cross-posted from: https://infosec.pub/post/12406642
Body of the toot:
Absolutely unbelievable but here we are. #Slack by default using messages, files etc for building and training #LLM models, enabled by default and opting out requires a manual email from the workspace owner.
https://slack.com/intl/en-gb/trust/data-management/privacy-principles
What a time to be alive in IT. 🤦♂️
Has anyone used Mattermost? Has anyone switched to Mattermost? How’s hosted Mattermost?
It passes the tickboxes of “actually open source” and “you can just buy hosting”, but I don’t know how it goes corporateishly
(tried it some many years ago, probably long enough that lots of the following is entirely outdated)
then: install was relatively clean, UI shit still had a lot of work required (not showstoppers, just lots of not-quite-good things as often found in oss stuff), wasn’t great to monitor/profile, client options were narrow, and lastly the standard problem of being non-goldenpath-choice meant you had to do a lot of things yourself
it was an internal-only service in a always-use-vpns-for-everything company so further attempts at SSO and integration and ACL shit weren’t investigated at the time
@dgerard @rinze We have self hosted it for a few years. Small scale, but we did move a couple of GB of data archived from slack into it. I’ve found it pretty solid and like having focalboard built in.
Real deletes are an enterprise feature, but I have a nasty little script to remove “deleted” attached files.
deleted by creator
if we got it it’d be the corp offering - if the data could be exported to an open source instance.
deleted by creator
deleted by creator
My chair at TUM uses Mattermost for most internal communication. I’m aware of a couple different academic institutions that do that.
EDIT: Perhaps of important note, we’re talking Computer Science systems people. Like, kind of an environment where you’re professionally obligated to have strong opinions about Linux distributions.
In all cases it’s self-hosted. I don’t know anyone who bough hosting. If I get my hands on our sysadmin I could share more.
As for “switched” - I was at one company only that had an official/unofficial Slack and we were given stern talkings to about never ever sharing any company information through it. It was specifically for watercooler banter. Basically “treat it as a personal non-work environment”. Specifically because our security officer was aware that Slack is not end-to-end encrypted and that’s just an immediate dealbreaker in any sane company that handles sensitive data. God I miss that CSO, I didn’t know how good I had it.
Microsoft has Yammer because they always need to choose the worst possible tool in existence.
The company I work at uses selfhosted Mattermost. Granted, we’re <50 Employees, so I don’t know how well it scales for larger companies.