Monday, 11 November 2019 11:29

GitLab yet to decide on banning Russians, Chinese from its staff Featured

GitLab yet to decide on banning Russians, Chinese from its staff Pixabay

Software development and operations outfit GitLab is yet to make any announcement about a proposal it had floated recently, to avoid hiring Russian and Chinese nationals as site reliability engineers or support engineers.

The final word on this proposal was to have been issued on 6 November but nothing has been made public as yet. iTWire has contacted GitLab for comment.

The move to block the hiring of Chinese and Russian nationals in these roles came because businesses that use GitLab - an American firm that has about 600 employees working in other countries and about 1000 in the US - expressed concern.

GitLab allows companies to host their source code and allow people to work on it, much in the same way that the Microsoft=owned GitHub does. The code can then be unified on a cloud-based server, with GitLab employees providing support in the event of anything not going according to plan.

The GitLab move came shortly after the security firm FireEye claimed that China had used its nationals abroad to steal information that allowed China's state-owned firms to build the C919 airplane.

In a Hacker News post, a GitLab official said on 4 November: "Please note that we're still discussing this change. We work out in the open so you can see us working on it. I hope that people appreciate the difference between that and what you would see in a non-transparent company (probably nothing, they would just not open up a vacancy in the offices in that country)."

The US kicked off a trade war with China last year, imposing tariffs on Beijing to which the latter has retaliated in kind.

And after claims of Russian interference in the 2016 US presidential election were bandied around, there has been a distinct anti-Russian mood in the US.

Responding to the GitLab official's post on HN, a subscriber wrote: "Concerns on privacy, data and IP are understandable. However, this ban would be a symbolic move with absolutely zero substance. The world is small and highly interconnected and it would be extremely easy for the Russian and Chinese governments to compromise and co-opt support staff from pretty much any country of their choosing.

"This will lull your customers and your infosec teams into a false sense of security. Considering how forthcoming you are with the names, roles and location of your team, they would pick you off in a heartbeat and you would not suspect or see it coming.

"The Chinese are extremely well entrenched across the global - with enough money to grease anybody's wheels. Not to mention it would be trivial for them to get their 'agents' passports from anywhere in the world."

A GitLab spokesperson said: "The US Department of Homeland Security Cyber Security currently lists China, Russia and North Korea as the countries with current cyber threats, so it is expected that the large number of US enterprises using would have concerns about their user data accessed in the countries their government has identified as a major threat.

"In the interest of users of, access to their data is restricted to the team members who need it for their day-to-day work. We currently do not have team members for the roles of Support Engineers and Site Reliability Engineers in countries that are identified on the US Department of Homeland Security Cyber Security list of threats, namely China, Russia, and North Korea.

"GitLab is considering not opening Support Engineers and Site Reliability Engineers positions in these restricted countries. This has not been implemented at this time, as we are discussing it as a company.

"In line with GitLab's value of transparency, and our 'everyone can contribute' mission, we discuss and iterate on processes and company policies in the open. By using public issues and MRs we enable and welcome participation and feedback, always within the parameters of the the GitLab Code of Conduct. These discussions are internal business discussions that you would not see happen in the open at other companies.”


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments