I hate Mondays.
On Sun, 12 May 2019 10:07:52 +0200 (CEST), <[email protected]> wrote: > > > Now we understand, Kirschner covers up a major data breach in March, > disappears on extended paternity leave and comes back in May to a general > meeting to eliminate the fellowship representative and avoid accountability > > Then he uses the money and lawyers and threats to create a wall of secrecy > and fear around his shady empire. > > this is freedom? > > > May 11, 2019, 5:37 PM by [email protected]: > > > > > Dear Fellows, > > > > Many of you expressed frustration that an organization like FSFE was > > distributing your email addresses to other members. Not all of you were > > warned about that when you joined the mailing list. > > > > Anyhow, it turns out that there was a rather serious missed opportunity > > to review that policy in 2018. FSFE president Matthias Kirschner wrote > > an email to the GA mailing list on 15.03.2018 with the subject "[GA] > > Report about privacy problem with financial data" > > > > Kirschner goes on: > > > > "The archives of > [email protected] <mailto:[email protected]>> > > , and thereby all the information > > including full names, amount, credit card and bank details, were public > > from 18 December 2017 until 13 March 2018." > > > > It is incredulous that such data is managed on a mailing list, > > especially when the list runs on the same public server as > > Internet-accessible public lists. All financial organizations that I've > > ever worked for keep such data on servers in isolated subnets, with mail > > allowed in through an intermediate box in the DMZ. There is never > > direct access from the Internet to the box where sensitive data is stored. > > > > Privacy regulations in many countries require customers/members/donors > > to be informed about such hiccups. I don't believe FSFE sent any > > notice to Fellows like you at that time. > > > > Kirschner raised the possibility of informing possible victims and told > > the GA that council members had explicitly decided not to do so. They > > argued that the logs didn't show any conclusive evidence that the leak > > was exploited. Would you have wanted to be warned anyway, just in case? > > > > The email encouraged list admins to check list settings. But as FSFE > > confirmed[1] last week, the names of list subscribers were still > > available to all other subscribers to download freely more than a year > > after that previous incident. > > > > "as explained ..., this list was available to all list-subscribers as it > > is common practice. However, we now changed the settings and > > list-subscribers are only visible for list-admins from now on." > > > > Will FSFE tell us how many times the data was downloaded during the last > > 18 months? > > > > Or will they use that money you donated, with your potentially > > compromised credit card numbers, to hire an army of lawyers to savage > > the representative you voted for? > > > > It appears that FSFE missed the opportunity to revise privacy settings > > in March 2018. Regrettable? > > > > Repeating that quote from Kirschner, a summary of his plotting with > > Chris Lamb, former Debian Project Leader: > > > > "One general wish -- which I agreed with -- from Debian was to better > > share information about people" > > > > Is it correct to blame the people who download things that Kirschner shares? > > > > The same email included malicious assertions about the former Fellowship > > representative, myself, a coordinated attempt to cause me harm in a way > > that has compromised the privacy of numerous individuals. > > > > As that email has been circulated around various communities, a number > > of people have been shocked at the way Kirschner and Lamb were > > conspiring against the privacy of their own members. Some of the > > defamatory claims were even implausible, this was obvious to people > > familiar with the details. I want to thank all those people who quietly > > tipped me off about Kirschner and Lamb. > > > > I would encourage all of you to embrace the opportunity to vote in the > > first autonomous Fellowship elections. > > > > Faithfully, > > > > Your undead zombie Fellowship Representative who just didn't die > > correctly when backstabbed > > > > > > 1. > https://lists.fsfe.org/pipermail/discussion/2019-May/012696.html > > <https://lists.fsfe.org/pipermail/discussion/2019-May/012696.html> > > > > _______________________________________________ > > Discussion mailing list > > [email protected] <mailto:[email protected]> > > https://lists.fsfellowship.eu/mailman/listinfo/discussion > > <https://lists.fsfellowship.eu/mailman/listinfo/discussion> > > > _______________________________________________ > Discussion mailing list > [email protected] > https://lists.fsfellowship.eu/mailman/listinfo/discussion _______________________________________________ Discussion mailing list [email protected] https://lists.fsfellowship.eu/mailman/listinfo/discussion
