DOGE as a National Cyberattack
224 comments
·February 13, 2025AnonC
lukev
Even elected officials are not allowed to do stupid or insecure things! I seem to remember something about a quite famous incident involving a private email server.
Which boggles the mind when you compare it to what's going on right now.
SpaceNoodled
They're only disallowed so far as there are consequences for their actions.
johnnyanmac
lawsuits are rolling in. Let's hope the executive branch actually furfills its ideal in being shielded from political atmosphere and properly access the situation.
dmix
> There is a difference between elected officials doing stupid or insecure things vs. unelected people being able to do this without any checks and balances.
Isn't the Treasury dept and most of the federal employees with access to this data unelected as well? They are appointed or hired as government officials and civil servants.
lurquer
There are only two elected officials in the entire Executive Branch.
fieldcny
As it should be, a political executive branch is not a democracy it’s a monarchy
johnnyanmac
yes... and apointees usually need to have or undergo clearance. It is also a tradition to get Senate's approval. Those are the good faith checks and balances.
nswest23
in case you're wondering the important part is:
> ...without any checks and balances
i.e. what they're doing is completely insecure and exposing incredibly sensitive data.
luke-stanley
There may be an error in Schneier's reasoning here: `They are also reportedly training AI software on all of this sensitive data.` Running inference isn't the same as training.
That said, I don't think this should be flagged, that seems counter free-speech. He's got plenty of other well voted articles here on HN, a lot of HN clearly value his insights. Disagreement would be better expressed as a comment rather than trying to make it go away.
zingababba
Yeah I think the articles make it sound like it's just inference.
However my theory is the goal is to actually train on what is essentially the output of all of these departments.
I honestly think what we are seeing in terms of the tech execution side basically boils down to BigBalls and co. asking an LLM what they should do next. If they ever get prosecuted I'd bet you good money that will be the defense...ROFL.
AnthonyMouse
The premise of the article is that DOGE are "the attackers" and preventing them from accessing the data is something "career officials" in the government ought to be doing. That's obviously a partisan framing. The other party's position is that they've just been elected to audit and reduce government waste and direct access to data is necessary to prevent the principal-agent problem in which government officials shape their reports to protect their budgets and activities from undesired scrutiny and oversight.
The problem with framing it that way is that it's a request to get flagged by the opposing partisans even if there is some point to be made about maintaining change control etc.
rat87
There is nothing partisan about resistance to Trump. Resisting illegal acts causing damage yo the nation is not in any way partisan. I'm sure there are Republicans pushing for this as well.
Blindly following Trump is partisan.
Pretending Trump cares about waste isn't just silly its ridiculous and should be dismissed out of hand.
AnthonyMouse
> There is nothing partisan about resistance to Trump.
Trying to characterize undifferentiated resistance to the leader of a party as non-partisan seems like a stretch.
> Resisting illegal acts causing damage yo the nation is not in any way partisan.
There are so many laws that basically everything is now illegal. If you want "illegal" to mean something you'd first need a legal system in which a non-zero number of people exist who follow the laws.
Choosing which laws to care about in a partisan way is partisan.
> Pretending Trump cares about waste isn't just silly its ridiculous and should be dismissed out of hand.
This is your non-partisan argument?
intended
Schenier should not be flagged. I have been waiting for someone to come up with a calm collected assessment of the Cybersecurity risk, for days now. This is as close as we will get.
qwertox
Just be aware of the Chesterton's fence principle [0]
> "Chesterton's fence" is the principle that reforms should not be made until the reasoning behind the existing state of affairs is understood.
[0] https://en.wikipedia.org/wiki/G._K._Chesterton#Chesterton's_...
soco
That's a solid principle we are, or should be, using in our daily work - namely in refactoring.
johnnyanmac
I'd hope any reasonable senior programmer has hit enough landmines to understand why such a fence is necessary. Especially for legacy code.
Doesn't matter how well you trace the behavior, you will hit some random quirk in your refactor because of some incocuous hotfix done over a decadde ago by an employee who no longer works there somehow keeping the entire repository from crashing in on itself. If you're lucky, there will be a:
//todo fix this (10/10/2013)
somewhere as a hint ;)
yks
If the nation survives this insanity, the software will have to be rewritten from scratch, otherwise it is impossible to know which actors, both foreign and domestic, have the knowledge of the systems.
e2le
>the software will have to be rewritten from scratch
Would you even be able to trust the hardware anymore? If it's already compromised then it's safer to assume it goes deep (firmware).
laverya
Has everyone forgotten the lessons of open-source cryptography all of a sudden? Just because the systems are public does not mean that they are vulnerable, and "security through obscurity" is no security at all.
johnnyanmac
Well, DOGE has the keys and the data. I'm not sure how this will not stay vulnerable if/when the dust settles.
CompoundEyes
Corporations are the unoffical 4th branch of government. If the stock market tanks they’ll be gone like that snaps fingers. The campaign donations and lobbyist spigot will turn off for these politicians, panic and leadership will change. I know Citizens United allows for dark money to flow in from anywhere to prop up their campaigns indefinitely but not enough to offset a tanked stock market due to lack of trust in the US dollar and markets.
EnergyAmy
We need separation of corporation and state enshrined in the Constitution, if it's not too late.
bookaway
This is the correct answer. Trump won because of the current economy. Biden's margin over Trump in 2020 was double Trump's margin over Kamala. Democrats did better than expected in 2022 despite Republicans running with the same DEI garbage.
What's baffling is Trump seems to be fumbling the autocrat's handbook at first glance. There are existing autocrats still around that wrote the book on this. Purging the administrative state requires multi-term government domination. First, you're supposed get the economy or quality of life on track ASAP so you can cement your (or you successor's) seat at the top. Then you use the power the people voluntarily give you over multiple terms to dismantle any checks on your power while lining the pockets and minds of your base. After that, even if the economy tanks you've boiled the frog of resistance in such a way that no one can dethrone you. And then you start designing the opposition in such a way so that there's semblance of "political freedom" you can point to when people start whining about it.
Trump seems to be going about it in reverse. First feeding his base instead of focusing on the economy -- which is a higher risk strategy comparatively. But it hasn't even been a month yet so there is still time for him to start following the handbook properly.
IAmGraydon
First of all, I doubt it. Trump will likely blame economic damage on everyone else (namely, the Fed), and his sycophants will eat it up. Second, even if they are ejected, the damage will already be done.
johnnyanmac
The feds? The ones he quickly fired and rehired in his image? The feds?
Sad part is people will forget about that too, even though they are currently cheering on "government efficiency".
bdangubic
we have a proof that this is not right - see 2018 and 2020.
it is somewhat “easy” to run against an incumbent, especially one as fradulent as Biden (not to mention Kamala…) but when you are an incumbent THE BUCK STOP with you. while portion of the US electorate is dumb beyond repair they alone are not enough to win an election. if shit isn’t right come 2026 and 2028 the blame-everyone-else-nothing-is-ever-my-fault Donald will suffer the ass kicking much worse than 2018 and especially 2020 when he got demolished by a senile corrupt lifelong politician grandpa Joe
IAmGraydon
2028? He can't run again, so I don't think he much cares.
lenerdenator
The behavior will continue until a consequence is assigned.
EDIT:
I should add, this consequence should be legislative or legal in nature.
bamboozled
Why would there be consequences? The majority of voting Americans wanted this to happen. Let's not pretend this wasn't the likely conclusion and voters were solely focused on the price of eggs.
By modifying core systems, the attackers have not only compromised current operations, but have also left behind vulnerabilities that could be exploited in future attacks—giving adversaries such as Russia and China an unprecedented opportunity. These countries have long targeted these systems. And they don’t just want to gather intelligence—they also want to understand how to disrupt these systems in a crisis.
It's really hard to imagine this whole coup isn't some type of Russian / Chinese attack on the western world at this stage. It's too unbelievably good for them to just be a coincidence.
cglace
People were worried about the economy and inflation. To say that most voters wanted to dismantle the government is a bit of a stretch.
I remember all the posters here expressing their belief that Doge would do nothing and was just an advisory role.
rs186
I agree, but I lament how voters quickly forget the chaos from the first Trump administration, and how much they didn't care about the DOGE agenda. They think they voted for a lower inflation (which is a very questionable premise by itself), but they didn't realize they were voting for the whole package. I definitely wasn't surprised, and American people deserve this.
Hopefully the voters come to their mind in the next election, and hope it's not too late.
intended
1) There is a group of voters, typically younger men, who would very much want to see things burn to the ground. A form of nihilism of outlook.
2) People never want the bad things, which is why voters tend to ignore information that tells them that things will be bad.
People didnt realize that Biden had stepped down after the election. Voters were not aware that Obamacare and the ACA are the same thing.
Information that this was going to happen, was shared, repeated and told over and over again.
This is basically leopards-eating-face territory.
Sugar coating it, leaving people berefet of their own authorship of their life, of their choices? I have no idea how that results in anything other than a way to feel nice about each other.
bamboozled
Which is weird because by the numbers, the economy was doing wonderfully. Maybe you meant to say. People were told an economy prophecy and believed it ?
Even during campaigning the republicans literally warned people their vision would incur economy hardships but that it would be worth it in the long run.
I get the frustration that the price of daily goods was too high but the incumbents did present an actual feasible plan to deal with it. So I’m not really sure it was about “the economy”.
Anyway everything outlined in this article seemed pretty likely to happen, they literally told people their plans ?
johnnyanmac
>Let's not pretend this wasn't the likely conclusion and voters were solely focused on the price of eggs.
Maybe I'm still naive, but I believe maybe 30-40% (At least) of trump voters simply 1) really wanted immprovements in their lives or 2)thought any pf the negatives of trump would not happen to them. Trump got the simple votes and discorded such people promptly. We'll see how long they, one by one, realize such a fact.
Likewise, I doubt that many supporters voted with the idea that Trump would be put back in as a Sino-Ruso puppet. They would dimiss any such talk as conspiracy, no matter how many calls he makes/takes from Putin and how many docs he mishandles.
IAmGraydon
[flagged]
jodrellblank
It wasn't announced as 'DOGE' but it was not a surprise; from August: "Former President Donald Trump signaled his willingness to offer Elon Musk a role in his administration in a proposed “government efficiency commission” if he wins the presidential election in November"[1].
In the Republican Party Platform 2024: "2. Rein in Wasteful Federal Spending. Republicans will immediately stabilize the Economy by slashing wasteful Government spending"[2]
[1] https://www.forbes.com/sites/siladityaray/2024/08/13/trump-b...
[2] https://www.presidency.ucsb.edu/documents/2024-republican-pa...
Swoerd
[flagged]
oneplane
I wonder how that would work out. It's a bit of an inverse-Ouroboros where the people that are the government keep saying they are 'doing something about the government' without realising that that's them. Maybe they see themselves as something that is not the government, but the whole race they took part in was the race to get elected for government work.
At some point, enough destruction will have happened where the tools for useful government functionality no longer exist in usable capacity.
dandanua
I tell you more. They don't just consider themselves as a government, they don't consider themselves as humans either. They want to be a different kind of species, they want to be above humans, just like humans are above the cattle. And in some sense they are, if so many people were stupid enough to get them elected.
dariusj18
There's a reason Musk brought in younglings to do the illegal stuff. To ignorant to know that in a few years they will be in jail.
lenerdenator
Will they be?
The last ten years have been an exercise in "they will be in jail" without any one of import actually going to jail.
Hell, not many have even been arrested.
SpaceNoodled
A bunch of insurrectionists were in jail, but then something happened and the inmates are now running the asylum.
johnnyanmac
>without any one of import actually going to jail.
I'd argue these kids won't "be of import" in the long scheme of things. Maybe in future software ethics/security classes at best. I sadly don't think Musk will ever be in a jailcell, but I'll settle for him never stepping foot in a federal facility again.
barkingcat
nah, in a few years, they will be rich beyond your imagination, and they will be set up to be next in succession to be king of the us.
yencabulator
I think you mean vassals of Elon's gene carriers.
kombine
Trump's admin already said that they will defy court rulings.
perrygeo
Worse, JD Vance has said repeatedly that they WANT courts to rule against them, so that they can directly challenge the court's power. I believe his exact words were "Let the court enforce it." Which of course is a sick joke - courts have no enforcement power without the executive branch.
They fully intend to cause a constitutional crisis on purpose. It's all in plain sight, in their own words. America will get what it voted for.
johnnyanmac
Good. Nothing more wrathful than a Judge out for blood. let all the civil and criminal contempt fly out the aisles
Swoerd
"I should add, this consequence should be legislative or legal in nature."
Should it be?
johnnyanmac
Ideally, yes. Leaves little wiggle room, settles things with minimal bloodshed, and stamps a nigh objecive ruling.
But if blood is spilt, it'll slow things down in ways congress seems unable to do. Not stop, but slow down.
rat87
Yes
Its illegal for a reason. The only good counterargument I've seen is that it might encourage worse actions to try to evade punishment.
bronzejaguar
God willing, the administrative state will be brought to its knees by the duly elected public officials meant to keep it in check.
ryandvm
Republicans are their own best argument against big government.
null
throw0101c
A related article: "Treasury was warned DOGE access to payments marked an ‘insider threat’"
> The assessment, done by the contractor Booz Allen Hamilton, came before Treasury tapped an ally of Elon Musk to oversee the sensitive payment system.
* https://archive.is/https://www.washingtonpost.com/national-s...
"A US Treasury Threat Intelligence Analysis Designates DOGE Staff as ‘Insider Threat’":
* https://www.wired.com/story/treasury-bfs-doge-insider-threat...
The report was later walked back:
> The government contractor Booz Allen Hamilton on Friday night said it had dismissed a subcontractor who prepared a draft report saying that Elon Musk’s Department of Government Efficiency access to the Treasury’s payment system poses an “unprecedented insider threat risk” and should be suspended immediately.
* https://archive.is/https://www.bloomberg.com/news/articles/2...
ChrisArchitect
Syndicated from FP
lolc
What is really sad to read in this whole debacle is all the nihilists who think that the US government "should burn". These people are largely ignorant of all the ways their government works for them. One could say the government has been working too well, much like vaccines.
z0r
This shouldn't have been flagged.
The concerns he points out — especially about hostile or enemy nations and actors getting a better chance to gather data and understand how to subvert or attach the country — seem valid.
There is a difference between elected officials doing stupid or insecure things vs. unelected people being able to do this without any checks and balances.
(Off topic: I’m upvoting this post to counter the flagging that seems to be going on for all posts on this topic. I respect Bruce Schneier and his opinions on several things.)