humanacollaborator
/
humanacollabora
2
2
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
humanacollabora/github.md

206 lines
13 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[//]: # (to do: vet the links for CF & scrub)
[//]: # (to do: halloween papers)
[//]: # (to do: https://www.businessinsider.com/microsoft-new-employee-review-system-stack-ranking-2023-9)
[0]: https://infosec.exchange/@bojkotiMalbona/104637098084869887
[1]: https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor#ComputingTechnical
[2]: https://user-images.githubusercontent.com/21023035/61580062-10fd6300-aafd-11e9-8bf2-64faddf63760.png
[3]: https://github.com/Eloston/ungoogled-chromium/issues/795#issuecomment-687991721
[4]: https://www.bleepingcomputer.com/news/security/microsofts-github-account-allegedly-hacked-500gb-stolen
[4-cache]: http://web.archive.org/web/20221108044516/www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/
[5]: https://www.zdnet.com/article/hackers-stole-github-and-gitlab-oauth-tokens-from-git-analytics-firm-waydev
[6]: https://msrc.microsoft.com/create-report
[7]: https://www.bbc.com/news/technology-50232902
[8]: https://mako.cc/writing/hill-free_tools.html
[9]: https://corporate.exxonmobil.com/news/newsroom/news-releases/2019/0222_exxonmobil-to-increase-permian-profitability-through-digital-partnership-with-microsoft
[10]: https://news.microsoft.com/2019/09/17/schlumberger-chevron-and-microsoft-announce-collaboration-to-accelerate-digital-transformation
[11]: https://www.scientificamerican.com/article/exxon-knew-about-climate-change-almost-40-years-ago
[12]: http://web.archive.org/web/publicintegrity.org/federal-politics/republican-lawmakers-posh-hideaway-bankrolled-by-secret-corporate-cash
[13]: http://techrights.org/wiki/index.php/Microsoft_and_the_NSA
[14]: http://cal-access.sos.ca.gov/Campaign/Committees/Detail.aspx?id=1401518&view=late1&session=2017
[15]: http://web.archive.org/web/20200318144031/www.theverge.com/2018/6/15/17468292/amazon-microsoft-uber-california-consumer-privacy-act
[16]: https://web.archive.org/web/20200722105800/tokenpost.com/Central-Bank-of-Sweden-is-testing-digital-currency-5197
[17]: https://github.com/privacytools/privacytools.io/issues/374#issuecomment-460077544
[18]: https://www.cnet.com/news/amazon-google-and-microsoft-sued-over-photos-in-facial-recognition-database
[19]: http://gnu.org/philosophy/free-software-even-more-important.html
[20]: http://gnu.org/proprietary/malware-microsoft.html
[21]: https://www.vice.com/en_us/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana
[22]: https://www.rijksoverheid.nl/documenten/rapporten/2018/11/07/data-protection-impact-assessment-op-microsoft-office
[23]: https://www.zdnet.com/article/dutch-government-report-says-microsoft-office-telemetry-collection-breaks-gdpr
[24]: https://gdpr-info.eu/art-5-gdpr
[25]: https://gdpr-info.eu/art-17-gdpr
[26]: https://www.forbes.com/sites/thomasbrewster/2019/08/01/microsoft-slammed-for-investing-in-israeli-facial-recognition-spying-on-palestinians
[27]: https://edition.cnn.com/2018/06/03/middleeast/razan-al-najjar-gaza-nurse-killed/index.html
[28]: https://www.independent.co.uk/news/world/middle-east/gaza-protests-latest-idf-condemned-edited-video-angel-of-mercy-medic-razan-al-najjar-a8389611.html
[29]: https://companies-that-work-with-ice.com
[30]: https://thehill.com/policy/technology/393358-microsoft-employees-dissatisfied-by-ceo-response-plan-action-against-ice
[31]: https://www.theverge.com/2019/10/9/20906213/github-ice-microsoft-software-email-contract-immigration-nonprofit-donation
[32]: https://gizmodo.com/microsoft-employees-up-in-arms-over-cloud-contract-with-1826927803
[33]: http://fortune.com/2020/05/18/microsoft-fedex-partnership-build
[34]: https://www.zdnet.com/article/honeywell-set-to-launch-its-quantum-computer-with-quantum-volume-of-64
[35]: https://techinquiry.org/SiliconValley-Military
[36]: https://ai.google/principles
[37]: https://web.archive.org/web/20200529160343/www.cheatsheet.com/web/20200529160343mp_/https://www.cheatsheet.com/money-career/these-companies-started-firing-employees-right-after-getting-tax-cuts-from-trump.html
[38]: http://www.theguardian.com/technology/2016/feb/02/microsoft-downloading-windows-10-automatic-update
[39]: https://www.cnet.com/news/microsoft-windows-10-forced-updates-auto-restarts-are-the-worst
[40]: https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation
[41]: http://www.linfo.org/microsoft_tax.html
[42]: http://techrights.org/2017/03/15/still-using-patents-to-coerce
[43]: http://techrights.org/2017/02/27/microsoft-novell-v2-via-azure
[44]: https://www.gnu.org/software/repo-criteria-evaluation.html
[45]: https://ilyaigpetrov.medium.com/github-shadowbans-anti-censorship-coder-account-for-a-link-to-the-christchurch-shootings-video-c79a80b408a9
[46]: https://github.com/deCloudflare/deCloudflare
[47]: http://crimeflare.eu.org/
[48]: images/github_ban.png
[49]: https://www.iccl.ie/digital-data/iccl-report-on-the-scale-of-real-time-bidding-data-broadcasts-in-the-u-s-and-europe/
[50]: https://github.com/wireapp/kalium#github-packages-authentication
[51]: https://sfconservancy.org/GiveUpGitHub
[52]: https://githubcopilotinvestigation.com
[53]: https://git.veen.world/kevinveenbirkenbach/github-to-gitea-mirror
# Direct practical problems with using Microsoft Github
1. A survey [shows][0] that a significant number of bug reports are
**withheld** when the bug tracker is inside a restrictive or
politically controversial walled-garden like MS Github or
gitlab.com. This ultimately hinders the quality of software in the
commons.
1. Github restricts access to some FOSS code by [requiring][50] a
“GitHub Personal Access Token” to download software.
1. Github is Tor-hostile [according to Tor project][1]. GH has
started forcing Tor users through an extra email verification step
that effectively discourages bug reports:
![github-tor_hostility][2]
1. Github takes a hostile posture toward burner accounts, and they
[enforce it][3]. Burner accounts are important for privacy because
aggregation of pseudo-anonymous identities enables adversaries to
identify someone. Even notwithstanding doxxing, aggregation blocks
someone from working on something like "a design for a better
marijuana bong" while also working on a project like "business
critical infrastructure" for his boss. The bong project might ruin
the user's reputation from the standpoint of a commercial job.
Burner accounts protect users so they can work on multiple
projects, and Microsoft bans that protection.
1. MS failed to secure Github, which was [breached to the tune of 500gb of private projects][4-cache].
Then security was breached again in July 2020 when OAuth tokens were
[stolen][5] from both Github and Gitlab.com.
Security incompetence is further showcased by an MS-imposed requirement
to create and account and sign in to report an MS security bug.
And for those not discouraged by that, [the sign-in page][6] is also broken.
1. MS suppresses democracy by [blocking][7] Github access to a project
that facilitates protests in Catalonia.
MS also [banned][45] the account of an anti-censorship developer.
1. In 2021 1st quarter, MS [sabotaged][46] the deCloudflare
[project][47], a charitable humanitarian project that gives the
general public tools and knowledge to avoid Cloudflare. MS did
that silently and without warning or discussion. The user account
was also suspended:
![github-ban][48]
1. Free software projects that rely on non-free software
"[put everyone at the whim of the groups and individuals who produce the tools they depend on][8],"
and it puts free software developers in a position of hypocrisy.
1. MS mechanically suppresses bug reports that contain profanity
*without moderation*. That is, if you say something like “the
fucking server pushed a CAPTCHA” and the profanity is not directed
at any developers, the bug report will still be blocked in an
absolute, irreversable manner without the possibility of human
intervention, instead of quarantining the report for
moderation. This effectively demoralizes the bug reporter who may
opt not to reattempt the report submission; thus ultimately
hindering software quality.
1. MS [violates][52] the copyright of free software projects using AI
in its “Copilot” program.
## Ethical problems with using Microsoft products and services
11. Microsoft harms the **environment** by serving the two most destructive oil companies in the world: [ExxonMobil][9] and [Chevron][10].
1. (#ExxonKnew) Exxon notoriously [knew][11] about climate change
since 1977. They not only kept it secret from the public, but
they also financed a disinformation campaign.
1. Microsoft and Chevron were [caught][12] each paying $100k to
"the Cloakroom", a project to hide bribes going from large
corporations to republican politicians.
1. Chevron's right-leaning stance is further pushed through its
membership with ALEC, which doubles as a superPAC and bill mill
that lobbies and writes policy for U.S. republicans.
1. Microsoft is a notorious **privacy** abuser:
1. MS is a PRISM corporation prone to mass surveillance.
1. MS supported CISPA and [collaborates][13] with the NSA.
1. MS [paid][14] $195k to [fight][15] the California Consumer
Privacy Act (CCPA).
1. MS drug tests its employees, thus intruding on their privacy
outside the workplace.
1. MS finances other privacy abusers:
1. In 2012 Microsoft spent $35 million on Facebook ads and in
2015 Microsoft was the third biggest spender on Facebook
ads in the world.
1. MS proxies through Accenture to [make Sweden cashless][16].
The war on cash is war on privacy.
1. MS supplies Bing search service which gives high rankings to
[privacy-abusing][17] CloudFlare websites.
1. MS owns and operates Outlook Email and the LinkedIn social
media site, both of which are exclusive walled-gardens that
limit participation to those who have a phone number and the
will to share it with Microsoft.
1. MS supplies hotmail.com email service, which uses vigilante
extremist org *Spamhaus* to force residential internet
users to share all their e-mail metadata and payloads with
a corporate third-party.
1. MS [unlawfully][18] used people's images without consent to
train their facial recognition products
1. MS distributes a [nonfree operating system][19], Microsoft
Windows, which is jam-packed with
[malicious functionalities][20], including surveillance of
users, DRM, censorship and a universal back door.
1. MS was [caught][21] surreptitiously recording Xbox users and
paying contractors to listen to the recordings.
1. Dutch government commissioned [a study][22] which found
Microsoft to have [several GDPR violations][23]. E.g. Office
365 violates [GDPR article 5][24] ¶ `1.c`,
[GDPR article 17][25], and stores the data outside the EEA (may
also be a GDPR breach).
1. (2022) Microsoft acquired Xandr from AT&T, thus [becoming a
surveillance advertiser][49].
1. Microsoft is detrimental to **human rights** and **democracy**
1. Microsoft [finances AnyVision][26] to produce facial
recognition technology that the Israeli military uses as a
weapon against the Palestinian people who they oppress in their
occupation. Note that Israeli snipers [murdered][27] an unarmed
civilian Palestinian medic (in breach of the Geneva Convention)
then [edited][28] the video to deceive the public for PR damage
control.
1. Microsoft [supports ICE][29] in a variety of ways in the course
of ICE's implementation of Trump's xenophobic border
policies. Microsoft services an ICE contract worth
[$19.4 million dollars][30] despite protest from employees. In
addition to MS Office products, Microsoft has renewed a
[Github contract][31] and also supplies cloud computing through
its [Azure platform][32].
1. MS [partnered with FedEx][33], an NRA-supporting ALEC member as
well as [JP Morgan Chase][34], the most evil bank in the world.
1. MS [conceals][35] US military contracts to bias PR and dodge
social accountablity. They have a much bigger piece these
contracts than the rest of MACFANG, they lack Google's
[AI principles][36], and unlike Google they ignore employee
protest and petitions.
1. MS is among the top 15 recipients of Trump's corporate tax breaks,
a benefit of $128 billion. Microsoft
[sacked hundreds of employees][37] immediately after receiving the
tax breaks in February 2018.
1. MS is **anti-consumer** and anti-competitive
1. MS [tricked][38] users into "upgrading" to Windows 10, which
[sabotages][39] users in a variety of ways, one of which is to
[prevent cloud-free accounts][40].
1. MS [strong-armed][41] nearly all PC manufacturers charge every
buyer for an MS Windows license regardless of whether the user
actually wants Windows.
1. MS [hoards][42] software patents and uses them to [fight free software][43].
1. Github [has an F rating][44] by the FSF.
## Remedial actions
The Software Conservancy has a [Give Up Github campaign][51] which
suggests actions you can take to help support this movement.
Use [Kevin Veen-Birkenbachs tool][53] to mirror Github repos on Gitea.
Reference in New Issue View Git Blame Copy Permalink