This Man is Dead - What Are You Going to Do About It?

Between making pierogi [Note: Traditional Polish dumplings] and cleaning the house, I was inspired to write today’s lighter post in the Marginalia section by a technical description from one of the Mastodon instance administrators (botsin.space source eng - technical description). I’ll discuss the technical aspects of the text itself in a separate article. Generally, it pointed out that delegating server management rights to others carries far-reaching consequences, such as access to personal data that he cannot allow. Today, I’d like to write humorously about situations I’ve experienced or witnessed involving government offices, officials…

As it happens, I was born and started my studies in Wrocław [Note: A major city in western Poland], which I later completed in Łódź [Note: A post-industrial city in central Poland], where I lived for several years. After defending my master’s thesis, I returned to Wrocław, where I started my professional career. Due to participating in large tenders, I often had to provide criminal record certificates. I also cared deeply about security issues and the need to know principle.

In my next job at an importer, besides the criminal record certificate, I needed psychological evaluations for firearms and a police commander’s opinion regarding access to military-purpose materials and technologies. To dispel any potential conspiracy theories - this was about professional pyrotechnics, including 3g, 4g, and inch-sized bombs that you can see during fireworks displays.

My company requested a certificate for me for a managerial position. They sent a letter stating that I lived and worked in Wrocław. The problem was that the police drove with sirens to my registered address in Łódź and questioned neighbors about a citizen who hadn’t lived there for several years, and the house stood empty. I don’t need to tell you what impression it made on the neighbors when they saw a police car with sirens and banging on doors, asking where the “individual” was and if they could say anything good about him. Finally, the matter became so embarrassing for the police that the Wrocław commander issued the opinion after talking to me on the phone without ever seeing me in person. So much for procedures.

But that wasn’t the end of my adventures with Polish bureaucracy. Later, I decided to return to Łódź, and unfortunately, after returning, I went to the Łódź City Hall for some changes related to starting a business. The problem was that the clerk who served me exclaimed but you’re dead! I asked him: how can that be when I’m sitting right here? to which he replied, it says so in my computer while starting to show some note on the screen, nervously tapping. Meanwhile, other employees of this institution froze looking at me - they probably had never seen a dead person who walks and talks. Their supervisor ran up to me terrified, took me aside, and said everything would be explained. I understood that they had a terrible mess in the office and I would be served with the royal, due dignity of a person who had just been shamefully humiliated. Well, the matter turned out to be painfully simple in the end. The office had sent me a letter, and on the envelope, the mailman had handwritten DECEASED! after which someone receiving such an envelope simply entered this note, causing my death.

Łódź didn’t stop surprising me. A few years later, while running my company, I received a series of calls from the data center where I was at the time, saying that data from my server was being copied at night at the police’s request. To be honest, after I learned about the reasons, I didn’t object to releasing the data. However, I was outraged by what I learned about how and on what scale data was being copied. The data center manager told me that most of his time was spent processing requests from police and prosecutors - I learned the scale of the phenomenon. I was taking Microsoft courses at the time, so I learned the nuances of licensing and data access within Azure services. I realized I needed to place all serious projects outside Poland in a way that would prevent intermediaries from gaining access without any procedure. I was always paranoid about information… So I purchased MS services directly from MS in dollars without Polish intermediaries who would be tenants and potential admins with access to all data. At that time, I was serving many companies implementing serious-level security for industrial automation, and in the context of information about a Newsweek journalist being tracked by a pharmaceutical corporation that bribed a police officer to obtain billing and position data of the journalist, I told every client about these cases, encouraging maximum security level and moving EMAIL outside Poland. If you’re asking what kind of client’s data the police were copying, it was a company selling illegal substances through a front man. I provided explanations to the cybercrime department of National Police Headquarters in Łódź, and the matter was closed for me.

However, I would like to draw attention here to people who run small companies like me, to pay great attention to procedures, collecting documentation, logs so that they have the ability to prove they’re not a camel [Note: Polish expression meaning “to prove one’s innocence”]. Unfortunately, I observe a very high level of naivety or low awareness among some IT solution enthusiasts or companies providing various services.

My next encounter with Łódź police was as a victim in a high-profile case of a company selling counterfeit Windows licenses. I wanted to be fair and bought a Windows Server 2012 license. As it turned out, the 1000 PLN license was 100% counterfeit, including the hologram. After 2 years from purchase, a police officer appeared at my place with dozens of pages of contact data (each page with dozens of contacts), which gave, I’m guessing… hundreds. These were just people from Łódź who fell victim to criminals and bought counterfeit licenses. Well, for me it was a server for my company’s accounting program. As the only one of the Łódź victims, I had not only all emails regarding the purchase, the hologram stuck on the server, but also the disk. Finally, it turned out that the case of a family business that had been introducing counterfeit software with fake holograms in Poland for many years found its finale in court and was widely described by services including Z3S. Since the police got an idiot who had full documentation, I wasted 2 days giving testimonies. Of course, my evidence was added to the case. Funny thing is, I learned that among the victims was the priest from my parish who bought illegal Windows. Fortunately, I had my other licenses purchased with machines. Since then, I’ve only been using Linux for servers, even for maintaining MSSQL, and for company equipment Linux/Windows PRO with OEM licenses for hardware.

Why am I writing about all this? Poland is a strange country. You could say it’s Kafkaesque. You never know when you’ll have to prove you’re not a camel, or that you exist. So I encourage you to do one thing. Keep proof of your own existence, because you never know the day or hour when someone will say… but you’re dead after all.

• Tales From the Periphery
• Marginalia