Now we understand, Kirschner covers up a major data breach in March, disappears on extended paternity leave and comes back in May to a general meeting to eliminate the fellowship representative and avoid accountability
Then he uses the money and lawyers and threats to create a wall of secrecy and fear around his shady empire. this is freedom? May 11, 2019, 5:37 PM by [email protected]: > > Dear Fellows, > > Many of you expressed frustration that an organization like FSFE was > distributing your email addresses to other members. Not all of you were > warned about that when you joined the mailing list. > > Anyhow, it turns out that there was a rather serious missed opportunity > to review that policy in 2018. FSFE president Matthias Kirschner wrote > an email to the GA mailing list on 15.03.2018 with the subject "[GA] > Report about privacy problem with financial data" > > Kirschner goes on: > > "The archives of > [email protected] <mailto:[email protected]>> , > and thereby all the information > including full names, amount, credit card and bank details, were public > from 18 December 2017 until 13 March 2018." > > It is incredulous that such data is managed on a mailing list, > especially when the list runs on the same public server as > Internet-accessible public lists. All financial organizations that I've > ever worked for keep such data on servers in isolated subnets, with mail > allowed in through an intermediate box in the DMZ. There is never > direct access from the Internet to the box where sensitive data is stored. > > Privacy regulations in many countries require customers/members/donors > to be informed about such hiccups. I don't believe FSFE sent any > notice to Fellows like you at that time. > > Kirschner raised the possibility of informing possible victims and told > the GA that council members had explicitly decided not to do so. They > argued that the logs didn't show any conclusive evidence that the leak > was exploited. Would you have wanted to be warned anyway, just in case? > > The email encouraged list admins to check list settings. But as FSFE > confirmed[1] last week, the names of list subscribers were still > available to all other subscribers to download freely more than a year > after that previous incident. > > "as explained ..., this list was available to all list-subscribers as it > is common practice. However, we now changed the settings and > list-subscribers are only visible for list-admins from now on." > > Will FSFE tell us how many times the data was downloaded during the last > 18 months? > > Or will they use that money you donated, with your potentially > compromised credit card numbers, to hire an army of lawyers to savage > the representative you voted for? > > It appears that FSFE missed the opportunity to revise privacy settings > in March 2018. Regrettable? > > Repeating that quote from Kirschner, a summary of his plotting with > Chris Lamb, former Debian Project Leader: > > "One general wish -- which I agreed with -- from Debian was to better > share information about people" > > Is it correct to blame the people who download things that Kirschner shares? > > The same email included malicious assertions about the former Fellowship > representative, myself, a coordinated attempt to cause me harm in a way > that has compromised the privacy of numerous individuals. > > As that email has been circulated around various communities, a number > of people have been shocked at the way Kirschner and Lamb were > conspiring against the privacy of their own members. Some of the > defamatory claims were even implausible, this was obvious to people > familiar with the details. I want to thank all those people who quietly > tipped me off about Kirschner and Lamb. > > I would encourage all of you to embrace the opportunity to vote in the > first autonomous Fellowship elections. > > Faithfully, > > Your undead zombie Fellowship Representative who just didn't die > correctly when backstabbed > > > 1. > https://lists.fsfe.org/pipermail/discussion/2019-May/012696.html > <https://lists.fsfe.org/pipermail/discussion/2019-May/012696.html> > > _______________________________________________ > Discussion mailing list > [email protected] <mailto:[email protected]> > https://lists.fsfellowship.eu/mailman/listinfo/discussion > <https://lists.fsfellowship.eu/mailman/listinfo/discussion> >
_______________________________________________ Discussion mailing list [email protected] https://lists.fsfellowship.eu/mailman/listinfo/discussion
