Who to use ?
So Github was borged, Gitlab seems to be unsure of where its loyalties lie .. who else is there ? Atlassian any good ? Easier just to run your own ?
GitLab is considering a ban on hiring any Russian or Chinese support staff in order to improve security. The debate has been going on for a couple of weeks. In its issue pages, the company said: In e-group on Monday October 15, 2019 we took the decision to enable a 'job family country-of-residence block' for team members who …
Nah, it was merely pbc: posting before coffee. Of course, once someone discovered I had my coffee I got dragged off to fix stuff. As it involved restaurants it got rather late, but on the plus side you never go hungry :).
Still, thanks for adding to my downvotes. As a 12 year member it's rather embarrassing that I haven't hit the 10k downvotes yet, so excuse me while I do some trolling later :).
>Are they actually trying to shoot themselves in both feet, or does this come naturally?
>VP of engineering Eric Johnson said: "Please be aware there is an active, time-sensitive contract negotiation linked to this matter."
Hoping to please the most discriminating clientele, it seems...
1) Nation != race.
2) What is your view about doing business in a country that is treating an entire ethic group as terrorists, and sending a substantial number of their members to reeducation, while sending men from the dominate race to live with the wives of those being reeducated?
Some racist people think it is, and that, certainly for the purposes of the UK's Equality Act, is what matters.
You could also argue that religion is not race, but again, some racist people think it is, so that's what matters.
Either way, it is designed to stop racist people from being racist. The fact that the criteria they use for their discrimination is bogus is the whole reason why we have the law in the first place.
Point 2: Would that be White Americans vs Native Americans?
Even though this wouldn't be *explicitly* racist, a lot of anti-discrimination laws, including the federal-level one for the US, forbid discrimination on the basis of "National Origin", in addition to race, religion, etc. So this decision would run afoul of those laws, just not for race.
I've worked at the "federal level" in the DoD for almost 20 years and they damn sure as hell can - and do - bar employment from those with suspect backgrounds or who fail their SSBC.
They don't even look at non-native-born American citizens for certain jobs that require above TS/SCI.
Well, yeah, that is an acceptable exception to anti-discrimination laws. You are refusing to consider them for the job because they can not meet the requirements of the job and not because of an immutable characteristic of the candidate (EG, race, religion, etc).
But, also, I am talking about the employment laws that are implemented at the federal level for all employment in the US, not the laws surrounding federal-level employment. There are exceptions in the anti-discrimination laws for employment in roles that are safety critical or are national-security sensitive.
I hate to break it to people but this is standard in many industries. Or at least any industry even partially related to the defence sector, and in quite a few high tech research groups similar bans exist. I've experienced this in multiple countries across Europe (UK and continent), Asia and Australia.
Depending on the level of security clearance you need for your work, even just having been to visit these countries can be enough to get questions asked. China, Russia, Iran and North Korea are the main ones, but if you need tighter clearance expect questions if you've been to Cuba, Laos, Venezuela, etc...
For the high tech research groups it tended to be less about "national security" and more that actually verifying that people were who they say they were and had the training, education, experience they claimed was very difficult. Additionally, theft of research and IP was considered a real risk - I know of one case where a chinese person was given a job, and thankfully that countries intelligence service identified them as a chinese intelligence agent BEFORE they started working. The risk is definitely real.
So is it discrimination - yeah. But is it legal - also yeah. It's unfortunate, but sometimes nations put themselves out of the trustworthy bracket, and the costs are borne by their own citizens...
> Any country that has laws against racial discrimination [ ... ]
US laws against racial discrimination apply only to those persons legally residing on the territory of the US, not outside of it.
I.e. a Swiss citizen residing and working in Switzerland cannot bring an employment or racial discrimination claim to a US Court. They would have no standing.
Conversely, no US company is under any obligation whatsoever to hire foreign citizens residing in foreign countries. They might do so voluntarily - because work is cheaper in places like India, China, Vietnam, etc., but there's no obligation to do so.
Being a foreign national residing in a foreign country, and working for a US-based company, does not grant this individual any rights in the US. The country of residence's laws apply. US law does not. As such, no US-based claim of employment or racial discrimination is possible here.
So, no, there are no US national origin or racial protections for Russian citizens residing in Russia, or Chinese citizens residing in China.
If a Chinese citizen wants to work at GitLab remotely, from China, it is entirely within GitLab's rights to deny employment, and solely because this individual is a Chinese citizen.
That isn't racial discrimination. That is geopolitical discrimination, big difference.
They aren't stopping Chinese American or Russian American people working for them, they are stopping people living in certain countries that have political differences with GitLab's country of origin from having access to customer data.
Just because there isn't a law, doesn't mean the discrimination doesn't exist, racism existed long before there were laws to stop it.
But a lot of people seem to be missing that this is geopolitical and going straight to racism, without actually reading the story, or having read the story, have not understood what they have read.
Ummm, they should have many different classes of employees each with a different level of access to systems. Its called role-based-authentication and least-privilege and pretty much every company with IT infrastructure has heard of it and is doing it.
I've never worked for a company where everyone has equal access to customer data. The way I read this article everyone working for Gitlab can read every line of code stored in its systems. Might need to increase my usage of git-crypt.
One of my engineers came from a company that didn't even have any infrastructure of their own, rather they just used cloud-hosted and 3rd party stuff for operations. The company's documents, including the passwords to pretty much everything, were stored in a Dropbox instance that everyone had access. Their reasoning was "We don't believe in job roles, if something needs to be done and someone has the skill to do it, they should be able to!", a philosophy that they snagged from another start-up. They were trying to claim that "This is how they make Linux!", completely ignoring how wrong that is. They reasoned that if someone was malicious or incompetent, they could just undo their changes and push the application back out to AWS Lambda.
And yes, this company is in Silicon Valley (Well ostensibly, they don't have an actual office and instead employees work from home and/or WeWork type spaces).
I figured that GitLab might be doing something equally weird.
Having used Subversion, you really don't have to do much to keep people away from it, just let people use that nightmare for a day or two and they'll run screaming.
(Yes, I know you are talking about the act of subterfuge and not the code version system of the same name)
I suppose there was no point in adding Iran and North Korea to the list, as people from those countries would have no opportunity to work for GitLab. However, they should have been more specific about China, since people from Taiwan don't pose a risk, from the viewpoint I'm assuming they're using.
Start a war with Vietnam and Korea, make "Negro's" sit at the back of the buses, show reruns of Duck and Cover and Trump change his surname to McCarthy and then finally he will of Made AMERICA* Great Again!
*There is only one America and that's the USA, the rest are just commie murdering rapists.
You are confused.
About what outsourcing is.
Outsourcing is hiring another business to do work for, on behalf of, or to, your own business.
Having remote-work/work-from-home employees in other countries is not outsourcing, as they are still your employees, directly answerable to your business.
AFAIK, standard practice for anything that touches "defense".
In most countries.
Any Chinese company with some government-contracts wouldn't let a white monkey touch the source-code with a barge pole.
They'd also be careful not to hire somebody with too much ties to the US (relatives living there, kids studying there).
The discussion on the Eric Johnson's part has quickly fallen into typical flame.
The moderators have worked on it heavily:
yet the original responses received by email showed an extremely heated exchange, all kinds of trolls participated.
Biting the hand that feeds IT © 1998–2020