This feels funny to read, for some reasons.
Where's the technical ignorance?
It's not saying anything technically untrue, and emphasising the aspects it does arguably makes sense within the context of what the concept is being brought up for, but it comes across as an odd framing for people familiar with the concept in general (using containers for standardization/scaling/etc.)
We use them for standardization and scaling exactly because they are opaque. I personally believe the explanation shows a deep understanding of the technology, but also a good grasp of what matters politically.
I think it could potentially be improved with a more general/typical definition first ("Containers are self-contained environments that bundle all dependencies a piece of software needs to run and are commonly used to streamline deployment across different machines, but can also ...")
They intentionally turned off logging. Only attackers and criminals do that.
Then of course they are surprised nobody takes them seriously anymore
The media companies ate so well and grew so fat covering the rise of fascism they didn't think what would happen when it finally gained power.
https://www.whitehouse.gov/fact-sheets/2025/04/fact-sheet-pr...
The Cybersec one is Brian Krebs
"But her emails" was when Hillary using a private server was actually so exceptional it was like the singular thing. Trump's crew of misfits and clowns and self-dealing grifters have turned the government into a circus. They're all insider trading, launching shitcoins, turning the WH lawn into a pathetic infomercial while your commerce secretary -- Howard "Used Car Salesman" Lutnick -- is pushing stocks.
So even if 2/3rds of America decide this is too much, they aren’t sufficient to shift what is covered in the idea economy and the political economy.
I just found out there’s even a book that did the ground work to make this case, in 2018. (Network propaganda.)
This is the prime reason I recommend all democracies look beyond their current leaders and grapple with the structural issues caused by capture of the media ecosystem.
Do note - this isn’t an issue of bias. There’s a protectionist economy on the right, where reality is whatever storyline they need to share.
The same Pentagon, which is current run by this person? https://apnews.com/article/hegseth-signal-chat-houthis-attac...
As others have said but I can't reply to, it's because the Pentagon is run by a traitor and they stop any investigations under threat of dismissal.
But I hope people are keeping notes and will come forward, so that all of these people will face the consequences.
Anywho, this whole "opaque" or "untrusted" code running in a VM is the same lingo that big corporates use to gatekeep newer technologies that bypass traditional processes. E.g. "oh sorry you can't test locally because you need to use our officially licensed and expensive Oracle DB instance. Oh and BTW, you can't use the free container image that Oracle provides free of charge. It's running 'untrusted' code in our network." and endless variations of that.
That's the beautiful thing about democracy, you get exactly the government that you deserve.
Now I think about it, that can also be the terrifying thing about democracy as well, but you get the idea.
You deserve no better, nor any worse, than what you have.
"Now I think about it..." work on that some more going forward. The country is complicated and Democracy has grades. We're getting an F at the moment.
There are democratic procedures by which the people can go about changing citizens United. You apparently believe those procedures are not part of democracy, but they are.
That the people won’t take the decision, and implement the process to change citizens united, is the fault of the people, not of the democracy. Democracy simply provides the procedures. You make the decisions.
For instance, a lot of right wing people spent a lot of time stacking the court to do away with roe v wade. Democracy provided that possibility through procedures it put in place. That’s only one way to do away with citizens united. There are others. None of which you choose to avail yourself of. How is that the democracy’s fault?
So in a Democracy, if the people vote for something different, that's anti-Democratic, and non-democratic methods may be required to fix Democracy.
When I say Democracy, I mean a form of government in which political power is primarily seated within the common mass of people, as opposed to political power being with those who bribe, cheat, scheme, lie and bribe some more to achieve more political power than their fellow citizen. This tension puts democracy on a gradient, one which I believe is currently and firmly seated in corporate command of political power. I recommend you go read Democracy Incorporated to add a little more clarity and contrast to your world view.
Next I suspect you'll try to tell me the Brooks Brothers riot was also "democratic procedures."
> None of which you choose to avail yourself of.
Oh piss off.
You're just a few steps away from a russian version of democracy if you define it so loosely in the first place
In a democracy, the educational system is a democratic practice. A civic duty. We could have changed our educational system to be better, we didn’t. That’s on us. We could change it now. We won’t. That’s a choice. A democratic choice.
The practice of democracy is not solely about voting. There are many democratic choices we make every day that concert to give us the government we deserve.
Democracy is about how the people (demos) in a state or other community coexist by negotiating their individual and collective needs and priorities. Reducing it down to "you didn't vote so you don't count", or worse still, "you voted for the losing side so you don't count" is a gross distortion. Its not just about the vote, its what happens after that.
> That's the beautiful thing about democracy, you get exactly the government that you deserve.
This makes no sense. There isn't something out there that renders a singular judgement on what people deserve. There's only us.
* The two-party system dominates the process, and actively excludes 3rd parties. Look into changing requirements for debate participation.
* The Democratic party argued in court that they have no obligation to use a "fair" primary to select candidates. This was in response to a lawsuit from donors claiming the party mislead them by tipping the scales against Bernie Sanders in 2016.
* Gerrymandering continues to enable parties to win large majorities in state legislatures while losing the popular vote at the state level.
* Many of our current troubles have been caused by the Supreme Court, which is not democratically elected.
* The Electoral College and Senate apportionment continue to give more power to voters in low-population states.
How, exactly, are our choices suddenly the fault of the democratic system?
No, it wasn't. It was what about half voted for. There was no consensus. Consensus means general agreement, not a small majority.
That they're elected by majority (never mind the indirections) is a key reason why it is important that the executive is not allowed to wield too much power unilaterally.
(And a key reason why the executive in most countries have far less power than a US president...)
Red Team/Blue Team isn't Democracy, its Oligarchy with extra steps - self-evident by the recent actions of an ultra-wealthy elite to shape political decision-making in ways that increase their wealth.
You need only look as far as the inauguration of 47 to be slapped in the face by the audacity of it - flanked by the Railway Barons of Silicon Valley - Elon Musk, Jeff Bezos and Mark Zuckerberg - and bolstered by Tim Cook, Sam Altman, and Bernard Arnault.
The Fair Representation Act - which would solve a plethora of issues in one act - served to establish independent redistricting commissions in all states to prevent gerrymandering, whilst simultaneously introducing the proportional STV system of elections like we have in Ireland
https://en.wikipedia.org/wiki/Fair_Representation_Act_(Unite...
> Berulis [...] and his colleagues grew even more alarmed when they noticed nearly two dozen login attempts from a Russian Internet address (83.149.30,186) that presented valid login credentials for a DOGE employee account — one that had been created just minutes earlier. Berulis said those attempts were all blocked thanks to rules in place that prohibit logins from non-U.S. locations.
> “Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE related activities and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating,” Berulis wrote. “There were more than 20 such attempts, and what is particularly concerning is that many of these login attempts occurred within 15 minutes of the accounts being created by DOGE engineers.”
Somehow each paragraph reveals something even worse than the last.
> Berulis [...] and the associate CIO were informed that “instructions had come down to drop the US-CERT reporting and investigation and we were directed not to move forward or create an official report.” Berulis said it was at this point he decided to go public with his findings.
In the same way that it's relatively easy to find a hitman on the dark web, it's considerably harder for them to actually not be law enforcement.
You -> Russian IP -> US IP
then you'd get anonymity via the Russian hop but aren't geoblocked due to your final hop being in the US.
- forgetting to take anti-paranoia pills
- doing it on purpose to "own the libs"
- doing it on purpose out of curiosity as to how stupid the adults can be in configuring a sensitive system
If you're blocking non-US IPs, you trpically block at the IP layer, before a login attempt can even begin.
Why allow someone to even log in at all?
Not saying this is a Fortigate or that the federal government didn't change the low effort configuration, but it's certainly not unusual, Fortinet is a huge presence.
Also I see no flagged other comment and some people just downvote downvotecommentors.
It is unconstitutional when the government does it, like say a president who requires unapproved language be scrubbed from public government sites.
Are you aware of the "krasnow" theory?
I see no proof there, but indeed strong indications to seriously look into it.
https://www.reuters.com/world/white-house-seeks-plan-possibl...
He does owe Russia for the email hack and leaks that he publicly requested. Not to mention sticking it to Ukraine after they didn't find/fabricate evidence against the Biden family.
Seems plausible that they could have used that tool when logging in and it happened to bounce off a Russian IP.
Homeland Security and co need to step in, but they're controlled by hostile agents.
If I am testing a login I don't need 20+ failed attempts to know it's not working. Sometimes the simple answer is the correct one. The series of events does not read as someone, whose job has been reported to disable security and demand root access to systems, testing the already in place login system to make sure Russian IPs (specifically) can not log in.
https://krebsonsecurity.com/2025/02/teen-on-musks-doge-team-...
- "“Tesla.Sexy LLC controls dozens of web domains, including at least two Russian-registered domains,” Wired reported. “One of those domains, which is still active, offers a service called Helfie, which is an AI bot for Discord servers targeting the Russian market. While the operation of a Russian website would not violate US sanctions preventing Americans doing business with Russian companies, it could potentially be a factor in a security clearance review.”"
edit: Here's the old HN thread,
https://news.ycombinator.com/item?id=42981756 ("Teen on Musk's DOGE team graduated from 'The Com' (krebsonsecurity.com)" — 1895 comments)
What's interesting here is how these two things are seemingly mixing. At this point I have two pet theories:
- One of the DOGE staffers is a Russian agent: This one I'm putting in the camp of "highly highly unlikely" but still possible given those login attempts from Russia.
- The more likely theory is this is just some braindead attempt to "own the libs". If we look back 6-8 years to when all the Trump Russia stuff came out and turned into a nothingburger. This could be some idea like: "Yo I've got this VM in Russia, let's own the libs and make them thin the Russians are invading again!"
- It could also be completley innocouous. Like right now I have a Mullvad VPN setup on my machine that points to Algeria. Ubuntu will auto start this VPN at login. What if one of DOGE staffers just happened to have a VPN running with an exit in Russia when they tried logging in.
I guess DOGE wanted to write a report how they saw Russian IPs login in but it back fired because the people at NLRB have proof DOGE created the accounts.
EDIT: edited for clarity.
How many scandals we have to endure?
How many evil things need to be done?
How many people need to be unnecessarily fired?
Edit: the parent comment was edited
It’s a matter of identity, he’s their guy and they stick to him through malpractice and treason.
These days I was reading on effective altruism, sbf, ftx debacle and macaskill influence on sbf. It's weird how long it is possible to go to justify someone's actions
"Automobile deaths are bad and numerous, we want to get rid of them with driverless cars, which will kill people in the course of their development, but that's okay because remember we told you about the deaths we will prevent in the future? Therefore we can expend as many lives as we want now because by doing so we will save infinite lives. This is why we must be permitted to operate beta robots on public roads."
The rationale continues on to starship and neuralink. We have to go to Mars to save humanity, therefore you must tolerate starships exploding and destroying the ecosystem over your house. We have to invent this important medical device to save people, therefore we must conduct morally gray research on implanting devices into human brains. The justifications and rationalizations are endless.
Paint me surprised
The same is (almost) true of radical anti-dystopians. The problem is that their p(doom) is... shall we say uncalibrated? It may be a case of tiger repellent. But while they're trying to prevent their "doom", the damage they do is real. And they're willing to do unlimited amounts of it, because doom is really bad.
The "almost" part is because doom is sometimes real. Hitler, for example, really happened. The problem is that in 1931, say, it wasn't obvious that Hitler was actually going to become what he became. (Yeah, I know, Mein Kampf had already been written. It wasn't obvious that Hitler was actually going to be able to pull any of it off.) So in 1931, what was p(doom)? The doom everyone was trying to avoid in 1931 was economic. They weren't worried about trivial (!) little problems like a guy with a funny mustache who once wrote a nasty book.
So the p(doom) crowd, even if they're right that doom is coming, still are often wrong about which doom is coming, and so their steps to avoid it are just causing damage, and not preventing doom at all.
1923 was the Beer Hall putsch. It was clear to those who knew what they were looking at and didn't agree with the goals.
In 2016 people predicted Trump wouldn't leave office peacefully, and they turned out to be right. But people said "no your p(doom) is too high, you're deranged." But they were not calculating p(doom) they were calculating p(doom | narcissistic psychopath). The posterior probability skyrockets when you factor in the person has the same personality disorder in leaders that has spelled doom countless times throughout history.
Hitler wasn't the first Hitler, people had seen his type before, and we will continue to see his type in the future. Know the signs, they're not hard to spot if you know what to look for. Pretty much if someone's main complaint is "those people" then you have a good idea what they're all about.
When they start calling "those people" murderers, drug dealers, rapists, terrorists, gang members, then it's a foregone conclusion what they're all about. Hitler told Germans who he was in 1920 when he started giving public speeches against Jews. Trump told us who he was in 2016 (and arguably for decades before). They had no excuses then, and we have no excuses this time. We see it coming.
Isn't that instead to suspect them of a nefarious plan to basically cripple labour law enforcement?
> There were more than 20 such attempts, and what is particularly concerning is that many of these login attempts occurred within 15 minutes of the accounts being created by DOGE engineers.
1139 points/7 days ago/528 comments
1. Breakdown of rule of law and political systems. Executive usurped Congress and is currently usurping SCOTUS. Both parties are dead. MAGA replaced the Republican party and Democrats are in the wilderness.
2. Destruction of the federal government through DOGE, which is this thread.
3. Destruction of the economy through tariffs and usurping the Federal Reserve by firing the Fed Chair, turning America into essentially a controlled economy.
4. Destruction of non-government institutions like law firms and academima which are power centers that could resist points 1-3.
The current Attorney General's brother is running for a seat on the Board of Governors of the Washington, DC bar. It is expected that he will carry water for Trump and Bondi and impede any sort of disciplinary action the DC bar may dole out to any attorney working for Trump.
Yet another way Trump has his lackeys putting a thumb on the scale.
Is it me or does this sound like someone trying to create a Russia connection here? Why whould Russian intelligence do this so amateurishly? As if they want to get caught. - Cui bono?
Chaos.
no. as if they don't care about being caught.
Further, saying "someone trying to create a Russia connection" sounds rather incredible. The Russia connections have been so absolutely overwhelming at every turn that it's infinitely beyond deniable now.
Russia just had to be a predominately white nation that paid lip service to Christian nationalism and that hilarious show turned them into the US far-right's best pals. It would be nice if we moved beyond pretending this is conspiratorial when it has been in the open and stated in the open repeatedly for years.
[1] DOGE is completely disregarding all security norms -- they think it's an annoying slowdown to not just install whatever they want and to open whatever ports they want, etc -- so the likelihood that vast troves of US data has been exfiltrated by enemy states is approaching 100%.
Everyone knew it was Russia. They were still like "I don't know what you're talking about".
It's all power games.
So they hack their enemy, and then use that to reinforce the false narratives they tell their own people. It's gaslighting at the national level. Russia is as if your emotionally abusive partner was your government. America is becoming the same.
What do they want with NLRB days in the first place? Maybe they have an idea; maybe not. The goal is "we got your data, be worried". Getting caught furthers that.
The use of the nlrb data on the other hand is pretty clear. They had a number of ongoing cases against Musk's companies. Involving Russia is unnecessary to explain the motive.
There are literally dozens of ways to kill a guy, if you must poison him, which are cheaper in every possible way and can be sourced locally by someone with the sort of basic chemistry knowledge an intelligence agency would have on payroll, or from a drunk undergrad.
Which is to say: Russia's MO has at no point been "subtlety", it's been vranyo: a lie they tell where you know they're lying, but are obliged to pretend the other party is not.
Would it make any sense at all for a government agency (DOGE) to buy shady residential proxies in order to log in to their super-admin accounts? No. Nearly every government bans foreign IP addresses from accessing internal systems. That leaves the question: why did that log-in attempt happen? There may be another explanation, but the only thing that comes to mind is that someone in Russia using a mobile internet connection tried to log in but forgot to enable his VPN before doing so.
I don't see a legitimate reason to require no logging either. If you're investigating things, you want your activities logged in a way you can't alter because it demonstrates how you found the evidence, and that you aren't just making things up.
I also don't understand why the HN comment section is full of people trying to make excuses or explanations.
What I generally don't get, is that in so many hacks they state "this came from a Russina|Chinese|Iranian IP address", hinting that it came from that country probably.
Can someone in the security industry maybe elaborate if this makes sense or not?
It’s possible to route traffic such that assuming the crypto is perfect, the actual vps is not able to decrypt data.
I also think that it I were a doge member and _wanted_ to leak data to Russia, this is the exact opposite of how I’d go about doing it.
It makes me sick we're even considering "trolling" as a motivation here but, given that we are, it's clear we're at the level of stupid that they would brazenly leak data to Russia. These people are not the best, they are not the brightest, and there's no reason to assume they are playing 4D chess when checkers is working for them.
Also "attribution engineering" is really quite easy and difficult to see through.
Often the purpose of a hack is not to exfiltrate data or sabotage systems but is exactly to direct blame (or sometimes distract/misdirect)
Indeed in vault 5 of Snowden's NSA leaks an "attribution engineering toolkit" was a interesting find. Malware is almost always engineered to throw forensic investigators off the scent.
That all said, I think this incident happening in US gov, in the current climate, without immediate urgent investigation is scandalous and in itself an indicator of deeper and very serious skulduggery.
Having said that. I doubt they checked and who cares where it landed? Its out.
Occam's Razor on doge (and the admin as a whole) points to opportunist amateurs, fraternizing on bravado & loyalty while willing to entertain treason by jumping through hoops for why it can't bother them.
Looking for deeper layers is a distraction. Nostalgic even.
I can empathize.
Though also, who knows, could just be Russian script-kiddies.
(and even if that is what happened, it goes back into "holy shit how did that happen?")
EDIT: Also, given that the attacker had correct credentials and was only stopped by an _ip address_ check, we may assume that, unless the attacker was particularly incompetent, they likely got in.
Looking at the IP it might be a mobile connection.
> Russia
> MOW
> Moscow
> Moscow>
> 144700
> 55.7558
> 37.6173
> MegaFon
So, lets say it was one of the contracted private individuals that just happened to be travelling in RU for WHATEVER reason and wanted to test the login decided to just use their hotspot.
Given the level of incompetence here it wouldn't surprise me. But this is what whistleblowers are for, starting investigations. Now we will have to wait month and years of bureaucratic nonsense and legal challenges to every information request required for the investigation to even get started.
It's incredibly frustrating.
Also I haven't played with eSIM cards either and so I'm not sure their behaviour.
Go with the most probable case - one of the shiba-doge amateurs had a virus on his laptop, and after creating an account those credentials were automatically siphoned to some bot farm in the Ruzzian segment, from where a few automated attacks were initiated by a botnet, which were blocked by a regional firewall.
And then, they tried to get it shut off as soon as they found out it existed.
because they have a theoretical capability to get the credentials that were being used and would love to have a database dump to figure out what to do with it later. The botnet explanation is also plausible, but not mutually exclusive.
DOGE needed to hide its activities while it collected data for the president so that the private citizens chosen by his associates can run analytics on it offsite and decide which cases to pursue. And Russia has a login because they are friendly to the new era of American interests.
It sounds so stupid, I can’t believe people still support this madness…
Eh. June 2018.
Since we’re spitballing, Why not try giving them the opposite of benefit of doubt, as well? Something like, the administration is clearly compromised by Russia and hired a bunch of low status hackers, and we’re seeing massive bombs being dropped all over our cybersecurity defenses?
Second, if you are the "playing devil's advocate" type, make sure your post contains your real, own, personal opinion. You can't just go say morally objectionable things and brush it off as that.
To be wafer-thin fair to Trump et al, that was started by Bush with Guantanamo.
Then they care for immigrants, called them enemy aliens, shipped them to a torture prison, stripped them of all rights despite not having anybody convicted, but I'm not an immigrant, so I don't care.
<--- you are here right now -->
This is all under the auspices of Trump, which is figuring out how to get away with ‘deporting’ US citizens to El Salvador without due process.
Connected the dots yet? How long do you think until union organizers are getting black-bagged in the middle of the night and disappeared to El Salvador? A month? Less?
> About a decade ago, engineer Cristina Balan called out a safety concern about a design flaw on a Tesla vehicle. Shortly after, Balan says she was forced to resign. Now, she's explaining the leverage Tesla allegedly used to get her signature.
> At Tesla CEO Elon Musk's own request, Balan went straight to the top to solve a problem in 2014, which involved floor mats in the Model S curling near the pedals, affecting braking. But instead of being granted a meeting with Musk, "HR and the legal department had another plan for me," Balan said in an interview with Times Radio over the weekend.
> "They told me that if I'm not resigning on the spot, they will deport my entire team…because the entire interior team was backing me up," said Balan, who is from Romania and has said many of her team members were waiting on green card applications. "And their plan—Tesla's plan and legal department plan—was to convince the entire team and myself to close the internal investigation that we opened in the company to fix a serious safety issue." Notably, Tesla has been among the leading employers of H-1B visa holders, who perform work in specialty occupations.
https://www.chron.com/culture/article/tesla-engineer-deporta...
Also, one illegal act doesn't excuse another. It's important to not willfully move the overton window over even more.
90% of people who were sent to the gulags survived and came back. This is much, much worse.
You can survive brutal conditions, but you won't be the same after. And that 10% is like a million and a half of people.
Please don't trivialize suffering of people.
The fear is the point.
https://www.npr.org/sections/thetwo-way/2016/01/23/464129029...
Using the DoJ to go after his perceived enemies. Mob boss protection rackets against universities and law firms. Revoking visas for traffic violations...or nothing at all. Putting people into a foreign prison camp without a chance for due process, and refusing to do anything about the inevitable errors and rights violations that result. Eliminating oversight roles and agencies, enabling grift, theft, and fraud for himself and his friends. Selling cars on the White House lawn. Hiring incompetent people and not firing them when they inevitably do incompetent things (looking at you, Hegseth and RFK Jr). Refusal to admit failure or error regardless of how obvious it is. Constant lies about what he has accomplished. Destroying the US economy with erratic and unstable tariff policies. And so much more...
And they eat it up.
One of my friends posts almost daily impassioned screeds against Trump. One, yesterday, was about him "handing our country to DOGE on a silver platter, to privatize for the benefit of his friends".
Someone replied:
> Once the systems are torn to shreds, we will need to build new systems that serve ALL of us. We may not like or agree with what is happening, but it’s more effective to come together and work toward building what you want, than it is to fight against what you don’t want.
They completely misunderstand or are in denial or have been deceived (or some combination of the above) into thinking this is the tear down, and Trump will build back something for everyone.
They are completely ignorant to the fact that there is no WE in Trump's plans, just "ME".
Most Americans on the right live in a protected information market. I am not talking about media bias — both sides have that. The issue is deeper: on the right, the marketplace of ideas has been captured. There's no free trade between ideas, only ‘subsidized’ narratives and ‘tariffs’ on dissent. That’s how Trump — or anyone like him — thrives. Realists, by contrast, get priced out.
This isn’t culture war stuff, this is structural failure. The traditional metaphor of American free speech — the Holmesian "marketplace of ideas" — breaks down when one side captures the market.
There is no competition of ideas when there is no fair fight.
If you’ve got a couple of million bucks to spend, my guess is start buying up and supporting local news channels in the rust belt, and then let them work on whatever they want to work, as long as they can show actual independence.
Or perhaps gift people subscriptions to things like groundnews or something. I don’t know if theres any science that shows it effectively diversifies information consumption of its users.
I don’t know what the napkin math is for a tipping point, but I suspect its not as expensive as litigating an entire administration.
The checks and balances have all been used up and failed.
Increasingly it appears, we are the only ones who will, also.
We have to group together so that we are a recognizable entity. We.
According to political science, historically 3.5% of the population protesting non violently is a big enough we.
While we should not elect influential people, we want persuasive, charismatic people in office. Catch 22. But I much prefer presidential candidates I'd never heard of before the campaign cycle began to any celebrity.
But putting someone massively influential in the executive branch, so influential that they've negated the entire legislative branch, has crippled our guard-rails / checks and balances.
Just about every Republican member of congress cares more about what Trump will do if they do not fall in line. To be sure, the overall issue of partisanship does cross the aisle, and has been an issue for decades. But being quite so beholden to the President over constitutional rules and law is largely a new and devastating phenomena.
If 3.5% of protested then historically, that could motivate change, per
> based on the research of political scientist Erica Chenoweth
The door is supposed to be completely open.
Or maybe I'm giving this situation too much credit and we should call a spade by its name.
"Berulis told KrebsOnSecurity he was in the process of filing a support ticket with Microsoft to request more information about the DOGE accounts when his network administrator access was restricted. Now, he’s hoping lawmakers will ask Microsoft to provide more information about what really happened with the accounts."
Why does Microsoft have login and account information for a government institution? I'd prefer a mainframe without Windows or Internet access in the basement.
Undoubtedly Office365. Difficult to run a bureaucracy without Word or Outlook.
(French/German governments investing in a replacement for this kind of reason: https://www.techspot.com/news/107225-france-germany-unveil-d... )
AWS, Azure, Oracle, SUSE (via Rancher) and I am sure GCP all have confidential & classified (C/S/TS) clouds, as well as lower FedRAMP clouds to get that sweet sweet federal money.
Not sure what questions it raises, it has been a thing for decades.
Who handles physical security and what sort of place is it located that it can house that kind of data?
To what degree is the federal government subsidizing Amazon's retail dominance?
None of this is new, AWS' dedicated US government stuff has existed for around a decade.
> To what degree is the federal government subsidizing Amazon's retail dominance?
Not more than any other big AWS customer.
In general, the cloud/systems operator, in conjunction with the launch customer will build a dedicated facility for the classified stuff, and for the controlled stuff may have a dedicated facility, or have segments of the DCs in the US with extra security. for the classified stuff, there is a pretty rigorous list of requirements for the DC, and for any NOC that operates the service.
> To what degree is the federal government subsidizing Amazon's retail dominance?
A fair bit, but they are just like any big customer - just with higher margins. I think that was part of the reasoning for breaking up JEDI after AWS got it - the administration at the time hated the AMZN leadership, so wanted to remove money firehose from them and give it to others.
There’s some history of Russian intelligence being rather blatant here (presumably deliberately, as a way of making a statement). Remember Guccifer 2.0? That persona not only used a Russian ip address, but one which was _assigned to the GRU headquarters building_.
why pretend at this point? they own all of the leadership and there won't be consequences
How much incentive do they have to continue to commit as much crime as possible in order to keep Trump in power?
Every single story you read about these sorts of things os not only a horrible violation of constitutional rights and the rule of law, it is the creation of an army of incredibly dangerous people who desperately want trump to remain in power and can commit crimes with impunity in order to keep him there.
https://www.justice.gov/pardon/pardons-granted-president-jos...
https://en.wikipedia.org/wiki/List_of_people_pardoned_or_gra...
"Joe Biden 2021–2025 8,064"
Labor actions is the most powerful tool that ordinary people have and this is an effort to take that away. Citizens are already being kidnapped. Dissenter legal immigrants are being dissappeared.
Anyone that believes the administration is doing any business other than seizing more power is a useful tool.
Edit: but yes, that is a bit in the noise compared to the attempt to end democracy in the us that is underway. If some combination of protests and judicial action manage to wake up congress to act for country instead of party, maybe we could use the momentum to do something good. I'd recommend closing the attack vector in our electoral system that creates two parties that can be so easily polarized against each other. Ranked choice voting and proportional representation or mmp for both house and electoral college would probably generate 4-8 parties and wouldn't require any amendments. Just 60 votes to allow the pr/mmp and then the hard part of convincing all the states to implement it in unison rather than delay to give their dominant party advantage.
Downvote and move on.
What a weird complaint.
Here are some recent HN posts that have been flagged into oblivion:
>Dow Headed for Worst April Since 1932 as Investors Send 'No Confidence' Signal (wsj.com)
>Trump's Fed Attacks, Trade War Push World to Sell Off US Assets (bloomberg.com)
>White House plagued by Signal controversy as Pentagon in "full-blown meltdown" (arstechnica.com)
>An Age of Extinction Is Coming. Here's how to survive. (nytimes.com)
>The Crypto Con: How Trump Is Looting America from the Oval Office (mitchthelawyer.substack.com)
>RFK Jr.'s autism study to amass medical records of many Americans (cbsnews.com)
HN is its community, and the community is speaking loud and clear about its allegiance.
Indeed. And if you look at the picture of the email from the deputy CIO he mentions SCuBA (see here: https://www.cisa.gov/resources-tools/services/secure-cloud-b...). Cleaning up unnecessary admin roles is exactly the kind of thing that CISA itself is requiring agencies to go in and do.
You assume that "suddenly none of the IT employees at the agency could do their jobs properly anymore" is whining and not substantial?
Shouldn't be least privilege principle a culture (a standardised and automated process) and not something that happens ad hoc?
But, in this case, they have Musk's bank accounts and POTUS covering for them, so why bother with different IPs?
Which no one in the opposition will allow anyone in the opposition to do. Potentially for good reason (it would make them a legitimate target for violent retribution), but which just means the war was lost before it started.
Which is why people aren’t fighting back much either - because the smart ones are looking at the score going ‘I’m just going to get murdered fighting a war you already lost because you refuse to let anyone use weapons that will work’.
Big enough protest historically predicts country wide change
Standing in a city park with a sign that says "Dumbledore wouldn't have let this happen" isn't working. [0]
[0] https://preview.redd.it/some-of-my-favorite-photos-from-hand...
> based on the research of political scientist Erica Chenoweth
How can this be true?
What exactly sounds unbelievable? Considering Berulis was an administrator and DOGE requested administrator accounts, they'd both have the ability to turn on/off logging as they wish, wouldn't they?
>"But we don't have laws," she says, "so it's just another chain."
Following laws is not exactly of the highest priority.
Source: https://www.cisa.gov/resources-tools/services/secure-cloud-b...
"A minimum of two users and a maximum of eight users SHALL be provisioned with the Global Administrator role."[1]
and
"Privileged users SHALL be provisioned with finer grained roles instead of Global Administrator."[2]
So at least for the agency-wide removal of security administrator roles, that would seem to be unrelated to anything DOGE was doing. The NLRB was supposed to be doing that anyway.
[1] https://www.cisa.gov/resources-tools/services/m365-entra-id#... [2] https://www.cisa.gov/resources-tools/services/m365-entra-id#...
Otherwise this quote wouldn't make sense:
> [...] top-tier user privileges that neither Berulis nor his boss possessed
However, my guess would be that this is the role that DOGE employees requested to be assigned as it is the role with the highest level of privileges.
So this type of behavior will continue unmitigated for at least the next 1,369 days.
But if Russian spies wanted to access US Gov resources, why would they use their own IPs as the origin? Unless getting caught was deliberate, to foment discord?
[1] https://en.wikipedia.org/wiki/Edward_Coristine
[2] https://krebsonsecurity.com/2025/02/teen-on-musks-doge-team-...
- create account
- attempt to access whatever records, don’t worry about succeeding
- wait for US news to cause fragmentation
Undermining US unity is an objective of Russian influence, as we’ve seen from the spectrum of advocacy groups they funded ads for.
- - - - -
There’s also the suspicious timing that this happened just as the US was engaged with Russia to negotiate peace in Ukraine — and that this embarrasses the regime doing so and encourages a feud with Russia. (As an indication that it may not be so simple.)
Spying is complicated.
My first doubt - the NLRB has a SOC ran by an MSSP/government contractor. Data destruction events and anomalous connections would 10000% cause security event alerts to trigger. Sentinel has OOB detection for anomalies for events that the whistle blower states in the article.
My Second doubt - CISA and US-CERT are not a bunch for scrubs. If their official statement is that it's not a security incident then I trust them.
Third doubt - If you see something suspicious then you have every right to report it to the SOC, and contain the suspicious activity to the best of your ability. If you don't have permissions then report it to the SOC. All malicious activity gets investigated (unless the MSSP is a joke but then they become liable and will get sued if it turns into an incident that results in damages).
Fourth doubt - Kerbs and the whistleblower are framing this as a sophisticated nation-state attack leveraging DOGE to exploit the NLRB. But that doesn’t add up. Nation-state actors don’t blow their cover because they proxy with clean IPs from within the target country. The IP address in question (83.149.30[.]186) has had a bad reputation in open-source intelligence for over a year, linked to credential stuffing and scanning activity. Using an IP like that in a high-level operation is like flying a spy plane into enemy airspace with inflatable tube men and disco balls strapped to the wings. Attacks of this complexity require significant time and resources—no serious actor would risk burning their investment by using an IP already flagged and based in Russia.
Last doubt - The "Security Engineer" took a screenshot of the user names then gave it to the media....You're expecting me to trust what you say while you commit a data leak - nice one.
How? The people who would need to declare war are the ones compromised. Are we still holding out hope that there's some sanity in the government's leadership, or that there's some sort of accountability to be had?
I get what you're saying, but I like to think there are at least a majority in the US military that would desire a war in such a situation. So long as the evidence is indisputable, like Putin himself declaring what he did.
This seems like a highly fragile currency. If things continue to deteriorate a future administration may end up running its own reprisals trials against DOGE staff.
People aren’t going to just let that slide. I really don’t think they should expect to live in comfort and anonymity for the rest of their days if you look at how these kinds of things have played out historically with only a few counterexamples (I.e the East German Stasi come to mind as one)
During the downfall of ISIS there was a funny quote from a commander in the Iraqi military along the lines of "if you listen to what the prisoners said, you'd think ISIS was entirely staffed by innocent drivers and cooks and never any jihadists"
The first counter-example that comes to mind is the "Pact of Forgetting" that happened after Franco died, where basically people agreed to let spilled blood be spilled, without spilling more. Basically hard and difficult questions were avoided in order to facilitate "national reconciliation" when the transition to democracy began in 1970s.
Depending on the political aftermath when this (pointing everywhere) is done, it's not impossible something similar could happen, to try to let things cool down. Or, it goes the way of the Nuremberg Trials, also a possibility I suppose.
But most organizations don't, and won't, want to hire people who are willing to behave lawlessly.
A bunch of them seem young enough to just leave it off and say they were in school. Maybe DOGE counts as a student cybersecurity project?
I wonder how much DOGE is going to cost at the end of the day? I hope not literally billions of dollars, so maybe the $100b-200b they save will be net positive after the lawsuits, etc..
I don't know what the Russia connection is. Blue MAGA types like to contend that Trump is a Russian asset. There are definitely some weird connections going back to Trump purchasing TVs for a hotel in the 1980s [3] and some weird timings of the movements of Viktor Orban between Putin and Trump [4] but I just don't buy the Russian asset narrative.
I consider it way more likely that individual DOGE people have been compromised by foreign actors and possibly without their knowedge (eg compromised email or computers).
We're only 3 months into this. The amount of damage that is going to be done over the next 4 years is hard to comprehend.
[1]: https://news.ycombinator.com/item?id=43701222
[2]: https://www.businessinsider.com/tesla-pay-vs-ford-gm-uaw-uni...
[3]: https://www.youtube.com/watch?v=O1FHtBu5H8w&t=36s
[4]: https://www.axios.com/2024/07/12/trump-orban-meeting-mar-a-l...
One somewhat far fetched(till recently) explanation floated for the all out war on institutions waged by the Trump administration is that the goal is to destroy the last remaining entity in this country that is capable of standing up to corporations. The idea seemed laughable just a couple of months back. The fact that it seems very probable now shows just how bad the situation is.
At what point will Congress act? Or will they simply sit by as the country is destroyed from the inside?
How are stories ranked?
The basic algorithm divides points by a power of the time since a story was submitted. Comments in threads are ranked the same way.
Other factors affecting rank include user flags, anti-abuse software, software which demotes overheated discussions, account or site weighting, and moderator action.
i'm inclined to think this is it. can't have the populous too rowdy - gotta settle them down.
This story spent 18 hours on the front page seven days ago, and attracted over 1100 upvotes and over 600 comments. It also attracted dozens of community flags, but we turned off the flags in order to give the story full visibility.
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
We don't manually intervene to deemphasise content just because it's political, and indeed we often manually intervene to restore political stories to the front page when they have been automatically downweighted due to flags or flamewars.
We moderate to optimize for intellectual curiosity, nothing more.
https://news.ycombinator.com/item?id=43691142
It's bog standard HN moderation to remove duplicate stories.
When you are manually putting a dupe tag on a story because someone posted it a week ago I think people feel very differently about that.
This is very literally the kind of behaviour people are referring to when they make the accusation that the mods are actively interfering with what people want to talk about.
This idea that you’re here telling me and others with a straight face that everything is above board while also doing this just doesn’t pass the credibility test, the logic makes no sense.
If a story has not had significant attention in the last year or so, a small number of reposts is ok. Otherwise we bury reposts as duplicates.
It's nothing to do with it being political. It's simply to do with being a duplicate of a story that has already been heavily discussed, just a week ago.
It's a well established convention that a topic is only eligible for further front page exposure when there is "significant new information" (SNI) [2].
There have been many instances of SNI with respect to DOGE this year, which is why there have been (I believe) more front-page stories about it on HN than anything else [3].
[1] https://news.ycombinator.com/newsfaq.html
[2] https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
[3] https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
I've noticed that a lot of the articles describing various Trump admin abuses (be it DOGE, or Trump crypto scams, or whatever) get flagged a lot. (While they're very relevant, nobody can tell me SBF crypto drama scams are relevant to HN, but Trump crypto scams are not). It's concerning that there are people on HN who prefer to silence such discussions...
Paul Graham (the only "thought leader" behind this website) loudly campaigns against the current U.S. administration almost every day on Twitter.
One YC-backed founder out of more than 10,000 is volunteering with DOGE.
A more thorough response to this trope can be found here:
Does he? https://x.com/paulg (maybe moderated by Musk/Twitter) only shows tweets about Gaza suffering which could be construed as criticising the current administration. On the contrary, I see multiple tweets jerking off Elon Musk (part of the current administration) and calling for compassion and personal sacrifice towards people who voted for Trump. Yes, there's "why you should vote for Kamala" tweet, but nothing critical of the current Trump regime. Let alone daily.
If you follow the logic of his essays—especially ones like “How to Make Wealth,” “Do Things that Don’t Scale,” or “Hackers and Painters”—you end up in a world where:
• The best people ignore rules that slow them down.
• Regulation is often just cargo-cult bureaucracy.
• Wealth is proof of virtue, or at least utility. Wealth + the rest = do what you want if you think you’re right and can get away with it
• Institutions should get out of the way of smart individuals.
• And the market, not the government, should determine value.
The point is, none of it has anything to do with the way we moderate HN – which of the conflicting cues would we follow?
HN has had more front-page-visible, heavily upvoted/discussed stories about DOGE than anything else this year, along with several others relating to the administration, with the overwhelming sentiment in the articles and comments being critical.
Dang has commented at length on the matter several times:
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
While it's true that he has spoken against Trump many times, Garry Tan is very close to Thiel, Musk, and the MAGA movement in general. Didn't he recently show support for DOGE as well?
Of course, YC is more than its current CEO and hopefully this doesn't affect the moderation of this website :)
https://hn.algolia.com/?dateEnd=1745332080&dateRange=custom&...
Bunch of other fun links in the footer too :)
Whistleblower details how DOGE may have taken sensitive NLRB data – https://news.ycombinator.com/item?id=43691142
1139 points/7 days ago/528 comments
Also baffled they can still do shit like this with Senate and Congress looking the other way...
The story has been posted twice, yes. The first submission[0] is ~10 hours older and has 3 comments on it. This one has 348 comments at time of writing. If you care about having an interesting discussion, this one's clearly where it's at.
cruzcampo•6h ago
zakki•5h ago
Gigachad•5h ago
teknopaul•5h ago
Trump will pardon anyone on his team.
The existence of Presidential pardons is a disgrace. There is no pretence of the rule of law.
raverbashing•5h ago
Make no mistake the 'kids' in doge will be the first to be thrown under the bus
jfengel•5h ago
I'd say we didn't use them nearly enough. And now they're being used exclusively for crime. Yet another sound idea turned against us. There just isn't any way to govern a nation which has a majority in favor of destroying democracy.
mapcars•5h ago
a_bonobo•5h ago
diggan•4h ago
StopDisinfo910•5h ago
The article only mentions a Russian IP.
freen•5h ago
That’s a great idea!
Muromec•4h ago
bogantech•5h ago
honeybadger1•5h ago
candiddevmike•5h ago
tremon•5h ago