Ignoring the horrifying political parts, I think one aspect here about data access that is inherently worrying is that it seems like all usual controls were bypassed and the DOGE people had very low level access to systems. So there are probably copies of sensitive data now in their possession, and nobody knows exactly what was copied and where it is stored.
This kind of access would be dangerous even in the hands of principled and well-meaning people. Giving it to people with glaring red flags like here is just entirely irresponsible.
What's more worrying is whether the access can realistically be revoked. As a general rule, when a security even rises to the level of root access to internal systems, you don't even try to remove them - you just rebuild the affected VMs from scratch because it's the only way to be sure the attacker didn't leave anything behind. For the systems we're talking about, payment processing stuff at Treasury and Social Security and so forth, one wonders if they can even be rebuilt on a reasonable timeframe?
These people have administrative access, and at least in some cases network and physical access.
Once you determine they are untrustworthy and potentially malicious, you can't just rebuild the VMs, since you can no longer trust the hypervisor or even the hardware.
If they were Chinese or Mossad agents, you'd start from scratch in a different DC on supply chain audited new compute, storage, and networking hardware. And you'd compile everything from audited source. And I have NFI how you'd deal with potential malicious changes to your data and backups.
> And I have NFI how you'd deal with potential malicious changes to your data and backups.
The backups should be stored on WORM tape. They can't be altered (easily or at all?). Of course they're probably wiping their asses with the backups like they are the constitution.
WORM prevents after-the-fact modification, but it isn't very helpful in the case of persistent threats.
The concern is that the tampering has already been committed to the backups. When was the "Break Glass" password last rotated? Is it protected by one or more Yubikeys that were manufactured before they fixed that nasty exploit? What other attack vectors are baked in through malfeasance or human error?
My comment was not in reply to passwords, "yubikeys" or anything else you mentioned, so your techsplaining about those things was a bit misplaced. MY point was that if the backups are on WORM tapes, and we still have those backups, then there's nothing to fear being compromised from those backups. Everything other than WORM tapes you wrote about is outside the scope of my comment.
How does someone even clean up this mess? One of the DOGE kids may have just cloned every repo and then connect the machine to public internet because they need to fed it to an AI to figure out how things work. We can only assume the worst and that foreign adversaries may already be combing the code line by line.
What will happen when PIIs of every individual with dealings with the Treasury gets leaked?
Then there is going to be thousands of hours of meetings to review various processes...
> One of the DOGE kids may have just cloned every repo and then connect the machine to public internet because they need to fed it to an AI to figure out how things work.
> "What will happen when PIIs of every individual with dealings with the Treasury gets leaked?"
We see what happens when big companies leak personal data - almost nothing. Maybe they give you 3 months of 'credit monitoring' or 'identity theft monitoring' service, maybe they write an apology press release. We've seen how Trump presents things, he quite realistically could say either "it was Democrats weak security, we're fixing it" or "hackers must have got it, we'll clean it up" or even "fake news" and then ... do nothing, we never hear about it again and the affected people deal with it as best they can. Why would you expect more than that to happen - a newspaper writes a damning article, lawsuits are filed, the news moves on in 24 hours.
We saw how he reacted to COVID, it wasn't a world class good reaction.
Boy I sure would love to hear how you'd deal with a novel virus in a country as large as the US with as many people in it. How'd China do, since they're an authoritarian regime?
When you reply, don't use the word "bleach" or "UV"
I don't want to engage in your bad-faith trolling. Make a substantial comment. Compare Trump's response with other world leaders, other countries, and medical advisors' recommendations, and what you'd hope an ideal leader would do, leave me out of it, I'm not a part of a government's COVID response.
there's only a couple of coutries that have the area/population demographics of the US. it isn't bad faith. what you're doing is conflating "The US" as just "any other country" when it isn't. we're the third or 4th largest area nation in the world.
is it because you wanted to say bleach and UV?
edit: "look what UK and denmark did!" is so completely irrelevant that it's ... not "good" faith to suggest it.
Click the link and imagine me asking "Was that because the US is so big? Or because the US has such a large population?" about every point. Including, but not limited to, these:
> May 2018 - The Trump Administration disbands the White House pandemic response team.
> July 2019 The Centers for Disease Control (CDC) epidemiologist embedded in China’s disease control agency left the post, and the Trump Administration eliminated the role.
> June 30-July 6, 2020 The U.S. has just 4% of the global population, ... and the second-highest death rate per capita.
> May 29, 2020 “We will be today terminating our relationship with the World Health Organization”
And these, imagine me asking why Trump is more concerned about the stock market, his image, finding people to blame:
> Feb. 24, 2020 “The Coronavirus is very much under control in the USA… the Stock Market starting to look very good to me!”
> March 20, 2020 [Response to reporter’s question: "What do you say to Americans who are watching you right now who are scared?"] “I say that you're a terrible reporter, that's what I say. I think it's a very nasty question"
> July 28, 2020 "He [Fauci]'s got this high approval rating. So why don't I have a high approval rating with respect -- and the administration -- with respect to the virus?"
> Aug 19, 2020 "We’ve got all the damn cases...I want to do what Mexico does. They don’t give you a test till you get to the emergency room and you’re vomiting,”
> Sept. 10, 2020 "This is nobody's fault but China.”
and:
> May 6, 2020 The Brookings Institution reports that children were “experiencing food insecurity to an extent unprecedented in modern times” and “40.9 percent of mothers with children ages 12 and under reported household food insecurity since the onset of the COVID-19 pandemic.” Republicans block proposals to expand food stamps.
Thanks Obama.
Remember when New York's morgues were overloaded[1] with 800 people dying there every day[1] and they were burying people in mass graves on Hart Island[2]? That was April 2020 when medical advisors were saying people should wear masks and Trump was announcing to the world that he was feeling good and "I think wearing a face mask as I greet presidents, prime ministers, dictators, kings, queens, I don’t know, somehow I don’t see it for myself. I just don’t." and then Trump's fanbase picked them up as "face-panties" for "wimps"? How many lives could he have saved if he just encouraged people to take it seriously and calmly and modelled that behaviour himself?
So let's start with an immediately better response: after being warned it is serious and spreads easily, stop telling the public to ignore it because it will miraculously go away over and over and over again. Tell people to distance, ventilate rooms, as the evidence becomes available
I understand you're coming from a place of passion, here. so i'll tread lightly.
> Remember when New York's morgues were overloaded[1] with 800 people dying there every day[1]
I do remember when the public health policy in this country was to intubate people with enfeebled lungs after pumping them full of opiates. I do understand that this is homicide, at least the way i define it.
Will there ever be a reckoning? i don't know. I do know a lot of outright falsehoods were told for 2 years straight. If you'd like a detailed list i'd be glad, but I'm the kind of person that is still mad that Obama joked about killing two kids with predator drones. That Clinton bombed a [medicine factory?] That Bush... both...
If everything is a shambles because of one (or 2) people then the constitution is not worth the paper it's printed on. I bet you could fetch a nice price for that paper. I'd repeat that, but it's easy to just scan back to the beginning and read it again.
I'm not worried. These people are hype-based. I get that people are suffering but people are always suffering and i got no control over that. Me yelling at people or agreeing with people like you doesn't do anything. I guarantee if i wrote an agreement this long, no-one would read it.
I like how you are 100% convinced that this “a mess” and “we can only assume the worst” and that PII is compromised, etc.
What actual facts do you have for anything?
I understand why the media is mad, why NGOs, and why liberal politicians are mad, I get why foreign countries are mad.
I’m interested in fraud and abuse, regardless of who does it. So if Musk’s team finds it, great, if they get caught committing it and have to deal with that, also great.
But right now we know there is something broken. Instead of being mad about that, you are angry about hypotheticals that have not happened.
So, say in a few weeks, a massive fraud gets caught. Musk announces it, releases the documents. Who's to say these crooks didn't manipulate it? Same goes for achives of *.gov but those are public. So we can compare hashes independently from each other. With these private repos, we can't. Originals are getting burned. Hopefully there's solid offsite backups untouched.
Of course it’s tainted. The whole thing will be ‘trust us.’ The only source of most of what has been claimed to be ‘found’ so far is Musk’s Twitter account. Journalists cross referenced his first claims and found they were BS, so Musk will just get rid of the place people can cross reference. How this is ok with anyone, regardless of how they voted, is beyond me.
Lots of really good, and as of yet, unanswered questions which shed some light on why/how Musk's claims of "waste" and his method of supposed resolution don't hold up to scrutiny.
How does Musk find "fraud and abuse" if he doesn't have access to the whole stack of decision making?
It's not up to him to make those decisions, it's up to congress. Musk is just making up bullshit (I'm surprised he didn't say he was rooting out pedophiles) to justify his jihad against the public service.
This is going to be like coming home from a vacation and discovering that squatters have been living in your house for a month, going through your stuff. You'll probably end up bulldozing the place and starting over.
I will admit I did not think of that aspect of it. I think the reason I didn't is because, supposedly - as it was presented to me at the time, those systems run on some ancient hardware/software. In other words, even if something was left behind, it shouldn't be that hard to locate.
If anyone with real experience in that area could chime in. Until now I was under impression COBOL ran it all:P
Worked in IT a long time ago for a branch. There was some Java, a lot of Perl and SVN. We got releases from DC to run on local servers. Folks with experience with SDLC were prevalent and that was a prerequisite for doing anything meaningful. Never saw Cobol, doesn’t mean it wasn’t there.
At the very least, it’s a field day for foreign intelligence in DC. Offering these guys some money, women, status, or drink would pay massive dividends.
This person was fired from a trivial teenage script kid job after two months because he couldn’t resist sharing their internal information.
Only a few years later, he was thrust into the core information systems of the United States right next to people with security clearance.
Targets like this are a dream come true for foreign adversaries looking for someone to corrupt.
Who knows how much compromising content his old peers already have on him. The chat logs revealed they’re already thinking about how much access he has to valuable secrets.
>For this employment have any of the following happened to you in the last seven (7) years?
>Fired, quit after being told you would be fired, left by mutual agreement following charges or allegations of misconduct, left by mutual agreement following notice of unsatisfactory performance.
Security clearances are granted by the president, or someone delegated by him. The president has absolute authority to bypass, modify, or shut down the clearance credentialing system. There is no law or Constitutional requirement dictating security requirements or how they are applied.
As the sibling comment pointed out, this is not to say that doing so is a good idea. But it's very probably legal.
Nope, it's not illegal at all. This where one of the "traditions" should have come in and congress/the people should have burned Trump at stake for doing so, though. All those concerns about Hilary Emails 9 years ago, but we let Trump fast track his circus in no problems.
You have a point - there are probably no defined rules about whether security risk rules apply when POTUS is employing someone to do something illegal or unconstitutional.
If anyone gets to judge, however, it will be SCOTUS, not voters. It's hard to guess, right now, whether that's a plus for security.
I think we both know the answer. Most of these DOGE people wouldn’t have been allowed in the building, much less the system root a couple of months ago because they’d never pass a clearance check.
technically, a clearance and background check have never been done on political appointees. the fbi openly says so. at least this is not new... the new thing is the low level of petty criminals being apointed.
Political appointees don’t get root, and they still had to get clearance for sensitive materials (as it’s legally required for the people securing a SCIF not to allow anyone who doesn’t have clearance in the door). Part of why the new administration is trying to bull through the process is that his first term had many delays due to appointees failing those checks.
Yes, there’s a database and people who audit access, ensure that permissions are periodically reviewed (i.e. just because you needed access 5 years ago doesn’t mean your current duties still require the same access), and other events can trigger reviews (e.g. a large amount of personal debt could make someone a greater risk).
The Office of Personnel Management runs a lot of the standardized stuff, including the system which people use to submit the standard forms, but agencies have their own offices and variations:
appointees are interviewed, not vetted by the fbi like federal employs. the dowvote brigade could read the article since im rentioning a literal quote from there.
Political appointees typically work on policy, they’re not shelling into servers and moving data around. This is especially true of the “special government employee” category Musk is using where it’s short-term (not more than 130 days in a 365 day period) and intended for consulting type expert advice rather than bypassing the normal hiring rules.
> the dowvote brigade could read the article since im rentioning a literal quote from there.
Alternately, consider that they’re recognizing that the scope of this situation is different both in terms of the level of access and nature of the work and unwillingness to follow policies. For example, when they tried to barge into the SCIF at USAID the staff who tried to stop them were under a legal obligation to do so - they’re charged with requiring everyone who enters to have a clearance. Historically, people got those and so it was never codified into law that they had to. Similarly, if people were requesting the access needed to perform their official task and using agency accounts and equipment to do so, you didn’t need an “auditor” to get approved at the level needed to be a system administrator. This is turning into a big scandal not just because it’s so highly politicized but also because bulling through so many process protections dramatically increases the potential risk.
As a simple example, reports have these guys getting admin access and using personal email accounts and equipment. Consider what happens if someone emails them a PDF saying it has evidence of fraud and it has a nasty payload. If they have unnecessary levels of access or have demanded that restrictions be removed, the fallout for that will be much worse than it would be if they were following the rules. Every federal agency has people employed specifically to prevent all of those layers of failure from happening.
Background checks have always been done on political appointees. They aren't a requirement for getting the position but historically they've been done prior to appointment so that leadership knows if they are a security risk.
And for appointees that require congressional confirmation the checks have been giving to congress prior to hearings for the same reason.
They weren't required but they very much have been done for political appointees in every admin in recent history except this one.
This comments section is getting wild. Do you have any proof that DOGE team members have been granted "system root" (whatever that means)? When I Google, it is unclear how many DOGE team members have security clearance and at what level.
> When I Google, it is unclear how many DOGE team members have security clearance and at what level.
They are flooding the zone. That's by design. At one point they had "read-only access" to records. Then later people say they had full access and have backups.
The only definitive proof we have publicly Is that a federal judge made two orders; One to restrict access to the treasury for all of DOGE except for the 2 people allegedly already working in treasury. And One to order deletion of any records they have backed up. All other reports come from first or second hand sources. AFAIK, no one truly knows DOGE did in the Treasury, and we won't know until a court proceeding later this month.
There's a rumor that the doge team went and did their metadata dump at treasury on midnight on the 21st or whatever. But what I think would be more interesting is if musk hasn't done anything, and all this crying and screaming is just at the threat of peeking at the books.
They could just hack their devices remotely, or physically break into his residence. I suspect a serial leaker will lack neither the discipline to not copy data onto personal devices, nor the opsec to withstand a motivated nation-state, since a lot of the work seems rushed, and is off playbook.
Perhaps giving an inexperienced script kiddie full access was part of a broader plan to allow someone else to covertly “steal” the data without directly implicating those in charge.
The amount of commercially and politically valuable information there is in these systems is incredible.
If these people are scooping up this information you can imagine they might be tempted to monetize or weaponize it at some point, or use the threat of such for their own gain.
This is absolutely chilling when you think about it.
The best part is that even if courts force them to destroy all the pillaged data right now, it won’t stop them from making stuff up and weaponizing it anyway.
On the other hand, we may all experience privacy at levels uncomfortable for a lot of people, which MIGHT trigger some desire to actually make things more privacy conscious.
Did everybody already forget only a month ago it was revealed Chinese hackers had access to US Treasury computers including US Treasury Secretary Janet Yellen's own?
If outsiders with the CCP's interests at heart are able to use this data, why can't outsiders with the U.S.'s interests at heart be able to use this data?
I always feel like there's a Monty Hall aspect to these discussions where people forget that the past has occurred and it has a bearing on the present. The choice isn't between "observe data protections" and "don't observe data protections." Something was behind door #3.
1) a random citizen murders someone and
2) a cop murders someone on duty?
Yes, ideally the country would be safe enough that no one was killed, and you can even argue that it don't matter because the end result is the same (hell, some people would even argue whoever the police kills had it coming). But most people understand that when those entrusted with special powers for the public good abuse that trust and engage in criminal behavior, it’s a far more serious issue.
Your personal data is already public due to commercial breaches. Does that mean that your current bank, etc. shouldn’t be expected to obey privacy laws?
First, the idea that the bank is lying is unfounded speculation, not a given. Second, if you were auditing a bank you would be scrupulous about how you get access and keeping it limited because you be would want it to hold up in court and avoid any questions about tampering or planting evidence. You’d use qualified auditors with clean records, not someone who couldn’t pass a background check.
Now, of course, if your goal was to create propaganda or to install extra-legal modifications to block payments without having to follow normal processes, you might do this because you’re getting you’ll never have to defend your actions in court. That would be consistent with what we’ve seen of the “fraud” being talked up despite being quickly debunked because most of the people sharing stories don’t care whether it’s true as long as it feels right.
> Second, if you were auditing a bank you would be scrupulous about how you get access and keeping it limited because you be would want it to hold up in court and avoid any questions about tampering or planting evidence.
er, not if my role was as a consultant of the parent bank and my assignment was to close branches that were "losing money".
note: i even specified "first party" because in my mind i was envisioning a first party audit, of which i have done many as a consultant.
I find it strange that neither activists nor politicians nor journalists cared about that enough to make it a continuous news cycle. There was also no outrage about various security breaches that exposed personal information for 100 million Americans, like the Change Healthcare breach. The reaction to alleged violation of privacy here seems inconsistent and disproportionate, and I wonder why?
The story did get memoryholed very fast. At the time, I was not sure what to ascribe it to ( well, still don't ), but I did find it interesting that it was pointed out how limited in scope it was.
>> Did everybody already forget only a month ago it was revealed Chinese hackers had access to US Treasury computers including US Treasury Secretary Janet Yellen's own?
> I find it strange that neither activists nor politicians nor journalists cared about that enough to make it a continuous news cycle.
Because (a) that was a month ago and that's a long time given recent events. And (b), it's implicit that someone 'inappropriate' having access is a bad thing, but with Trump/Musk/DOGE it's being done on purpose.
It's the purposeful part that's at issue now.
There are people who have reportedly just graduated high school that have root-level access to things:
Are you saying, a potus appointed commission for auditing government system is worse than a chinese backdoor in treasury department, who's level of access was unknown?
No one invited the Chinese through the front door.
If you can’t understand that difference, you’re missing something very critical.
One is serious because a foreign adversary is compromising us; the other is serious because we are apparently designing the compromise ourselves via the whims of a demagogue.
Yes. Someone without clearance nor congress approval running around with a sledgehammer is a lot more an immediate issue than a long term saboteur. We can deal with both, but let's make priorities.
So far the only evidence of that is a wired article [1] with anonymous sources, even those source were not 100% sure about it.
Since then wired has posted another article [2] claiming the access have been revoked after announcements from senior officials, which again is from anonymous sources.
I'm really skeptical of these anonymous sources tbh.
> I mean, Luke Farritor used some variety of AI to translate ancient scrolls and won an award for it:
Did the ancient scrolls involved accounting ledgers? Because some kind of auditing experience would be useful to figure out how where Treasury or USAid payments went.
What was the impact of the "exposed personal information" from Change Healthcare? One thing that makes me suspicious when I see those leaked personal details headlines: I am sure that my own personal info has been leaked many, many times. And, yet, never once have I been hacked (PC/laptop/phone) or had financial crimes against me (steal credit card, unauth'd charges, etc.). And, I write this as a total normie, who basically depends upon Google Accounts/Passwords to "do it all for me" (and my commercial banks where I have bank + credit cards). I don't do anything particularly special.
To be clear: I am not here to defend companies with weak cybersecurity, but the impact of these leaks is virtually nil. "One hundred million" sounds like a huge number, but it provides little insight on the realised impacts.
>The reaction to alleged violation of privacy here seems inconsistent and disproportionate, and I wonder why?
because they made a public show of it. That's the big difference. Meanwhile, Healhcare is already under more scutiny than ever and want to bury a lede of hacking.
Because those were done by state or criminal actors and this one is allegedly being done with the consent of our elected government? It’s really not that difficult to figure out.
Why don’t you just state your opinion instead of being vague?
It's pretty obvious that people opposing the goals of DOGE are pushing this story, same way they were pushing the earlier "doxxing" of the young engineers working for DOGE or the Elon nazi zieg idiocy.
Say what you will, but Musk has a track record of executing well at preposterous speed, so for legacy players/media this sorta of PR campaign is about the most they can muster.
At the end of the day thought, we'll all have to compare real word results versus those PR narratives and I am positive i know which way that will swing. You just can't PR bullshit you way out something like a 250ton piece of stainless sticking a landing.
>Say what you will, but Musk has a track record of executing well at preposterous speed
I highly disagree, and these stories makes his incompetence more obvious. As well as proving various anecdoctes years ago from SpaceX/Tesla that Musk was someone you needed to work around, not with.
> Musk has a track record of executing well at preposterous speed
He has been promising Tesla full auto-pilot every year for about 9 years. Just around the corner he said. I even shelled out $10K for it on top of the price of my car, 6 years ago. He said the car would pick up the owner from the airport. That was about 5 years ago.
Musk says a lot and promises a lot. A lot of it never materializes. And he seems be going insane at a rapid pace as of late. I have been wondering if the ketamine that he says he has been taking is really turning his brain into mush.
I agree with your point, but it isn't Trump that showed that. It was the country itself. Even with full control of everything, the Democrats were not able to properly punish Trump. This is in large part due to the Supreme Court helping out, but also due to ineffectual prosecution (e.g. Garland), and incompetency (e.g. the Georgia case) and blatant "lawfare" (hate that term), with a misdemeanor being upgraded to a felony in New York.
This has created a scenario where the average person believes lawsuits against Trump are without merit, even though that's not true. Add in the incompetent media and you have a powerful potion.
Yes, except the bit about the upgraded charge. It was perfectly valid, and a serious crime, just very poorly explained. Which gets to the real problem: the combination of people in charge of enforcing consequences don't have the proper incentives to do so; and a criminal willing to resort to violence.
> Democrats were not able to properly punish Trump
We’ve still got Chuck Schumer playing it business as usual. There is nothing in the Democratic Party that signals an emergency; the DNC didn’t even hint at lessons learned.
The Dems are playing it the way they have to - which is like a legitimate political party. So I suppose they are playing it according to the constitution, which means things have to go to the courts.
Which is the right thing to do.
The deal is that the Trump is upping the ante constantly.
Also apparently huge scores of data was just dumped into a Microsoft hosted LLM [1].
So that data is (a) publicly available if you don't secure your VPC properly and (b) available to anyone without RBAC or request logging. This is an extraordinary degradation of the level of private and security controls.
What I don’t understand is how this thing happened on the first place. Someone just shouldn’t be able to be appointed by a single dictator, and suddenly have access to a wealth of data that would have made the (here we go) nazi’s green with envy.
What was the impressive and profitable part? The article makes him sound like a script kiddie who dicked around with some DDoS networks and formed a couple LLCs but didn't end up accomplishing much (either entrepreneurially or illegally). Not saying that makes him a terrible person, but in generation ago terms, he sounds less like a founding l0pht member and more like a Rusty n Edie's subscriber.
In context, I read that as describing the future he could have had in brighter terms to increase the contrast with the following description of the future he probably has. Like, being generous because it doesn't matter now anyway.
He's got enough hustle to get funded by a16z to build yet another blockchain scam if he so chose. You better believe he's siphoning your government records to use for his own purposes later. Ask for forgiveness, not for permission, as they say; but with this government, you don't even need to ask for forgiveness.
I do not find it impressive. It is not difficult technically. The reason others do not do this is that they have ethical and moral limitations, they wont DDoS networks because they are aware of harm. Maybe we should stop treating people who cause intentional harm as superior.
Not opening LLCs you do not know what to do with is also more of "good impulse control" sign.
Well, becoming a titan in tech industry hasn't required doing any difficult tech since... idk, at least the 1990s. Tech is just business now, and being a business titan requires a different particular set of skills, skills this guy apparently has.
He is not titan in tech industry nor on the path there. Your typical script kiddy does not become tech titan. What it takes to be tech titan is actually irrelevant to whether DDoS is impressive.
> being a business titan requires a different particular set of skills, skills this guy apparently has.
Just about the only thing he has is lack of ethics and morals. Lack of care for harm he causes. Yes, those are necessary to be a tech titan, but not nearly sufficient.
There are many low level guys without much ethics that never ever become tech titans.
You have a point. Way back when digital presence was still something new, I remember entertaining the idea of running an org that would fake reviews on Amazon and other spaces, but I dropped the idea, because it seemed unethical. I will never know what could have been, but I also know there were people who followed that path.
To your point, as a society, we have an actual filter for people like that, but that filter was not been uniformly applied.
Can you clarify what you meant? From reading the article I gathered that his attempts to start a business didn’t produce anything and his attempt to join someone else’s company resulted quickly in him getting fired for leaking private info to a competitor.
That last point is extremely alarming for someone who was just given access to core government data. Any adversaries looking for an insider to corrupt are definitely taking note.
> Coristine wrote impressive, profitable tech. He should have a future as a productive member of society, perhaps even one of its titans.
When did "profitable" become the sole metric by which we judge someone's work? Does what is morally correct factor into it at all, or should the impressiveness someone's accomplishments make them a "titan" regardless of intent or outcome?
> should the impressiveness someone's accomplishments make them a "titan" regardless of intent or outcome?
For a teenager? Barring violence, yes. An impressive, misguided teenager is a net asset to a community and society in the developed world.
I challenge anyone intelligent to honestly say they didn’t have any really stupid opinions or worldviews before their prefrontal cortex had finished developing.
I certainly didn't say anything akin to the recent racist tweets from another Doge staffer, no.
There's also a very large unspoken piece left out of your sentence, which is that they are an asset if taught and guided well. Do you think Musk is likely to do that, or to instead encourage careless "technically impressive and profitable" behavior without regard to ethics or morals?
> certainly didn't say anything akin to the recent racist tweets from another Doge staffer, no
Were you on Twitter?
I don’t remember anything that heinous. But I do remember telling off-colour jokes. If I’d done that in public and received validation from someone I respected and admired, is it implausible I’d have gone down the rabbit hole?
> unspoken piece left out of your sentence, which is that they are an asset if taught and guided well
That’s my point. These kids show potential. It’s being squandered for the short-term gains of old men.
> He should have a future as a productive member of society, perhaps even one of its titans
...did we read the same article? It sounds like he was a failed script kiddie that registered some vanity domains, had exactly one job that he was promptly fired form.
Where are you setting the bar for "deserves to be a titan of society"?
> Instead, he’s going to spend his years in some combination of hearings, court rooms and jails.
It is super possible none of those are in his future. Trumps administration wont pursue him and whatever remains after them will likely ignore this kid. I mean, it would be fair and great if these all got some kind of punishment, but it is unlikely to ever happen.
> DOGE, at a smaller scale in every respect, reminds one of the arrogance of Europe’s WWI leaders.
What exactly you mean there? This does not strikes me as similar to WWI.
You really think so? How about the alternative being he's fully pardoned of anything that might be brought against him and coasts to billionaire status by launching companies and having his funding rounds and paths to exits secured now that he's an absolute NRx legend with the full backing of Thiel and Musk?
Being fully pardoned assumes that he and/or Musk do not end up annoying Trump enough that he'd rather burn them. Franky even Musk should be concerned given how easy it is to get on the wrong side of Trump, but anyone involved in this relying on Musk being prepared to risk political capital shielding them if something goes wrong should be terrified and working on escape plans.
Musk pledged $45 million per month in donations to help Trump win a second term[1], he won't have done that for nothing. He owns Twitter, the social network the President uses to talk to millions of followers, another big donor was Palantir owned by Peter Thiel who was key Trump advisor last administration[2]. I've seen people on Reddit praising Musk for "uncovering billions of dollars of wasted money already" so he has political capital for himself and Trump already from his DOGE actions.
We've seen Trump dismiss people before, sure, but we've known for years that the administration has been pre-vetting people as Trump loyalists[3], planning who will become head of what department and why, which executive orders to move on right at the start of the presidency. This suggests Musk is not a casual appointment and advisers will advise Trump not to dismiss him casually.
And, apart from literal death, what does he have to fear with hundreds of billions and two companies to fall back on? For all my criticism I am not expecting Trump to pull a full Putin, confiscate X, SpaceX and Tesla and send Musk to Camp Guantanmo or have him die by falling out a window. Are you?
[3] this was 2023: https://www.axios.com/2023/11/13/trump-loyalists-2024-presid... "Hundreds of people are spending tens of millions of dollars to install a pre-vetted, pro-Trump army of up to 54,000 loyalists across government to rip off the restraints imposed on the previous 46 presidents. The screening for ready-to-serve loyalists has already begun, driven in part by artificial intelligence from tech giant Oracle, contracted for the project."
> what does he have to fear with hundreds of billions and two companies to fall back on?
Not having those anymore. With the new emergency powers Trump has claimed, he could shut down every company of Musk’s except X. Depending on how bad the breakup is, that could be on the table. Live by the sword, die by the sword.
Wouldn't that be disastrous PR for all companies and investors? Especially when this administration campaigned on unleashing American energy and economic productivity. To send the message that your company can be taken from you if you annoy the President and nothing - wealth, public adoration, providing jobs in multiple states - can save you.
Just thinking of Musk's behaviour, if he felt that was a real possibility wouldn't he be walking on eggshells? Instead he acts like he feels untouchable.
You're assuming that not just one of them, but both of them, will be acting rationally. There's plenty of evidence to suggest both of them are capable of acting extremely irrationally.
Please don't cross into personal attack, regardless of how wrong another commenter is or you feel they are.
If you know more than someone else, two good options are (1) to share some of what you know, so we all can learn; or (2) not post. Snarky putdowns are not a good option.
Yes. I don't know many accountants who are familiar with polynomials let alone what a DAG is, etc. I am sure there are graph concepts they use by other names.
> Light SQL skills tend to be the upper end of technical accounting
This would be the main point that would need correction if I am wrong.
"it seems like all usual controls were bypassed". Apparently it isn't known. Let's answer this question and be impartial about it. A story about China having access to Treasury Department workstations landed a few months ago. There may be a LOT of bad practices in place. We should be pushing to improve them if so.
> all usual controls were bypassed and the DOGE people had very low level access to systems
Before DOGE, somebody obviously had to have this access as well, and similarly could have copied and stored. Why be concerned with DOGE but not their predecessors? Honest question.
Here’s how that sounds to anyone with security experience: “Before the bank president gave his nephew the vault keys, somebody must have had access as well.”
Federal IT has tons of policies designed to prevent unauthorized access and mistakes. People go through background checks, they only work on secured networks using official devices, everything is logged and audited, and circumventing it is a crime with penalties potentially leading to jail time. Some of those policies have strong legal requirements for oversight: even if you’re not doing anything other than your job, the agency needs to be able to show how work is done to auditors, Congress, FOIA requests, etc. Anything with national security implications should be designed to avoid a single compromised person from being able to avoid detection, too, especially for people trusted with administrative access to IT systems.
These guys are widely reported to be using personal emails and devices (violating the record and transparency laws) and even if they’re acting entirely in good faith they are bypassing policies designed to contain the damage due to mistakes. For example, what happens if one of them gets an email with an attachment claiming to have evidence of politically incorrect activities and runs the payload on a device/network which has had safeguards removed by executive fiat?
Because before the people that had access to this data got that access after passing background checks, had years in the treasury, supervision from higher-ups, and other processes in place. Now it's being accessed by cyber-criminal Nazis in their 20s who describe themselves as wanting to "Normalize Indian hate", " want a eugenic immigration policy", and who "were racist before it was cool" https://www.npr.org/2025/02/06/nx-s1-5289337/elon-musk-doge-....
Hmm. I am hesitant to engage this post, but it may be well worth to point out, that some of issues with status quo are precisely the result of "people that had access to this data got that access after passing background checks, had years in the treasury, supervision from higher-ups, and other processes in place". Until now it was old boys club that did not dare to shake things up a little.
My point is that there is plenty to dislike here, but if your argument against him is: he is a nazi, you have already lost, because you do not understand the sentiment out there.
> Hmm. I am hesitant to engage this post, but it may be well worth to point out, that some of issues with status quo […]
Is one of the issues that an audit log of actions was created? Because it seems to me some of the levels of access given to the DOGE folks mean that auditing and traceability has now gone out the window like a Russian oligarch.
I'm a sysadmin who 'just' runs a bunch of HPC stuff—nothing 'important' like HIPAA or SOX—and even my systems have some level of auditing and logging.
See? This is already a much better argument than what parent posted. If you tone down Russian hysteria angle ( not wrong, just pointing out how it is coming across ) the other side may be able to hear you.
This is basically my point and that point is the same point I make for Zuck, Thiel and others. There is already plenty of real things to complain about.
I think what the posts above you are trying to say, and not doing a great job because of the emphasis on rhetoric, is the actions being taken are hypocritical.
The argument from the DOGE side is that entrenched interests are operating opaque systems and gating access to the information needed to identify inefficiencies. It's not a bad argument because it's no secret that you end up with waste in big companies or government programs and everyone should want to improve efficiency.
However, it's a bad faith argument because the public's being told they're being disenfranchised by a lack of transparency at the same time they're being told to accept a solution that has no transparency or oversight.
When you have tech billionaires with a lifelong goal of controlling payments since starting PayPal in the 90s, is it unreasonable to be skeptical of their motivations when they've managed to gain access to the government's payment system? Aren't these the same people sucking up our private information and telling us if we've got nothing to hide we've got nothing to fear? Why do they need to operate in the shadows?
I have zero issue with the arguments you presented, because I know you are being factually accurate ( to the best of my knowledge anyway; I wonder if there is a person out there that has a full unrestricted view of everything ).
<< is it unreasonable to be skeptical of their motivations when they've managed to gain access to the government's payment system? Aren't these the same people sucking up our private information and telling us if we've got nothing to hide we've got nothing to fear? Why do they need to operate in the shadows?
I don't want to argue for DOGE, because their fanbase is doing it on various fora already ( including this one ).
But to answer your question, it is not unreasonable at all. Those questions should be asked and, ideally, answered.
It is vital that the government officials are watched, their performance evaluated and our political will enforced by means we deem necessary. From where I sit, what is good for goose, is good for gander.
If I hesitate, it is around the level of emotion this generates. Some of it is warranted ( I would lie if I said I am not concerned ), but it does not help with making an appropriate response. In fact, that level of emotion actively inhibits making good choices.
You have to give it to him. It does look like Trump actually had a plan this time around.
I don't think the constant news cycles covering each and every dime that USAID misused is indicative of a lack of transparency. I think given just a little more time, DOGE could uncover (and reveal to the American people) a lot more than 50 billion of waste and corruption.
As for the oversight requirement, it is fully and completely satisfied by:
1.) A guy who has the technical acumen, drive, and attention to detail to catch a rocket out of mid air with chopsticks.
2.) A man who won a presidential election twice (and could possibly have been 3 times if the Hunter Biden laptop story wasn't corruptly and improperly squashed).
The largest proportion of the complaints from media outlets come from defunded operations. Its in everyone's fiscal best interest for these audits to continue, and for them to be completed by people completely outside of the government's patronage (grant and funding) networks.
More importantly, even if sending money to USAid is wasteful, that is Congress's prerogative. The President's job is to "take Care that the Laws be faithfully executed": if Congress wants to spend money on Foo then that's what he is supposed to do.
> Every dime that the USAID spent was allocated via Congress through the budgeting process.
A thread on the general process:
> Every year, the White House (via OMB) puts together a federal budget proposal to Congress. Every federal agency (incl USAID) sends OMB their budget wishlist.
[…]
> So to be clear: every dollar that USAID requests from Congress goes through White House review.
[…]
> Once USAID gets its budget from Congress, it must go straight back to Congress again with a further level of detail on how it will satisfy the various budget directives - via "Congressional Notifications."
Many of those fact checks make a huge deal about minor distinctions that in no way redeem the amount of money that was spent on their """""intended""""" purposes. Example:
"
“$32,000 for a ‘transgender comic book’ in Peru”
This is wrong. USAID did not fund this, and it was not specifically transgender. Instead, the grant says the State Department provided $32,000, under the guise of public diplomacy, to Peru’s Education Department “to cover expenses to produce a tailored-made comic, featured an LGBTQ+ hero to address social and mental health issues.”
"
So the comic existed, but it was funded by another equally corrupt department? This doesn't make USAID look any better at all, it just means Trump and Elon's team need to do MORE of what they have been doing, and expand their scope further.
I don't really care that a 2500 page omnibus spending bill that no one could read in full (minus an AI) specifically said that some pork goes to some unethical and corrupt action. Its evil and it needs to stop. If the government's normal checks and balances cant fix it, the answer is not to give up and let corrupt liberals desecrate the union. The answer is to fulfill the promise of the 2nd Amendment and to break the system of government in whatever way is necessary until it is no longer tyrannical. Remember that a 2% tax on tea without sufficient and effective representation is an acceptable threshold for such actions.
Process for security clearance might have caught this kids background, and then decision makers would have at least had a conversation about it. This kid is more a symptom of a wider lack of controls though, who knows whether any of Musk's script kiddies has a criminal background. Important to note that previous Trump administration has already followed out/bypassed security clearance process, so this is really just the next evolution of the disregard for criminal elements or foreign interests.
This kind of access would be dangerous even in the hands of principled and well-meaning people. Giving it to people with glaring red flags like here is just entirely irresponsible.