From Rianne’s departure message about Sirius ‘Open Source’

Summary: Sirius is finished, but it’s important to share the lessons learned with other people; there might be other “pretenders” out there and they need to be abandoned

THIS is by no means a complete summary; the Sirius ‘Open Source’ wiki contains a more complete overview. However, this is an abbreviated summary focusing on the issues at hand, rewriting them for an audience that might think about leaving a toxic employer but isn’t sure why or how. Some readers have asked for such a summary as they consider doing the same.

We’ve decided to use the existing articles’ index to make this grand summary of the issues, split suitably for quicker digestion (covering unions, staff health etc.) and omitting more employer-specific scandals, e.g. illegal contract-signing (we included a response to my initial refusal/declination and others’), E-mail clippings as evidence and so on.

The short story is: do not participate in lying and in illegal acts. If you feel like your employer is heading in this direction, prepare to leave.

Don’t wait too long. Do not attempt to rationalise staying. Your morality is more important than short-term conveniences like “paying the mortgage” or “staying with colleagues”.

I joined Sirius 12 years ago (in February of 2011). The CEO was kind to me at the time. We’ve shared a screenshot from the Internet Archive of the company’s old site (back when it was a sponsor of the Free Software Foundation). The CEO, as I found out much later, was hopping from one woman to the next, saddling them with daughters whom he failed to take care of. He was getting married when I spoke about joining, marrying a manager in the company — a manager whom he had already had a child with. It was maybe too late for me to properly understand the chronology of it, but it seemed benign at the time. It smacked of nepotism already, but at least the spouse had actual experience as a manager. Similarly, my wife had a degree in Computer Science. The CEO, as I recently found out, was also allegedly cheating on his second wife. We’re still investigating the nature of that as it impacts the company directly. The CEO is not a good person. I was warned about him being a chronic liar some time around 2006, but I did not fully heed this warning.

The company was in disarray in (or by) 2022. Heck, it was standing on one foot for several years already (maybe since 2019). In 2021 they sent me a bogus message about “disciplinary note”, simply because I’d not say “hi, it’s Roy” or something inane like this over the phone. The management failed to prepare staff and then tried to blame the staff, which was assigned to handle clerical work using a truly defective product with impossible demands (answering within 3 rings).

My ‘tenure’ at the company was generally good; nobody complained and I was “Star of the Week” (10-pound voucher award) about a decade ago. I also have some other physical certificates that they sent me in recognition (e.g. laminated finish on paper for my 5-year anniversary).

So what compelled me to leave?

A lot of things.

Above all, the ethics associated with the job became far too problematic. I wrote about this in my blog last summer and again when I left this past December. Some clients were truly awful and immoral. I don’t want to name them, and thankfully I’ve avoided working with/for them. By this point Sirius kept announcing clients that later turned out to ‘pre’ announcements (or truly premature as nothing ever came out of it). The managers were desperate to give a false impression (illusion) of getting business and some of the actual “business” they attracted is worse than nothing. Some past clients did not wish to associate with Sirius and at least one past client (telephony sector company) asked to be removed from the fake “clients” page of Sirius.

I can’t blame those clients. Being associated with Sirius was becoming a liability to them. Search for ‘The Liar’ in the headlines here; you’ll see what I mean… don’t tolerate any bosses who keep saying they’re too busy to reply to E-mail from staff; so what are they doing all day? If they don’t even respond to staff, then it’s not clear if they’re busy at all; they could just as well pretend to be “busy” by not doing anything at all, then use that as an excuse or “evidence” of the busy-ness.

The Liar (nickname) later resorted to using flimsy ‘evidence’. He said, without any evidence, that I had uttered something “defamatory”; it took two weeks to actually show something and what they then showed was some side IRC channel (that nobody reads) stating perfectly factual information about my experiences, without naming people or any company. It was a chat between just two people and didn’t reveal anyone’s identity. It was factual and necessary; it was moral to object to bad ideas. Blind obedience and unquestionable docility should not be seen as a merit.

The company was, at this point, not even an attractive employer. Set aside the ethical deficit. It had no actual office (Sirius used to host for clients, not outsource for them) and had some technical workers compared to “monkeys” (even treated as such). In recent years it became trivial to show, using documents in the public domain, that the company was operating like a shell. It was simple to show it’s getting worse over time and unbearable debt was growing. The company was going to go under (just a matter of time) and the staff had no prospects of progression (well, no chance at progression except through nepotism (like family) or sex); the company was no longer “open source”, except in name, bragging about ISO certification (see The Inside Story of ISO ‘Certification’ Mill) while gaslighting people who actually value security/compliance.

If you work in a company such as this, don’t expect it to improve. The people with greater skills and integrity likely left already. They won’t be coming back.

Not only did the company ignore the warnings from me (about security problems), it didn’t even change passwords, alter providers, or self-host an actual “Open Source” alternative that doesn’t lie about security breaches. Sirius kept paying huge bills for “clown computing” (instances that were idle almost all the time) and my suggestion of self-hosting, like we did before, were dismissed as “hobbyist” by the CEO. So what is to be sold as a service? Outsourcing?

For more information about these things, revisit the parts about “How Carbon Accounting Became a Cover for Sirius Open Source Ltd.” and “How Sirius Open Source Ltd. Felt Deep Into Debt” (super dodgy).

By the time we left (in 2022) the company was quite frankly broke and not worth suing for severance. It had likely plundered some older pensions already (still the subject of an ongoing probe; photographs of letters from the current pension provider suggest they might try this again). This became a cultural, chronic problem. For instance, the management lied about providing recordings of meetings in 2019, so I started making my own recordings of such meetings. I could not trust managers’ words. Such chronic lying and false promises are a sign it’s time to leave (or prepare to leave). I already prepared in 2019, but then COVID-19 happened. The managers like to tell themselves they did us a favour. But people who are idle a lot of the time because they work overnight, devoted to complex tasks of monitoring many things and responding, can never sleep well. This impacts their physical and mental health. They make personal compromises while getting paid laughably little. For projects to be done (e.g. programming) one needs a proper daytime job without distraction and with decent pay.

Sirius Open Wash Ltd. (maybe a suggested name for another — likely third — shell entity) would be letting Windows users who adore surveillance get involved in decision-making, grabbing Gates Foundation money to pretend they have a future (Gates never needed a British company to handle something thousands of American firms can easily handle). Seeing that the CEO’s and the company’s Twitter accounts (all of them) have not tweeted anything since last summer, we suppose no other shell will be created. Sirius is finished. Jobs were advertised by the company’s account in Twitter last year, but only on short-term contractual basis. It now says the company is also US-based and says laughable things like Sirius being American leaders in the area (Sirius has almost no clients and staff there), simply because the chief absconded, escaping responsibilities for his family which he ditched (so he can have sex with another woman, apparently some American he met).

So he’s likely running away to dodge litigation and maybe dodge payments to the two former wives and 4 daughters, especially the young ones (early teens at this time).

This series has attempted to be impersonal (no names), but at some point it can get trickier. We still try to work around the secrecy of the NDA and figure out what exactly happened in 2019.

Video download link | md5sum b8720fc3b41aaa603c06b9b81ba9921c
Sirius Closure and Steps Ahead
Creative Commons Attribution-No Derivative Works 4.0

Summary: Yesterday I was sent a letter approving my resignation from Sirius ‘Open Source’, two months after I had already announced that I was resigning with immediate effect; they sent an identical letter to my wife (this time, unlike before, they remembered to also change the names!!)

THIS is just an update regarding Sirius, as it sent the following yesterday; it was sent one day after the actual date of the letter (“Acceptance of your Resignation [...] Please see the attached letter.”) and to quote:

Re: Your resignation has been accepted

Dear Roy,

I write further to my letter of 9th Dec 2022 in which I asked you to reconsider your resignation and gave you a cooling off period to 16th Dec 2022. Given that I did not hear from you before the end of the cooling off period, I could only therefore assume that you did not wish to retract your resignation.

I am disappointed that you decided not to allow us the opportunity to attempt to resolve any concerns that led to your resignation, however I have to respect your decision and it is therefore with regret that your resignation was accepted, with your final day of employment being Friday 16th December.

Any accrued holidays you ha not taken will be paid in your final pay, which should have been processed in the January payment run. Your P45 will be issued as soon as possible after your final pay has been administered.

We wish you every success in the future.
Yours sincerely,

xxxxxx
CEO, Sirius UK

As I explain in the video above, it seems like a face-saving publicity stunt from them, pretending all was amicable. We’re meanwhile investigating what happened to the pensions of all past staff; the Standard Life management is being super-evasive about it. One might assume it got plundered by Sirius management, but we’re still trying to find verifiable evidence of that. Now that British and French workers are staging massive strikes (the latter over pensions in particular) we urge people all around the world to check that their pensions haven’t been rendered scams. It seems like a trend.

Video download link | md5sum 46726a937016a1d3c37cb00ecce28246
End of Sirius
Creative Commons Attribution-No Derivative Works 4.0

Summary: The Sirius ‘Open Source’ series ended after 60 days (parts published every day except the day my SSD died completely and very suddenly); the video above explains what’s to come and what lessons can be learned from the 21-year collective experience (my wife and I; work periods combined) in a company that still claims, in vain, to be “Open Source”

THIS is going to be the last video about Sirius, at least for a while. We’ll get back to this subject, but only infrequently. We plan to publish a list of things that are applicable to every worker in the technology sector, especially companies that are openwashing (and let’s face it, as of recent years almost every technical company merely claims to support “Open Source” while doing almost everything secretly and keeping the crown jewels proprietary, sometimes patented too).

I can finally devote 100% of my technical capacity to Free software, either developing some or writing about it, as I’ve already done for more than 20 years (my personal site turned 20 last year).

At the moment society faces a number of threats and growing disruption, magnified further by an ever-escalating global (but proxy) war, which in turn impacts all sorts of other things (access to food, price of energy, mental health and so on). Things will be further exacerbated later this year, based on gloomy but seemingly realistic predictions (the forecasts of a recovery aren’t based on actual observable facts, only wishful thinking).

More and more people seem to be choosing to “disconnect”; if not from society then from “tech” (stuff like social control media, which was never meant to make people happy, except temporarily — that’s just what addiction does). Many people whom we used to revere and look up to have vanished. Many sites went offline (the Web is generally shrinking, based on Netcraft). Financial strain would accelerate these trends.

The rest of what I have to say will be covered in the next video. We’ll try to produce more articles with more videos.

“The ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy.”

–Martin Luther King, Jr.

Summary: The mentality or the general mindset at Sirius ‘Open Source’ was not compatible with that of security conscientiousness and it seemed abundantly clear that paper mills (e.g. ISO certification) cannot compensate for that

THIS will be the last daily part before we transition to more irregular or infrequent postings, ending with a grand summary some time late in February. This series will never end entirely as we continue to learn more and more things from its readers (yes, many people have been reading it, including past staff).

Today’s important addition is some hard evidence that Sirius was outsourcing passwords; even the partner of the manager admits issues to that effect, e.g. in “Handover to shift 3 – 18/02/2022″ it was noted they had “Sent out Sirius passwords for Monit via LassPass”. In “Handover to shift 1 – 03/08/2021″ it was said that “Apparently the problems with my account are down to a corrupted share key. Will need help from an admin to fix this at a time when I don’t need access to Sirius shared folders.”

Why are we sending our own credentials and clients’ credentials to a third party? This party is controversial for many reasons, including its chain of ownership and jurisdiction, set aside security breaches.

In “Handover to shift 1 – 27/08/2021″ it said: “Got xxxx to remove me from all shared folders so that LastPass support can reset my share key.”

Notice we were also having technical problems; the outsourcing solved nothing and merely created more problems.

In “Handover to shift 3 – 16/08/2022″ (just months ago): “Fiddling with my browser settings because Google Voice didn’t ring when xxxxx did a test call.”

Again, outsourcing the telephone system meant more problems. All of us were having these problems, but managers ended up doubling down on their mistake, moving what’s left of Asterisk (that actually worked!) to what kept failing and failing and failing. Such insane policy-making, detached from any fact- or evidence-based analysis, dooms companies. I raised concerns about this internally more times than I can recall. I received support from colleagues when I complained. They felt the same way, but with criticism not welcomed by managers who make mistakes it proved to be an exercise in futility. An arrogant management is management that’s unable to listen and correct mistakes, with recklessness and stinginess that will inevitably cost the company existing and potential clients (they cannot get through to us on the phone!).

If you notice those patterns in your workplace, consider leaving. I didn’t want to leave an employer where I had worked for so long, but it seemed clear time was running out and the company was sinking/drowning while deflecting the blame^*.

As a bit of quick background, Sirius wasn’t always this bad. In the last few weeks or months that I spent in the company (especially the last 2 weeks) I witnessed all sorts of very worrying things; lately, for instance, due to budget or understaffing issues, some qualified and well-equipped staff was passed over (not asked to cover slots) and instead the CEO covered shifts which he could not really do. He lacks access credentials, skills, and tools. In effect, clients were given the wrong impression someone qualified monitored their systems. They’d be wrong to assume this. We basically lied to them. Again.

It is important to stress that qualified staff was available instead (my wife was available), but one can speculate that the CEO, who had moved from Bristol to London, couldn’t keep up with living expenses/costs (his own company’s account has only loose change) and needed extra cash and thus let himself reach out to the Sirius cookie jar. That’s just a hunch. We’re guessing. There’s very little in the public record (hiding past employment, previous education etc.), but as we showed in December he registered his own company at some accountancy’s address and there’s almost no money in the bank account. Should he cover jobs/slots he is unable to cover? The so-called ‘founder’ did the same at least once. Handovers started coming from high-level management. Those people didn’t even have login credentials for clients’ machines!

It was time to leave Sirius. I had planned this for a long time; it wasn’t about money but about morals. Money is a separate issue; if I worked since 1998, would I receive the salary of 25 years ago? Would I want to be associated with such a company 25 years down the line? It’s not the same company at all!

In 2022 the company was going under due to the loss of its largest client; the company was not lying about its financial situation but rather made it seem less gloomy than it really was (same to the clients, to assure and reassure them, just so that they’re confident we wouldn’t go under midway or halfway through the contract).

As we noted here before, there was a severe “dogfooding” deficit; the company spoke about “Open Source” while refusing to use it internally. It actively replaced Free/Open Source software that had been working just fine for over a decade. Instead of being a good example for the workers and the clients, the company went out of its way to cheat and mislead. And instead of making workers familiarised with the products the company claims to support, the company moved staff away from such products. If you are in control of your own stack, then you have to learn how to maintain it. In turn, you can help others do the same. We’re sending mixed messages to clients if we’re outsourcing everything.

The sad thing is that looking back we don’t miss anything except a few colleagues. The management destroyed its own credibility in one day. A humiliating letter with photos of my wife and I (yes, he’s stalking), random clippings from public IRC logs, and even a photo of a koala bear have nothing to do with the company’s operations.

As noted at the start, this series isn’t ending or hibernating; it’ll carry on, albeit at a slower pace.
____
^* To give one memorable example of blame-shifting, less than a year ago I received a ‘rebuttal’ to my informal report which said: “So someone from xxxx LLC called, but not authorised for out of hours support. We need to receive clearer instructions if calls we receive on that account are not from xxxx clients.” I put ‘rebuttal’ in scare quotes because it did nothing to refuse what I had said. A manager wrote: “I just wanted to correct a couple of points from Roy’s previous handover below. 1. Unfortunately, the highlighted call in the xxxxx section was incorrectly triaged. We can see from the audit log that this call came through on the US Reception telephone line and not on the xxxx support line. This was highly likely to have been a sales enquiry rather than a support call but insufficient information was gathered for us to be certain.” So whose fault was it? Then there was this lie: “As far as I’m aware, there has been nothing but positive feedback about these notes so far but do please let me know if anybody else has any concerns at all or if there is anything we could to to improve them. The overwhelming majority of you have handled xxxxx calls excellently and I’m very grateful for your work on this. I am also always happy to offer any additional support that may be needed with our processes and policy.” Actually, it was abundantly clear from what colleagues said (sometimes publicly) that they too had issues and many uncertainties. The problem was coordination at the top, as well as terrible tooling provided to staff by clueless managers.

And the management that chose this junk resorts to blaming the victims

“Giving the Linus Torvalds Award to the Free Software Foundation is a bit like giving the Han Solo Award to the Rebel Alliance.”

–Richard Stallman

Summary: When the company where I worked for nearly 12 years spoke of pragmatism it was merely making excuses to adopt proprietary software at the expense of already-working and functional Free software

LAST night we covered the use of Microsoft Skype in Sirius ‘Open Source’. It only happened once, but that was enough to damage the brand and injure some workers’ morale. Why would a company called “Open Source” something be eager to abandon Free/Open Source software, opting for proprietary stuff of the most vicious rival? What message does that send to longstanding clients or existing staff? What about potential/prospective/future clients and staff?

Slack on GNU/Linux is a mess. Slack on Free/libre browsers is almost an impossibility. So why on Earth would Sirius move away from Jabber and force/impose the use of Slack? I’ve uploaded 2 images from several years back; they’re screenshots of what happened when I tried accessing Slack from a GNU/Linux PC using a decent Web browser that isn’t controlled by spying firms:

That does not seem like it’s going to work, does it? This is from 2019. It has only gotten worse since.

So we’ve just belatedly used two screenshots of what Slack looks like on GNU/Linux with a proper (Free/libre) browser; “bossware” that insists on browsers which spy on their users. Using some User Agent (UA) sniffing they try to undermine or prevent access with perfectly capable browsers (if the UA is faked, there’s a way to get in).

Back then I wrote to an incompetent manager who threatened me repeatedly for not using Slack: “I tried to access my account from two computers, from two browsers, including Chrome. It’s not working. See screenshots. It only works from Rianne’s laptop.”

At one point they agrees to let me use Rianne’s laptop, but then they “changed their minds” (in other words, they had lied to me right to my face in the illegal contract-signing). I got this:

xxxx wrote on 21/07/2019 02:23:
> Hi Roy,
>
> You need to fix this problem and use Slack.
>
> You are a well qualified tech who can fix this issue and comply with
> management’s request.
>
> As I have explicitly explained to you that you need to have your log in
> for Slack and not use Rianne’s. Yet today you’re logged in via Rianne’s
> and not using yours even though you sent me details of your own log in.
>
> To refresh your memory, this is from my previous email.

I need to install a new OS or a new browser for this.

Remember that the company never even paid us for any of our hardware purchases (for our work machines). That seems unreasonable.

In hindsight, it seems clear this manager scared away almost all the technical people. The damage was irreversible.

Slack itself has been having issues and it was sold to Salesforce. The New York Times reported Salesforce layoffs earlier this month. The Wall Street Journal published this article noting that Slack just made bloated proprietary junk nobody truly wants to depend on:

When Salesforce Inc. bought the messaging application Slack for $27.7 billion almost two years ago, it said the marriage would “transform the way everyone works in the all-digital, work-from-anywhere world.” Corporate technology buyers so far aren’t impressed, analysts said.

The acquisition sought to capture the fast-growing market for communications and collaboration software during the Covid-19 pandemic, as employers sent workers home and shifted to remote systems.

Today, companies in the market for customer-relationship management software?—?Salesforce’s signature product?—?don’t appear to be swayed one way or another by the addition of messaging and collaboration features, said Liz Herbert, a vice president and principal analyst at information-technology research firm Forrester Research Inc.

“We don’t really see, when it comes to Slack, any pent up demand from Salesforce’s base for a tool like that,” Ms. Herbert said. “It really hasn’t become something compelling,” she said.

Salesforce bought itself a dud and in December of last year the CEO said that he would leave this month.

From what we can gather, the decision to adopt Slack came from the CEO, who posted Trump support tweets while encouraging staff to use pictures of superheroes in Slack. How childish and unprofessional. What a betrayal of Free software. Is this really the same person who became a patron of the Free Software Foundation? Maybe his personal life took him on a crazy ride — a subject we might revisit some other day in another month.

To be clear, Slack doesn’t do anything that Free software cannot do. It’s bloated and it is not secure. It also has security breaches.

Just two days before the above E-mail message (from a manager) I received this:

——– Forwarded Message ——–
Subject: ???? Slack Security Incident
Date: Fri, 19 Jul 2019 16:58:59 +0000
From: Keybase <notify@keybase.io>
To: r@schestowitz.com

*schestowitz*,

We’ve been getting questions about this, so an announcement for everyone.

Today, Slack announced that a break-in from 2015 was possibly more
severe than previously announced. A lot of people have been getting
emails today. It seems 1% of Slack users still had compromised accounts
(after 4 years); but more seriously, Slack has not disclosed what
percent of Slack teams had their messages stolen. Also, if a small
fraction of users have had compromised accounts, that may still mean a
majority of teams were compromised.

We’re sending this note because people are now asking if this could
happen with Keybase teams. Simple answer: no. While Keybase now has all
the important features of Slack, it has the only protection against
server break-ins: *end-to-end encryption*.

Keybase’s CEO, Max, just wrote how this Slack incident personally
affected him *in a new blog post* .

tl;dr. Hackers who break into Keybase’s servers could not read your
company’s, family’s, friend’s, or community’s messages. Hope this simple
update answers everyone’s questions.

*https://keybase.io/app*

And Keybase is free!
?? the Keybase team

Slack took over Keybase and Slack itself was a vulnerable piece of garbage with habitual data breaches. The Keybase reputation was tarnished and not many people seem to be using it anymore, certainly not me.

I eventually responded to the manager as follows:

> Hi Roy,
>
> You need to fix this problem and use Slack.
>
> You are a well qualified tech who can fix this issue and comply with
> management’s request.
>
> As I have explicitly explained to you that you need to have your log in
> for Slack and not use Rianne’s. Yet today you’re logged in via Rianne’s
> and not using yours even though you sent me details of your own log in.
>
> To refresh your memory, this is from my previous email.

I’m going to try to install another browser, as Chome and other browsers
don’t work for me. They don’t show anything when I log in (I sent you
screenshots). Maybe I’ll be logged in with my username in a few hours
when it’s installed (if that works).

In the meantime, I have to raise other concerns.

The inevitable has happened to Slack. They announced it days and and
they can be held criminally accountable

To say that Slack got merely “compromised” would be an understatement
Yes, it did in fact get compromised, but it’s a lot worse. It’s far
worse than a compromise per se. I’m going to explain, starting with the
basics.

Slack accumulates all data and never deletes any of it. GDPR should be
applicable here and I suspect that EU authorities have not assessed that
aspect just yet. What Slack is to users isn’t what it is to Slack, the
company. The Electronic Frontier Foundation (EFF) issued strongly-worded
warnings about Slack and even Microsoft utright banned Slack for
security reasons. They very much foresaw the latest disaster. It’s
difficult to assess or measure because it’s almost impossible to track
the sources of rogue actors’ data.

Slack did not have a mere ‘incident’. They knew about it for quite some
time (at higher levels, too). It’s the complete doomsday scenario, an
equivalent of having one’s own Jabber server completely and totally
hijacked, and all communications in it (names, passwords) stolen. But in
the case of Slack millions of businesses are affected. In one fell
swoop. Just like that. Even the public sector. Military, hospitals, you
name it…

Slack got cracked, but they won’t admit that. They will lie about the
extent of the damage, just like Yahoo and Equifax did (each time waiting
months before revealing it was orders of magnitude worse). They game the
news cycle that way. People must assume that all data is compromised.
Businesses and their clients’ data is on Slack. Even HR stuff, which
gets passed around in internal communications. Super-sensitive things
like passwords, passports and so on.

Who was Slack data copied by? Mirrored or ‘stolen’, to put it another
way? Possibly by rogue military actors that can leverage it for
espionage and blackmail, as many do. Covertly. You rarely hear about
blackmail because that’s just the nature of the blackmail. It happens
silently. Some would say Slack got “hacked” (they typically mean
cracked). But it’s actually a lot worse than getting cracked! I’ll
explain further…

About a month ago Slack got to its IPO milestone. But it committed an
actual crime by not informing the customers of the breach. They would
change passwords etc. had they known. But Slack did not obey the law. It
did not inform customers. It announced all this after the IPO, in order
to make shareholders liable, and it did so late on a Friday (to minimise
press coverage about this likely crime). The shareholders too should sue
for concealment of critical information.

Slack knew what had happened and why it waited all this time. This
scandal can unfold for quite some time to come.

It would be wise to move to locally-hosted FOSS. However, that would not
in any way undo the damage of having uploaded piles of corporate data to
Slack and their compromised servers. In the coming days many companies
will come to realise that for years they tactlessly and irresponsibly
gave piles of personal/corporate data to Slack and now a bunch of
crackers around the world have this data.

You can expect Slack to stonewall for a while, saying that it’s the
weekend anyway. When it comes to Slack, expect what happened with
Yahoo; First they say it’s a small incident; Months pass; Then they toss
out a note to say it was actually big; A year later (when it’s “old
news”): 3 BILLION accounts affected.

Now, like Yahoo, they will downplay scope of impact. A lot of companies
can suffer for years to come (e.g. data breaches, identity theft).

I have great concern for the company where I’m working for almost a
decade, including our compliance with the law and our clients’
compliance with the law. This is why I bring this up.

I’m going to install something new and see if I can somehow logged in. I
already tried, unsuccessfully, from two of my laptops.

In summary, Slack is a pile of garbage. With Slack, Sirius too became a pile of garbage. They deserve each other.

A few weeks ago John Goerzen wrote: “I loaded up this title with buzzwords. The basic idea is that IM systems shouldn’t have to only use the Internet.”

Slack does not work when the company has downtime. It happened several times, which meant people could not speak to colleagues for hours. Why was our Jabber server shut down? Surveillance through Slack?

Remember that Sirius kept promoting fake security as if the company is a bunch of people who never used computers before. When clients ask about ISO certification (not an isolated incident) they don’t seem to understand what truly happens inside Sirus. There’s spying, outsourcing, security breaches and so on. Someone needs to talk about this.

Video download link | md5sum 9088e5ce7cc9eba79bde5977c20d399f
Sirius and Microsofters Inside
Creative Commons Attribution-No Derivative Works 4.0

Summary: Sirius ‘Open Source’ has been employing incompetent managers for years — a sentiment shared among colleagues by the way; today we examine some glaring examples with redacted communications to prove it

LAST night we published this latest/next part about Sirius, though only about a day later than originally expected due to my most important hard drive simply dying. We’ll still try to stick to the original schedule with a closing day after exactly 2 months (since the start of the series). After that we have more to cover, but maybe not on a daily basis.

The video above goes back to the days when a backstabbing manager had been appointed; he asked if not demanded all of us to get Microsoft Skype accounts and get the darn thing installed only for useless presentation based on invalid data.

The video moreover gives a recent example of “managers” failing to do very simple and very critical tasks. This puts clients’ businesses at great risk.

Sirius hasn’t been managed by competent people for years already. Clients are noticing this, but some chose Sirius because of very old past reputation (and revisionist history).

The time a Sirius manager demanded that all staff installs Microsoft Skype, creating an account in it

“I found what they call a whitepaper but it’s 17 pages and basically says “We’re ISO certified”…”

–Mathew Duggan, blog post from yesterday

Summary: Sirius ‘Open Source’ was hiring people who brought to the company a culture of redundant tasks and unwanted, even hostile technology; today we continue to tell the story of a company run by the CEO whose friends and acquaintances did severe damage

YESTERDAY I had a major hardware incident (the hard drive of my main PC suddenly died and needed replacing), so there was no article about Sirius, but today we’re catching up fast (I’ve also upgraded the operating system).

Looking back at my time at Sirius (it’ll be 12 years in 2 weeks from now), I try to recall the better days, the early days. These times weren’t fantastic by any stretch of imagination, but they were certainly better. Free software was used at every level. The colleagues were looking after the physical infrastructure. The NOC colleagues adopted my handover format/style over a decade ago and management had better temper.

More recent managers didn’t understand Free software or “Open Source”. One of them fell in love with Microsoft’s proprietary junk, even several years before Gates Foundation money (Gates Foundation paid under some NDA, resulting in the formation of Sirius Open Source Inc.). He said in Twitter that “some things” are better entrusted to Microsoft and, as it turned out later, he allegedly worked against the company (the CEO said he was trying to liaise with one of our colleagues to “steal” our biggest client).

By contrast, his predecessors were very much involved in GNU/Linux. One of them is mentioned in an old talk: “The LiMo Foundation are building a mobile middleware stack based on Linux. With over 70% of the platform based on open source components, what are the benefits and challenges of open source adoption, and what is the LiMo approach to working with Open Source?”

We also had highly technical managers before that; of course they use GNU/Linux. At the moment it’s safe to say that nobody, at least among the managers, uses it. The non-technical Office Manager probably uses a “phone” some of the time (instead of a “proper” computer) and probably has no clue about any of the technical details or the tasks inside the company. A ‘box-ticking’ ‘bullshit job’ is the only thing coming from her direction and she’s failing even at that, repeatedly, then vanishing without replies/explanations (or just some lousy excuses).

Below we present some redacted evidence of the issue spoken about above. Here’s the handling of “Failed PSU”. As per Handover to Shift 3, 22/07/19: “Renewed the warranty for xxxxx. Don’t tell the customer that it ran out. (xxxxx’s email address was the one listed. I’ve changed that to the support email/number.) Checking that it is plugged in before xxxxx calls in the warranty.”

So the very simple task of renewing the warranty was not done. Handover to Shift 1 10/08/2019 said: “Both xxxxx and I have attempted to claim the warranty on this, but the HP Carepack Centre say they will not send out a new power supply without seeing the logs. The warranty did not cover the time that the logs will show that the PSU failed, so unless someone can figure out a solution then we are stuck. Whilst this server only has one working PSU it is at risk, so we need an idea.”

Notice they keep the customer in the dark about this. Handover to shift 3 – 24/08/2019: “xxxx received the xxxxx and said he was fitting it on the 19th. Waiting for update when he returns from holiday on 4th September.” More recently a similar incident, as per Handover to shift 1 – 11/09/2022: “Looked for the warranty certificate. (She hasn’t sent it to support, so checked my own emails and slack too.) xxxxx said she would send it out before she went on maternity leave.”

So one can see what it means to have irresponsible ‘box tickers’. Clients’ server are at risk of physical damage.

Regarding the above-mentioned Skype episode, another ‘box ticker’ prepared a useless presentation based on bogus data and wanted all the staff to install Skype, even though it was proprietary and already controlled by Microsoft.

This is him:

Skype accounts

Dear All

Very soon we will be holding an Operations Staff Skype call to deal with activities, processes and customer service ethos of the team. If you need to create a Skype account, please do so by Tuesday 24th March. A camera is optional, but you will need a microphone.

Once you have a Skype account, please add me as a contact: xxxxxxxxx. I will need this information to join you to the call.

Kind regards

xxxxxxxxx

My reply:

Hi xxxxxxxxx,

Will it be possible to connect through landline/mobile/NOC phone (Cisco) or SIP? Also, what date/time is the event? It looks like it says 27/3 (Friday).

Thanks,

Roy

His:

Hi Roy

The event is Friday 27th March at 10 am. I shall be using slides on the call, hence my request a few days ago that everyone connect to my Skype account.

Regards

xxxx

After a lot of pressure I found some old (very old) Android phone from 2012 and temporarily put Skype on it.

I need to find some machine that I can afford to compromise (maybe a phone). There are passwords and stuff on this machine, so installing Skype on it is out of the question (too dangerous).

He thanked me, ran a totally useless presentation on this, and then I deleted the whole thing.

This is what he wrote to all the colleagues, promoting Microsoft’s Skype to them:

I note there are a number of team members that have not yet added me on Skype. Please do this in preparation for Friday’s meeting.

Regards

Also:

Dear All

Here’s a check list of what you’ll need to do to prepare for tomorrow’s call and some guidance for joining the call.

1. A Skype account
2. Be connected to me. Skype name: xxxxxxx
3. Audio: mic and sound. We probably won’t use individual video links as this can cause bandwidth issues
4. Reasonable screen real estate so that you’re able to view some slides
5. A quiet space — background noise will be distracting to others on the call

Notes:
1. It’s best to mute if you’re not speaking
2. At 09:55, open a Skype session. I will add you to the the call. Once everyone is added I will host the session by initiating the call
3. Folks in the office may find it easier to gather around 1 or 2 machines
4. If you haven’t connected to me you cannot be joined to the call. If you’re not on the call you will miss important information

Regards

Not so long later he left the company after (according to the CEO) it turned out he had been working against the company behind the scenes.

Dear All

It’s time to say goodbye and I wanted to say thank you to each and everyone of you for my gifts, cards and especially, for my “bag for life!” Very topical!

I have enjoyed my time at Sirius very much — you are an inspiring bunch to work with. And for sure, you collectively pack-a-punch that puts Sirius fairly and squarely amongst far larger competitors. I may no longer be inside the tent, but please be assured, I will remain a Sirius fan.

Farewell Sirians

All the best

xxxxxxxx

That said nothing about the real reason he left.

So that’s another story for these chronicles. In the next couple of days we’ll show some more stories and then conclude/summarise the series.