[ActorNightly]

Every time I read articles like these, I get dissapointed about the state of the internet.

The only thing you know that is likely to be true is that someone got fired from Amazon, and thats it.

You don't know if they are telling the truth.

You don't know if they were in the right.

You don't know if Amazon was fixing the problem, and they decided to be an asshole and go over their bosses because they felt that not enough was being done.

You don't know if their actions were compromizing the buisness operations.

E.t.c and so on.

If you read this and feel like Amazon did something wrong, you are part of the problem. Don't believe anything that ist backed by clearly cited sources. Which that article clearly lacks. But alas, you clicked and scrolled, so as far as politico.eu is concerned, thats all that you needed to do.

[papaf]

The only thing you know that is likely to be true is that someone got fired from Amazon.

From the article:

> The warnings about privacy and compliance failures at Amazon come from three former high-level information security employees — one EU-based and two from the U.S.

So 3 employees involved with security and not 1 employee. Also, they were pushed out AFTER alerting about security issues.

[ekianjo]

> So 3 employees involved with security and not 1 employee. Also, they were pushed out AFTER alerting about security issues.

How much credibility do you put in such testimonies though? Especially if everyone is a "anonymous source", you can basically invent just about anything and publish it and pretend for it to be a genuine article without any fact under the hood.

[devindotcom]

Journalists do check the credentials of the people they include in articles like this. They don't just take randos at their word. These people are anonymous to you but not to the journalist. If you simply don't believe the writer that's a totally different issue - but people at major outlets like Politico don't just invent sources and stories out of whole cloth like you suggest.

[ctvo]

But they do lie, and sometimes we learn about it and they get fired.

Pyramid of trust:

- cited sources

- anonymous sources

- off the record sources

[ashkankiani]

How much credibility do you put in Amazon's?

[ActorNightly]

Look at it from a heuristic point of view.

A corporation is composed of people who are paid to do a specific job, with an interest in keeping said job by making decisions and doing tasks towards a central goal, a corporation generally behaves vastly more rationally for any given scenario. Furthermore, the particular structure of the corporation which determines the actions directly affects the corporation survival, where historically poorly structured corporations that end up with scandals tend to last a very short time.

So with Amazon, considering it has survived for quite some time, and additionally with all the optics it has on it from any political entity or person trying to score popular points by being "anti-big-corporation", Id argue that this decision to fire was likely made after much collaboration with higher level execs and legal involved, well understanding what the consequences would be, including attention at reviewing their privacy compliance.

[crummy]

Presumably if you trust the reputation of the newspaper or journalist writing the article, you trust the testimony.

[VSerge]

Thank you, this is exactly it. And it's not either like anyone should consider a newspaper report the final word on the issue, but there is a reasonable amount of information presented here, and it should warrant an official investigation into Amazon's data practices at the very least.

[croes]

You get sued, because such claims are business damaging.

[rurban]

Good, because then you can verify your claims in court. Which Amazon will not be able to counter. So they will fear the light. Like their friends, secret services doing their illegal things, but they are protected by "National Security" claims, Amazon not.

[croes]

That's why I think the claims are not completely bogus otherwise Amamzon would have sued immediately.

[rurban]

Of course they are not bogus.

[MrDresden]

So you would rather that whistleblowers would only be given attention by media outlets if they are publicly outed alongside the revelations that they usually bring?

Tell me, how well did that go for Edward Snowden and Chelsea Manning?

[ctvo]

Edward Snowden wasn’t a whistleblower. He stole US intelligence material as a contractor, leaked it to the press and fled the country to avoid facing criminal charges.

The whistleblowing process is not break the law then claim whistleblower protection. You report wrongdoing to a specific, independent body and are offered protection against retribution.

A better example of the system is the whistleblower on Trump’s first impeachment, who is still protected under law and still can’t have their identity revealed publicly.

Edit: To clarify, this only applies to the federal government. I only bring it up since you named two individuals who were associated with the federal government. With Amazon and other private companies, leaking to the press is effective and encouraged.

[patrick451]

You're getting downvoted a lot, but these days I too place very little confidence in a story that cites anonymous sources, regardless of whatever supposed gravitas the publication is supposed to carry.

[rualca]

Honest question: where do you place the goalpost with regards to news on corporate malpractice?

If not from whistleblowers, which have a long track record of being persecuted extensively and subjected to very personal and very damaging retaliatory attacks if not for anonymity, then in your eyes what warrants questions?

[sjwalter]

This is a really good point and an example of how real investigative journalism is not present in this story.

Was the journalist approached by a co-ordinated group of three former Apple high-level security execs in order for them to Greenwald&Snowden-style inform the public, themselves openly inviting massive career risk (even when "anonymous"), with real skin in the game and thus with real credibility worthy of maybe oh even up to government investigation?

Or did this journalist have a python script that emailed every single public address of all ex-employees of every BigTech corp, looking for responses, robotically fishing out clickbait headlines that harbour the feintest enough outline of what integrity might look like?

Obviously, there's a wide range between these two extremes, including Real Investigative Journalism that oftentimes co-ordinates the investigation itself. But, that is extinct, and since provenance is not established well in the article, my default is, assume the worst, in every case. Yes, literally, bots wrote this article, it means exactly nothing. Fugazi.

[harry8]

So you have to read it with a just a little critical thinking.

Is politico.eu a site with a reputation or just someone's uncle's blog? Do they have an incentive here? Have they done hatchet jobs before? Do they do them commonly?

This is a claim about a particular company? Is this kind of claim contrary to that company's historical record? Is it consistent with it?

Are the claims specific? Are they capable of being falsified? Could other people familiar with what has been claimed confirm it somehow? Will the publication and journalist take a reputational hit if it is all false because they've been had?

And do you know something? We always needed to do this. In life when hearing claims verbally at work or wherever. When reading old-school newsprint. When listening to politicians, public servants, experts, academics.

And here we are still assessing sources and looking for argument from evidence.

Now yours:

> "The only thing you know that is likely to be true is that someone got fired from Amazon, and thats it."

Not looking so hot. But that's fine. That's really ok.

[yashap]

Yeah, Amazon is a massive target for hackers, but hasn’t had any particularly bad breaches that I can remember. I’m sure their security/privacy is far from perfect, but it seems to be pretty effective.

FWIW I’ve never worked for Amazon, but I have quite a few friends and former coworkers at AWS. We’ve had discussions about security and privacy, and the general sense I got from them is that Amazon has more of a focus on security and privacy than any tech company they’ve previously worked for.

[quantified]

They are a juicy target. Their doorknobs are doubtless getting rattled all the time. We haven’t heard anything, but also they have to know they’re breached before they tell anyone. Let’s see what happens over the next couple of years.

[guitarbill]

From OP:

> They also noted that AWS is largely run separately from the rest of the company.

So this maybe isn't surprising. One deals with mere customers, the other with businesses that have money and lawyers. AWS is also newer than Amazon, right?

[yashap]

Yeah good point, it’s certainly possible that Amazon.com and AWS have significantly different security/privacy policies/practice.

[buisi]

Disgruntled employees can be risky. Like Stamos, and the way the NYTimes took Facebook's efforts to tackle abuse in 2019 as evidence of their previous "indifference". If anything you do can be twisted against you, why bother?

I want to see more information about their background. If they've been fired already, they're not going to lose much from going public with this.

[croes]

The only way to prove it, would be a massive data leak.

[jhanschoo]

Or they can assuage concerned people with a 3rd-party audit.

[wellCrafted]

The fact there have been no data leaks should tell you more then some anonymous sources

[croes]

There is no fact that there is no data leak because it's impossible to prove. If the hackers don't go public to make money from the data you just don't know.

[smaudet]

Erm did you read it?

Several U.S./EU employees saying strikingly similar things, especially regarding certain HR BS which is often employed against employees by way of exploitive control.

Court records are often at least public record, may be sealed but it is trivial to go check this stuff...

[_y5hn]

What reasons are there to give Amazon benefit of doubt?

[dsnr]

What reasons are there to believe that someone who‘s in the middle of a lawsuit with their former employer will tell the truth? For what I know this „leak“ might be part of their strategy to win the lawsuit.

[rualca]

> What reasons are there to believe that someone who‘s in the middle of a lawsuit (...)

The lawsuit is literally about how Amazon's infosec employees have been fired in retaliation after repeatedly alerting leadership to vulnerabilities.

Also keep in mind that Amazon's spokespersons stated that the allegations were inaccurate and dated, not wrong.

[sdjhgjfk]

"you are part of the problem"