Comment by mattmaroon
2 days ago
It's not really a breach if it is from the same organization (i.e. the executive branch). It may lead to one.
2 days ago
It's not really a breach if it is from the same organization (i.e. the executive branch). It may lead to one.
We can be all but certain that the CCP has its tendrils into Big Balls' phone and computers. A bunch of idiots with no opsec skills makes for easy pickings.
Why does the ccp always come up in these discussions? You have Rogue billionaire taking an axe at the pillars of government and there’s still someone bringing up the ccp.
Why
Because that's what an intelligence agency from a rival nation state would do?
It's a good story. Having a tangible villain helps some people internalize the message more easily than if it was a dry account with vague connections to reality. If you're out to "rally the troups", stirring up emotion is a required component.
Take CCP is an example to form an emotional attachment to.
2 replies →
A lot of people are so brainwashed by U.S. propaganda they cannot comprehend that American billionaires are independently evil. Add to that the fanboyism where his sycophants can't see how utterly rotten Musk is and always has been.
Their sense of world order requires there be a shadowy threat actor such as Russia or China, instead of the obvious truth that this is American capitalism operating as designed.
7 replies →
Although authorised by some members of the executive branch, it is missing some of the oversight the executive branch is supposed to have.
Such as what oversight exactly?
Congress is in charge of the IRS, and the president is charged with operating it.
Since the president and members of Congress are not posted up in there 24/7, the IRS has created internal controls and procedures so that when the president or Congress asks for a report, the IRS can give them an accurate one. It’s these controls that people are thinking of. The article has an example:
> Political officials do not have access to the Integrated Data Retrieval System, or IDRS. The IRS’s commissioner, national taxpayer advocate and even senior officials in the office of the chief information officer, do not have IDRS access either.
“Do not have access” in this case means they have made internal rules, essentially denying themselves access, in order to better document that they are doing what Congress wants them to do.
This is true in many agencies, and one of the concerns with DOGE is that they seem to be trying to circumvent these controls. That may impair the ability of an agency to meet their legislative mandate (e.g. protecting taxpayer privacy), and also impair the agency’s ability to even document what they are doing.
So the answer to “what oversight” is that Congress ultimately has the power of oversight, and the executive branch has the responsibility to operate in such a way that they can accurately satisfy requests from Congress.
Security clearances are surely one? Government employees with access to that data are heavily vetted. DOGE, not so much.
10 replies →
The legislation and the judiciary, this is Civics 101.
It's like if your CEO sent you an email saying you should give the production DB credentials, and any encrypted at rest keys to their cousin.
Probably you wouldn't do that.
Like technically he does have the authority to compel you to do that but at the same time it's a massive red flag if he asks you in the first place.
I do understand why this administration is trying very hard to centralize authority because it's faster than vetting a bunch of people they can trust to act on their behalf. But on the other hand federal employees making it as hard as possible to do what they perceive as bad/immoral is a soft-check on the executive.
He may not actually have the authority for it; Imagine you're a cto receiving this request - you don'respond to the ceo, but to the administration board instead, just like the ceo.
In fact, if you were a cto and you carried out this request without any kind of due diligence or vetting, you'd probably be legally and criminally liable for it.
The same applies to anyone under the cto management (so basically all IT); they don't respond to the ceo, their top boss is the cto. I know, in smaller companies, where the ceo is also the owner, there is a tendency to confuse the boundaries of the roles - in my experience, it is up to the cto to politely deny these requests and educate the ceo on the "why"; if he still wants to move forward, he can hire another cto
You might resist, but if you didn’t it would hardly be a data breach.
You can have data breaches within an organization.
Ok, you’re right, but this is not that. This is the leader of the organization specifically wanting them to have the data.
It is if it's actually to a foreign adversary.
https://www.businessinsider.com/musk-spotted-pro-putin-russi...
[flagged]
Could you please stop posting flamebait comments and please stop duplicating comments? You've been doing way too much of this and are over the line at which we'd ban an account.
I don't want to ban you because everyone goes on tilt sometimes, but please stop now.
https://news.ycombinator.com/newsguidelines.html
[flagged]
[dead]
[dead]
Technically yes. I'd still be just as worried as a breach given the context though.