Persona CEO Rick Song goes public with full email chain, expresses disappointment over vmfunc ‘surveillance’ report [Updated]

From: Rick Song <[email protected]>
Date: Feb 16, 2026, 7:10 PM
To: celeste

Hi Celeste,

I’m Rick, one of the co-founders and CEO of Persona.

I came across your recent blog post (https://vmfunc.re/blog/persona) and wanted to reach out directly:

1/ Thank you for the callout re: shipping the source maps — we are looking into fixing this now! `withpersona-gov.com` is currently under development and is not actively used right now. For context, we’re currently working through the FedRAMP process since there has been interest from a couple of agencies to provide identity proofing services for remote federal employees. We do not want our technology to be used by ICE or the government for any surveillance purposes.

Unfortunately, providing the sourcemaps was an oversight by the team working on this, and we haven’t started an in-depth security review / pen test on the project yet given it’s still in early development.

2/ I’m happy to answer any/all of the 14 questions on your post about Persona and the way we operate to the best of my knowledge. For example, the Onyx name has no association with ICE (we weren’t even aware until your blog post!) — it’s actually named after a coworkers’ favorite Pokemon. We do not work with any federal agency today, and this is an unfortunate name…

Happy to answer over a call live on whatever platform works best for you (Zoom, Meets, Signal, or even Discord lol). In a past life, I was an engineer and I still make mediocre contributions to our codebase semi-frequently, so I can speak at a high-level regarding our technical architecture too.

I have some time tonight if that happens to work for you? Would love to provide clarifications to some of your points sooner if possible! I’ve also reached out over Twitter to @vmfunc in case DMs are more convenient.

Best,
—
Rick Song
CEO | Persona

From: Celeste
Date: Feb 17, 2026, 6:27 AM
To: Rick Song

hiya rick, i appreciate you reaching out

thanks for not leading with lawyers. that already puts you ahead of most companies who find their entire codebase on the front page of hacker news, so genuinely, thank you

sending the CEO instead of outside counsel says something, and i want to acknowledge that

let me go through your points.

re: the source maps. glad you’re fixing it, but i need to be clear about what we’re actually talking about. this wasn’t a misconfigured S3 bucket on some forgotten staging box. this was unminified typescript served from /vite-dev/ on a FedRAMP-authorized government endpoint. that path is vite’s development server prefix. someone deployed a dev build to production on infrastructure that already went through federal security assessment. 2,456 source files. the full dashboard codebase of a platform that processes biometric data and files reports with FinCEN. that’s kind of really bad to be honest

respect for fixing it that fast btw, 2-3 hours is a pretty good response time

“we haven’t started an in-depth security review yet” is a sentence that should concern your compliance team more than my blog post does

FedRAMP authorization implies a baseline of security controls that should catch exactly this. the fix isn’t pulling the source maps, you should fix this by explaining how this passed assessment in the first place

re: onyx and the pokemon. i hear you, and i genuinely hope that’s the real story. unfortunately there is no way i can fully trust you here and you know this, but i’m trying to act in good faith. the blog post explicitly states we found zero references to fivecast, ICE, or immigration enforcement in all source files we found, we were careful to distinguish infrastructure correlation from code-level confirmation. that transparency is still there in the published version and it’s not going anywhere

but you have to understand that a deployment called “onyx” appearing on your government infrastructure 12 days before publication, sharing a name with ICE’s $4.2M surveillance tool, while the current administration is running the most aggressive deportation apparatus in modern history… that’s going to raise questions. a pokemon origin story is a perfectly fine answer!!!!! but it needs to be a documented, verifiable, and quotable answer….. not something said on a call that nobody can reference later 🙁

re: the call, can’t do that sadly

not because i don’t trust you. you seem genuine and i appreciate the offer. but the 18 questions in section 0x14 aren’t the kind of thing that should disappear into a private zoom session. your platform holds biometric data for millions of people. it files SARs directly to FinCEN. it files STRs to FINTRAC tagged with intelligence program codenames. it runs PEP facial recognition with similarity scoring against your selfie. the people whose faces and passports are in your system deserve answers they can actually read.

private conversations are where accountability goes to die. not because of malice, but because memory is fallible, quotes get disputed, and nothing is verifiable after the fact. “we talked about it on a call” isn’t transparency, even if i recorded it.

transparency is text that anyone can read, link to, and verify.

so here’s my proposal:

answer the 18 questions in writing. take your time. i’m not trying to rush you into something sloppy. be as detailed or as high-level as you’re comfortable with. if there are things you genuinely can’t answer for legal or competitive or security reasons, say so explicitly and i’ll note it without editorializing

i will publish your full response in a second part, unedited, with whatever context or corrections you want to include. no selective quoting, no editorial spin. your words, in full, next to mine :3

if you’d prefer something more conversational, we’re open to a recorded and published conversation on signal. the format doesn’t matter but the public record does

for what it’s worth i don’t think persona is necessarily evil. the blog post ends by acknowledging what the code doesn’t show, and we meant that. i think you built a compliance platform that does what compliance platforms do, and the harder questions are about the system that makes platforms like yours necessary in the first place. but those questions still deserve answers, and “trust us” isn’t sufficient when you’re holding people’s passports and faces… especially when you have palantir in your investors, government contracts, etc etc

the blog exists because the information was already public and nobody was asking the questions. if persona wants to answer them, that’s the best possible outcome for everyone, including persona. i’d rather publish “persona addressed every concern in detail” than “persona’s CEO asked for a private call”

this email, your original message to me, and your written responses will all be published in full. everything is on the record. i want to be transparent about that upfront so there are no surprises

email works best. i don’t check twitter DMs (they have been broken for some reason)

if that wasn’t obvious already, we’re not looking for money, or anything of the sort. we just want the people to be informed

// celeste
// vmfunc.re

ps: the expired security.txt on the onyx deployment (bugcrowd program, expired 2025-11-01). you might want to renew that while you’re in there.

From: Rick Song
Date: Feb 17, 2026, 4:41 PM
To: celeste

Thank you for responding — and genuinely appreciate how you are engaging on this.

> answer the 18 questions in writing. take your time. i’m not trying to rush you into something sloppy. be as detailed or as high-level as you’re comfortable with. if there are things you genuinely can’t answer for legal or competitive or security reasons, say so explicitly and i’ll note it without editorializing

First, appreciate you offering the time for us to respond here — we’ll get back to you in a bit since we also want to be thoughtful on our responses here. If you have questions or are still interested in speaking afterwards, I am also happy to have a recorded+published conversation over Signal.

I am responding and addressing a couple of the points a bit sooner though since I have a request at the end of this email that is a bit time sensitive due to how it’s impacting people.

> FedRAMP authorization implies a baseline of security controls that should catch exactly this. the fix isn’t pulling the source maps, you should fix this by explaining how this passed assessment in the first place

I think this is a really fair sentiment and you are right that this is a miss regardless. To provide some additional context here, the cluster you found is one we are actively migrating to and under development. This cluster is not the same one that was evaluated for FedRAMP (which does not have the source maps visible). This new cluster is under development to provide better reliability/redundancy which was feedback from our original assessment. However, to reiterate, you are 100% right that it is never good to have unminified typescript+source maps served to the public web and it is a miss on our end.

> re: onyx and the pokemon. i hear you, and i genuinely hope that’s the real story

I understand that it’s impossible to fully trust everything I’m saying here — and if there is any reasonable way, I am happy to confirm that this is 100% the truth. Know that screenshots don’t mean much, but will still share a couple of messages from our team who I reached out to to confirm that what I sent was accurate and to provide background on the naming which ties to the above.

Furthermore, all federal contracts are public and you can confirm that we have no federal contracts today. Transparently, we are actively working on a couple of potential contracts (hence FedRAMP), but these are entirely for the purpose of employee account security and you will be able to see these engagements publicly listed if we happen to move forward.

I am writing all of this because with this context, I have one sensitive request: would you be open to swapping the folks you’ve listed to myself/the leaders/cofounders/executives of Persona rather than individual engineers? If helpful, I can provide a list of relevant people too.

I know that all of the information you’ve shared on these individuals is public and on their social profiles, and I also know that there’s no malice in your listing of them. However, the implied tie between Palantir/ICE/Persona/betrayal from your post is leading to a lot of fear/anxiety and direct/violent threats to them particularly accusing them for something that we do not do/have never been involved in (we have no relationship whatsoever with ICE, Palantir, and the other vendors listed).

Some of the folks listed are new grads/interns/people who haven’t been at Persona for a long time, and they shouldn’t have this burden placed on them. I don’t think these people are the ones that the public’s ire should be directed at, and if anyone, it should be directed at me.

I understand the intent around transparency and don’t mind if you retain the references re: Onyx/ICE/etc. I also know that this information is public and you don’t owe us anything to make this change. However, given how things have changed for folks here, I really must ask if it’s possible to not have these individuals listed.

I would really really appreciate this change and will move as quickly as possible/do whatever I can to change this!

PS — thanks for the callout re: security.txt. Will be updated shortly.

Best,
…

From: Rick Song
Date: Feb 17, 2026, 8:58 PM
To: celeste

Just to be proactive in the interest of removing the referenced individuals sooner + operating in good faith, here is a quick list of executives/leaders and their LinkedIns that can be listed.

• Rick Song – https://www.linkedin.com/in/rick-song-25198b24
• Charles Yeh – https://www.linkedin.com/in/charlesyeh/
• Christie Kim – https://www.linkedin.com/in/christiekimck/
• Duncan Sharp – https://www.linkedin.com/in/duncansharp/
• Neal Harris – https://www.linkedin.com/in/neharris/

I’ve already reached out to all of the above folks notifying them of my intent to send this note and received their consent. I can also provide more names if needed.