> belonged to a conference room and was used for presentations
Yikes. My first though was - oh this should be no big deal chances are there are good policies in place for laptops that go home with people.
Then I realized it is a shared/central machine which means it probably has the most effed up and relaxed security in the fleet, post-it notes with passwords taped to the palm rests, and god knows what else. IT departments are notorious for over-granting privileges to these shared machines due to the mixed use they typically recieve. After X help desk complaints you get fed up and check all the boxes in the permissions manager.
Hopefully, though, it is locked up and the data is inaccessible.
I worked on a barely do-not-distribute. Someone's spouse took a project member's laptop as hostage for alimony. Within 45 minutes of discovery and a phone call to the army equivalent of the FBI, agents were at the spouse's work and home searching for the laptop.
Lucky for the spouse they thought it was the personal laptop (it was not marked) so they weren't prosecuted.
Put the quotes around DND... It was mostly unimportant mostly already public do not distribute data but you can't be sure what was actually on the laptop. NOFORN would be a good exact version.
This was also years ago, and for obvious reasons I don't want to be more exact.
This would never be used by USG.
Confidential -> Classified
The classification scheme is broadly cut up into Confidential, Secret, Top Secret, and Codeword. There are many modifiers to that such as Five-Eyes, Cosmic (NATO), and Restricted-Data (Nuclear Weapon Design).
There are a menagerie of controls that don't rise to classification, like NOFORN, Law Enforcement Sensitive, For official use only, etc.
Code word compartments cut horizontally across the Confidential/Secret/Top Secret hierarchy. I’ve seen stuff that was classified Confidential, but also in a code word protected compartment. I had a TS/SCI/SI/CT/NATO/ATOMAL clearance when I worked for the Defense Information Systems Agency in the Pentagon. Many times over the past 25+ years I have had to correct people who think the compartmented stuff is classified at a level “above Top Secret”, when in fact the compartments just cut horizontally across the hierarchy.
Below Confidential exist other “unclassified” states, like “For Official Use Only” and “No Foreign” (a.k.a., NOFORN). Then, regardless of the classification, you should also have to prove “Need to Know”.
You say that, but they have had spies being exposed for a lot of stupid reasons. Like having their address on driving licenses be the FSB headquarters to avoid getting traffic tickets.
Also, it seems entirely possible to me that they would do that not for the purposes of spying, but to sow chaos.
Seems like the kind of expendable person they might send for what is basically a smash-and-grab.
How undercover does he need to be if American citizens are openly planning online to storm the Capitol? He just needs to wear a MAGA hat and walk in with them.
Isn't Stalin rumored to have said, "There's a certain quality in quantity" in response to criticism that quality beats quantity? I think the quote is one of those unproven maybe-it-happened-but-we-have-no-solid-evidence things, but it seems to sum up the Russian approach to tanks and troops in WWII well enough, and from stories I've read, seems to be reflect their approach in the spy world as well. They are immensely practical.
That sounds intentional. The only reason to use novichok as the weapon is precisely so everyone knows who did it. It's meant to be an example to others so they don't cross the Russian government.
OTOH, if it is set up such that presenters need to log in with their official credentials to access their shared documents, it would actually be the machine to keylog.
Why do you think any of your rogue nation club have any interest hacking US politicians, except for, probably, blackmail?
US is an open society, and most US politicians speak what they think, or at least you can guess, or even ask them yourself! Those people are like open books.
Unlike of your usual cabal totalitarians, who either don't speak at all, or purposefully try to hide their real aims by engaging in double speak, triple, quadruple speak.
I can't imagine you really believe that. The US may have an open society, but the US doesn't have an open government. Look at just the tiniest amount of publicly known items from Snowden and Wikileaks. Those alone indicate a greater iceberg of secrets.
Very good argument, but I cannot believe that anything of Wikileaks leaks would be really new, or of much value to Russians, or Chinese.
US diplomatic talks with sketchy regimes? I bet China, and Russia would've not needed any spies there really.
US sales of weapons? US sells them everywhere, and they don't need spies to know the bottom price, when most of weapon buyers would just tell them that themselves. You don't have too much alternatives in a duopoly market.
US spies on Russian, or Chinese soil? You don't need to tell regimes like that of them being penetrated. Xi, and Pu realize perfectly well that they are surrounded by thousands of sketchy, and unreliable officers.
Seems safe to assume that the Speaker of the House and her aides would have access to classified national intelligence that might not be open to the world, and would be valuable in it's own right. Things like progress and updates with Covid vaccines, their deployment plans, and lack of security around them would make information like it ripe for the black market and adversary governments in these times.
Access to classified intelligence means that they are allowed to enter a secure room/facility and view the material. They still should not be taking said material out into an unclassified environment.
There are different levels of classification that carry different restrictions. Also, govt infosec being what it is, there are likely plenty of lapses.
Even the lowest level of classification (confidential) means that the data should not be stored on an unclassified system, and has additional physical storage requirements that Pelosi's main office doesn't meet.
At worst, the laptop had FOUO/CUI (for official use only/controlled unclassified information) data. Not great for that to get leaked; but not that scary from a national security perspective (we're pretty aggressive about classifying stuff).
If anything damaging comes out of this, I would expect it to be of a political nature; where something that Pelosi and friends would prefer to keep secret gets leaked, but doesn't have much influence on national security.
Black market? Legislators use that info on the stock market. Somebody is going to go Robinhood on defense, construction and pharma stocks with that laptop.
Even prima fascie top military secrets like battle plans (those must be updated and shuffled regularly to prevent a situation exactly like that) have very little immediate usefulness.
It's 21st century, it's beyond anybody's ability to hide things like size, dislocation, and basic capabilities of your force
Oh you think the generals readily involve old Pelosi with the battle plans? I sort of doubt they would trust her with anything digital that’s supposed to be a secret.
IT should be able to revoke any access the machine has, so the only compromise would be what was already on the machine; which would be the case regardless of security policy, as they could just access the harddrive directly regardless of OS security policy.
In practice, it wouldn't suprise me if that computer was locally storing passwords that were not specific to that machine, which might mean needing to revoke a bunch of passwords
From what I've read, full disk encryption was optional in the House until very recently. If this was a shared machine it's almost certainly not encrypted.
Absolutely it's possible, but as it was a shared computer, it's also likely to be one of the oldest in the fleet. It's also likely to be one that no one bothers to ask for specific attention to. As a result, it's likely that no full disk encryption was ever applied.
Possible? Very. Likelihood of the computer's login password and thus hard drive decryption key attached to the computer's screen with a post-it note thus obviating the protection gained from full disk encryption? On a shared computer, high.
True. I was thinking they'd be using their centralized accounts once they reach the OS logon screen, thus no post-it necessary, but maybe that's not the case.
I'm not talking about telling the laptop that it's access is revoked; I'm talking about just revoking it's access, so if it every tries to connect to the House's intranet, it would have no more permissions than any other laptop.
If IT wanted to wipe the drive, then they would need the laptop to phone home in some way.
>which might mean needing to revoke a bunch of passwords
That doesn't help much because many people use patterns to their passwords and use the same passwords elsewhere. Seeing the expired passwords of many important people would have a very high chance of having a few which would be of use in breaking into accounts even if they were already expired.
Optimistic thinking. Chances are it has many PDF and PowerPoint files scattered on it. And probably a shared user account where the files fill up a Windows desktop.
I'm on Mac OSX and almost all my non-programming files are in /Downloads. Maybe some other HN-ers have a better folder management technique than mine (which basically is absent), I'm curious what that is.
Honestly I make pretty heavy use of /tmp. Almost all downloads go there, along with anything that I won't be using again after the next hour. Self-cleanup whenever I reboot (which is rare).
Anything of importance, I have broad directories under Documents, and then sub folders. Or sometimes I'll put them on my fileserver with similar directory structure. The Documents folder is backed up with Spideroak.
I have the opposite problem. I abhor things sitting in Downloads because I pretty frequently wipe out that folder to clear out the garbage.
But I struggle to follow a consistent structure, so it could be in Documents or Notes, or a random folder somewhere else because I ignored my hierarchy in a hurry.
Honestly, now if I need to make sure I keep something, I upload it to Google Drive. It sucks for privacy, but their search is good enough that I rarely need to use the hierarchy. The hierarchy is now mostly to group things I want to perform actions on together.
Well back in Win 98 I used "My documents" a lot ahah. Now on Windows 10 Documents/ is often automatically backed-up in Onedrive (it is for me) so I started using it for saving some documents that I want to back up in the cloud.
on my laptop that's the default when i do save-as. I see someone plugging in a jump drive, opening the presentation, and then doing a save-as to Documents so "it runs faster"
Honestly, those people didn’t even need that. They need nothing founded in reality to make up their conspiracy theories, which is why no argument from reality can weaken them.
One of the most intelligent programmers who has been in the game since the early 80s posted the he is refusing to ever vote again till he knows his vote isn't stolen.
They WON in 2016 House Senate and Presidential and claimed MILLIONS of votes were fraud and the commission setup by Republicans found nothing and went away.
2018 They kept the Senate and lost the house by a smaller number then anticipated
2020 Republicans WON seats though it was expected to lose seats. They "Kept the Senate" just had a run off in Georgia. November 2020 was a good night for Republicans minus President Trump who is a love him or hate him person. Republicans didn't vote for Trump and is why he is out.
One of the most intelligent programmers who has been in the game since the early 80s posted the he is refusing to ever vote again till he knows his vote isn't stolen.
This would require them to be in the front line early. I think it's more likely that somebody was randomly there and saw the opportunity. If you look at the videos most seem to be surprised to be in some of low manner. If you have some operative in there you increase chaos by creating some small fire or something ...
Would they have had to be there early? Russian embassy isn't that far away and I think rioters were in there plenty long (wasn't it a couple hours?) for someone to walk over, pay 20 dollars for a trump flag, and walk in unnoticed. I wouldn't be surprised if our embassies and CIA outposts have people ready to take advantage of such situations in other countries.
You have to get through the crowd, and you have to be there before somebody else stole it and in time before police manages to lock down critical offices. Quite some effort.
Compare it to a random person suddenly standing in front of an unprotected laptop from those "bad politicians" ...
There's a lot more value to a conference room PC than residual files.
It's a machine probably on the same LAN as a lot of the meeting attendees in the conference room, probably has Bluetooth radio as well, may have wifi radios, probably has access to a calendar of meetings and attendees (as a defined room resource). Depending on how the PC is used (a room system vs the ol' conference room PC) it may also a key logger would be valuable.
Reminds me of the scene in Firefly: "let me get this straight, you put multiple high-ranking intelligence officials in the same room as a psychic??" https://www.youtube.com/watch?v=AC9SF7TOyHQ
The presentation machines at my workplace (in addition to being desktops in a locked cabinet, because why would they leave the room?) just allow you to remote desktop back to your real workstation or to a VM. They have nothing locally.
I think that's a good solution to avoiding over-granting privileges.
- (W10) Assigned Access - microsoft's solution to kiosk computers. You can make the app run on top of the lock screen, so users can use their one app without actually needing privileges on the computer.
- Software Restriction Policies - You can whitelist select applications or publishers and every other executable will fail to launch. requires enterprise licensing.
- Mandatory Profile - You log in to a temporary profile. All changes are lost when you log out.
- Deep Freeze - 3rd party variant of Mandatory Profile. Can be made to roll back the whole operating system to a given snapshot.
- Non-persistent VDI - You actually log in to a Virtual Machine. When you log out, that VM is deleted and recreated automatically.
Additionally, many antivirus solutions have some capability.
I'm guessing ours is software restriction policies + mandatory profile: I log in with my network credentials, but I don't get my usual desktop / home directory and the only apps installed on the system are Remote Desktop and Citrix Receiver. Since I don't have either physical access or a web browser I have no way to try to get new files/apps on it but I assume it would be locked down too.
You can lock up windows to where all a user can do is shut the computer down. Group policy, etc.
When our company used conference room PCs (instead of room systems) we had a program that would reboot them nightly to reload the known good image. I suppose some risk of file recovery was present, but this was also a half-way decent approach as long as the machine wasn't deeply compromised (bios level or something).
I don't know what the best practice for doing this would be but I would change the default shell from explorer to mstsc (the terminal services/remote desktop client) and disable task manager and internet explorer. I don't think that would perfectly lock it down, but it would do the job for ~90% of use cases.
Right, the goal is not to prevent a malicious user from running things, it's to make a usable environment for non-malicious users (via giving them Remote Desktop) so they don't feel the need to install anything that someone else could later attack.
Please don't break the site guidelines like this, regardless of how right you are or feel you are. The idea is to not have every thread turn into the same flamewar.
Remote wipe only works if you can communicate with the device. If it’s in some backwoods Appalachia klan den I’d imagine there isn’t good connectivity.
Really? Every place I have worked with more than about 50 employees has used full drive encryption, so a laptop being stolen is not an infosec risk at all.
FDE only works if the machine is powered off. If a machine is stolen while it is still running there's a risk the user account could be compromised. Depending how sophisticated your adversary is they could potentially completely compromise the machine and extract all of the data. When you have physical access and no time pressure the options are vast.
FDE could be made to protect the data when the machine is out of range of its secure home network too.
Leaving it on, the machine would detect loss of home network fairly quickly and lock itself.
The FDE key would depend on a key server on the home network, so it could not be rebooted and unlocked just with the physical on-board devices.
If some parts of the FDE were handled on the storage itself and required a periodic end-to-end refresh with the home network key server, then even freezing main RAM (literally) to extract keys later would not work.
More generally, the FDE key could be split over a number of components on the machine, all of them requiring end-to-end periodic refresh from the home network key server, making it extremely difficult to freeze all on-board devices effectively enough to extract the whole key and decrypt the storage contents. Add RAM encryption to complete the job.
The videos I saw don't inspire much dread, there, but they may give the laptop to someone that can do digital forensics. Lots of LEOs in that lot. They would be smart enough to stay out of the building, but might have been waiting for someone to come out with something like that.
But, as someone pointed out, a lot of the folks wouldn't bother trying to read anything. They'd probably try to plant their own fantasies onto it, and send it to Rudy The Hair Dye Man.
On another note, the same publication (a redtop, so the language is rather "pithy") has this story[0], in which the "Fine People on All Sides" smeared feces around the place.
They have a photo of a guy on his hands and knees, cleaning the place. He's a congressman.[1]
There have been several arrests already. Thus far it seems to be right wing extremists.
For example, the lady who was shot trying to enter the VP bunker has a social media profile with extensive Qanon related postings.
Another was a Republican member of the House of Representatives. He was caught because he livestreamed himself breaking the law, as all genius criminals do.
The story about Antifa being in the riots was made up out of whole cloth by the Washington Times. The company they cited put out a press release saying that they had done no such thing and the whole story was a fabrication.
They'll probably give it to that computer repair guy in Deleware so he can pull off all of the emails from March of 2021 and somehow lose them in the mail when he tries to send them to Fox News.
Who is to say that a few opportunistic spies weren't in that push looking for anything of interest? Historically, this has been the case during these sorts of events. When the Stasi HQ was overwhelmed by protestors, Western intelligence agents were the first in the building securing lots of information.
Really? When I worked at one of the Big Four a stolen/lost laptop was DefCon 4, despite all of the security precautions. We were actually required to notify a partner in the firm before contacting law enforcement.
me too, i have a special "corporate 911" card that i've been informed during onboarding is the "real" 911. No matter the emergency, lost/stolen passports, lost/stolen corp computer, place crash, car crash, anywhere in the world the company does business, i've been told to call it first before doing anythign else.
Not to detract from the point you're trying to make with meaningless pedantry, but minimum DEFCON is 5, current is 4, we spend most of our time swapping between the two. I assume what you mean is 2.
Uh.. I think it's standard security policy in most enterprises to discuss matters internally before getting law enforcement involved. That's just prudent. If I walked into a company where the policy was "let IT staff talk to LE first, then notify chief counsel" I'd change that on day 1.
The link appears to be some sort of live news feed and right now unrelated stuff about covid, articles of impeachment, and Trump's power to launch nukes is dominating the page, you really have to scroll to get to the laptop story
While not congress, so I can't say for sure, I have been around government and other enterprise systems. Some measures they had in place:
- Disabled USB Ports (except whitelisted peripherals)
- User accounts don't have permission to install anything at all
- If you plug a deceive with a different mac address than expected into an ethernet port the port locks down until a sysadmin verifies it and manually unlocks it
- Remote imaging of systems, including remote system verification
- No wifi on actual network
While its all a pain in the ass to deal with. Hopefully at least some of that is in place and reduces the likelihood of many of those issues.
> If you plug a deceive with a different mac address than expected into an ethernet port the port locks down until a sysadmin verifies it and manually unlocks it
Reckon they'd immediately block this laptop's MAC address after it gets reported stolen? If not, that's reason enough to steal it - clone the MAC address and plug in your own device which is now whitelisted. Of course this isn't enough on its own and you likely need some compromised credentials too.
Probably would remove it as soon as its reported yes. Even if they didn't you would still have to take the device back in the building to that same exact port to connect.
Probably (let's hope - but, if I have seen anything in the last 4-years, it has been a constant, non-stop erosion of competency in the US government) - and, most likely the insurgents just didn't plan anything "long-term" or tricky.
Question though... Don't hardware-based keyloggers present as a "keyboard", and isn't that a generic device which would probably be whitelisted?
Definitely possible, nothing is perfect. Just Lots of things that make it harder, but not impossible, to do bad stuff. Some places still use PS/2 devices for those peripherals as well, though that's much less common these days.
Was curious, looks like there are a lot of pass through USB keyloggers that probably show up like the original whitelisted device. So definitely a risk there. I know I would want every single device there manually looked over, but I don't know how long that would take with a likely pretty limited staff.
I'm afraid that simply discarding all these devices and replacing them with new devices instead of inspection will be not just safer, but also cheaper.
At my old job, even if you plugged a generic keyboard that you'd already been using with the computer into the wrong USB port it wouldn't work. I believe you can set this stuff all up to be looking for very specific pieces of hardware on specific USB ports.
I know someone who had their government laptop taken from them (then they came back with it), when going through customs of another country. The first thing their bosses told them was do not turn it on. The laptop had very sophisticated encryption and I would assume they just straight out destroyed it. They got an exact replacement.
If this is how Uncle Sam reacts to one of his laptops being "borrowed" at foreign customs, why does he expect civilians to simply accept the situation when their laptops are "borrowed" at US customs?
One or two hiding in the crowd could be enough. I wouldn’t be surprised if there was at least one spy from some adversarial nation.
From a security perspective, I think they will need to assume everything is potentially compromised and go from there. Remote wipe, scan for microphones and cameras, etc.
The idea here is some foreign actor agent (that could be a U.S. citizen by the way) could have participated in storming/ breaking and entering the capitol.
How was every person leaving the building not searched by police as a condition of exit?
The kettling and taking of details of (even peaceful) protesters in the UK is pretty standard now (I don't like it, but it is what seems to happen) - so why did they just let these people leave unchecked?
I’m sorry but if you’re a couple of police officers in a room full of literal terrorists, of course you’re going to try to be as restrained and friendly as possible. You’re horribly outnumbered.
They would be murdered if they tried to take on the crowd. They needed to wait for reinforcements to arrive, and meanwhile do their best to keep the crowd from going fully insane.
They managed the situation with very few people getting hurt, and protected the politicians. Which is pretty good considering how few police there were.
The main issue is why were there so few police there to begin with, so this could’ve been prevented in the first place.
I agree, that was an insane thing to do for those protests. It still bothers me.
But I think we should all be in favor of the police response being more restrained and minimizing force, like we saw this week. We should be advocating for more of this in general.
I am in favor for the police having a more intelligent response and careful use of force. But I think it is significantly more important that they are consistent; playing favorites seriously undermines their credibility and by extension the safety of all of us.
I am also in favor of protecting our legislative process with absurd levels of security when there is a known risk and tensions are so high. The police really screwed this up royally. I would like to know why. And not conspiracy theories, but actual root cause.
While the Congressmen were hiding in the bunker for an hour, they sent out many phone calls pleading for help.
* Pentagon / DoD didn't want to get involved.
* Maryland's Governor didn't want to get involved without DoD approval.
* Eventually, they got to Mike Pence who authorized the DoD to help out. Once the DoD deployed the National Guard, Maryland / Virginia was willing to help out too.
* The Mayor didn't have power to deploy the Guard. Only the President had that power.
If they are terrorists, would you support police opening live fire on them. Just curious. Seems like all the SJW are now advocating for a Tiananmen square massacre of unarmed protesters, just because the TV told them who to hate.
As soon as they crossed the outer barricades, I support the use of tear gas, pepper spray, and rubber bullets, just like the police would use on leftist protesters. Inside the building, when they are about to breach the chambers of congress -and- there are legislators inside, I support the use of deadly force. When they attack democracy, they are attacking all of us. And I don't care what their ideology is.
If the building is empty, then I think deadly force is unwarranted.
Lol no of course not. They tried to use force to terrorize the US government, so they could get their way. But they should be stopped with the minimum necessary force to prevent harm to others.
So I think the individual police officers (mostly) acted appropriately for the situation. The police organization’s planning was beyond negligent though.
You make a good point about some people’s response — the insanity caused by polarization clearly goes both ways, if there’s people saying everyone should’ve been shot. I’m kind of surprised more people weren’t shot though tbh. I always thought there were snipers and armed guards ready 24/7 around that whole area
Absolutely. Moreover, why are the Capitol Police Chiefs singled out? Could they have asked for, say, the National Guard? Were they supposed to go to the leaders of Congress the days before the certification to make it happen? I was always of the idea that federal authorities would be tasked with such planning, enrolling (among others) the Capitol Police.
With all the context the police got and repeatedly turning down help, at this point I think the extra support should be mandatory. He ordered guards for other protests but not this? We can’t let the system protecting our government rely on one person’s decision like that. It’s so abhorrent it makes me paranoid thinking he was a part of it
Clearly the police were outnumbered to a degree that they couldn't prevent them from getting inside in the first place, so why would they have sufficient forces to search these individuals on exit?
They were clearly outnumbered, so we're supposed to believe they were not "afraid for their safety" from an angry mob, but yet they can use that defense when a single indvidual that happens to be not-white confronts them? Please
I can't even count the number of times I have seen privileged information dropped onto a "presentation" laptop during a meeting. I hope they are better at controlling that than most.
Yep, plus the configuration of the laptop could possibly be of value. Depending on how it's setup, you could see the AD domain name, naming pattern of usernames and domain computers, setup and names of network drives, group policy settings, etc. Nothing too crazy on its own but could help facilitate a larger breach. Having a portable computer that's already configured to connect to the network you want to breach is possibly pretty useful.
Snowden's leaks were largely NSA presentation materials. Not implying that Pelosi had TSCI/noforn materials but just saying, being used as presentation doesn't mean much. Especially if it's connected to internal networks.
Clearly a big deal and congressional IT staff are going to have a crazy few weeks ahead of them. However, my understanding is that any classified information would have to be in a SCIF. I assume that would be the case with congresspeople as well.
I've also heard that the congressional paging system locks devices when an emergency is announced, but haven't seen that corroborated anywhere. Anyone know if that's true?
Plus, classification is reserved for government documents, right? If someone's goal was to specifically expose "DNC secrets," a la Watergate, the most damaging information would likely not be "classified" in the formal sense of the word.
Imagine something like 'The Thing' but with ~75 years of technological advancement.
The Capitol is going to need to be cleaned for such devices and equipment for a long time before it can be considered secure again.
On the flip side, any devices that may be found are likely to be close to the latest models, and like with project SATYR, the US may have a potential goldmine of new tech in the coming years.
EDIT: Combined with the recent hacking of the US, the synergy of having physical access creates a load of headaches and nightmares. If I were in the federal information security space I would be very interested in visa and flight logs in and out of the US right now.
Special room for classified stuff. Even once you're inside the classified room (usually windowless and behind a locked keypad) a lot of stuff is also behind locked filing cabinets.
Beyond the information security risk around the loss of this specific device, what really worries me is the physical security implications here. I'm certainly no expert on the subject, but it seems to me like, in a building like the US Capitol, it should not be anywhere near this easy for unauthorized people to waltz into an office or conference room in the first place. Let alone walk away with items from within that room.
I've traveled to countries before whose offices of government are behind very large fences, protected by unfriendly looking men standing behind heavy machine guns in armored vehicles – and the guide books are very clear that you are not to take photos of them.
I much prefer the approach taken in the USA, where our offices of government are accessible to the people that the government serves. It's very good that I can protest out front without worrying about that unfriendly man with his finger by the trigger to the Browning M2.
Seems like it ought to be possible to have both, to some degree. I don't want the capitol to be a fortress, but they need to prevent stuff like this. I mean... the US spends massive amounts of money on the police and military.
I think it should be kind of like a non-Newtonian fluid. Walk in slowly and peacefully and it's ok. Try and punch it, it solidifies quickly.
American history[1] shows this probably isn't a requirement - beyond a foreign military attacking, which is clearly out of scope of policing, the other attacks were acts carried out by isolated people. "Storming the gates" hasn't happened before now.
I suspect the main reason that this hasn't happened before is that very large protests/gatherings are often met with a large show of police force to ensure the protestors know this isn't an option. Why that didn't happen today will be interesting to investigate. We all probably have a theory, but what comes out of the inevitable hearings on this will be interesting to see.
There are hundreds of thousands of people behind the camera, going all the way to the Lincoln Memorial. You can see some security milling around, but no large show of police force.
The Million Man March's attendance didn't include people with an established history of bringing weapons and wearing body armor at ostensibly peaceful demonstrations.
That couldn't be further from the truth. A large group of Black Panthers armed with assault weapons stormed the CA capitol in 1967 as part of a protest.
I think the reality is that we could have prevented it. We just chose not to murder half the crowd. Preventing it without using lethal force requires a much larger force than you want to keep on hand.
I actually really like this analogy. I'm curious if there's there's a term for that kind of playbook for folks who are more familiar with building security.
The only analogue that comes to mind is in financial fraud detection: moving money slowly or in a predictable pattern (monthly rent payments etc.) triggers no alarms, but large or unexpected transfers raise alarms.
I remember when I left my last job that my manager cautioned me against making any large file transfers since it would trigger IT alarms about employees trying to steal the company's IP.
Clearly, he didn't think I was a threat, or if I was, that I would have been smart enough to do it long ago, and slowly :-)
If the people really want to overthrow the government, some jacked up defenses around capitol buildings won't stop anything imho, it just means the resistance will bring heavier weapons to match.
Occupying buildings is, honestly, pretty silly if your goal is to overthrow the government.
A few years(?) ago, Mitch McConnell's dinner at a restaurant was interrupted by protestors yelling at him. And that was after what happened to Gabby Giffords.
Targets with higher ROI are available to people willing to take, ahem, kinetic actions.
There are, for instance, buildings with large areas that are open to the public and other areas which hold large amounts of money that are very important to protect.
> I don't want the capitol to be a fortress, but they need to prevent stuff like this.
And they would have, had the Trump Administration not denied the D.C
Mayor's request the day before for the D.C. National Guard to be deployed.
The Administration also delayed approval of requests by Virginia and Maryland to send Guard units to the Capitol in response to urgent calls for aid from Congressional leaders when it became clear the MPD and Capitol Police were overwhelmed.
Of course, it's a problem when the person inciting the insurrection has authority over important components of the security against it.
They (the people inciting it) were literally dancing and having a party and watching the start of the chaos on livestream while it went down: https://www.youtube.com/watch?v=mZQDgBSSYjI
As a huge democrat (lower case d) I totally agree. Locking down the Capitol is antithetical to the notion of open democracy. Lawmakers and the law making process needs to be physically accessible by the People. This was what the Founders intended. Of course there is some risk here and Jefferson himself noted this.
That’s the price we pay for living in an open and transparent society. While I don’t condone or support what happened this week, the building belongs to the People and not the government and the People have every right to enter the building and demand accountability.
The way the US Capitol is right now feels very police-state to me compared to how it used to be. I have memories of running around the Capitol building with my Cub Scout pack including ending up in private areas. There were no assault weapons and we weren’t met with police. We were politely shooed away.
Today you cannot walk up the steps of the Capitol building. It’s fenced off and manned by armed guard. Last time I was there I stepped aside to let some people pass in a crowded area and crossed some arbitrary unmarked do not cross line but about 12 inches. I was physically grabbed by Police.
> the People have every right to enter the building and demand accountability.
the "People" can't just do whatever they want just because they feel like it. Can they go and bang hammers on nuclear warheads because the warheads "belong to the People"? Storm the doors of JPL and play horsey on the Mars Rovers?
When some subset of the "People" attempt to overthrow the duly elected government of the other 99% of the People, they are traitors, and should be erased from society.
The security risk is also less of a problem in a mostly rational society, which is what we have had for a long time. You'll get lone wolves, but finding a group of people so angry with a politician they're willing to conspire to kill them? Very, very rare. Violence is a last resort for people who feel totally powerless. So, in a dark way, easy access keeps politicians from pissing off their constituents too much.
Which is why the stream of "fraudulent election" lies is so dangerous. A person in a position that confers trust is telling people the government is openly defying them. For people who believe that, violence is the only logical way to affect politics.
Compare a similar issue with schools; in the 80s, teenagers left their guns in their cars while they went to class. Now, schools are basically a rights-free zone.
Totally agree, great point! The fear mongering is only useful for states to impose more draconian rules. Its likely if there are further lockdowns, and more livelihoods are destroyed during the Biden admin, more people will be revolting. We don't want to give them the moral authority to Tiananmen square unarmed protesters, just because they fear their own people
I think that's nonsense. Access to a lawmaker or representative in a village may work like that. When you represent a state of 20 million, access means making an appointment and going through security clearance. There is a voting mechanism, a free press and various other mechanisms to back me up if I am consistently deterred from speaking to my public representative. But I'm in no way expecting to just walk in there, unannounced, without security clearance, at any time of the day, to demand attention.
Might as well argue that you should be able to just walk into the white house and speak to the top public representative.
> Entirely different situation. The reason that people need to talk with the legislature is because those are the people’s representatives.
Totally different, were it not for the fact the president is also the Chief of State: The chief public representative of a country.
Besides, even if this wasn't the case, humor me and suppose it was (which it actually is), would you then conclude that the president should simply be accessible at will by 300 million Americans? It makes absolutely no sense.
Just because something is publicly accessible doesn't mean you throw all reason out the window. Plenty of national parks are simultaneously open to everyone, as well as require registration and some basic ground rules to entrance. Similarly, it's entirely uncontroversial to argue that accessing the capitol is freely available to all, but there will be some minimum security checks, and some areas (e.g. private offices or places holding confidential data) are off-limits. Virtually all democracies have no problem separating visitor's areas from private working offices, and implementing appropriate controls in both.
The notion that the speaker of the house's laptop could be casually stolen by people without heavy equipment walking in is a joke, pure and simple. Claiming it has something to do with the fact she's a representative thereby implying her laptop should just be freely accessible instead of secured by some basic measures, as some (not you) have done in this thread, makes no sense if you ask me.
> Totally different, were it not for the fact the president is also the Chief of State: The chief public representative of a country.
It’s kind of a stretch to frame it that way. The president quite literally represents the states, not the people. The US does not require that states assign electors by popular vote, states have chosen to do that. And in the past, they have chosen to do it other ways. Before the civil war, there were states that selected electors without conducting a popular vote.
The way the US government is architected, the legislature is the extent of federal representative government.
6 of the 13 original states held a popular vote for president Washington.
But to respond to the bulk of your statement: it was like airport security back when I was a kid, and I don’t see any reason why that wouldn’t also be appropriate on any other typical (i.e. not a special event) day. Angry mobs should never make it to the building in the first place. Crowd control happens outside of the building.
Where did anyone say any of the things you are claiming?
The statement was simply that the People have a right to entry into the building and physical access to lawmakers and the law making process. Further, the statement is that access is a foundational principle to the US implementation of liberal democracy since our Nation’s founding.
It’s so foundational that it’s also quite literally built into the building as there are galleries for public viewing of Senate and House proceedings.
It is also an ideal that we strive for like equality and justice. We recognize our union as imperfect yet these ideals are what drive us as a Nation.
Your comment I feel confuses implementation with the discussion of ideals. The implementation should follow the ideals as guiding principles with access being the default.
Lastly, historically the building and lawmakers were much more accessible. This was during my lifetime. We had lots of people then too.
No, now you're mischaracterising me. All this while I've spoken about implementation, I've never claimed that the public should not have access to representatives. I've claimed that it must be implemented according to the conditions necessary to ensure it is orderly and secure.
Indeed, access is the default. And in a village with a handful of visits and no armed psychopats plotting to kill your local representative, that default is all you need and may proceed as such.
But as you'll agree, the chief public representative (the president) lives in a different reality. Public unfettered access is a threat to his life. And while the public should have a form of access regardless, practically a 300 million to 1 communication relationship doesn't work, so you must implement it accordingly, differently. That's why most presidents had a habit of spending an hour a day reading letters from citizens, hosting debates, participating in public forums, holding press conferences, inviting people to the white house to discuss, speaking to various organisations representing people's causes etc. But walking into his office at 4PM to speak to the president? That's a joke. I'm fully aware that in a democracy a public servant works for the public, no need to discuss the ideal. I'm discussing the practical implementation, which is why I started with the village vs capitol example, which sees different outcomes on the basis of the same principles, which is exactly because the ideals are the same but the implementation cannot be. Similarly, you would organize access to certain parts of the capitol in a secure manner, e.g. those parts of the capitol holding a laptop of the speaker of the house.
In a post 9/11 world you cannot just say the capitol belongs to the people and access should be free (again, obviously talking about practice, not ideals, here), without concluding in the same breath that it should be freely accessible to any terrorist as well. And it's just an example. This week it were people thinking they were sent by Q or incited by Trump to de-facto participate in a coup (i.e. storming the capitol to prevent an elected official from being confirmed, while spreading propagandistic lies that the election was stolen, a direct attack on the democracy if you ask me). Next week it might be a psychopath thinking he is doing god's work. And yes, times have changed, if you're also interested in discussing how airport security used to be different back in the day, be my guest, I don't see the point.
Plenty of countries have well-functioning (and by many subjective and objective measures, better functioning) democracies, with high-level access to public representatives, while taking proper security and practicality measures.
> It’s so foundational that it’s also quite literally built into the building as there are galleries for public viewing of Senate and House proceedings.
You say some of these things as if access to public viewing of proceedings isn't the norm in countless democracies worldwide. But if I go to a viewing, I go through this: https://news.ycombinator.com/item?id=25690107
Not because I don't have access, but precisely because I do, as does everyone else, and that creates risks, which can be mitigated without reducing access. A basic measure which would've prevented the debacle at the Capitol altogether.
You don't need to fence the whole area off. Just a few reinforced doors at strategic places would have stopped anyone without heavy equipment. Also they would have been a place for the police to stand their ground.
Just all stairs going upwards should be easy to defend if the police stands their ground. Add a few police dogs and the officers wouldn't even have to engage themselves.
There was a smaller crowd trying to enter the German parliament just a few weeks ago, politically pretty close to the rioters of Washington. A whole three policemen were able to stop them by just consequently standing their ground, not armend beyond batons: https://www.youtube.com/watch?v=Pc-56opg-Xg
I agree with the more open approach, but shouldn't her office have a simple keycard or combo lock on the door? Even Starbucks toilets have better security.
From the pictures I saw, she was still logged in and had the evacuation message onscreen. I'm guessing she didn't have 'require login after screensaver' option enabled. If the account is still logged in, this is a massive breach!
> I agree with the more open approach, but shouldn't her office have a simple keycard or combo lock on the door?
Congressional offices are frequent meeting spaces with people who do not work there. Their job, after all, is to represent the public. Locking the public out of their offices is kind of antithetical to the job description.
tl;dr: the government has appropriate computer security in place to prevent this sort of thing, and it's not clear what the deal was with that particular computer.
When you hear the mob screaming outside, glass breaking, and are likely being told to evacuate by messages on your computer and security outside? I wouldn't bet that I'd remember. Not locking your screen is as expected as it is forgivable under the circumstances.
They should beef up security. And keep it open. And not so obvious.
The simple fact of the matter is that a violent riot stormed the capitol building and nearly overwhelmed local forces. Congress asked for extra help and it wasn't provided. Governors asked if they could send in the guard to help and the man whom stoked the riot gave no permission.
It's a fucking miracle that January 6th wasn't one of the worst days in the history of the US.
They should have appropriate security when large events are going on outside. But I sure hope we do not see barricades between representatives and their constituents on a normal day. Democracies rely on trust in both directions.
This is a false dichotomy, though. There is an enormous gamut of security steps in between turning the capitol into a fortress, and locking the door to your office when you're not there.
> I much prefer the approach taken in the USA, where our offices of government are accessible to the people that the government serves. It's very good that I can protest out front without worrying about that unfriendly man with his finger by the trigger to the Browning M2.
And yet your government offices abroad (embassies) are the most fortified I've ever seen.
I've been to several countries' embassies and the US one was like entering a secret nuclear bunker. There was airport-style security, and everyone I talked to was behind a massive sheet of bullet-proof glass; never mind the gates and moat around the building. This was in a small, US-friendly and highly developed country.
Then there's the excessive amount of security around any US governmental visit to a foreign country.
So I think it comes to a surprise to many outside the US that one of your main government buildings has less security than a museum even when all the most important politicians are inside.
But yes I agree, I think government buildings should be 'friendly'.
Most days that’s fair. This week however, they should’ve had the unfriendly man with the M2. This was a predictable problem to literally everyone but the people in charge of protecting the capital.
According to some reports, the problem was in fact predicted, and that's why the National Guard chose not to prepare for forceful confrontation. Not wanting photos of armed uniformed soldiers in state buildings or some such.
I think more core to the issue is status quo bias. Cops are much more likely to agree or strongly agree to questions like “the current US system is fair and just” and similar pro-status quo ideas. Typically speaking left wing protestors are agitating to change the system, especially policing, which is why cops do not respond as well. Is it any surprise that cops respond worse to those protesting against the police, no matter the slogan, than they do against the “blue lives matter” crowd?
Oh, and cop organizations are run through with neo-nazis and white supremacists who have made a concerted effort to make inroads with police departments and military members.
What? This most recent was literally an attempt to take over the Capitol building, presumably to delay one step in the formal recognition of the next President, and perhaps worse.
This makes it sound like the people in charge of protecting the capital did not know that this was a legitimate threat. From the articles I've read, they did in fact help that it was a legitimate threat, which raises the question: why did they do nothing about it?
The only reasonable conclusion I can think of is that the security team had no worry that politicians would be in any danger (e.g. easy, isolated, fast escape routes) and that it would be hard to rationalize to bring out the troops/big security forces with a threat of violence for a group of people that was supported by the current president and a significant fraction of congress and the senate. The whole situation feels very strange and it feels like I'm missing some key facts.
I think there are many plausible (but not necessarily "reasonable") alternative explanations.
As far as I can tell, this event seems to have had an extremely persuasive effect on the psyche and opinions of the average person. Who might benefit from this change in the mental state of the population, and in what ways?
Most people seem to find the very idea of thinking such thoughts to be extremely unpleasant, if not downright inappropriate. But to me, this is simple risk management. The lack of this sort of thinking in society seems downright dangerous to me.
I sometimes wonder what the origin of such norms is - is it organic (a common characteristic derived from evolution), or might it be synthetic?
I truly am struggling to extract any coherent meaning from that comment. Democrats, controlling just the House – when Repulicans are running the federal gov't with the Senate and the presidency – have instituted this event? Some big capitalists maybe? Putin? The Jews?
The Democrat/Republican duopoly is mutually beneficial to both party. Grassroots populist candidates (Perot, Trump, Sanders) are a pain in the ass for both of them, as would future ones be.
Wouldn't it be convenient if a massive spectacle was to occur, whereby the US public could see in 4K HDR the danger that populist political candidates introduce to the system, how it "threatens our most sacred institution: Democracy.
And as luck would have it, along comes a massive throng of obviously angry and delusional Trump supporters, with well advertised (and well known to authorities) plans to descend on the US Capitol, to "rescue Democracy", or some such nonsense.
So, what do you do in a situation where you have hordes of angry (and possibly armed) political extremists heading towards a politically strategic location, on a particularly important day (in your democracy)?
Do you:
a) Beef up security
b) Not beef up security
It seems like option (b) was chosen. Depending on what variable one is optimizing for, this was a terrible choice, or an excellent one.
US embassies just about everywhere are like that. The one in Budapest has two inch thick metal bar gates and guards armed with machine guns. Lesson learned from the embassy hostage crisis in Iran.
Anyway, an angry mob of wacko rioters shouldn't violently force their way into the legislative's building. They should respect the outcome of the democratic vote and vote again in four years. Maybe if this was Iran I would say okay, people are fed up with the ayatollah and the revolutionary guards, but this is the US and the poor buggers are being manipulated, shot tear gas at and four of them got killed. For what? Absolutely nothing. The unfortunate officer died doing his job. This is very sad and scary, it looks like civil war brewing. A really bad thing to happen to a nation armed with nukes. Please do not let it happen, it is within your power to distance yourselves from these people and just say no to violence and vandalism.
I agree. One of my favorite aspects of visiting DC is the remarkable extent to which ordinary citizens have access to the workings of government. Sure, there's some security, but mostly to keep things orderly, not secret.
So just a couple hundreds of people can protest in front of the building, enter elected official offices and steal laptops most likely containing very sensitive data (hopefully encrypted though)?
I agree with you but I think there ought to be a little more protection of that.
For national security buildings (e.g. the NSA) it is the exact same as your foreign country experience. The guards around the perimeter are very quick to engage and ask what you are doing if you meander around the outside.
The NASA HQ administration building off 4th and E just south of the Mall has no armed guards posted outside, and there's even a NASA public credit union in the building, which does not require passing through the metal detectors or security post just a couple doors away in the same open lobby.
It is visited by plenty of non-NASA, non-government ordinary customers who could easily blend in with official foot traffic on a busy day and make just a dozen paces to the main elevator banks or stairwells looking for an opportunity.
I misread the OP as NASA, which was careless but I still think the observation is worth noting. Also worth noting is that there is a museum on the NSA campus (National Cryptologic Museum) that anyone can visit without any clearance, and though there are vastly trickier chicanes to contend with compared to the access at NASA administrative HQ, merely visiting the cryptologic museum ushers one past several otherwise highly restricted perimeter zones.
Yes, it is understandable that security works that way in a building occupied by people whose job it is to keep secrets... but that is not the way security should work at a building of democratic representatives where their job is to be publicly accountable.
A police force of 2200, just for one building. Compare that to the Atlanta Police Department which has 1800 officers for a city of 500,000+ people and a size of 136 sq miles.
Not one bldg. There are multiple House and Senate offices and the Library of Congress. It's a huge complex which does not seem well designed from a security standpoint. I don't know if they've fixed that, but after 9/11 it was a mess of access.
That’s just how the Capitol (and most US state houses) is. My wife has on multiple occasions waltzed down to the (non-public) underground subway that connects the Capitol to the Senate and House office buildings to chat with members of Congress. The Capitol Police usually say “well you’re not supposed to be here, but I guess it’s okay.”
I may be paranoid, and thus don't get why the downvotes?
1. The person specified he has a wife that chats with members of Congress out of usual channels of communications.
2. The person specified place where it happens in the open.
How hard for some non-friendly party to get there directly given the instructions above, or start tracking his wife through other means and get there through her?
They're configured one-way only, can be fully opened for high through-put or emergencies, but are otherwise single-person only. They can detect multiple people in various ways. The default for sensitive areas would be biometric (e.g. weight, some parlement members coming back from vacation a little overweight have had to get a manual override in the past). Of course bulletproof, and can be controlled at a distance by an operator.
It makes sense that not everything requires something like this, but the office of the speaker of the house of course should be in any situation. If she wishes to meet people in less-secure rooms it's entirely possible to create meeting rooms with fewer or even no significant entry or security controls if you wish, but your personal office, places where you store sensitive data etc... can't just have em behind a few wooden doors.
Of course some countries opted for the benefit of a modern building. The capitol is more than two centuries old, you can only retrofit it so much.
The US Capitol belongs to the people. There are risks from that which fall on the people who serve there. In counties with monarchs there are different traditions expressed by the architecture of public institutions and the seats of power.
Dutch Parliament has a visitors entrance and is (in non-covid times) easily accessible to the public. But for obvious security reasons their private offices are behind these kinds of locked doors. Since a few years I think you have to go through a metal detector to be allowed into the public areas.
It makes no sense at all that the US Capitol doesn't have stronger barriers between the public areas and the private offices. Every bank or other large company has such a setup for information security reasons.
But why does a public official's office need to be a public area? I'm sure you're not allowed to walk into it without an appointment, so having appropriate security barriers wouldn't stop them doing their job at all and would improve security.
Without referencing any source I'll just assume you made that up. As far as I know there's no difference between say the French or German republic or the Dutch (symbolic) monarchy in this regard.
Dutch representatives are accessible by the people. They have a walk-in hour, you can call them, email them, write them, you can join hearings and meetings where they're present, they go out into the country to talk to citizens. But what you can't do is waltz into their office. This has obvious reasons in a post 9/11 world, and it has nothing to do with the fact the Netherlands has a king who has a purely symbolic function and does not participate in politics, no different from say France which is a republic, or Germany which saw a mob storm the Reichstag a few months ago and was easily held off by the police, which is also a republic.
I think you should read up on how western countries typically prefer to have very light visible security in front of buildings like these. It sends a message of non-approachability if you have heavily-armed forces out front, which politicans don't like.
I'm assuming a similar security plan is in place in e.g. European countries' parliaments; extracting the high value targets is P1. The building is just a building; if it's damaged it can be repaired. And killing a bunch of people defending a building is a political no-go.
Looks to me like they stood down, being complicit with the insurrection. This often is how 3rd world nations are overthrown by dictators with the militarys help.
To prevent unauthorized entry, Capitol Police would have had to put up a fight. Seems they were unwilling to do so. If America continues down this path Russia (and others) are just gonna have a field day.
Firing on a mob is risky as hell and not morally clear. I can't blame Capitol Police--at least for the actions after it already got out of hand.
If federal security at Court House shoots BLM protestors who are entering a federal court house, those security people would probably get charged with murder.
It's unreasonable to expect Capitol Police to make that sort of moral choice in the moment. And if you give cops the greenlight to shoot people to protect property, there will be a lot of unnecessarily death going forward.
That said, they may (probably?) screwed up containing the crowd contained in the first place. Though to play devils advocate, the President had just told a mob to go "wild." Not sure if Capitol Police could successfully manage that.
> If federal security at Court House shoots BLM protestors who are entering a federal court house, those security people would probably get charged with murder.
Probably? Says who? In fact, multiple people have been shot (fatally or otherwise) during BLM protests, and actions against those officers have been very much the exception.
I'm not aware of police using live bullets against unarmed people to prevent them from entering a government facility. Though I could be ignorant of clear examples.
At least in Minnesota and Portland they let looters burn/occupy the buildings without contest.
I think it was a happy accident that possibly being complicit meant this didn't go as bad as it could have. We have a great example of de-escalation working.
>That said, they may (probably?) screwed up containing the crowd contained in the first place.
Certainly with the benefit of hindsight, there should have been a much stronger show of force/barricades/etc. Should that have been obvious even without hindsight? Don't know.
That said, once the Capitol Police were outnumbered and things were getting out of hand, I'm pretty sure the best outcome if they had used deadly force to stop a rush would have been headlines like "Dozens of Trump supporters dead after police open fire on crowd." Worse scenarios include the police getting overwhelmed anyway and many of them killed also leading to a firefight within the capitol.
There have been several pro-Trump rallies since the election. The city got locked down hard, but nothing happened. They were much more peaceful than the rallies this summer. (I drove by all of these because my wife’s office is a couple of blocks from the White House).
And the real damage was to our rule of law. That was already accomplished when the supposed President directed a mob against congress.
The actual level of violence done by the mob is relatively tame. Shooting a bunch of people in the halls of Congress isn't going to stop the damage to the rule of law. And it would have what? Prevented a few laptops from being stolen, a couple doors from being broken down, etc. It's not like they torched the place.
I personally don't think violence by a mob is acceptable. But it seems most people do--as long as they are sympathetic to the cause.
There’s photographs of one of the “peaceful” protestors in bdus and a helmet with zip ties, and there was multiple videos of the mob yelling to grab the politicians. It was relatively peaceful because congress was able to evacuate before they could be kidnapped and held hostage, with them safely away the pipe bombs wouldn’t have had much point.
I guess? I would have expected the doors to put up a fight, too. But it doesn't sound like there was much forced entry going on beyond getting into the building itself.
At my own workplace, all the areas that are not intended for public use - office blocks and most meeting rooms, for example - are locked at all times and have keycard access. Defense in depth, y'know? And we're not even a juicy target like the US Capitol, we're just some company.
Congress isn't really one office, though. It's hundreds of individually run ones, each intended to serve the public fairly frequently. You can (generally) pop in and see your congressperson and/or their staff if you want.
My office is likely set up the same as yours, or at least close enough to yours. You could absolutely pop in to visit me.
But you could also grab enough of your friends to obtain a decisive numerical advantage – let's say, you and twenty of your closest friends, that probably gets close to what we saw yesterday. Be sure one or two of them are visibly armed.
Once you have your buddies, you can go break through the glass door leading to the receptionist's desk. We saw that yesterday too.
Once you're in, game over: I don't expect Nancy to tackle you at the door, or my friend Brian to kick you when you try to come into the conference room. I expect when you're inside you'll get a guest badge – or an employees – and proceed to go about doing whatever you were interested in doing.
My office's threat model – and yours – is not based on defending against a mob of people storming the building.
> My office's threat model – and yours – is not based on defending against a mob of people storming the building.
That's sort of exactly the point I'm making. My office's threat model isn't even in the same league, and yet it still seems to have more thought put into physical security than the Capitol building. It would appear that, unlike in the hypothetical you're constructing, in the real event, people didn't even need keycards in order to freely move about the building after getting past the exterior doors.
So Nancy Pelosi's office is generally open to the public, and it's fine for people to go on in whenever they want, even when she's not there?
I've honestly never tried to visit a congressperson in DC, so I suppose I wouldn't know, but it sounds unlikely. My public library is even more intended for public use than the US Capitol, but I still need a key to go back into the offices.
> So Nancy Pelosi's office is generally open to the public, and it's fine for people to go on in whenever they want, even when she's not there?
Generally, yes. Their offices are suites with a reception that'll be staffed for constituent services most of the day. Staff are also typically there all day taking calls from the public.
You're being naive if you believe that Russia and others didn't already have a field day at the Capitol yesterday. I wouldn't worry as much about what these guys took from offices and server rooms as I would worry about what little digital gifts these guys may have left behind in the offices and server rooms.
Yep. The entire building needs to be completely scrubbed down and all tech needs to be taken and destroyed. A complete fresh start. Move operations to a new building while this is happening.
It honestly boggles the mind that capitol police announced the all-clear as soon as they did. I mean they found pipe bombs in the RNC and DNC headquarters. No way did the conduct the kind of thorough search that would ensure that nobody left a pipe bomb in an air vent or in a random filing cabinet.
And that goes double for mysterious flash drives randomly stuck in people's computers, or bugs hidden in planters etc. Just an absolute travesty.
The Capitol Police were either incompetent or complicit. There are literally no other options. They knew there would be a big protests, numbers put it around 200k~300k (a tiny percentage of which actually went into the capitol building mind you).
If they weren't prepared for this: incompetence. But there are videos of people getting selfies with guards, and staying within the velvet ropes when coming in. Something isn't right here and no one is talking about it.
They were understaffed, and it was clear that they could not protect both the building and the people. They correctly prioritized evacuating the people.
They turned down an offer from the Pentagon to supplement manpower, days before the protest. Why?
A police department with an intelligence unit couldn't guess that things might get a little out of hand when 3 weeks before, the President publicly used Twitter to ask his followers[1] to attend a "wild" protest on January 6th? Not that an intelligence unit was required as the plans were in the open. I have great difficulty in putting this down to incompetence, all things considered.
Most obviously, if you invite the military in and ask them to secure a portion of the building, you're exposed to the risk that the commander-in-chief will order them out (or order them to stand aside); it's unlikely that forces could be redeployed fast enough to respond to such a defection. (And no, you can't avoid this danger by having all the forces working together everywhere; far too many command-and-control issues arise.) If you don't invite the military to assist in the first place... well, then you're not relying on them to guard your back.
There's also a fundamental democratic issue at stake: It's not by coincidence that the United States Capitol Police answers to the legislature and not to the executive -- indeed, this is seen around the world (e.g. Canada's Parliamentary Protective Service answers to the Speakers of the House and Senate) and arguably the principle that military forces should not be brought to the seat of legislative power dates back to the Roman Republic... which swiftly became the Roman Empire after Caesar crossed the Rubicon with an army at his back.
Those are all valid points. Though I will argue that the assumption that the Capitol Police answers to the legislature is shaky, at best (in practice). If I had to guess who is more likely to refuse an unlawful order, I'd say a member of the military, rather than the police, based on my limited knowledge of their respective cultures. Combined with the idea of police officers who believe they are part of a semi-secret, ad-hoc, patriot's army, things can go wrong indeed.
Let's do a thought experiment: let's say there are a few elements in the police who are active QAnon believers, sprinkled in at various levels. Let's also assume some more force members are not believers, per se, but sympathize with the cause, and are willing to look aside since they may dislike some legislators who they see as enabling BLM, Antifa and other un-American actors (in their eyes) and believe that something "weird" happened with the elections and/or the whole establishment is dirty. Would these individuals not listen to the orders of the commander in chief, even when not delivered via the official chain of command?
> Though I will argue that the assumption that the Capitol Police answers to the legislature is shaky, at best (in practice).
It's a matter of law that they answer to the legislature, this isn't an "assumption." Individually they have answered to a not very sharp police chief, and the Sergeants-At-Arms of the House and Senate, who are all in the process of resigning because of how badly they recently screwed up, if that's what you mean.
> It's a matter of law that they answer to the legislature, this isn't an "assumption."
I could have expressed myself better there - I was distinguishing between them being answerable to the legislature (de jure) in the logical, org chat way, and them "answering" to a mercurial president they ideologically agree with (de facto), in the here and now.
For this specific decision I think we can put it down to incompetence over malice - it'd presumably be easy for whoever was co-ordinating it dismiss all the riot talks as bluster and figure it'd just be yet another protest with a lot of shouting. I imagine we'll hear more about it, but I would be surprised if it was a co-ordinated effort in concert with the rioters (I don't know what to call them).
The footage of police opening barriers and stuff, and taking selfies is however a bit more worrying. I think it's pretty well known that individuals within the police could identify or sympathise with Q or the far right - so if it turns out that this footage was exactly what it's seems to be (and we know how easily things can be misrepresented and shown out of context) then I imagine some cops are gonna be in big trouble.
I agree with this take. It's possible that after a year of particularly intense criticism of police department's actions vs protesters across the country they didn't want to appear to be over-reacting (which could fan all kinds of flames) and didn't expect the crowds to be quite so wild.
I don't know what kinds of contingency planning may have taken place, but ultimately this event seems to have been ended and cleaned up pretty quickly compared to some other demonstrations we've seen recently.
Yeah we're definitely in speculation territory here so I'm wary of going too far. But I would imagine it was not a conscious attempt clean up their act and do their job with a less heavy hand. The idea that they'd suddenly decide to have a change of heart and that the first people who encountered this new, soft-touch policing happened to be right wingers - I don't buy it.
> it's pretty well known that individuals within the police could identify or sympathise with Q
This is worrying in its own terms. Policemen are adult, and shouldn't believe in fairy tales.
Being able to use deductive reasoning, understand basic principles of science (like the difference between cheratine and DNA), double-check the facts, and find the truth between the lies is THE work of the police.
Somebody unable to see a hole for years in theories that most 5 Yo curious children could dismantle in a hour is unfit for this kind of work. They simply shouldn't be policemen. Period.
Will end distroying the lifes of innocent people.
I'm not so certain; with the possibility of installed loyalists and/or 'regulatory capture' we may have intentional malfeasance to make a troubling situation worse.
If it is reasonable to assume that some individual members of the police force are sympathetic to the Q/Boogaloo cause, who is to say the person responsible for coordinating with the Pentagon wasn't a fellow traveler? Police forces, on the whole aren't exactly politically neutral: during primary season, I recall a republican politician getting a picture taken with a policeman who had a "Q" patch on his uniform.
There is not enough information to come to either conclusion, but I would like to think the DC police leadership didn't/doesn't plumb those depths of incompetence. The public (and congress) deserves answers on what happened and why.
They definitely deserve answers, you are right. But jumping to "This was an op and the DC police as a unit were in on it" is approaching wheelhouse of the crazies who instigated this whole debacle. That runaway cascade of believing lots of little things that could be possible is what led to millions believing in dumb stuff like Mole Children being kept as slaves by Hillary Clinton and friends.
Unless something more sinister emerges the simplest explanation is probably the best - there some cops who are far-right sympathisers and there are incompetently managed and organized Police forces. Both of those things are already demonstrably true and explain how the response quite well without introducing a grand conspiracy.
I was careful to say individuals - my point was that there is no reason to doubt the possibility of those sympathetic individual(s) being decision-makers in the force. I was careful to not suggest it was a group decision.
However, it is no secret that the FBI has long-reported (2006!) on white-supremecist infiltration of police forces[1] - this is not crazy talk. If someone joined the police as a rookie in 2006 to enforce their personal agenda, how far up the leadership hierarchy would they be now?
This can be correct, but so can GPs point: two possible findings are that the capitol police were deliberately left understaffed because
* higher level leadership judged the threat of the protestors to be insignificant (incompetence)
* higher level leadership wanted the potential for a mob to enter the building (complicity)
However they found themselves in the position, they did, and once there I think they had an unenviable task. And the fact that the occupants of the building were safely sheltered until a larger force came to clear the building shows that they made a good decision.
It's not murder if it's legal. If you don't want to get shot, don't invade the seat of government during a constitutionally prescribed transition of power, break through a barricade, ignore a cop's orders and approach a cop pointing his gun at you. Hard, I know.
I'd agree that police defenders often use the rhetoric of "approaching a cop with his gun drawn" or "being somewhere you shouldn't," but surely we can make a distinction between those killed in public areas versus this woman who was trespassing in a very important federal facility, specifically to impede a very important government procedure.
> trespassing in a very important federal facility
She was part of an armed mob trying in the process of breaking into the speakers lobby that posed an imminent threat to members of Congress, whom members of the mob had moments before loudly expressed concern were trying to leave.
And you assume that's everything that happened? Did she break through a barrier? People were walking right in.You don't know which group she cam in with. In the various videos, she was trying to get out. They all were.
The dude who fired the shot, are you really defending him? A man with no real reasonable threat to his life? None of the people in that shot were shown to be armed.
Honest question, what are your views on Jacob Blake? Do you defend him? Because he sexually assaulted a women who had a restraining order against him, ignored police orders to stop, got up after being tazed twice and reached into a car with children. The DA found the police were completely justified in shooting him 7 times in the back.
This is the double standard. If you say she had no excuse for getting shot, than neither did Jacob Blake, or Breyanna Taylor.
She was climbing through a broken window past a barricade that was the last line of defense to where members of Congress were taking shelter. The guard was pointing his gun at her and other people were warning about the danger. I don’t think she should have been shot, but the guard who shot her acted reasonably. It was a failure of the police present, who should have prevented the situation.
It doesn't matter if she's mother Theresa and came here with the cure for cancer. You cannot interrupt the transition of power. We have laws that must be followed. If you try to overthrow the government you will be stopped. I watched a video of her getting shot. She was breaking through a barricaded door and making her way towards officers with guns drawn.
There's multiple camera angles which captured the minutes leading up to her death, posted on major news sites like The Washington Post, so no assumption needed.
I still don't feel the shoot to kill was justified (especially as a shot in an area that would immobilize a person, like the chest or the gut, would've been safer of collateral damage vs a shot to the head, similar to the one taken, which unequivocally is a shot intended to kill), but trying to argue she was not completely and totally in the wrong is just absurd to me.
You betray your ignorance about firearms. You cannot shoot to immobilize. Every shot taken is practically and legally a shot intending to kill. Real life is not a hollywood movie.
> You betray your ignorance about firearms. You cannot shoot to immobilize. Every shot taken is practically and legally a shot intending to kill. Real life is not a hollywood movie.
Someone knowledgeable of the subject, which you imply I am not, would know that shooting someone in the middle of their body is the standard operating procedure (and is potentially less fatal, but yes legally still intended to kill) rather than taking an (essentially) headshot as this officer did.
Also notice I did not say what the officer did was "against policy" or illegal, I simply said I didn't feel it was justified (especially with where the shot hit). It's for the department and the courts to decide if the officer violated his duty.
Could have (likely was) aiming for center of mass but ended up a little high. Real life is not a shooting range with a target that is perfectly still.
Shooting a center of mass is not at all about being "less fatal" it is about it being the biggest target with the biggest chance of stopping your adversary.
> Shooting a center of mass is not at all about being "less fatal"
Did I say it was? I believe I used the word "potentially" in the reply you are commenting to. The officer was shooting from ~6ft away and had a firm grip and was well composed, if they can't hit the chest of a target that was mostly still at the moment of the shot then they need to be spending a lot more time in the gun range (at the absolute minimum).
>They were understaffed, and it was clear that they could not protect both the building and the people. They correctly prioritized evacuating the people.
I think it's pretty clear at this point that they would have been overstaffed if the protestors had a different skin color.
In the 1970s, armed Black Panther members took the California State Capitol and no one died.
At least one officer is dead (this changes daily so who knows) and one protestor (she was unarmed, that's a protestor, trespasser at best) was shot by sorry excuse of a Capitol Officer who shot wildly into a crowd (almost hitting the other Federal Officer behind her!)
The lady that was shot was attempting to enter a hallway through a window while people in the hallway were pointing guns at her. Just because she didn't have a visible weapon doesn't mean she wasn't a threat. Climbing through a broken window into a hallway protected by a makeshift barricade is itself a threatening action. No one at the head of a mob climbing over a barricade ever did so for innocent and non-threatening reasons. Suggesting otherwise is ludicrously stupid.
Having seen multiple videos of the event it's clear the shooter was not firing wildly into the crowd. They were aiming specifically at the person trying to break into the area. She's dead because of her own actions.
Note that she was wearing a good sized backpack. The shooter was wearing plainclothes- possibly Secret Service. It appears he was protecting something or someone important. Pence?
You're not a protester if you are breaking into congress, breaking past a barricade, being told to stop, and walking towards an officer pointing his gun at you. You're suicidal.
I don’t think that’s clear at all. I’ve seen it often repeated by the media, but there is absolutely no evidence to support it. Repeating this is only driving the two sides further apart.
Being understaffed on a day when protesters have warned you they may take direct action is incompetence or complicity. They have agreements with nearby law enforcement who are often deputized in DC, yet didn’t activate those agreements until the perimeter had been fully breached.
> They were understaffed, and it was clear that they could not protect both the building and the people. They correctly prioritized evacuating the people.
This is all true but might be crediting the Capitol Police leadership with a little more coordination and planning than they truly exhibited. There were clearly some law enforcement officers who did not simply step aside and let the rioters have their way once lawmakers had been evacuated.
Based on some of the comments here I get the feeling it's not common knowledge yet that at least one involved law enforcement officer has died [1] and a couple of dozen were injured. Possibly they could have done better for themselves if they'd all been as easygoing about things as the officers photographed in the rotunda.
To what end? Certainly the Capitol police leadership wasn't part of some conspiracy to overthrow the government- letting a few hundred protestors in wouldn't accomplish much.
So you are saying that the Capitol police succeeded in creating a honeypot that was meant to embarrass Trump?
I wonder if, since so many on HN feel that they are enlightened people, it is possible for us to give the benefit of the doubt to people who's jobs we don't do and probably know nothing about?
Just because we work in tech does not mean we know everything, and not having been there means we don't know the circumstances anyway. It is disgustingly arrogant of any of us to proclaim that these people must be incompetent or complicit like some armchair quarterback.
Christ, I mean, this is roughly the same mentality as the people who think the election was stolen based on some anecdotes and bullshit despite what election officials, courts, and other experts are saying.
Indeed, the hyperbole and conspiracy theories on all sides have lead me to detach myself from politics. There were a few hundred/thousand people who rioted at the Capitol, law enforcement in riot gear fought them with clubs and pepper spray, got overwhelmed, fell back, regrouped, and responded with a lot of force a couple hours later. One of the rioters was shot, dozens were arrested. Not a good scenario, but I've seen a lot of people who I had thought were more measured yelling about how police were assisting with an attempted coup attempt (even supposedly respected news stations were going off the deep end). It feels like the 24/7 news cycle has fried a lot of people's minds and turned everything into a final battle between good and evil.
If it's any consolation, US Capitol Police chief Steve Sund was forced to resign by Congress. Seems like it's not just armchair quarterbacks who were let down by their shitty response.
No doubt you are aware of the concept of a face-saving resignation. I'm not saying this is what happened here, I'm just saying the resignation itself is not really meaningful without more context.
The Capitol Police seem to be a facade and don't stop crowds. Here's a different example from 2 years ago:
"@womensmarch just took the Capitol. Women, survivors, and allies walked straight past the police, climbed over barricades, and sat down on the Capitol steps."
This Twitter thread is a gold mine for anyone looking for perspective on what happens when the “right” group versus the “wrong” group storms past baracades and into the Capital, while describing it as “taking the Capital”.
It's also possible they were competent but don't have the required staff to handle a large protest. Under normal circumstances, they might request help from other groups (DC police, national guard, whatever) but due to jurisdictional restrictions help can't come unless it's approved at high levels and no approvals were given.
In other words, they may have been set up to fail.
(There's still the issue of that video of protesters being let in, which would imply that capital police do have some explaining to do.)
Were the BLM people who stormed city hall in Seattle insurrectionists? Where the Black Panthers who took the California State Capitol in the 1970s insurrectionists?
Stop with the bullshit name games. These were not rioters. They didn't set anything on fire. They should not have stolen or broken anything. That's wrong and bad and should be condemned. Those people should get federal time
But man...you have to admit...there is something beautiful about the peasants entering the royal court, and the town idiot putting his feet up on the table that belongs to the Hand of the King.
The villagers entered the royal court and the senators clutched their pearls.
America has had a long history of occupying federal buildings. This is certainly not unprecedented.
These people were not a coup or insurrection. They had no plan. There was no person with a new founding document they were going to read. They didn't bring in an armed force and take and occupy the capital.
The overreaction to what happened is fucking insane, especially compared to what actual Rioters where allowed to get away with for the past year. In May, DC was literally on fire from the BLM riots, and we didn't see this type of DoubleSpeak.
> The overreaction ... In May, DC was literally on fire from the BLM riots
Speaking of overreactions ...
> They didn't set anything on fire. They should not have stolen or broken anything. That's wrong and bad and should be condemned.
Okay, so to be clear, there's a difference between breaking things with your hands and setting it on fire. One is "bad", and one is "rioting". Huh, interesting.
> Were the BLM people who stormed city hall in Seattle insurrectionists? Where the Black Panthers who took the California State Capitol in the 1970s insurrectionists?
No, because their goal wasn't to overturn a legally held election.
> The overreaction to what happened is fucking insane, especially compared to what actual Rioters where allowed to get away with for the past year. In May, DC was literally on fire from the BLM riots, and we didn't see this type of DoubleSpeak.
Not really when you consider that the protests in may were for the correct side with the media and elites fully on board. They were for all intents and purposes sanctioned events. The 6th mob was absolutely terrifying for the media and elite since they had zero control over it. What looks like just another mob riot to a common peasant appears to be an actual threat to those which never see threats.
> But man...you have to admit...there is something beautiful about the peasants entering the royal court, and the town idiot putting his feet up on the table that belongs to the Hand of the King.
>The villagers entered the royal court and the senators clutched their pearls.
I agree. Although I’m definitely anti-Trump and condemn his garbage about the election being stolen, and while I don’t condone the behavior of the protestors, I don’t really see how this so much worse than business owners who had their livelihoods destroyed during the BLM riots over the summer. I don’t remember CNN or Democrats tripping over themselves to see who could use the harshest language for what had happened.
Again I’m not condoning this, but honestly, given what happened, the only real tragedy was a woman was shot because a jumpy police officer shot blindly into a crowd. Our pride was embarrassed but that’s ok. Let’s learn from this and make sure it doesn’t happen again.
The real problem with what happened is Trump incited it. But that’s another story.
Haha yeah, there wasn't this much outrage before because it was the peasant's businesses being destroyed. Protesting is now bad because it actually affected the rich, political class.
Look at how different the MSM response was. Destroyed businesses and disruption to innocent people's lives was a necessary sacrifice for BLM riots. And best of all, covid is only dangerous depending on what you're protesting for. But some people going into a building?! No! Stop that!
How many is that? I can't even count. More than 50, less than 100? Versus 10, possibly way less, depending on what kind of comparisons one wants to draw? [1]
Doesn't this point exactly to the significance of what happened on the 6th? Race riots have been happening in the United States for a hundred some years. They are obviously not significant in achieving the goals of the rioters. Meanwhile the storming of seats of power by an ousted leaders' supporters has the potential to change history. The former is a passing event, the latter is a rare event with some potential to change global history.
Inviting insurrectionists into the capitol to stop the certification of an election they didn't like by force is different from... giving their support to people who are against unarmed black people being murdered on sight.
It has not been proven. This is false. Please stop spreading it. Multiple people were killed in clashes with the police. They did not help the rioters. This is the type of misinformation that caused all these problems.
Re the second one - I also saw some footage where a couple of police were, I dunno, ushering them or encouraging them through barriers towards the building. Like "come on, come on!" - that kind of gesture.
I have to stress though that I agree with "danaris" one level up from from this comment - it seems perfectly believable that individual police sympathised and aided these people. However it's not "The Police" as an entity as some others are suggesting, that's venturing into Q territory and is a bit Conspiracy Theory for me.
Here are videos from 2 locations where protestors fought the police and pushed past them. That is the opposite of letting them in. IMO I think the instances where they were "letting people in" were because the barriers had already been breached on other sides so there was no point holding lines where there would already be people in behind them.
The video (letting them in) doesn't show what you think it does. Capital Police leadership planned poorly and their leadership is at fault. They had to fall back to more secure chokepoints because they were outnumbered and overwhelmed. The cops didn't let anyone in. They killed someone and one of them was killed in the fighting. Please don't stir up trouble with fake conjecture over a 30 second clip that doesn't show what really happened. It is what caused a lot of these problems. You are making it worse.
No... if those officers had fallen back, sure, all good. I don't see an issue there. But literally you have an officer (and yes, I get it, individual versus collective) who moves gates, and starts waving protestors through.
If you're falling back because you're overwhelmed by a surge, the last thing you do is _remove obstacles between you and the surge_!
Without any specific knowledge on this case one way or the other, both of these things can be simultaneously true: Some Capitol police stuck to their duty and tried to keep the insurrectionists out, while others agreed with them, let them in, and took selfies with them.
"The Capitol Police" is not a single, monolithic entity; it's made up of individual people, with their own political views.
> Multiple people were killed in clashes with the police.
"Multiple"? Do you have proof of this? There was one woman who was shot by police.
As far as I know, it is not yet clear how the others (excluding the Capitol officer) died. I've seen reports that one man got a heart attack after tasing himself and another fell off some scaffolding.
Ha! These people are in their 70's and 80's, getting any legitimate security is near impossible. Try telling your grandparents not to play flash games on their computer. The best security should have been by the entrances of the building.
Age isn’t the problem, lack of digital security literacy might well be.
My dad was born in ‘39, he did a degree in electrical engineering, and it took until something like his second job after graduation for his employer to send him on a two-day training course for the new-fangled [0] invention of something called “software”. He then worked in software from that course until retirement.
However, he never understood RSA despite working on UK military IFF systems.
[0] “new-fangled” was his description; the closest he came to acknowledging Ada Lovelace before I learned of her was to complain about the language Ada.
https://twitter.com/doctorow/status/1347244300527013889:
"Resecuring the Capitol's IT infrastructure should probably involve shredding every device, cable and thumb-drive, tearing open every light-socket and power-outlet, and even then, it will be hard to fully trust the building and its systems."
"So far, hearing that cyber risks of the Capitol attack were low.
* Congress isn't one big network
* Vulnerable machines held unclassified files
* Hill leaks so much already that truly sensitive stuff is walled off
* Rioters weren't there long enough for thorough, careful access"
[...]
For those wondering about the SCIFs, used for classified files and conversations, their doors were built to withstand embassy sieges, and they’re swept for bugs before every use.
We haven’t seen any indication that they were even targeted, much less seriously attacked. Could one of the terrorists have seen a sensitive but unclassified email somewhere? Yes.
Could there have been Russian spies in the terrorist mob? Yes."
If this is done, does everyone lose all of their unbacked up work or is there some way to recover it safely? There are for sure internal notes, draft bills and changes, etc. on these computers that is not backed up.
Everthing in that building that plugs into the wall should be discarded and with a known good device. That includes network infrastructure and even cabling.
Between this and the recent SUNBURST fiasco, there are going to be some long discussions about security policy.
I think that would be a good start. Then again, I also don't think it should have been so trivial for infiltrators to access content on congressional computing devices in the first place, even with physical access.
I'm not sure about other devices in the building, but there's plenty of stuff going around about Pelosi's laptop in her office. Was it just left unlocked and unattended? Did it even have an OS password? If it did, was that password written down somewhere such that infiltrators could easily access it?
Replacing all of the compromised tech is a good start, but clearly we need to hold our politicians to a higher standard when it comes to securing their devices.
I was thinking even just merely about physical security while this was going on. One bad actor going from room to room planting listening devices would take a short bit to weed out no?
Came here to say I hope it was encrypted.
Being a laptop I hope the IT person saw it fit to have it encrypted just because it is more easily prone to theft.
I mean, why are we paying the NSA, if Congress has unencrypted laptops. Literally their role to recommend security methods for encryption of companies and US interests. That is what I wonder every time I’m required to throw away my bottle of water and remove clothes to board a plane.
> So all laptops they were issued before 2017 didn't have full disk encryption.
That's an illogical assumption to make. Not encrypted at time of issue != not encrypted ever. Who says all previously-issued laptops weren't encrypted at a later time?
No, it doesn't mean that. It's a possibility, but it's not what the comment above says. From this date X is enforced doesn't mean that X didn't happen before.
It could also mean a change in policy which makes official what was already happening.
For staffers, sure. But it's a better-than-even-odds bet that if senators and representatives raise a stink about how secure laptops are hard to use, they get special treatment.
Did you see the picture of Pelosi's desktop monitor? Pelosi was on the House floor at the time, wasn't she? Why wasn't there even a screen lock?
I don't understand why Windows 10 doesn't take an encryption first approach. When you install Windows 10, it should default to having disk encryption checked.
Not certain this is the reason why, but there is a real perf hit for full disk encryption which not everyone needs to take, especially for devices without hardware accelerated crypto. Lower end devices can slow to a crawl.
Can you specify what are those devices which do not have hardware encryption support? Processors have had hardware support for ages. On the Intel side, at least from 2006, with the Core2Duo.
Any modern system(even on the low end) that you could conceivably want to trust important data to can handle encryption requirements with ease.
One problem if we are talking about Bitlocker specifically is that if the drive reports that it supports encryption, then Bitlocker offloads the responsibility to the drive. And the drive encryption might be badly implemented.
Better than that might be an internet-free LoJack. Finding a laptop thief might be at least as valuable as retaining the encrypted information that's on disk.
Edit: Also, stealing a laptop that belongs to the office of the US Speaker of the House will essentially never end well. There are endless examples to suggest that yesterday's fracas wasn't thought-through by the participants. This is one of them.
There's also plenty of evidence that it was planned, like people openly planning doing exactly this on forums. They had merch printed up. It was Trump who either wasn't in on the planning or got cold feet when the time for the actual coup came.
This is yet another aspect that makes these recent events so depressing. I don't think I've ever felt this low and ashamed as an American before. How could the government even allow such a security breach to happen?
Agree with this... also though capitol police were overwhelmed and 3 % control (ie managed to keep politicians out of harms way excluding covid implications) of the situation.
Yes, after seeing the video today of the shooting, it's clear that the Capitol police were very barely able to keep people safe. But later, when so much backup arrived, it appeared as if many people simply walked away and went home, which is baffling to me.
Given that Pelosi's desktop was logged on and unlocked, there's a fair chance the laptop was too which would render full disk encryption useless. As long as whoever stole it didn't close it and send it to sleep anyway.
Pelosi is in her 80s and a politician, it's common for people in that generation to not actually use computers themselves but rely on their assistants to "do the computer stuff".
Billy Bob is a name stereotypically used to refer to someone to imply that they are rural, ignorant and/or unsophisticated.
Billy Bob (short for William Robert) at one time was a common set of first names for Americans that lived in country areas.
Do we know it was Pelosi's computer and not just a staffer in her office? I also imagine it's a lot harder to walk out of the building with an open laptop in hand than a closed one in a bag.
Well training for much more mundane events should cover it. I wonder if they’re personal laptops otherwise IT security would have an auto lock enabled.
If you add up all the charges on breaking into the Capitol, the Speaker's office, the theft, the computer security laws, etc., they could probably get a 100 year sentence, and I hope they prosecute it fully.
Just a side note, to compare a slightly similar situation (with far less potential for violence).
It happened in Germany several months and three officers defended the Reichstag building from radical anti-Corona protesters until reinforcements arrived.
The key difference is that the German protesters didn't bring automatic weapons, molotov cocktails and pipe bombs. I sincerely hope federal authorities will get every single domestic terrorist involved in the Capitol storming.
Did Linux ever fix the hibernate stuff? I remember 5 years ago, it was a MUST to disable it, because the system would go to hibernate and never wake up again without a hard restart.
Sleep and hibernate is not really a linux problem, it's more of a OEM closed-source firmware implementation which is only tested to work on Windows problem so the linux devs have to eyeball it and pray that it works which makes it a constant game of whack-a-mole. So until there is an open standard for firmware used by all OEMs it will never be truly fixed. Hell, sleep doesn't even work half the time on my XPS15 with Windows so Dell can't even get that right.
That's why the likes of System76 develop their own firmware.
On most of my linux computers it always works. On one of them it works 90% of the time, which sounds high but is really annoying. (Probably an interaction with AMDGPU.)
Even when powered on, full disk encryption still changes the scenario from "reboot from a live CD" to "perform some advanced attack involving special hardware".
Unless someone specifically targets you for your data, FDE will keep your data safe from thieves who may sell the laptop (unwiped) or take a look otherwise.
Another commenter mentioned DMA, so I'll expand on that.
If the device has only USB, network, and display outputs, not a lot. Modern systems are pretty hardened with this config.
However, if it has Thunderbolt, ExpressCard, PCMCIA, or even FireWire, it's hosed.
This kind of attack has been highly researched by intelligence, for example the 'Sonic Screwdriver' attack revealed in 2017 [1] targeted Macs by tampering with boot parameters, and was installed over thunderbolt.
There have also been some PoC exploits for extracting BitLocker encryption keys out of memory using FireWire [2], though I'm not sure those have ever been widespread attack vectors.
Basically, the old adage still holds up - physical access is full access. The only thing you can really do is fill up any ports that could be used for DMA sidechannel attacks with epoxy, then hope nobody attacks your TCP stack or USB controller...
There's some lienience to be given with the newer versions of Thunderbolt. On many Windows machines, and given that it's configured correctly, a TB device has to be explicitly allowed to access anything other than USB and Display modes.
DMA attacks - once you get access to a bus that allows direct memory access, you can unlock the machine.
Not something a thief that wants the laptop would do, but definitely something a targeted attacker who specifically steals a laptop to get your data would do.
Against what threat model? The general answer is "yes, most of them, including all the ones being used as defaults in major distros" -- they will not allow a user that isn't in possession of the password to log back into the session.
They don't necessarily prevent against other threat models, like "the attacker dumps the laptop's RAM" (which you could technically protect against if you froze all session processes and encrypted their working set with a key held in a secure element).
Full disk encryption and a strict policy of always closing the laptop / lock the screen when leaving. In some scenarios USB ports also need to be physically disabled.
Speaking of lock screens (and Speakers), did you see Pelosi's screen? Wasn't she on the floor of the House at that time? Why wasn't her screen locked? I can think of half a dozen scenarios of carelessness or time pressure. The first one comes to mind is that she was using it, suddenly evacuated and didn't flip the lock on, and the mob reached her desk before the lock timer expired. But I do wonder if the was even a screen lock.
Laptop is stolen by a foreign intelligence agency who can do things like "pour liquid nitrogen on the ram and swap it to another computer to recover encryption keys" or whatever (I've been told that's a real attack... but it always seemed like an intelligence agency ought to just make a device to read the ram without pulling it at all... just hijack the wires communicating to the ram or something...)
If that's your threat, the device doesn't leave your sight or possession, ever. I work at a significantly lower threat level than that and we're regularly told that when off site devices don't leave your possession, and on-site, deviecs should be tethered and locked when not in use.
There was a great thread on Twitter about the infosec implications of this breach of the capitol. In short, you have to assume foreign state actors were among the people inside, and every piece of technology should be replaced.
The infosec aspect of this whole event has been fascinating to me. That tweet from that guy in Pelosi's office with the computer with her email open was pretty shocking. Every company I have ever worked for enforced the pc auto locking after 10 min or so of inactivity. Its unbelievable that the Capitol doesn't enforce this.
If it is a laptop of consequence (even if not classified), hopefully it had security and tracking capabilities that can be activated.
That info would probably be helpful for law enforcement and prosecutors.
This all assumes that congress, the DNC, or whoever owns the laptop has upped their personal computer op-sec significantly since the DNC hacks of 2016.
Truly a nightmare situation. I really hope they have a solid means to recover the stolen assets. Does anyone have insight into what types of tracking high level government laptops would have?
That may or may not be true, but I feel it's worth mentioning that often those individuals need some level of security clearance. See listings on job boards for janitorial staff/etc. that require security clearance (often at private corporations, like defence contractors, but I see no reason why it wouldn't extend to public employment i.e. at the Capitol).
You can't have that kind of insanity inside of a workplace and expect to secure every device. There are multiple layers of security for the congress people, and many of them were exploited. They don't practice putting on masks and running their asses out of a building. I'm sure every staffer was thinking, "Did I get everything that needs to be secured?". No they were thinking, "I'm getting the hell out of here." Especially if they weren't part of the tribe storming the castle, (aka a Democrat).
On its face I would say: well between cleaners and the public going in and out there's no way they'd have anything confidential on something like that.
Then I remember the countless times I've been on a flight from SFO and seen executives with NDA documents pulled up on their laptops with no privacy screen and remember that it's entirely plausible this thing had something confidential. I just hope their default image included full disk encryption.
Every conservative narrative will now be about some evidence found on this laptop that will never be materialized in court. Just like the hunter Biden laptop that tucker Carlson supposedly lost in the mail.
If I recall UPS put a statement saying they searched and found the package. But then later Carlson magically backed off
> But after all of his commotion, Carlson suddenly backed off the story by Thursday night. “There are a lot of documents about Hunter Biden’s personal life that we haven’t brought to you and we’re not going to, and we should tell you why,” he said, adding that “Hunter Biden is a fallen man at this point.” And while he believes the Biden son is not “a bad person,” he does have “demons” and “lost control of those demons, and the world knows that now. He’s now humiliated and alone. It’s probably too strong to say we feel sorry for Hunter Biden, but the point is, pounding on a man, jumping on, piling on when he’s already down is something that we don’t want to be involved in.”
What an absolute mess. Whatever political spectrum you might be on, having people roaming around the halls of a sensitive government institution is not in the interest of any US citizen. Security of our institutions, elections and democracy should be a non-partisan issue.
Secrets need to be kept in the intelligence world. It's naive to think we can be fully transparent on issues of methods and means. Congress needs to know things about our security apparatus but shouldn't be made public for obvious reasons.
The entire idea of a representative democracy is we elect people to act for us. That includes knowing information that shouldn't be public and making the correct decision for the country.
That observation makes as much sense in context as when people compare the national debt to household debt. If the problem is that we might get to know what porn Pelosi likes or whether she has hemorrhoids, the theft of this laptop is trivial.
Let's say the chairman of the Senate Intelligence Committee learns via his work that a high-ranking member of the CCP is sending secrets to the United States in exchange for safe passage out of the country. Is it ultimately beneficial for that information to be made fully transparent?
Trillion doller defense budget and then unarmed morrons simply walk into the office of the most powerful individuals in the country and take stuff and walk out.
The level of stupidity and incompetence for this to happen is breath taking.
There needs to be a whole lot of 10+ year sentences handed out. Obviously anyone directly involved in the officer's death will have the book thrown at them and probably never see the outside of a cell again, but all these people need to be made an example of.
Did they release the cause of death? The article I read said he collapsed after everything was done with (or for the most part). Can really pin that on anyone.
Sorry, but who are you to say who saw what and what officers MIGHT have been negligent during all that chaos?
If it is determined that the people who SMASHED HIS HEAD IN WITH A DAMN FIRE EXTINGUISHER didn't intend to kill him, the 2nd degree murder charge might possibly be downgraded to felony murder or manslaughter.
starting a fire at a Target is not quite the same thing as raiding the US Capitol filled with congress, staffers, and confidential documents (in an effort to overturn a national election).
And of course, the irony is that part of the frustrations from this summer’s protests is the fact that people of color get 10+ year sentences for things like drug offenses at a much higher rate than white people.
The difference is one of these buildings provides an important service that the American people can’t live without. The other, of course, is filled with politicians.
I admire the restraint on display here, but if even one of those guys had been black, the cops would have iced every one of them. Imagine someone grabbing a cop's gas mask at a BLM march and not being dead 2 seconds later.
Are you aware an unarmed white woman was shot and killed by police at the capitol that day?
Yes, on average black folks are treated more unfairly than white folks by police, but exaggerated claims like “the cops would have iced every one of them” help no one.
She was climbing through a barricaded door through a broken window with a person with a drawn gun on the other side protecting who knows who, armed or not the outcome was kind of a given when she decided that was a good idea. Not the best comparison to put up against the treatment of BLM protestors throughout the year.
There was at least one person near her in the video of that women getting shot who was clearly armed with an assault rifle. She may have been unarmed but was storming the chamber with other armed people. The security on the other side had good reason to believe she was a dangerous threat.
The guy with a carbine in the video is a police tactical officer. The main question about this scene is not why the secret service officer shot the woman who defied a lawful order by entering the chambers through a broken window and over the top of a barricade. The question is why she hadn't been shot long before.
Yeah, you're right, the original video I saw was tightly shot and only showed the weapon. There was a similar video released later where those officers where coming up a staircase from behind.
If you're going to operate at the intersection of gun nuttery and prescriptive English usage, it would help you to be right. The US Army "Small Arms Identification Guide" defined the term at least 50 years ago.
I believe you are thinking of the term “assault weapon”, which was a term invented to help ban semi-automatic military-style rifles, that arguably aren’t significantly deadlier than other less scary looking semi-automatic rifles, but are politically more convenient to ban.
“Assault rifle” is a valid term but it only refers to automatic rifles, which were already effectively banned for civilians.
I don’t know whether that rifle (carried by a police officer) is automatic or semi-automatic.
And several incidents of police using their vehicles or horses to ram, trample, or assault people (e.g. by opening a car door to hit protestors as they drove by). Those could easily have been lethal, though they weren't in this case.
Edit: I know this is all super polarizing stuff, but I'm trying to provide a specific and direct answer to the question above.
Yeah, I tried to not list too many events that 'only' resulted in maiming, loss of sight, or permanent injury, because the parent poster specifically called out deaths. But yes, there were many incidents like you described where the police clearly used force in potentially lethal ways.
No, it's not hyperbole. I was at the Portland protests this summer, and nothing even close to this happened. They'd have gone to mass use of tear gas and less lethal munitions long before that point, and if by some improbable chance a context like the above video push into a building arose, there's no question in my mind the CBP and related agency unmarked officers would have just straight up opened fire.
There are two standards at work in how protests are treated. This is a factual matter, not an opinion. It doesn't mean every protester on the left is a blameless, as obviously that's a straw man position on its face. But the disparity in how violence is used, and in particular how early its used is very clear. You can't just handwave that away. Likewise you can't handwave away that showing up with military style gear and loaded firearms is a defining feature of right wing protests that is not duplicated on the left.
Were they enforcing arbitrary curfews and trying to incite their own police riots or defending VIPs? Police seem to choose to escalate only when faced with certain groups.
Strongly disagree I firmly believe the reason the police held back so much was the number of guns in the crowd. They want to make it home at the end of the day too.
It's a real testament to the effectiveness of the BLM protests that the police took a good hard look at themselves and decided to use a light touch from here on out.
Armed terrorists in MI invaded the state Capitol in May, before the murder of George Floyd. Police there took a similar hands off strategy. Are you being facetious?
She had clear instructions to proceed no further, then climbed through a broken window towards Secret Service members who had guns drawn.
She was partway through the window to the hallway that leads directly to the congressional chambers and was attempting to get past the Secret Service members.
You don't mess with the Secret Service -- they have a very uncompromising view on protecting elected officials and will absolutely draw lines in the sand and firmly enforce them.
Edit:
Secret Service were present, but the officer who shot was not a member. He was, however, protecting the immediate vicinity to where congresspeople were sheltering in place.
Just to be clear, there are longer videos of the event that show people banging doors down. I watched a live stream from one of the people upfront - some cops gave up after overwhelmed, and some even fraternized with people, but it was a confrontation to be clear. I encourage you to look up full livestreams of it.
Because someone on the inside opened the door and let them in, it’s not “storming”? Those Twitter comments are all suggesting this was a setup, but the more likely scenario is that most of those that should be serving as police either were sympathetic to today’s right wing rhetoric or weren’t prepared for a mess of people. What were they supposed to do at the point of this video? Pull out their guns and escalate the situation?
Same happened at CHAZ, a couple black kids got killed by some nutjob police LARPers.
I don’t recall a big hubbub blaming left wing rhetoric or arguing for the immediate destruction and disbanding of the autonomous zones. I remember an absolute heartbreaking interview with the kid’s father.
There was no interest for the BLM crowd to hold their own accountable.
Are we really sitting here comparing storming the capitol building and interrupting the certification of the electoral vote, to CHAZ? Pipe bombs were placed in capital buildings, the insurrectionists were armed and had zip ties. Five people died as a result of these actions. The idea that this is at all comparable to CHAZ, is ridiculous.
I can guarantee more died as a direct result of BLM "protests" in 2020.
Nevermind billions of dollars of damage that fell on the shoulders of minority and lower class communities.
I have a hard time imagining that someone concerned about insurrection would unabashedly gloss over CHAZ/CHOP as though it's not a cut-and-dry act of secession.
I don't support CHAZ and I never said I did. Claiming to secede for a couple of blocks in a neighborhood in Seattle, is incredibly stupid and dangerous.
My point here is the scope of things, armed insurrectionists stormed the capitol building. Three pipe bombs were recovered and disarmed. What do you think would have happened if the person who laid the pipe bombs had gotten to Nancy Pelosi? Further the President of the united states was pleased by these actions and told them he loved them. He refused to call the national guard and the department of defense initially refused several requests. Somehow, the VP who doesn't have the authority to, called in the national guard. CHAZ was not supported or incited by Joe Biden. And CHAZ did not threaten our democracy or interrupt the democratic process.
There was complete chaos across the country last year.
With many reminiscent if not worse scenes of complete disregard for public spaces and institutions.
The media was practically giddy about justifications of why we shouldn't be opposing the destruction of statues of the founding fathers. Freaking abolitionist statues were targeted.
There is unquestionably more total damage, building burned to the ground, etc from what happened last year.
I'm not saying what occurred at the Capitol is to be dismissed - quite the contrary. What I'm saying is that it's like one half of the country just woke up to the idea that mass political violence and bedlam should be denounced.
When they let you walk in quietly, yeah. You can stretch language all you want until it has no meaning, but "storming" has a definition, and it isn't "people I don't like went somewhere I didn't want them to go." u/doomslice did post an example of something that would be considered "storming."
Why not post the verb definitions directly below the noun definitions you posted?
1. To assault or capture suddenly: The troops stormed the fortress. See Synonyms at attack.
2. To travel around (a place) vigorously in an attempt to gain support: The candidates stormed the country.
3. To shout angrily: "Never!" she stormed.
Even if you're pretending that there was no violence in the event that left 5 people dead and many more hospitalized, those all apply.
I was talking about the action of walking though a door when the guards opened the doors and allowed them in. If you want to strawman things I say to feel better about yourself, have fun.
2/3 have no relevance to the situation, and 1 requires an assault. So, no, they don’t “all apply.”
Also, as you may be aware, stolen emails have been able to be verified in the past. For one, you can ask the people implicated if they are real and look for contradictions between their stories or confirmations. You can check physical evidence if any exists. There are many things you can do.
EDIT: My previous response, I misread your meaning at first.
I don't care if they get prosecuted. They should be, they attempted a coup against the democracy. However, as I said, what do I care if they destroy each other? Pelosi is a villain that promotes the desires of the rich over the lives of the people numbering in the hundreds of thousands at this point. Being attacked by someone worse doesn't make her into someone that needs defending.
> They should be, they attempted a coup against the democracy. However, as I said, what do I care if they destroy each other?
Political violence, once normalized, will inevitably be turned against its practitioners and supporters. Indifference in the face of this violence is nothing less than tacit approval of it, and invites reprisal.
I meant destroy each other politically. I would prefer not to have a repeat of Jan 6. I am 100% the opposite of indifferent and have been conducting political organizing to head off the impending crackdown on civil liberties that is coming while condemning the coup and calling for the disciplining of coup supporters in government.
It just so happens I also despise our leaders in government.
Wait, aren't we all privacy advocates here? Who here doesn't say certain things in private that they wouldn't say in public? Any time I see anything like a leaked e-mail story, I remind myself of this simple law of human nature. If private communications do end up coming out of this, we need to all remember this.
Wait, there were armed people storming the building and police supporting them. You think their first priority was, "Better secure this workstation attached to a projector!" and not, "Dear god I hope I don't get murdered today!"
>Nancy Pelosi told fellow House Democrats that she had received reassurances about safeguards to prevent Donald Trump from launching a nuclear attack
Maybe this is too political or HN, but this is the bigger news on that page. It tells me we don't have a functioning chain of command and our government is currently responding to a hard coup attempt with a soft coup which is also pretty scary. Trump should either be removed through the 25th amendment or he should be president with all its power and responsibility. Putting "safeguards" in place so no one really knows who is in charge can be dangerous. Hopefully nothing too serious happens in the next week and a half.
EDIT: To be clear and to address the multiple replies, I am not a Trump fan or a supporter of nuclear weapons or anything along those lines. The problem here is that there needs to be a clear chain of command in case of an actual emergency. People being insubordinate to the president and taking on power that they do not constitutionally could be extremely dangerous in an emergency. The unelected bureaucrats of the government shouldn't be the ones making these decisions.
Putting "safeguards" in place so no one really knows who is in charge can be dangerous.
If the personnel involved hadn't overruled their orders several times during "the Cold War", we would already have had several post-Nagasaki nuclear disasters. These weapons are ongoing dangers to everyone.
Even the US military doesn't have the doctrine to blindly follow any order under any circumstances. Or at least, that's what I would expect from any modern military. In any case, there is no real danger here and Pelosi is exaggerating a bit.
Fun fact: If there had been a clear chain of command and lieutenant colonel Stanislav Petrov of the Soviet Air Defense Forces had followed his orders without questioning them, then the world would probably have been destroyed in a nuclear Armageddon in 1983.[1]
I would hope all entities with nuclear capabilities have de facto safeguards in place to prevent anyone from actually launching a nuclear attack. Although, I would also hope they wouldn't talk about them as it diminishes the deterrent effect that is the only potentially good thing about such weapons. Nuclear weapons should never be used but people who can use them should not say that.
I read that comment as saying there are extra safeguards currently in place that go above and beyond the normal safeguards. If the existing safeguards for a normal president would be enough, Pelosi being third in line for the president likely wouldn't have to ask about them.
There are plenty of szenarios where you don't want to launch a nuclear attack without several people checking the attack order. To my knowledge, the president can't just order an attack, this has to be at least confirmed by one member of a small group of people of necessary rank. Beyond being mostly a political move, Nancy Pelosi reminded by this this group, that a possible launch order most likely is bogus and they should be extremely careful before confirming it.
And what makes you think that it wasn't? If you were in charge of the nuke launch process you would never give the power to one man, would you? You would have probably done two things:
1. Require a broad consensus to launch (possibly with a dead-hand).
2. Don't tell anyone on the outside. Best keep the enemy guessing and the people in awe.
Throughout the history people clamored for a strong leader, so you either give them one and suffer the risks of having a dictatorship, or you give them an illusion of a strong leader. The fictitious red button works perfectly - the man carries the literal Armageddon in his pocket, his power must be divine (subject to expiration on Jan 20th).
Ok. At the present time, the Reuters article at https://www.reuters.com/article/BigStory12/idUSKBN29D2HA does not have mention of safeguards to prevent Donald Trump from launching a nuclear attack. Did something change in the article?
Comrade, you are only allowed to comment on what you are instructed to comment on, and how you are instructed to comment. Do not deviate from your instructions.
I swear the advent of Trump has precipitated an absolute crisis in critical thinking skills. Whenever I see people salivate at stories like this, waiting for the juicy details to get leaked, my heart dies a little. It's as if no one has any empathy or understanding that privacy is a necessary thing for society to function. It's almost never fair to judge a person based on their private life or private conversations. If this does end up "with Wikileaks", as some people here have mentioned, the outcome can only be bad. The average person cannot be trusted to make a level-headed assessment of anything like this. They'll latch onto damning sounding comments and magnify them to irresistible proportions and ensure that a completely imbalanced picture of those involved becomes the common view.
You'd never see any of it. Depending upon who it damages, it either (a) wouldn't be published, or (b) it would be suppressed by media outlets for violating some obscure policy.
I'm no small stater, but we need to find a way to put the interesting stuff back in democratic control...like a parliamentary system that recognizes executive vs legislative division is a bad idea.
I am kind of curious about that. Are they allowed to use the same computer for official business and campaign work? I know a fuss was made in the past about someone using the wrong phone in the White House. In theory donor interactions should be done on non-publicly funded devices. Though I doubt that actually stops them. I am curious what policy actually states.
If you mean able to damage the holder, you'd need to triple-check they can't be unintentionally activated or activated by untrusted parties. Even if just a self-destruct, you'd need to double-check. Bricking the entirety of Congress' laptops have a lot of fun and profit potential.
I feel sorry for whoever gets caught with it. They won't be charged with theft - they'll probably try to hit them with the worst cybersecurity charges they can dig up.
I meant it as a figure of speech. If it's amongst the insurrectionists, they deserve all they have coming to them. If it ends up in somebody else's hands who wasn't involved, they may still be an example of.
I assume the downvotes means my intended sarcasm didn't come through. To be clear, I hope everyone involved in the terroristic insurrection is prosecuted fully.
We know that the government typically uses cybersecurity charges to attack cyber-libertarians, threatening decades of prison time (think Aaron Swartz) - I hope they show the same vigor here.
Until evidence is substantiated, we should assume the parties that be will try to continue to blow this out of proportion. It shouldn't be surprising that one of Pelosi's aides is going to try to make the breach of the capital sound like something bigger than it really was - you know... to come up with more excuses to expand the surveillance of innocent citizens. As a Biden voter who also went to BLM protests (can't believe I have to lead with this on HN nowadays...) I can honestly say that many of those events were more violent and destructive than what happened Wednesday. Yes - I believe the people who stormed the capital were morons and will all likely end up in federal "pound me in the ass" prison [0].
The pictures of staffers "cleaning up after the destruction" that show them just putting plastic cups into trash bags are hilarious. If only we could get both sides who disagree with the govt to cooperate and compromise - without a need to rely on gov to facilitate compromise maybe we could start to see light at the end of the tunnel? It's now clearer than ever that the government and even trump don't support what the people want. There's more than enough common ground to stop sending huge sums of money to other countries, to support small business (minority or otherwise) and be reasonable, the only thing standing in the way is division. Calling the other side inhuman or unworthy is walking into the same trap that gave us trump...
Yikes. My first though was - oh this should be no big deal chances are there are good policies in place for laptops that go home with people.
Then I realized it is a shared/central machine which means it probably has the most effed up and relaxed security in the fleet, post-it notes with passwords taped to the palm rests, and god knows what else. IT departments are notorious for over-granting privileges to these shared machines due to the mixed use they typically recieve. After X help desk complaints you get fed up and check all the boxes in the permissions manager.
Hopefully, though, it is locked up and the data is inaccessible.