People are going to read this because it's Bruce friggin' Schneier. But Bruce is best when he's discussing low-level details of some actual exploit. And usually even then, his coverage glosses over most technical details. He's the guy you go to when you hear about "spectre" or "meltdown" and want a quick three-paragraph summary of what the deal is.
This is different. This is a hand-wavy "maybe somehow possibly I guess someday" article, presumably his freelance writing fee is nice.
This is a trait you see in his other articles (the hand-waviness) but here it's all fluff and hand-waviness. Take, for example:
> By modifying core systems, the attackers have not only compromised current operations, but have also left behind vulnerabilities that could be exploited in future attacks
Logically, that should say "By modifying core system, the attackers could compromise current operations and/or leave behind vulnerabilities" (he's calling the DOGE government employees "attackers" because his politics allow him to look at the grey area from a highly-polarized angle, another mainstay of Bruce's reporting). But logic flew out the window, I guess. If you modify code, you introduce vulnerabilities. Always! 100% of the time! This guy spent too much time writing encryption code, methinks.
I'm wondering what process surrounded giving them sudo/admin privs. Like, which systems admin, what chain of command. It's not like there's a special white house decoder ring signal.
From 20,000ft it feels like a social engineering attack over a wall "because I said so" high.
Was there no M of N process step required? Are the barriers around data in government unenforceable, based on personal restraint only?
Or did they e.g. toss old boxes through single user, not require approval, use root privileges to reset a password or two then reboot into multi user and own an sql binding, or some other asinine approach?
This isn't asking right or wrong, it's asking what the human procedural steps were to doing this.
DOGE doesnt need sudo, just a READ-only access to the the most recent (read: last month's) database backup is enough.
when I was a data analyst, I rarely connected to live production DB to do Exploratory data analysis (this is what DOGE is doing). Because running OLAP queries on live OLTP system is problematic.
But having my own instance of DB with a restored backup of data was more than enough for analysis:
1. I could modify schema, create indexes to speed up my queries
2. Could create materialized view to join bunch of dimension tables
3. Could create temp tables for intermediary analysis steps, sumamries, etc etc.
If I were DOGE, I would just ask for a a yesterday's Backup database restored on a single server (isolated from PROD environment completely) and just would do all my analysis there
That's smart. A lot of places do cold or nearline storage offsite so i guess if it wasn't superenciphered (or, if you were given the key) it's lowish impact to clone from that.
It's apparent that Musk has been given a directive by the president to get access to any and all information, and he's getting that access by firing anyone who refuses to give it to him. There's nothing anyone can do to stop that kind of clearance, no one has the authority.
The presidents authority to act is legally disputed. It would take a brave underling to say no, but senior staff would gave known how to push back. Still.. it feels like a very low process.
"The president said so" stamp on a sheet of paper?
Readit News
There is actually an information security story happening in DC, it’s not just all partisan politics!
I guess it's the opposite opinions that are no longer welcome on HN?
Dead Comment
This is different. This is a hand-wavy "maybe somehow possibly I guess someday" article, presumably his freelance writing fee is nice.
This is a trait you see in his other articles (the hand-waviness) but here it's all fluff and hand-waviness. Take, for example:
> By modifying core systems, the attackers have not only compromised current operations, but have also left behind vulnerabilities that could be exploited in future attacks
Logically, that should say "By modifying core system, the attackers could compromise current operations and/or leave behind vulnerabilities" (he's calling the DOGE government employees "attackers" because his politics allow him to look at the grey area from a highly-polarized angle, another mainstay of Bruce's reporting). But logic flew out the window, I guess. If you modify code, you introduce vulnerabilities. Always! 100% of the time! This guy spent too much time writing encryption code, methinks.
From 20,000ft it feels like a social engineering attack over a wall "because I said so" high.
Was there no M of N process step required? Are the barriers around data in government unenforceable, based on personal restraint only?
Or did they e.g. toss old boxes through single user, not require approval, use root privileges to reset a password or two then reboot into multi user and own an sql binding, or some other asinine approach?
This isn't asking right or wrong, it's asking what the human procedural steps were to doing this.
when I was a data analyst, I rarely connected to live production DB to do Exploratory data analysis (this is what DOGE is doing). Because running OLAP queries on live OLTP system is problematic.
But having my own instance of DB with a restored backup of data was more than enough for analysis:
If I were DOGE, I would just ask for a a yesterday's Backup database restored on a single server (isolated from PROD environment completely) and just would do all my analysis there"The president said so" stamp on a sheet of paper?
Deleted Comment
Dead Comment
Dead Comment