, “I need to set the stage. My LastPass fun took place around the same time as the infamous Bugcrowd incident with JSBN.”

Watch how LastPass handled things: “My first step in esclating was security.txt. No dice. There was no clear security officer or contact information that I could discern from my social network either, so I chose the path of last resort: I contacted their support team.”

So it’s more or less like Sirius. No wonder a client said the company was “incompetent”. The client said this to a highly incompetent ‘manager’ who was never supposed to be there in the first place: No clue about technology or about management, just some associate from a former organisation in which a Sirius ‘founder’ had spent a few years. Hiring friends and relatives instead of qualified people leads to disaster.

Very basic security practices were often disregarded and staff was ignored in spite of technical background. It was like talking to the wall.

At first we had Asterisk internally; then someone decided it would be better to use some outside firm as a supplier and pay the fees. That was still a lot better than a move to a defective “service” and then purchase “phones” that are a security threat, in the hope (likely false hope) that it would ‘fix’ the issue. We’ll come to that another day.

The management kept covering up for repeated failure/s, blaming the staff (victims) instead, never the decision-makers who introduced a faulty/defective alternative but are too vain to admit it, take the blame, and finally undo.

The company’s obscene disregard for security would not end there. We’ve already covered cognition reports being stored on personal machines, then uploaded to AWS (not the client’s servers). There was no longer any security protocol in place; no file server for them or for us (GDPR would be screaming!), set aside the fact that the company is no longer “open source” and is basically lying about it. It’s more like bragging about ISO while gaslighting people who actually value security.

Not only did the company ignore the warnings from me, it didn’t even change passwords, alter providers, or self-host an actual “Open Source” alternative. It kept saying it would (or merely consider this), but those were lies. As we mentioned here before, this wasn’t a matter of practicality of cost-savings either; Sirius was getting huge bills for “clown computing” (idle almost all the time but the bills kept growing and growing). Any suggestion of self-hosting, i.e. like before, was dismissed as “hobbyist” by the CEO. So what is to be sold as a service by Sirius? Outsourcing? Well, the company’s latest incarnation in LinkedIn does say that.

Tomorrow we’ll show some examples of misuse of the company’s pretences (ISO, GDPR etc.) for cover-up, censorship etc.

In the meantime, however, consider this E-mail from July 2019 (when the company was setting up a shell in the US, covertly, when signing an NDA with the Gates Foundation):

xxxx wrote on 17/07/2019 17:20:
> Hello Roy,
>
> As you are aware we’re currently going through the process of
> implementing ISO 27001 (information security management system). It’s
> been brought to our attention that you using xxxxx Slack is
> unacceptable due to the security of password sharing amongst yourselves.
>
> During your meeting at the training workshop – I had asked for you to
> reconsider as this is a company requirement.
>
> Moving forward and with the advice from the ISO company this is now
> something which needs to be completed by the end of your shift this
> evening. Slack is an essential communication tool used by everyone
> within the company.
>
> Would you please confirm the receipt of this email and a reply to this
> request.

Hi,

Currently, all our sensitive communications end up on the server of a large corporation in another country, where this data can get sold. It included NHS stuff. This too is a problem as we need to be Open Source not only in name and I’ve been waiting for xxxxx to set up Matrix or similar for me to join. It has been months and I think it’s essential for our company to demonstrate it takes security seriously. I can set up an Open Source alternative myself if that helps.

Regards,

Of course I only received more threats for this, rather than be listened to. Of course “information security” and Slack are incompatible concepts. As we shall revisit shortly, let’s just say Slack suffered yet another data breach shortly thereafter, vindicating me. Did the management listen? Did it react? Of course not.

After some more threats I was compelled to give up, at least temporarily:

xxxx wrote:
> Hello Roy,
>
> As I have expressed in my previous email and in all communication that
> Slack is an essential communication tool used by everyone within the
> company at the moment. We all should be there.
>
> This is a direct management requirement and instruction and it needs to
> be implemented immediately.

I have just created the Slack account.

It would still be useful to know the timeline for moving to an Open Source alternatives. Slack has no business model other than spying at the moment, as media repeatedly points out.

Regards,

Regarding “I’ve been waiting for xxxxx to set up Matrix or similar for me to join,” I was receiving false promises from the CEO, naming two people who would set up a Free software alternative like Riot/Mattermost. One of them left the company (as I had previously warned the manager) and another never implemented the change. Sirius management was just lying all along.

We’ll revisit Slack another day and we shall deal with each of these blunders in turn. ISO is a joke if it grants certification to companies which behave in this way, set aside how superficial the requirements are. 15 years ago Microsoft bribed a lot of firms and organisations to rig ISO; and ISO, in turn, was OK with it. Now, after so many years, Sirius is another disgrace or a black eye to ISO. No wonder clients suffered security breaches. They weren’t even informed of how poorly Sirius had handled/managed security.

Video download link | md5sum 168a92bcf2df638d7400bf9c47205e22
Sirius Lied to Staff About Contract
Creative Commons Attribution-No Derivative Works 4.0

Summary: Sirius ‘Open Source’ developed a culture of chronic lying (managers lying to technical people) and even tricking people into signing contracts stacked against their interests; this must be exposed to the world

THE part just published is explained a little further in video form above, adding additional information to what we put in textual form. Expect another fortnight or so before the series ends.

I still try my best to most accurately explain the situation and any possibilities obscured by the NDA with the Gates Foundation. The video discusses yesterday’s meme and article before proceeding to the latest part. It notes that yesterday I spoke to NHS staff (there’s a very poor opinion about the Gates Foundation among health workers) and how Microsoft targeted a boss above the boss (CEO), sending its faux “open source” people (under false pretexts) to complain about me even more than half a decade ago. Yesterday I spoke to a lawyer again, forming progressively better explanations of what had actually happened as there are many angles to cover (and write down in simple words). It is all factual. Neither speculative nor defamatory. I know this company all ‘too’ well from the inside. I spent nights at the home of the CEO.

The company is in a state of panic. The brand is ruined. As noted in the latest part, apparently a relative of management was invited^* while the CEO was absent. The technical staff had not seen him in person since around 2017 or 2018! Who would take such a company seriously?
_______
^* Such nepotism (relatives as staff; no experience or qualifications need to be met!) would only become a lot worse over time. This one relative was hired to work on technical things in a technical role. He could never solve issues, he was young and inexperienced, he had no access capability (to actually tackle issues); to be fair, for Sirius it was very hard to recruit at this price point (very low salaries for a highly demanding set of skills). This kind of nepotism harmed morale in the company, as it always eventually leads to ruinous (but truthful) gossip among colleagues. It wasn’t just this one person either; imagine seeing one colleague kissing on the mouth a colleague who is not his wife, who also used to work in the company (or bracing in public two girls at once; not good… unsociable optics). Suffice to say, there is a “toxicity” associated with the realisation that the Support Manager already brought into the company three sexual partners as members of staff, none of whom qualified in a relevant field and/or with no relevant work experience, likely just to be shadowed by the partner. And it’s even worse for workers’ morale when owing to connections they have higher level access compared to far more senior staff (who is not sleeping with the manager). The girlfriends of the manager were not invited for contract-signing as they did the same behind the scenes, no pretences were needed. They were part of the “family”. If the company wasn’t “in hiding”, this would merit a more formal investigation by appropriate regulators.

Note: This article is redacted as well/best as possible to protect people’s identities. It’s important to properly report and inform the public of this. There might be laws being broken herein.

Just a month after we were forced to sign a new contract that we did not see!

Summary: Sirius ‘Open Source’ (Limited or Inc.) is a truly dodgy company; it has been exceedingly and increasingly dodgy every year since 2019 — a turning point for the worse

AS we noted here yesterday, one must go back to 2019 to properly understand what happened to my employer (since 2011). 4 years ago we were compelled to sign up for a minuscule and dodgy shell valued at one British pound (just a little more than a dollar), initially registered in some poor residential area, maybe the address of the registrar rather than the company’s real (physical) address. Sirius Corporation was “becoming” Sirius ‘Open Source’ Ltd. and nobody told us about it while Sirius ‘Open Source’ Inc. was being created in another continent for Gates Foundation as its “first client” (very shortly after formation).

We don’t know why the company was so secretive about the whole thing, but the CEO did openly admit (verbally, never in writing) that the Gates Foundation had signed some NDA. The Gates Foundation would never ever be mentioned after that; never ever in writing! So what the heck was going on? I’ve long had this theory that they know cannot bribe me for silence (and maybe not threaten the employer either; they tried this already). It’s just too convenient to use a fake ‘charity’ to gain greater control over my employer, getting the company to move to another country based on false promises, all for some work that thousands of American companies (not British) could trivially do. Why choose a Microsoft-hostile firm in another country and continent? It makes no sense.

Was this something to do with me? Impossible to prove? Sure, and moreover there’s an NDA. Why on Earth was an NDA signed?

For those who think Sirius is some ‘small potato’, bear in mind this wasn’t always the case (it is now). For instance, see this 2006 press release from Red Hat. To quote: “Red Hat (NASDAQ: RHAT), the world’s leading provider of open source solutions, today announced that UK based open source consulting firm, Sirius Corporation, has joined its Red Hat Advanced Partner Programme in Europe.”

Back then Sirius Corporation was also a sponsor of the Free Software Foundation. It was a good company.

Today, I’d like to show a chain of correspondence demonstrating what exactly happened in 2019, at least as far as we can tell from our side. The gist of the story is, a colleague was working early that morning (or night) and said he’d likely not attend a meeting. I said the same. The company then escalated the tone and forced us to travel to the meeting, without even once mentioning a contract with a new company would be signed. They use progressively menacing, threatening language to invited people.

While it seems a relative of management was invited^*, the CEO was absent entirely. Why? How curious.

In any event, in the correspondence below, do note there’s no mention of contract signing; the training was a bit of a joke too, as it was basically just a cover. The Office Manager initially wrote to the NOC team, with all the “cabal” CC’d^**.

Hi Support,

We will be holding a _compulsory_ [emphasis in original] Sirius Workshop to provide you all with the additional training required to carry out your role. During the specified day (list below) you will all be required to come into the office where xxxx will be able to help with any enquires.

xxxx – 24th June
Roy & Rianne – 26th June
xxxx – 28th June

I will organise travel for those of you that require it, I will send these details in a separate email. These dates cannot be changed due to requiring cover for your shifts whilst you are at the workshop.

Can you all confirm that you have read this email.

Thanks,

xxxx & xxxx

xxxx
Sirius – stress free technology

I politely responded half a day later:

I’ve just spoken with Rianne about this.

Would it please be possible to attend remotely (over Hangouts) for the sake of the environment and also to reduce travel costs? We’re very environmentally-conscientious and believe this can be done remotely in a way that is beneficial to all. We’d be very grateful.

One colleague said: “I’ve read it – but I’ll be on night shift then so would be sleeping during the day time” (same day).

Later we got sent some more:

Sirius Training Workshop – June 2019

Hi All,

Just to reiterate, this is a training workshop not only to help with gaining knowledge but also to collect feedback on what else you need in order to carry out your tasks to the best of your ability and for any concerns you may have. As you are all aware from the fortnightly meetings, Sirius is growing and we’re taking on more and more clients. We want to ensure that each of our clients are getting the same standard of service during the day shifts and overnight/weekend and xxxx will be providing the training to ensure this is the case. It will also be a great opportunity to meet up with the office team.

Please find attached the agenda for the day.

From the attached PDF:

Sirius Workshop Agenda:
W/C: 24th June 2019
Morning Meet-up: 09:00 – 10:00
Brief meeting to discuss what you would like to gain from the training workshop – We will then try to cover all these topics / help answer queries during the training session.
Training session with xxxx
Lunch Break: 13:00 – 14:00
Training session to continue – Task / Trouble shooting with xxxx
Feedback with management – this will give you the opportunity to give any further feedback for anything else that you may need to successfully carry out all tasks during your shifts and receive feedback.
Please feel free to write any notes/questions below that you would like to discuss on
the day.
Notes:
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………
……………………………………………………………………………………

Notice there is NO mention of new contract signing for a new company.

A day or so later:

Dear All,

As previously discussed, a support workshop has been arranged for each of you between the 24/06/2019 – 28/06/2019 to assist with your role. I have made arrangements for your shifts to be covered and ensured that you will have appropriate rest before returning to your normal working pattern. The training is mandatory training the company are covering all of the costs including the travel and will be providing food. It is not possible for your attendance to be arranged remotely due to the nature of the training so your attendance is required. This shift is regarded as your normal working shift for the day you are attending and failure to attend could result in formal action.

This is direct management instruction and is intended to ensure that there is no issues and that everyone attends this training that the company has gone to expense to arrange.

Kind Regards,

xxxx

Read “It is not possible for your attendance to be arranged remotely due to the nature of the training so your attendance is required” as “we’re going to (en)trap you into signing a contract you never saw, probably illegally…”

Later came this:

Hi Roy,

To ensure I leave you enough rest period your shift on Tuesday 25th June will be covered by xxxx. Your next shift on the 26th June will also be covered by xxxx and you will need to arrive at the office around 12noon for your training.

You will still be paid your normal salary – no reductions will be made.

Please keep your receipts for your travel as I will need these to process your expenses and I will ensure you’re reimbursed on the day. Lunch will also be provided.

If you can please confirm that you understand this, hopefully it all makes senses. Incase I have missed anything please let me know and I will get any queries answered ASAP.

Kind Regards,

xxxx

Still no mention of contract. Next E-mail:

Hi Roy,

Please find attached a Self Assessment that I would like you to fill out before your training workshop. This will be used during the feedback meeting in the first part of the workshop in order to see what we can help with during your training with xxxx.

You can either print it off and fill it in OR fill it in online and email me a copy. Please just make sure its done by the day of your training workshop as it will be really useful for everyone taking part in the workshop that day.

Kind Regards,

xxxx

And to my wife:

Hi xxxx,

xxxx has already mentioned that we will be organising cover for shifts.

Roy – your shifts on the 25th June 2019 and 26th June 2019 will be covered – emails to follow with more details.

Due to the journey, we completely understand that you will not likely arrive by 10am – but we are aware and will be adjusting your agenda times.

Thanks,

xxxx

The person signing the above messages was likely an “instrument” in doing something illegal, having to “lie to Roy to protect the boss” (by denying the truth). Such spineless, blindly-obedient workers would not last long, as the company would collapse. So even this blind loyalty to reckless bosses would not save them. We will always remember.
_______
^* Probably another fine example of overt nepotism (unqualified relatives as staff).
^** They knew what they were really doing. They kept the staff in the dark all along.