I didn't want to be break this story over here but since no one else seems to be posting about it here I am sharing a screenshot from the other side with @scan's post.
-
Because of Open Collective's belief in transparency, you can see directly how much @OpenSourceCollective is paying to use Persona and when those payments started:
https://opencollective.com/opensource/transactions?searchTerm=persona&kind=ALL
So yeah, this really seems like they are integrating Persona directly into Open Collective. So even if the fiscal host changes directions here, this seems totally not ok.
https://github.com/opencollective/opencollective-frontend/pull/11988 -
A abekonge@venner.network shared this topic
-
Because of Open Collective's belief in transparency, you can see directly how much @OpenSourceCollective is paying to use Persona and when those payments started:
https://opencollective.com/opensource/transactions?searchTerm=persona&kind=ALL
Huh. The amount of absolutely private data Persona and the companies they sell it to are hovering up is mind boggling.
With that I assumed companies using their product would be paid for it instead of being the ones paying. -
@Li @liaizon @scan I think we are going to need it. Open source will be attacked by bad faith actors which can set up a bot army of "contributors" - the openness we want needs some kind of trust mechanisms. I am not saying this specific case warrants an identification system - just that there are sharks in the water ahead. Say someone wants to infiltrate the forums of KDE, and make a lot of noise and disturb development, they can already. In the future they can x1000 it in volume and distruption
-
So yeah, this really seems like they are integrating Persona directly into Open Collective. So even if the fiscal host changes directions here, this seems totally not ok.
https://github.com/opencollective/opencollective-frontend/pull/11988Soooooo @Mastodon is using @OpenSourceCollective as their fiscal host...
-
@Li @liaizon @scan I think we are going to need it. Open source will be attacked by bad faith actors which can set up a bot army of "contributors" - the openness we want needs some kind of trust mechanisms. I am not saying this specific case warrants an identification system - just that there are sharks in the water ahead. Say someone wants to infiltrate the forums of KDE, and make a lot of noise and disturb development, they can already. In the future they can x1000 it in volume and distruption
look okay we just "need" mass privacy violations, we just *need* to destroy all anominity on these projects, its super important! we just need to discriminate against people who are not 'blessed' by teh state with the privledge of being able to exist.
yeah; how about no;
i do not care how 'palletable' you try to make this dystopian bullshit
please fuck off
-
RE: https://social.wake.st/@liaizon/116206925371202010
I didn't want to be break this story over here but since no one else seems to be posting about it here I am sharing a screenshot from the other side with @scan's post.
-
look okay we just "need" mass privacy violations, we just *need* to destroy all anominity on these projects, its super important! we just need to discriminate against people who are not 'blessed' by teh state with the privledge of being able to exist.
yeah; how about no;
i do not care how 'palletable' you try to make this dystopian bullshit
please fuck off
@Li @liaizon @scan Look, I am not rooting for any of these things, I am rooting for solutions that can proove personhood _without_ breaching privacy.
There is a whitepaper about it on the firstperson project web page. The Linux Foundation is one of the initiaters of this work. And in the case of OpenCollective and shipping ID off to Palantir-bros - hell yeah, they can fuck off. -
So yeah, this really seems like they are integrating Persona directly into Open Collective. So even if the fiscal host changes directions here, this seems totally not ok.
https://github.com/opencollective/opencollective-frontend/pull/11988@liaizon A botly hooray
-
@Li @liaizon @scan Look, I am not rooting for any of these things, I am rooting for solutions that can proove personhood _without_ breaching privacy.
There is a whitepaper about it on the firstperson project web page. The Linux Foundation is one of the initiaters of this work. And in the case of OpenCollective and shipping ID off to Palantir-bros - hell yeah, they can fuck off.@havchr @liaizon @scan "proving personhood" again please fuck off with this shit.
"proving personhood" means that someone can just decide your not a 'person', or that you are a "person" its discriminatory, and creates extreme power dynamics (which is what IDs are for, the other part is survailence)
ive been told for ages im not really a person you know, i don't actually have a magic id card that says i 'count' actually;
a person is anything that says it is, fuck you. stop trying to enforce dehumanization actually
i don't need to fucking 'prove' to fucking anyone ever; and i hope your system gets hacked to fuck; (i mean, you cant do 'privacy preserving, identify verification'' its self-contradictory)
and fuck the linux foundation for enabling this shit too actually
-
@Li @liaizon @scan Look, I am not rooting for any of these things, I am rooting for solutions that can proove personhood _without_ breaching privacy.
There is a whitepaper about it on the firstperson project web page. The Linux Foundation is one of the initiaters of this work. And in the case of OpenCollective and shipping ID off to Palantir-bros - hell yeah, they can fuck off. -
-
RE: https://social.wake.st/@liaizon/116206925371202010
I didn't want to be break this story over here but since no one else seems to be posting about it here I am sharing a screenshot from the other side with @scan's post.
@liaizon @scan Hi, Lauren here. I'm the ED of OSC and happy to chat. In this expense, the payee was presented with options that would not require a KYC with Persona; they confirmed, so we will be able to pay them through this method. KYC's are a rare edge case for us and are not issued on all expenses.
I will publish a general statement on the OSC updates page - but yes. We started using Persona before the news broke. We are currently looking for non-US providers and are open to suggestions. -
@abekonge @jowek @ukrudt @tak @ruben @magnus
the chair of the board of directors of F-Droid just responded to my tag here seemingly in agreement
https://social.seabass.systems/@seabass/statuses/01KKHX2849AKSRJSVSN5C04TXPI would say that the MAJORITY of 2714 collectives that OSC fiscal host has would be entirely opposed to being subjected to having to have their personal data sent to Persona. A large majority of them have a presence right here so tagging projects seems like it would definitly stir shit up.
-
@abekonge @jowek @ukrudt @tak @ruben @magnus
the chair of the board of directors of F-Droid just responded to my tag here seemingly in agreement
https://social.seabass.systems/@seabass/statuses/01KKHX2849AKSRJSVSN5C04TXPI would say that the MAJORITY of 2714 collectives that OSC fiscal host has would be entirely opposed to being subjected to having to have their personal data sent to Persona. A large majority of them have a presence right here so tagging projects seems like it would definitly stir shit up.
-
@liaizon @scan Hi, Lauren here. I'm the ED of OSC and happy to chat. In this expense, the payee was presented with options that would not require a KYC with Persona; they confirmed, so we will be able to pay them through this method. KYC's are a rare edge case for us and are not issued on all expenses.
I will publish a general statement on the OSC updates page - but yes. We started using Persona before the news broke. We are currently looking for non-US providers and are open to suggestions.@poohlaga hi Lauren, sorry to make your acquaintance on such an unpleasant matter. While I am glad to hear that you are using them only in "rare edge cases" it seems that their API is getting directly integrated into Open Collective's code base (https://github.com/opencollective/opencollective-frontend/pull/11988)
I think for the present moment there needs to be a very clear statement about *exactly* how you are using Persona and what data and what edge cases would end up triggering you to initiate sending *any data* to their API.
-
Soooooo @Mastodon is using @OpenSourceCollective as their fiscal host...
RE: https://mastodon.social/@poohlaga/116218374295960280
the Executive Director of @OpenSourceCollective replied:
-
-
@opsocket @liaizon
We're indeed adding a persona integration on the platform to help Open Source Collective manage their KYC program. It is not something we're forcing on anyone, just a bridge we're creating for fiscal hosts relying on this service.For the rest, I'll let Open Source Collective comment.
They're aware of this thread and are preparing a reply as we speak.
-
RE: https://mastodon.social/@poohlaga/116218374295960280
the Executive Director of @OpenSourceCollective replied:
RE: https://framapiaf.org/@Betree/116218444650414138
the developer who is currently adding this Persona integration into @opencollective has replied to this thread here:
-
