
Government shutdown: TLS certificates not renewed, many websites are down - sanqui
https://www.zdnet.com/article/government-shutdown-tls-certificates-not-renewed-many-websites-are-down/
======
aboutruby
From reddit:

> This article is overly hyperbolic. Some obscure subdomains of government
> websites are serving expired x509 certificates. They're not down and this
> definitely doesn't compromise the encryption that protects any login
> credentials. Anyway, it is embarassing to see certificate renewal is not
> automated - it's something any good sysadmin would have set up.

[https://www.reddit.com/r/technology/comments/aeps41/governme...](https://www.reddit.com/r/technology/comments/aeps41/government_shutdown_tls_certificates_not_renewed/)

~~~
tyingq
Nothing to do with SSL, but a fair amount of US government websites are hard
down, on purpose, due to the funding dilemma.

Like: [https://www.data.gov](https://www.data.gov)

 _" Due to a lapse in government funding all Data.gov websites will be
unavailable until further notice."_

Which is pretty odd, because putting up these blocker pages probably costs
more than just letting the sites run unattended.

~~~
baddox
Government departments are legally required to budget for the possibility of a
shutdown, which means they have to keep the money around that they will use to
shut down.

[https://en.wikipedia.org/wiki/Antideficiency_Act](https://en.wikipedia.org/wiki/Antideficiency_Act)

~~~
rplst8
Yes, but this coupled with the fact they shut down things that don't otherwise
really require a human to actively working proves that it's all just a
political ploy.

~~~
guiambros
> _.. proves that it 's all just a political ploy._

Security maintenance, keeping databases up, monitoring the various systems,
risk of DDoS, answering to users' inquires, bandwidth... - it requires real
money to keep any production site live.

Given that these folks are basically working without pay, I don't blame them
for wanting to put a cover page saying "Sorry, we're down", and call it a day.

~~~
IanCal
Many are not legally allowed to work for free or be ask people to work (I
forget which). The range of people allowed to work (even for free) is pretty
limited to dealing with loss of life or property.

------
bartread
Serious question for US members of HN: how do you _tolerate_ these shutdowns?

I mean, apart from the loss of services, including websites, it seems like
many federal workers aren't being paid. Will they be paid back after the
shutdown impasse is resolved or is the money they didn't/couldn't earn lost to
them. This seems unfair and, in the meantime, how are they supposed to go
about their lives?

Overall it seems potentially damaging and disruptive for any organisation or
individuals with dependencies on the government.

The reason I ask is I've been turning over what it might look like if a
similar situation occurred in the UK, where it'a difficult to envisage a
scenario that doesn't end with rioting in the streets.

~~~
linkmotif
Because most of the government is a waste of money and exists merely to
perpetuate itself. The fact that it just shuts down sometimes is a great
indicator of just that. It’s an entity that is accountable to nobody because
no matter how well or poorly it performs it just collects revenue anyway. You
can’t #deletegovt. The sooner people move away from viewing it as a good
employer, the better. There’s no smooth or elegant way to make this happen,
unfortunately.

~~~
maratd
Instead of downvoting the parent, make an actual argument instead. You'll find
it difficult. If the current shutdown proves anything, it's that many
functions of the federal government are un-essential to daily life. Those un-
essential parts should be eliminated.

~~~
JamesBarney
For most people this argument doesn't follow because they don't see
elimination of government as a terminal goal. We believe the government does a
lot of useful but un-essential functions, like operate federal parks.

The other thing is the vast majority of the government's budget is Medicare,
DoD, and social security which are all still operating to my knowledge.

~~~
sparkie
The two arguments do not necessarily need to be mutually exclusive. You can
have governance without monopoly. This would be the ideal scenario.

Governments operate federal parks, but there are also private parks which are
just as well kept, sometimes even better - and they do it at much lower costs.
See for example, this small public bathroom which cost $2M to build:
[https://twitter.com/JohnStossel/status/1077921975123804162](https://twitter.com/JohnStossel/status/1077921975123804162)

Such enormous waste of resources is so common in many areas of government, and
if they operated like any regular business they would be bankrupt overnight.
Of course it did not take $2M to build that little shack - there is a huge
amount of corruption and everyone involved is taking their slice of the
taxpayer's money.

~~~
JamesBarney
I think it really did take 2 million dollars. The video explains why. We have
decided to make a lot of trade offs when doing government infrastructure work
that makes it really expensive. But this isn't government in general, it's
American government specifically that is really inefficient at building
things.

In Texas I've been to over ten government run parks (like ones you'd go
camping in), and I've never even heard of a private one.

~~~
sparkie
If given the option for a $2M toilet where "the locals are engaged", and takes
4 years to build, or a $300k toilet which is built in 6 months, which do you
think most people would opt for?

The real problem is government is _too damn big_ that it becomes impossible to
separate out such concerns from every other aspect of government, and each
time government expands, it adds more inefficiencies.

A park should be a self-contained enterprise so that it doesn't _need_ outside
government spending. If you take for example, Shinjuku Gyoen in Tokyo, you
need to pay 100 yen to enter the park. The park gets millions of visitors a
year, and the money it takes can easily pay for the upkeep of the park. It
could be completely private, but in this particular case it is inherited from
the imperial estate and is run by the government. The fee has the additional
advantage that it keeps out vandals and thugs - only people who want to enjoy
the park will pay for it.

Highways in Japan are mostly toll roads too. They're operated as companies
with the intent on making profit. Some are privately owned, although most are
government owned. The "who will build the roads?" complaint is one of the most
common attempts to retort the argument for small government.

~~~
JamesBarney
> If given the option for a $2M toilet where "the locals are engaged", and
> takes 4 years to build, or a $300k toilet which is built in 6 months, which
> do you think most people would opt for?

You and I both know this is not the cause of a 86% of expenditures.

> The real problem is government is too damn big that it becomes impossible to
> separate out such concerns from every other aspect of government, and each
> time government expands, it adds more inefficiencies.

Do you mean too damn big by % of gdp? If so we could double the size of social
security and not change the costs of infrastructure.

Do you mean too damn big by employment? If so during census years
infrastructure costs don't change much.

If you mean by number of regulations? I think reducing regulations could
definitely decrease the cost of infrastructure, but this isn't what most
people mean when they talk about the size of government. Texas is a very
conservative state with little welfare, not very many services provided by the
government, but we have an enormous amount of regulations. An incredible
amount of red tape and laws.

~~~
sparkie
> You and I both know this is not the cause of a 86% of expenditures.

This is missing my point. The point is that if it were a private development,
then they would be sacked and replaced. This isn't some isolated case and many
areas of government are similarly ineffective. The problem is that you can't
just replace the one area - the government isn't modular enough to fix its
individual parts - it's a monolith.

When I say the government is too big - it's trying to do too many things, and
does most of them badly. Markets are better at selecting for efficiency than a
single centralized entity. Each 'ministry' or whatnot should be a distinct
entity, and should operate like a for-profit business. If one ministry is
performing poorly, it could be replaced with a different company in a free
market. The threat that they could lose such a contract would force them to
perform. No performance, no job - like the rest of us.

To be clear, I'm not for "no government," but for very limited government and
little regulation. Governments should not be interfering in markets for
instance. Things like environmental regulations are obviously more complex
issues which require people to come together for solutions rather than
competing.

Another example of a more free market is the education system in Sweden.
Instead of funding people to go to the nearest public school to them, they
give vouchers for education which are redeemable at any school, private or
public, and children can choose. There are no restrictions on location.
Because private schooling is almost always better than public schooling, this
system has caused the public schools to improve out of necessity - they're
competing for children to get the funding - in turn the private schools need
to innovate to retain their edge. The result is an overall improvement of the
entire education of the country, and reduced government spending.

~~~
JamesBarney
> When I say the government is too big - it's trying to do too many things,
> and does most of them badly. Markets are better at selecting for efficiency
> than a single centralized entity. Each 'ministry' or whatnot should be a
> distinct entity, and should operate like a for-profit business. If one
> ministry is performing poorly, it could be replaced with a different company
> in a free market. The threat that they could lose such a contract would
> force them to perform. No performance, no job - like the rest of us.

This is just passing the buck. Right now the government bid out the creation
of a bathroom and it was done expensively. But you are arguing that if the
government bid out the entire parks system it would be done really well? I
don't follow the logic. In my experience the more complex the RFP the more the
sophisticated parties(the bidders) are going to fuck the unsophisticated
party(the government). It's easy to specify what a bathroom should be and take
the lowest bid. It's way harder to do that with the park's department.

And not everyone thinks the Swedish model is a success. Lots of people blamed
them for causing Sweden to have some of the fastest dropping test scores in
the world. And I'm not arguing privatization is always a failure. I'm just
arguing that it's not always a success, and that it's success and failure is
dependent upon how it's done. I'm not sure why you are so privatization is
always a success every time when clearly the historical record says it's a mix
of successes and failures.

You argue the government should be smaller. 5/6ths of the government is
insurance(medicare/medicaid/social security)+military and then 1/6th is
everything else. That includes education, protecting the environment, funding
research, parks etc..

I would love the government to be smaller, I don't think we need to spend so
much on the military but I do like social security, medicare, and medicaid. I
don't want to be in the position where I have to decide between mortgaging my
house or letting an elderly relative die of cancer. And it's really nice we
don't have to make those decisions.

------
davidhyde
They should have used Lets Encrypt. TLS certificate renewal should be
completely automated. No excuse.

------
lgregg
It’s been interesting reading the public info posted for furloughed employees.
For example, I didn’t know that Equifax has a workforce management division
and that they manage parts of NASA’s workforce.

------
TomK32
My bet what will trigger the next recession proper was on Brexit, but 45 is
beating the Brits to it. Not shabby for a temper tantrum.

This week I read up on Reagan's firing of 11000 flight controllers because the
union that formerly supported him demanded better working conditions. It took
a decade for air traffic control to regain the old levels.

~~~
tossaccount123
Trump is asking for less than 1/1000 of our annual budget for border security.
We spend 10x that on foreign aid annually. This entire thing is political BS
over what amounts to a rounding error while congress almost unanimously
approved $38 billion in money for Israel

~~~
atonse
Maybe we can stop being obtuse? The senate can end this by passing a budget
and override the president's veto. They're choosing not to.

~~~
rplst8
This is the part that people so easily forget. The power is truley in
Congress' hands. That said, appropriations bills must originate in the House
and the new speaker and flock of freshman Representatives haven't passed
anything yet.

~~~
danso
Why would the House waste time passing bills that aren’t going to have a veto
proof majority? Congress generally waits until they’re close to having the
votes before going through the process.

~~~
sdenton4
The Senate passed the House bill before the winter recess. Trump threw his
tantrum, though...

------
npapag7
I am afraid this is the beggining of the collapse of Us standard of living.
Developer with 20 years of experience from greece and PhD. Working for
goverment for 6 dollars per hour.

------
nodesocket
Nasa.gov[1] and justice.gov[2] resolving and have valid TLS certificates for
me.

> In the end, nothing good will come out of this shutdown.

Some people believe increasing border security and funding to reduce crime,
reduce sex trafficking, and better protect border agents and law enforcement
as good.

    
    
      [1] https://www.ssllabs.com/ssltest/analyze.html?d=nasa.gov&latest
      [2] http://ssllabs.com/ssltest/analyze.html?d=justice.gov&latest

~~~
lowercased
There's been little disagreement about the broader idea of "increasing border
security". Poll I saw the other day showed (IIRC) something like 80%+ of
polled people saw a need for 'increased border security'. The phrase is
incredibly broad. What is in dispute is what to spend money on, but I suspect
you already know that.

