They bombarded my mailbox with alt right nazi spam. It was an obvious data breach but they keep saying ”no user data was compromised”. Who’s gonna believe that?
That spam was a troll who found a loophole in the notification system. It was obviously not a data breach. That’s clear to anyone who’s worked with software databases or web servers.
I agree with what you’re saying, that the attack didn’t require any data breach to take place, but I do have one slightly pedantic point.
Codeberg being non-profit does not make the employees “volunteers”. They are normal employees and take a wage like working for any other company. What’s different is that any excess revenue over costs must be used to continue the company’s objectives and is not able to be taken by the company owners as profit.
You have to think of them more like a club rather than a non-profit company. Their legal form “eingetragener Verein” does mean “registered club”.
Basically, here in Germany, you can register a non-profit club and then you get exempt from taxes. And folks who donate to your club can also get that donation exempt from their taxes.
How was it an obvious data breach? The attack was done via Codebergs notification system. It’s no different from the notification you got from me writing this comment.
Why?
They bombarded my mailbox with alt right nazi spam. It was an obvious data breach but they keep saying ”no user data was compromised”. Who’s gonna believe that?
That spam was a troll who found a loophole in the notification system. It was obviously not a data breach. That’s clear to anyone who’s worked with software databases or web servers.
I thought it was just bots spamming comments on issues. See https://blog.codeberg.org/we-stay-strong-against-hate-and-hatred.html Also I would believe that since codeberg is run by volunteers in a non-profit organization.
I agree with what you’re saying, that the attack didn’t require any data breach to take place, but I do have one slightly pedantic point.
Codeberg being non-profit does not make the employees “volunteers”. They are normal employees and take a wage like working for any other company. What’s different is that any excess revenue over costs must be used to continue the company’s objectives and is not able to be taken by the company owners as profit.
No. Codeberg is run by volunteers. AFAIK Codeberg e.V. has only one part time employee https://blog.codeberg.org/letter-from-codeberg-we-are-now-an-employer.html
You have to think of them more like a club rather than a non-profit company. Their legal form “eingetragener Verein” does mean “registered club”.
Basically, here in Germany, you can register a non-profit club and then you get exempt from taxes. And folks who donate to your club can also get that donation exempt from their taxes.
So more like a charity status?
How is that an obvious databreach? It was just bot spam, something every single public site has had issues with.
How was it an obvious data breach? The attack was done via Codebergs notification system. It’s no different from the notification you got from me writing this comment.