DOGE worker’s code supports NLRB whistleblower
428 comments
·April 23, 2025progbits
0x_rs
The repository has been deleted. In addition, 26 other repos have been removed from the account. This is in line with DOGE members' quick response scrubbing data whenever put into spotlight, as previously seen with another "teen hacker". [0]
Archived repo page: https://archive.ph/LI7tt; archived previous repo count: https://archive.ph/tgkg5
0. https://arstechnica.com/tech-policy/2025/04/i-no-longer-hack...
grandempire
I think one reason to hide/delete is so speculative articles like this don’t get written.
The mistake was ever having them public.
LiquidSky
These are government employees, you don't get to do that.
nativeit
> On February 6, someone posted a lengthy and detailed critique of Elez’s code on the GitHub “issues” page for async-ip-rotator, calling it “insecure, unscalable and a fundamental engineering failure.”
“If this were a side project, it would just be bad code,” the reviewer wrote. “But if this is representative of how you build production systems, then there are much larger concerns. This implementation is fundamentally broken, and if anything similar to this is deployed in an environment handling sensitive data, it should be audited immediately.”
deepfriedrice
The "critique" is nuts. Surely AI generated. If I didn't trust the domain, I'd assume the author to be incredible for seriously referencing something like this.
Look at the critique [0] and then look at the code [1].
[0] https://web.archive.org/web/20250423135719/https://github.co...
[1] https://github.com/ricci/async-ip-rotator/blob/master/src/as...
captainkrtek
Yea clearly AI with the keyword bolding, numbered arguments, and so on. Feel like lots of AI produced content follow this structured response pattern.
krferriter
Lol that's so funny. Can't imagine writing that. (the critique, not the code).
mquander
Seeing Krebs link to this downgrades my impression of how trustworthy his assessments are.
dijksterhuis
FYI the Fork got hidden/deleted in the last minute or so -- did anyone manage to clone it before it disappeared?
whalesalad
I did. It's essentially just a single .py file: https://gist.github.com/whalesalad/06804fd734efe6bd2e0c84906...
alright2565
x_forwarded_for = headers.get("X-Forwarded-For")
if x_forwarded_for is None:
x_forwarded_for = ipaddress.IPv4Address._string_from_ip_int(
randint(0, MAX_IPV4)
)
null
plandis
GPLv3 requires the license to be kept. Seems reportable to the owner of the repo and or GitHub.
DrillShopper
I'm sure the people who work for an administration that by and large flaunts court orders responsible for this will get right on that.....aaaand it's gone.
amake
flouts
grepfru_it
>not something you would expect DOGE people to understand or respect
To be fair I see in my daily life folks who copy and paste from stack overflow or random GitHub repo and move on with their day. They ignore the Creative Commons Attribution-ShareAlike or whatever license is applied to the code they copied.
I see on this very site people who will share copyrighted articles that are behind a paywall (just because it is on some archive site doesn’t make it right).
Please don’t take this as support for DOGE and the headaches they are causing. To make a cheap jab at a group of people while ignoring the group that you associate with is bad form.
godelski
I'd say it's wrong in both cases, but we shouldn't ignore degrees of wrongness.
Copy pasting from stack overflow without attribution is wrong but it's also harder to claim "ownership" over single lines or small snippets. It depends how "obvious" they are. You definitely can't copyright trivial functions. There's a lot of gray here but yes attribution is always good.
But things get a lot less murky when we're talking about forking a project. That's usually nontrivial and non obvious. I think what's most important is that removing a license is an active decision. Certainly that would make a critical difference in a court [0]
Then there's further escalation by who is doing the action. The more power and influence you have the greater responsibilities. All men are not created equal. Men with more power can disproportionally do more damage and require higher accountability. So yeah, I care a fuck ton more about a government employee doing something bad especially while performing official duties more than some rando. The ability to do harm is very different.
The reason I dislike your comment is because it's dismissive of the action. "Other people do it!" Is not a defense nor excuse. It is even worse by ignoring multiple points of context.
[0] though protecting open source has been traditionally hard for many reasons. Specifically it's hard for small developers to take legal action, especially against larger bodies. But isn't this something we should want to be fixed? Credit for our own contributions?!
mistrial9
< To be fair
irony
Braxton1980
>To make a cheap jab at a group of people while ignoring the group that you associate with is bad form.
What group does the person who makes the comment associate with?
mythrowaway49
this part of the whistleblower complaint seem way worse:
" On or about March 11, 2025, NxGen metrics indicated abnormal usage at points the prior week. I saw way above baseline response times, and resource utilization showed increased network output above anywhere it had been historically – as far back as I could look. I noted that this lined up closely with the data out event. I also notice increased logins blocked by access policy due to those log-ins being out of the country. For example: In the days after DOGE accessed NLRB’s systems, we noticed a user with an IP address in Primorskiy Krai, Russia started trying to log in. Those attempts were blocked, but they were especially alarming. Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE related activities and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating. There were more than 20 such attempts, and what is particularly concerning is that many of these login attempts occurred within 15 minutes of the accounts being created by DOGE engineers. "
stevenwoo
Any guesses for best possible interpretion? The Russians have infiltrated their PCs with keyloggers and DOGE are working from insecure open networks.
The worst possible interpretation is straightforward - they are working for the Russians as agents and let the Russians in or installed the keyloggers for Russia.
breadwinner
Related: https://infosec.exchange/@briankrebs/114083485241630234
Excerpt: "How much more proof do we need that this administration is completely compromised? There is zero reason for the US to relax any offensive digital actions against Russia. If anything, we should be applying more."
0cf8612b2e1e
I would have thought that a Russian state sponsored attack would trivially mask the IP to originate from within the USA. This is just brazen.
kenjackson
May not be state sponsored. Could just be a Russian hacking group associated with the DOGE person.
Or it could be state sponsored and they didn’t think they needed to be covert as they could walk through the front door on invitation of the executive branch.
avs733
Sometimes getting caught isn’t a bad thing. If you are trying to seed division between to groups, acting in a way that divides them - e.g., getting caught helping one side - is more effective than what you gain by not getting caught.
I struggle to see what Russia would gain with nlrb data, but getting caught “helping doge” furthers distrust between the two sides of our country - which is something they gain from
tenpies
Don't forget the third option: false flag.
The objective may not have been to obtain access or any useful data. The objective may have been to get the scary headlines about Russians and use the existing media and political agitprop to further destabilize the government you seek to color revolution away.
DrillShopper
It doesn't make sense to me that an administration that by and large has been throating Putin would do that to throw more shade on Russia.
I'm not saying they didn't do that, just that it's not in line with their support for Putin and Russia. Maybe as a false flag it give Putin the cover to crack down on hacking groups that don't throat him.
lukev
I don't follow. Are you saying the DOGE boys are trying to give Trump bad press?
pontus
Isn't it just that the IP router happens to use IPs in Russia as part of the rotation?
If they're trying to exfiltrate data, they might want to rotate through IP addresses in order to obfuscate what's going on or otherwise circumvent restrictions. Using a simple ip rotator like the post talks about would maybe be an approach they'd use. If they're not careful with the IP addresses, once in a while one might get caught due to some restriction like being outside the US. It'd maybe appear as though you're getting these weird requests from Russia, but that's just because you're not logging the requests that are not being flagged from the US.
Maybe I'm reading the post incorrectly though (if so, please correct me!)
cthalupa
It uses AWS API Gateway. There is not a Russian AWS region.
cryptoegorophy
How dumb would Russian hackers be to not use some kind of vpn? My friend who lives in Russia says that without vpn he can not access majority of USA sites so he has it always on be default. Something to is not right or these people are very very dumb.
barbazoo
Best case scenario those kids were duped into giving out credentials to the wrong (Russian) people.
CSMastermind
Spearfishing then some kind of spyware on the system would be my guess.
Though with nation state actors you can't rule out Pegasus like zero-click infiltrations.
kazinator
The article could offer a summary of this key finding, rather than, say, the pointless paragraph near the bottom about the scraping software found in GitHub not being well written.
This is the evidence which strongly suggests that the DOGE personnel are using various cloud IP addresses to scrape.
Palmik
I wonder why the "no-out-of-country logins" block happens after verifying login credentials and not before, which would make more sense to me.
antongribok
Because you need to know who is logging in before you know what IP policy to enforce, no?
mcoliver
Because then you know that credentials have been compromised
bequanna
This just seems odd.
Why would they attempt a login from Russia (if it was indeed Russians)?
It is incredibly cheap to use a VPN with a US residential IP.
Pompidou
Maybe not everyone involved is quite the genius you might've been expecting.
ethagnawl
And/or they just dgaf because they know they or anyone else involved won't ever be held accountable.
bequanna
I guess I don’t buy that.
Many non technical people use VPNs to access region restricted content. It is trivial to understand and use.
Assuming this all actually happened as described, it sounds like someone wanted it to appear that these attempts were coming from Russia.
frumplestlatz
Occam’s razor would also suggest a hoax as one of several very credible possibilities.
superconduct123
Wow that's insane
twalkz
> According to a whistleblower complaint filed last week by Daniel J. Berulis, a 38-year-old security architect at the NLRB, officials from DOGE met with NLRB leaders on March 3 and demanded the creation of several all-powerful “tenant admin” accounts that were to be exempted from network logging activity that would otherwise keep a detailed record of all actions taken by those accounts.
Feels like a pretty good Occam’s razor case… but is there any legitimate reason why one would request this?
rtkwe
Even worse when you know more of the whistleblower's story which is that ~15 minutes after one of DOGE's accounts were made there was an attempted login with the correct password from Russia. Not many explanations for that that look good for DOGE...
ourmandave
That's straight up traitorous.
DOGE needs to be shutdown and everyone of them held as a flight risk while the whole thing is investigated.
DrillShopper
They work for Trump so they'll never be held to account, even if a Democrat wins the next election (assuming even have one and it's fair and free)
I never thought I'd be calling for UN observers for an election in the US but here we are
stephenitis
Citation?
orochimaaru
Not parent but it’s here - https://krebsonsecurity.com/2025/04/whistleblower-doge-sipho...
DOGE is a complete clusterfuck. Fwiw I think there is hard to spot fraud in the govt that should be looked at (eg price inflation at the pentagon, VA, Medicaid/Medicare, SS). They should have done the hard work of uncovering that. Instead they just went for clickbait headlines.
rtkwe
Take your pick it was widely reported and you can read the original whistleblower report;
https://whistlebloweraid.org/wp-content/uploads/2025/04/2025... - page 2 & 11
"This declaration details DOGE activity within NLRB, the exfiltration of data from NLRB systems, and – concerningly – near real-time access by users in Russia. Notably, within minutes of DOGE personnel creating user accounts in NLRB systems, on multiple occasions someone or something within Russia attempted to login using all of the valid credentials (eg. Usernames/Passwords)"
"For example: In the days after DOGE accessed NLRB’s systems, we noticed a user with an IP address in Primorskiy Krai, Russia started trying to log in. Those attempts were blocked, but they were especially alarming. Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE related activities and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating. There were more than 20 such attempts, and what is particularly concerning is that many of these login attempts occurred within 15 minutes of the accounts being created by DOGE engineers."
https://krebsonsecurity.com/2025/04/whistleblower-doge-sipho...
https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-...
gnabgib
From the whistle blower.
> Within minutes after DOGE accessed the NLRB's systems, someone with an IP address in Russia started trying to log in, according to Berulis' disclosure.
https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-...
pan69
> all-powerful “tenant admin” accounts that were to be exempted from network logging activity
Is this normal to build this sort of functionality into a software system? Especially software systems that heavily rely on auditability?
michaelt
Sometimes, depending on the situation.
My company retains all e-mails for at least 5 years, for audit purposes. But if some troublemaker were to e-mail child porn to an employee, we'd need to remove that from the audit records, because the laws against possessing child porn don't have an exception for corporate audit records.
So there's essentially always some account with the power to erase things from the audit records.
Cheer2171
It sounds like you haven't actually had to face that situation, because it is more complicated than just having to delete an offending attachment. You would still have an audit log of the deletion of that email record by the superuser, even if the content is deleted. And there would be other records generated to document the deletion, like I'm sure a long email or slack thread from this getting discovered and sent up the chain, over to legal, then to the FBI, then back to coordinating the logistics of manually deleting something from the audit logs. So if for a completely unrelated case, a third party auditor stumbles upon that mess, they will be able to reconstruct why a single attachment cannot be found in the audit logs.
"No" is the answer to GP: there is no legitimate reason for a fully unlogged superuser account.
heelix
Ah man... back in the day I worked for a company that built out records management software. One of the big things on the side of the cereal box was that not even an admin could delete something flagged as a record within its retention plan. Fast forward to a company doing that for emails, messing up spam filters, and getting a blast of 'normal' porn that was all flagged as records. I believe they ended up creating security groups for those files that help keep those who were using it .. safe for work.
acdha
Very true - this comes up constantly in blockchain questions - but in that case there’d at least be an audit log showing who deleted which records.
katbyte
No. Never. While it’s expected to have a “root” account exempting from logging serves no honest purpose.
sanderjd
Of course not. It's the exact opposite and every single person here knows this.
sellmesoap
From a an old hackers perspective disabling shell history can have positive security implications. But in today's 'cattle not pets' systems mentality I'd expect all actions to have a log and not having that seems fishy to me. Keeping logging infra secure has a dubious, the log4j fiasco comes to mind. I'm not a fan of regulation for most things, but I think we need a higher cost for data leaking since security is an afterthought for many orgs. My personal leaning is to be very choosy about who I'll do business/share data with.
typs
> “We have built in roles that auditors can use and have used extensively in the past but would not give the ability to make changes or access subsystems without approval,” he continued. “The suggestion that they use these accounts was not open to discussion.”
From the previous post, they had auditor roles built in that they purposely chose to go around
XorNot
It's the same as domain admin in active directory.
You always need it to setup the system initially.
It's like root on Linux: it's an implementation detail that it must be possible.
lovehashbrowns
There’s no possible need for an admin-level user that bypasses logging. If anything these users should have additional logging to external systems to make it harder to hide their use.
tw04
Root on Linux isn’t exempt from logging. I also don’t know any enterprise that allows admin accounts to bypass logging.
There is no legitimate justification for this request.
sanderjd
The question is whether it needs to be possible to turn off the audit logs for that role. And of course: No.
skeeter2020
typically the admin account can createthings like super users, and super users can do anything with the data, but not sure there's a use case where a single account can do both, and why can any of them avoid logging?
Cthulhu_
Sure, to hide your tracks because you know what you intend to do isn't right.
plandis
I can’t think of any. Even if you wanted to give someone broad permissions to access and modify data, you wouldn't turn off the audit logs.
patrickmay
There is no justification for ever creating an account like that. The only purpose is nefarious.
largbae
I am sure they demanded maximum access, but the logging activity phrasing sounds a little bit like spin...
I think if I wanted to describe an account with access to perform "sudo -s" as negatively as possible, I would say "an all-powerful admin account that is exempt from logging activity that would otherwise keep a detailed record of all actions taken by those accounts."
Suppafly
I'm only really familiar with the 'tenant admin' concept from microsoft administration, it's commonly used otherwise?
spencerflem
Obviously no
donnachangstein
I was really hoping this would finally be the article where some 'official' claimed they saw the DOGE kids palming a floppy disk - er, thumb drive - while Down For Whatever by Ice Cube played over the office PA.
(For the zoomers, this is an Office Space reference.)
ThinkBeat
1. DOGE employees access data they were not supposed to.
This fairly clear.
The story says that DOGE attained access to an account that had huge permissions into what it could see and alter. The person or persons from DOGE may have downloaded 10GB of data. The person may have used this in a manner that is illegal. Or it is illegal to start with. With the understanding that POTUS may or may not be allowed grand such access. (I dont think POTUS can)
2. DOGE employee downloaded code that could be used to use a huge pool of IP addresses, from AWS to bypass forms of throtheling. 3. The code was badly written. 4. The person is a racist
How would a person from DOGE use "unlimited" number of IP adderssess from AWS to hammer and automaticlay screenscape webpage, benefit from it when it came to copying extremly sensetive data from an internal National Labor Relations Board database?
Did 10.000 sessions authenticate to the database at the same time, using AWS UP addresses and scraped the data?
Something is pretty broken if the system with extremly sensetive data is available from external IPs -and- allowing a single account to login 10.0000 times to concurrently scrape data off the interal database?
Of are they saying that this code was adapted to use 10.000/100 IP addresses internal to National Labor Relations Board and scrapes using those?
The automation later noted makes a lot more sense to aid the work.
declan_roberts
The author brings up the ip scraping but makes no effort to tie anything together. It's actually really confusing. Were they using this utility to steal the data or are these two just totally unrelated things?
SpicyLemonZest
We have no way to know what they were using it for, because as the article details, DOGE works hard to make sure nobody can find out what it's doing or why.
grandempire
> I dont think POTUS can
What data in a federal agency could the chief executive not have authorization to access?
roywiggins
I am fairly sure it would be a crime for the President to pull up someone's VA health records on a whim, or at least it would be a crime for anyone at the VA to facilitate him doing that.
We can also add to that IRS data. The articles of impeachment against Nixon included the following:
"He has, acting personally and through his subordinates and agents, endeavoured to obtain from the Internal Revenue Service, in violation of the constitutional rights of citizens, confidential information contained in income tax returns for purposes not authorized by law" (emphasis mine).
There actually are laws regulating the handling of personal data collected by the government and it generally doesn't have a "the president wants to see it" exception.
grandempire
I would agree with that emphasis. Misusing presidential privilege is always a possible impeachment, if congress cares.
I think that he can access a health or irs record for cause - anything which would not get him impeached.
nulbyte
I think the question is whether employees of an advisory group that is not an actual department of the government are on the list of people to whom can he authorize access to this type of sensitive data.
nop_slide
I find the following bizarre. Ignoring who this marko guy is, why would a random person post such a "take down" of the repo? I have never randomly passed by a repo and wanted to just dunk on it. Also this critique reeks of being AI generated.
> On February 6, someone posted a lengthy and detailed critique of Elez’s code on the GitHub “issues” page for async-ip-rotator, calling it “insecure, unscalable and a fundamental engineering failure.”
Link from quote: https://github.com/markoelez/async-ip-rotator/issues/1
The follow comment is interesting to be a coincidental, such a weird interaction.
rideontime
It's only "bizarre" if you "ignore who this marko guy is." It's not a coincidence, it's somebody pointing out that DOGE's "cracked coders" are wearing no clothes.
frank_nitti
And the follies here seem to be many. I’m not following why this Marko guy would make a publicly-visible fork of a repo (though he seems to have deleted it since this story went big), and why they would openly request to have their accounts exempted from logging when they were apparently already privileged users.
I must be missing something here; surely the level of elite technical skill implicit in his résumé would preclude this kind of thing
Spivak
Well yeah they're junior developers. By all account from good schools but literally everyone here has dealt with junior developer brain.
I would say that Elmo picked a bunch of junior devs because they don't have enough maturity to talk back and will do anything they're asked but I think that's too charitable. I think he actually went this route because Elmo is a sad man in his 50s who is desperately trying to pretend that he is, and has not matured beyond, his 20s.
rideontime
Not just junior developers, but zoomer junior developers. I'm guessing Marko was just following Grok's advice.
mandevil
On February 6th, Marko Elez announced his resignation from DOGE after the WSJ discovered many racist posts he made in 2024 (which they published on the 5th). That likely made someone really interested in what his actual coding skill levels were, and they took a look at a repo he had made.
Musk did a "poll" on X that voted for rehiring Elez to DOGE, by February 20th Elez had a US Government email address again, and on Febrary 21st he was reported as working for DOGE at the Social Security Administration.
epoxia
They took down the repository ~20 minutes after OP's comment. Archived link: https://web.archive.org/web/20250423135719/https://github.co...
tootie
Surely Elez is currently reading this thread right now too. Probably reveling in the attention like all the juvenile hacker boys.
nativeit
Why wonder? The user who wrote it seems to be a pretty well established user, and their public repositories suggest that they work in adjacent contexts, so it's entirely plausible they attempted to use async-ip-rotator in one of their projects.
marcusb
???
The public repos for this person that I could find that weren't forks with no activity to upstream consisted of a dice-rolling guessing game, rock-paper-scissors, and some kind of framework for downloading and transcribing audio files that does not yet download or transcribe, but implements a whole bunch of boilerplate. I find it rather difficult to believe this person engaged in a good-faith review of the async-ip-rotator code base.
nativeit
It's also worth noting that Feb 6 may very well be after Marko Elez became a public figure with DOGE. The article doesn't do a great job of expanding on any of this.
dfedbeef
The CEO of Tesla and Space-X; a self-proclaimed high IQ individual, an alleged programmer, has apparently hired a straight-up script kiddie to their elite delta force of technical government downsizers.
AIPedant
I hated Elon Musk long before it was cool: I was a fan of Tesla in the early days, and when I read Musk's "super-secret master plan" for Tesla I thought "yeesh, the board chairman is an idiot, where did they find this bozo?" (I knew a bit about SpaceX but somehow didn't make the connection.)
That said, I was surprised to learn much later that, by all accounts, Elon Musk was a competent and resourceful leader in SpaceX's early days. Maybe these stories are just his personality cult in action, but I found it plausible. It appears he once knew his place as an engineering manager, without LARPing as a Chief Engineer (he didn't appoint himself to CTO until quite a bit later). I worked for a really good manager who didn't know how to code, but he knew a lot about software and was very good about pulling back on coding things vs pushing forward on software design. It seemed like Musk was similar at SpaceX.
Which is all to say that celebrity is a helluva drug. I don't think Musk was ever an especially "high-IQ individual," and his first marriage suggests he's always been a misogynistic loser. But being anointed "a real life Tony Stark!" seems to have destroyed his brain. Ketamine probably doesn't help.
sidibe
> That said, I was surprised to learn much later that, by all accounts, Elon Musk was a competent and resourceful leader in SpaceX's early days. Maybe these stories are just his personality cult in action, but I found it plausible
He's good at having and raising money which was what SpaceX needed, I think he was probably the same then as he is now. Reading about his early days at Tesla and the PayPal stuff, I don't really buy the idea he was ever different and took a dark turn. He's the type of person that will never self-regulate and somehow has never faced any negative consequences for lying and self-aggrandizing so has kept pushing it further
AIPedant
This is a frustrating comment. I said "I was surprised to learn" because I had the same impression you did, but then I learned something new. It seems like you're just rejecting my conclusion out of hand without bothering to learn anything.
Eric Berger's book in particular suggests that, before Falcon 1 was successful, Musk was much more humble and collaborative with the other early SpaceX hires, and typically deferred to their expertise. He was always reckless and megalomaniacal. But after Falcon 1 he became much worse.
dfedbeef
Having an empty life full of sycophants and scammers sounds like a negative consequence. I have a bet with my wife that Tesla will go under within 10 years so we'll see how that plays out.
kilna
Um, as best I can tell from similar articles, they're all script kiddies.
arm32
Total HackForum vibes.
jppope
I agree with the script kiddies comment- which is basically what the reporting has shown... but in a way isn't that part of the point? That they can save billions of dollars just by having a couple of relatively normal comp sci kids (who can't even rent a car) review the most basic financial information of our government departments. These guys aren't supposed to be "delta force" they are supposed to be the interns.
Not trying to defend the means to the end, but I would really like my tax money used more efficiently. I will also say am extremely worried about the levels of access that they are being given, especially since it comes with basically no accountability
frank_nitti
Your comment assumes the conclusion that these comp sci kids were able to save billions while preserving the correct behavior of the system, i.e. if their changes cause even one person to miss one payment they should have received, then the rest of your comment is entirely baseless.
If you could prove that billions were saved in pure waste, then I’d imagine any sane citizen would agree with you, setting aside matters of decorum and human decency (e.g. RIFs that may ultimately be necessary but conducted in an inhumane way)
I’d like my tax money used efficiently, but this group does not merit the trust to carry out those changes, even on a technical level
matwood
> I would really like my tax money used more efficiently
Except by most accounts so far it was being used efficiently by the federal workforce. This whole debacle will end up costing the US tax payer more money. See cutting the IRS or USAID which will probably lead the US to bailing out farmers. And if they privatize, then it'll be even more expensive.
throwaway173738
I mean if they privatize USAID it’s a tremendous opportunity to loot on a scale we have not seen. Same thing if they privatize the IRS or Social Security. Think about all the money that could be invested in their friends’ enterprises out of the treasury float or the SS trust fund.
joquarky
> I would really like my tax money used more efficiently.
This is immature thinking, because, who wouldn't?
The contention comes from differing opinions on what is waste.
throwaway173738
A lot of people seem to consider anything that doesn’t personally, immediately, and directly benefit them to be a waste of their tax dollars. God forbid you use their property taxes to build schools their adult children don’t go to.
Braxton1980
It's a manipulation technique. It implies that the opposition doesn't believe this.
kaitai
At the VA medical system, they word-searched for "consulting" and cancelled contracts for.... surgical equipment sterilization, medical waste removal, stuff related to air quality that's required for hospital accreditation, and local burial services for people who die in the hospital.
Then a lot of those had to be reinstated because you simply can't operate a hospital without sanitation.
Just like they had to scramble to hire back the folks at the National Nuclear Safety Association.
Yeah, efficiency is great. But this is like ordering tacos and getting... a used tire and some dirty diapers...?
guhidalg
> review the most basic financial information of our government departments
That is what the GAO is for https://www.gao.gov/ , and these people are much better than script kiddies.
> I would really like my tax money used more efficiently
Me too! You are on hacker news so I assume you are firm believer in https://en.wikipedia.org/wiki/Amdahl%27s_law ! If you would like your tax money used efficiently, are you willing to discuss cuts to social security, medicare, medicaid, veteran benefits, and whatever else is at the top of the budget? https://www.cbo.gov/publication/61181? What would you cut?
Personally, I would increase taxes on anyone making over $500K/year and stop nickle and diming our federal government so the US can actually become a first world country for everyone that isn't a software engineer.
tmpz22
> Not trying to defend the means to the end, but I would really like my tax money used more efficiently. I will also say am extremely worried about the levels of access that they are being given, especially since it comes with basically no accountability
This is like the derelict father with partial custody who parachutes in one weekend a month to buy his son ice cream and a new video game to leave two days later the conquering hero. Meanwhile mom works two jobs, has to set all the expectations and responsibilities for the child, and the father is late on child support payments.
DOGE blitzkrieged government IT. It'll be years before we understand the scope of what they've done and given available evidence: these are script kiddies who worship Musk, I don't think there is ANY reason for optimism or charitable consideration.
llm_nerd
There is a phenomena I've noticed in this industry where people who lack a skill compensate by convincing themselves that they are a savant at seeing and exploiting that skill they lack in others. They find and encircle themselves with people who they believe are the Best of the Best, at least in their imagination, and it is critical for their ego that this is never challenged. They will be blind to any evidence to the contrary because they need the people they "identify" to be extraordinary, justifying their great people curation.
I mean, I guess this really happens in all industries. Art, music, leadership, software development. People who maybe once had credibility in something and now desperately try to foist Their People as the best in the industry.
I feel like that is what is happening here. None of the people who Elon surrounds himself are notable in any way, and their skills are hugely suspect, but he has to have his harem of "Super Coders" to prop up his own mythology.
tw04
Someone needs to go to prison over this. It’s not just a misunderstanding, it is an intentional attack on every US citizen.
candiddevmike
The people who need to see/understand this live in a different reality where uncomfortable things like this are ETL'd into righteous anger towards people they don't like.
This is the deep state they've been worried about, this is the boot that will tread on them.
EDIT: parent comment was highest ranked comment for the article and is now at the bottom?
j2kun
A twisted justification for suggesting someone who broke serious laws not face consequences.
We live in a nation of laws, whether or not conspiracy-minded individuals prefer to follow them.
Aeolun
> We live in a nation of laws
You stopped living in a nation of laws a while ago. Now you live in a nation of might makes right.
padjo
That law now officially includes an individual who is immune from the law and who can issue pardons to anyone for anything. So you live in a nation with optional laws.
tines
All the evidence is contrary to your assertion that we live in a nation of laws.
threatofrain
We live in a nation of peers before we live in a nation of laws.
awesome_dude
Laws are only as strong as the enforcement.
One of the things that is being exposed by the current administration is that, even though the Judiciary is an arm of the government, and supposed to provide a check on the Executive, the reality is that the Executive has the power to pardon anyone it sees fit, voiding the power of the judiciary (the argument is that the ultimate power lies with the voters who can pass their judgement on the Executive, and its use of its powers, by voting them out, hopefully)
aiauthoritydev
Chances of that happening are zero right now.
mikeyouse
I fully believe there's a stack of pardons in Trump's drawer for everyone involved in this debacle. I can't imagine breaking so many laws all over the government if you thought you'd ever have to face consequences. The alternative to pardons in preventing the next congress & administration from cleaning this up is too dire to really contemplate.
satanfirst
They are betting the system won't go after them later which is a very bad bet if they eventually give back the executive branch and an even worse bet if the power they support never gives it back. About as brilliant as being in a photo with Stalin.
geraldwhen
Trump can wait until the last day in office then issue pardons for any possible crimes, right? Biden did something similar I believe
dboreham
Time to remove the pardon powder. Has it achieved anything productive in the last 100 years?
nativeit
I think it's been used properly in a lot of instances, especially when you consider that federal law can quickly become out-of-step with modern sensibilities, so being able to relieve those harmed by laws flawed under contemporary standards is important. There's probably a better way of handling that, but it's one instance where the power of presidential and governors' pardons have been applied appropriately.
sterlind
it's written into the Constitution very explicitly. and it's a really bad time to hold a Constitutional Convention.
romellem
To remove the presidential pardon power, you'd need to [amend the Constitution][1]. Getting [two thirds of both Houses of Congress][2] to pass any amendment in the foreseeable future seems highly unlikely if not downright inconceivable.
[1]: https://constitution.congress.gov/browse/essay/artII-S2-C1-3...
[2]: https://constitution.congress.gov/browse/essay/artV-1/ALDE_0...
Reason077
It's a bizarre and archaic power, which has been abused by presidents from both parties.
woodruffw
Truman and Carter used it well[1][2].
[1]: https://www.newspapers.com/article/news-and-record-truman-ex...
9283409232
You forget who the president is. They will get away with all of this and everything else. Doesn't mean we shouldn't try but lets be realistic here.
root_axis
Not really possible since they would be pardoned even if anyone was ever willing to prosecute them.
threatofrain
[flagged]
the_optimist
[flagged]
pluc
[flagged]
MOARDONGZPLZ
> it's fun to watch
Watching the misery of others makes me feel ill.
tokioyoyo
Don’t agree with the OP how it’s fun to watch, but you have to acknowledge how citizens of basically every other country feel after being made fun of for the past few months. I have close relatives living in the states, and I feel bad for them. But your own government has been belittling your neighbours across both of your borders and calling them weak. I’m not going to say that the government does not deserve some of the repercussions of their own actions.
willio58
The fact that they left these packages public on GitHub.. guys you do know you can make things private right? Just shows how dumb these people are honestly
mingus88
Or they are emboldened in knowing there will be absolutely no consequences.
Go look at the list of pardons this administration has handed out. These guys won’t even be charged.
declan_roberts
They were given a blanket pardon dating back to 2014. No crime even listed!
DaSHacka
Sounds like another administration I know....
apical_dendrite
Or they think what they're doing is righteous and they're proud of it. It isn't - DOGE is responsible for hundreds of thousands of deaths through cuts to health programs - but I suspect they are deluding themselves into thinking it is.
cpursley
> DOGE is responsible for hundreds of thousands of deaths through cuts to health programs
That seems like a lot. Source?
dgellow
Not that it matters in this specific case, but on GitHub privated forks aren’t fully private: https://docs.github.com/en/pull-requests/collaborating-with-...
vt_mruhlin
What? They reused public packages that have been public for years. One guy made a public fork with some changes. Is that not what open source is intended for?
DaSHacka
You misunderstand, open source is bad actually, when the heckin cheeto man is the one doing it.
Just as its only worth complaining about geriatric geezers in office until the cheeto man brings in young hackers, then the problem is that "the old impaired people were good, actually".
Don't observe. Don't think. Merely repeat the approved message.
> The Party told you to ignore the evidence of your eyes and ears. It was their final, most essential command.
MattDaEskimo
Untraceable and complete access to government databases. I can't begin to imagine the implications here.
xorcist
We only hear about the cases where a someone is taking the risk of blowing the whistle, and actually manages to get the story out. Hopefully with enough substance for people to take the information seriously. How many cases that are likely to reach public knowledge is left as an exercise to the reader, as the saying goes.
Braxton1980
>How many cases that are likely to reach public knowledge is left as an exercise to the reader, as the saying goes.
Is this some reminder to people that bad things occur that aren't found out.
Considering how everyone is aware of this is your comment some sort of clusterbomb whataboutism?
tootie
Direct access to private data relating to accusations against companies Musk owns.
Sparyjerry
To everyone saying 'where are the arrests?' This is all conjecture at this point and time will tell what was click bait and truth. Below is the statement from NLRB's acting press secretary.
"Tim Bearese, the NLRB's acting press secretary, denied that the agency granted DOGE access to its systems and said DOGE had not requested access to the agency's systems. Bearese said the agency conducted an investigation after Berulis raised his concerns but "determined that no breach of agency systems occurred."
https://www.npr.org/2025/04/15/nx-s1-5355895/doge-musk-nlrb-...
jmcgough
People should not need to be conjecturing. The federal government should have clear documented reasons for the things that it does. It should have oversight, but all of the oversight has been fired, every department headed by yesmen and fox news anchors. We are all left guessing because they are doing loads of things that seem either treasonous or performed with very little thought to the consequences.
munchler
So what exactly is being alleged here? That these DOGE bros wrote and used “hacker” code from GitHub to bypass security limitations on NLRB data? Why would they even need to do that if they had superuser accounts in the system already?
woodruffw
I think the point of the article is that the whistleblower's original claims can be substantiated publicly. It's another datapoint indicating that the DOGE people are operating haphazardly at the absolute best and, more likely, attempting to obscure their tracks because they know that what they're doing wouldn't pass legal muster.
pkilgore
DOGE downloaded libraries to assist in data exfiltration, and did exfiltrate data (obtained via the superuser accounts).
Suggest reading the complaint: https://whistlebloweraid.org/wp-content/uploads/2025/04/2025...
weaksauce
they added a backdoor that is not audit logged. that's why.
null
superconduct123
The lede is buried but the implication is downloading a huge amount of data on union organizers, which can then be given to a company to pre-emptively fire those individuals
timewizard
The article is written very poorly. The disclosure itself is far more readable.
https://whistlebloweraid.org/wp-content/uploads/2025/04/2025...
underyx
Also this PDF contains a detail I haven't seen reported elsewhere:
> Furthermore, on Monday, April 7, 2025, while my client and my team were preparing this disclosure, someone physically taped a threatening note to Mr. Berulis’ home door with photographs – taken via a drone – of him walking in his neighborhood. The threatening note made clear reference to this very disclosure he was preparing for you
llm_nerd
It's an interesting detail because if true -- and I fully assume it is -- the intention likely wasn't to dissuade him from going public, but instead to make him look like a conspiratorial nut. When I first saw this story and heard that "drone shot of him / threatening note" I admit that I immediately assumed it was a flake, but on further details I think that was actually the reason for doing that.
munchler
Thanks. So the tools downloaded from GitHub were allegedly used to scrape personally-identifiable information (PII), details about ongoing legal cases, union-related data, and corporate secrets. The whistleblower observed large spikes in outbound data traffic, suggesting that gigabytes of sensitive information were exfiltrated with logging disabled, so as not to leave a trail.
uxp100
Yes, this is much more clear than the article.
> Ge0rg3’s code is “open source,” in that anyone can copy it and reuse it non-commercially. As it happens, there is a newer version of this project that was derived or “forked” from Ge0rg3’s code — called “async-ip-rotator” — and it was committed to GitHub in January 2025 by DOGE captain Marko Elez.
Original code: https://github.com/Ge0rg3/requests-ip-rotator
Forked: https://github.com/markoelez/async-ip-rotator
Code is pretty much the same, with comments removed, some `async` sprinkled in and minor changes (I bet this was just pasted into LLM with prompt to make it async, but if that worked why not).
Except... Original GPL3 license is gone. Obviously not something you would expect DOGE people to understand or respect.