← Back to context

Comment by chatmasta

1 day ago

> At 4:58 pm, he wiped out a Department of Homeland Security database using the command “DROP DATABASE dhsproddb.”

This article is hilarious. The two bickering brothers remind me of the guys in the Oceans movies played by Casey Affleck and Scott Caan. It’s amazing they got this close to sensitive data.

44 comments

chatmasta

Reply
game_the0ry  17 hours ago

> At 4:59 pm, he asked an AI tool, “How do i clear system logs from SQL servers after deleting databases?” He later asked, “How do you clear all event and application logs from Microsoft windows server 2012?”

So many red flags, I can't even.

  • t0mas88  14 hours ago

    > In the space of a single hour, Muneeb deleted around 96 databases with US government information. He downloaded 1,805 files belonging to the EEOC and stashed them on a USB drive, then grabbed federal tax information for at least 450 people.

    Maybe whoever runs infosec at that place should also be fired?

    • IAmBroom  10 hours ago

      Elon's brother's landscaper's nephew's girlfriend was sacked along with Elon, so nobody was filling that role in the government.

      Which MAGAts applaud. Emptying the swamp!

  • jiggawatts  16 hours ago

    I love how this leaks out the fact that the DHS is running production databases on operating systems that are months away from end of extended support.

    Windows Server has 5 years of mainstream support, 5 years of extended support, and then an extra 3 years paid Extended Security Updates (ESU) support. For 2012 and 2012 R2 that ends in October 2026.

    The three years of ESU exists only for organisations like government departments that would rather pay Microsoft millions of dollars for patches than pay a competitive wage and hire competent IT staff that can complete upgrade projects on time.

    • mpyne  12 hours ago

      > The three years of ESU exists only for organisations like government departments that would rather pay Microsoft millions of dollars for patches than pay a competitive wage and hire competent IT staff that can complete upgrade projects on time.

      I'm not going to say the wages are fine but the issue is likely not to be the competence of the IT staff, but rather the overbearing IT management processes the U.S. Federal government uses. "Enterprise change management" processes separate from the already-long cybersecurity review processes can add weeks or even months to system updates.

      In that kind of construct, you optimize for fewer but larger changes and then it's no surprise to see that there's no time in the project update schedule to update the OS in addition to making all the other long-overdue library / middleware / application changes that also are pending once a change finally can be made.

      1 reply →

    • laughing_man  8 hours ago

      That's normal in big bureaucracies. I've worked on systems nobody wanted to breath around because nothing could be fixed.

    • kQq9oHeAz6wLLS  12 hours ago

      To be fair, this transpired last year, so they actually had one year and some months before losing extended support.

      That said, they should have migrated it years ago.

  • lostlogin  17 hours ago

    Ready access to AI tools sure makes vandalism easy.

bandrami  3 hours ago

As somebody who's spent most of my career in Fairfax County I find nothing about this story even remotely surprising.

bmitc  1 day ago

Those two in the movies were always a highlight for me, especially when the one joins the other in the Mexican factory riot.

  • noboostforyou  15 hours ago

    One of my favorite lines "Peligroso es mi nombre medio" (which of course is not grammatically correct in Spanish) and then his short inspirational speech invoking general Zapata were great.

mock-possum  7 hours ago

Are you a man?

Yes, 19.

Are you alive?

Yes, 18!

Evel Knievel.

They also come off as a little bit rosencrantz and guildenstern imo