Anyone who leaves a message in full view to announce they’ve accessed the system isn’t the real danger. If whoever this is could get in, so can the real experts from China, Russia, North Korea, etc. There’s no way Musk’s DOGE people, in their destructive haste, have taken any care over security. It’s even likely his team of punchable kids put in their own backdoors, thinking they were being clever. If and when foreign adversaries find their way in through those, they’re not putting up an announcement.
You seem to think that Trump didn’t add access keys for his idols the instant he got back in the door. He loves Putin and Kim Jun Il. They are like, his favorite drinking buddies.
You would hope that a public front end is entirely isolated from critical systems.
Hackers got in.
Either they saw there was nothing of value, and figured they would embarrass the owners.
They got in, saw shitloads of value, but decided the ethical thing was to embarrass as opposed to exfil/exploit/sell the access.
Or the hackers were explicitly aiming to embarrass the owners, and didn’t explore scope beyond that.
It’s likely “gay furry hackers” or similar, and it’s “grey hat” hacking.
The ethical route, ie “white hat”, is to contact the owners about the exploit with a fixed period disclosure. Ie, “fix this in 30-90 days, or we will publish our method”.
“Gray hat” are more like this. Where they find an exploit, it could go deeper, but they do some lulz instead. Basically make it obvious something has been hacked, but not actually exploit it further.
“Black hat” would find the exploit (even if it was limited access) then sell it while trying to leave no trace, so it can be exploited again. Or straight up exploit it themselves.
There is a possibility of foreign agents doing false-flag gray hat shit. Exfil sensitive data, cover their tracks, then “botch” some “hahaha you’ve been pwnd” stuff. Both getting sensitive data, and derailing the US government (because Musk has been authorised by Trump. It’s a huge undermining).
With the timeline, this seems like gray hat, or black hat further exploited by gray hat. Or false flag.
The obvious aim is to embarrass the owners.
This casts serious political shade on the DOGE servers that have been hooked into government networks without oversight. Any further data exfil is a bonus to certain foreign countries.
Best case scenario is that this is domestic gray hat, the muSSk team learn from it, and figure out how actual internet security works, and harden their systems accordingly.
I mean, the actual best case is that this DOGE coup gets stopped. But the president has authorised DOGE, so this is what America wants. So, not a coup.
Ideally, this hack has 0 actual scope of security vulnerability.
Other than the “yeh, but if they can get into your public web server (something expected to be hardened as fuck, and might as well be static file hosting. Seriously, why is there a database for this shit), how can we trust your servers on government networks”.
But chances are the exploits to get into this server will be similar to the exploits to get into the government connected DOGE systems. Unless the sysadmin & network admins (god bless them) have managed to maintain some control that muSSk doesn’t understand, and are able to mitigate the tsunami of access such a compromised server might unleash.
I expect it was an internal hack. Like a DOGE person left for the day with their terminal open and a federal employee took the opportunity to make it look bad for DOGE
The ethical route, ie “white hat”, is to contact the owners about the exploit with a fixed period disclosure. Ie, “fix this in 30-90 days, or we will publish our method”.
I’m not sure that is the ethical route when you’re talking about disrupting the operations of a Nazi-led government.
Hmm, maybe I mean moral?
Like, there is a correct way to go about something regardless of context.
As opposed to doing something because of the context.
Any exploit should be notified to the software/platform maintainers with a proper disclosure timeline to ensure it gets fixed in a timely way.
That is the correct way.
Abusing the shit out of a poorly implemented nazi government is the moral thing to do, but would go against a white hat’s ethics. Collectively a good thing to do, but not the correct thing to do as a white hat.
Are gray hats more ethically and morally true?
This is getting to deep for me.
I guess you could consider someone who is staunchly whitehat with no exceptions to have a creed/code, where they consider the rules transcendent of any specific situation (e.g. nazi websites).
Yeh, but they aren’t keeping control.
They have been elected. They have 4 years.
So far, it doesn’t seem that they have broken any laws or whatever, that would cause the system to reject their workings. They’ve rigged the courts, so the system is unlikely to reject their workings.
I’d say it’s more of a constitutional coup. They are using loop holes to seize more power.
I think it will be an attempted self-coup in 4 years.
Regardless, it isn’t worth arguing about.
It’s wrong. It’s a shit sandwich, the flavour of shit doesn’t matter.
So far, it doesn’t seem that they have broken any laws or whatever, that would cause the system to reject their workings.
They are breaking laws, including the constitution. The courts are trying to reject it, but have no method to enforce their rulings when the executive branch willingly ignores them and even explicitly lies the blame with the courts for trying to protect the system.
Anyone who leaves a message in full view to announce they’ve accessed the system isn’t the real danger. If whoever this is could get in, so can the real experts from China, Russia, North Korea, etc. There’s no way Musk’s DOGE people, in their destructive haste, have taken any care over security. It’s even likely his team of punchable kids put in their own backdoors, thinking they were being clever. If and when foreign adversaries find their way in through those, they’re not putting up an announcement.
You seem to think that Trump didn’t add access keys for his idols the instant he got back in the door. He loves Putin and Kim Jun Il. They are like, his favorite drinking buddies.
Sorry for the wall of text.
You would hope that a public front end is entirely isolated from critical systems.
Hackers got in.
Either they saw there was nothing of value, and figured they would embarrass the owners.
They got in, saw shitloads of value, but decided the ethical thing was to embarrass as opposed to exfil/exploit/sell the access.
Or the hackers were explicitly aiming to embarrass the owners, and didn’t explore scope beyond that.
It’s likely “gay furry hackers” or similar, and it’s “grey hat” hacking.
The ethical route, ie “white hat”, is to contact the owners about the exploit with a fixed period disclosure. Ie, “fix this in 30-90 days, or we will publish our method”.
“Gray hat” are more like this. Where they find an exploit, it could go deeper, but they do some lulz instead. Basically make it obvious something has been hacked, but not actually exploit it further.
“Black hat” would find the exploit (even if it was limited access) then sell it while trying to leave no trace, so it can be exploited again. Or straight up exploit it themselves.
There is a possibility of foreign agents doing false-flag gray hat shit. Exfil sensitive data, cover their tracks, then “botch” some “hahaha you’ve been pwnd” stuff. Both getting sensitive data, and derailing the US government (because Musk has been authorised by Trump. It’s a huge undermining).
With the timeline, this seems like gray hat, or black hat further exploited by gray hat. Or false flag.
The obvious aim is to embarrass the owners.
This casts serious political shade on the DOGE servers that have been hooked into government networks without oversight. Any further data exfil is a bonus to certain foreign countries.
Best case scenario is that this is domestic gray hat, the muSSk team learn from it, and figure out how actual internet security works, and harden their systems accordingly.
I mean, the actual best case is that this DOGE coup gets stopped. But the president has authorised DOGE, so this is what America wants. So, not a coup.
Ideally, this hack has 0 actual scope of security vulnerability.
Other than the “yeh, but if they can get into your public web server (something expected to be hardened as fuck, and might as well be static file hosting. Seriously, why is there a database for this shit), how can we trust your servers on government networks”.
But chances are the exploits to get into this server will be similar to the exploits to get into the government connected DOGE systems. Unless the sysadmin & network admins (god bless them) have managed to maintain some control that muSSk doesn’t understand, and are able to mitigate the tsunami of access such a compromised server might unleash.
I expect it was an internal hack. Like a DOGE person left for the day with their terminal open and a federal employee took the opportunity to make it look bad for DOGE
I’m not sure that is the ethical route when you’re talking about disrupting the operations of a Nazi-led government.
Hmm, maybe I mean moral?
Like, there is a correct way to go about something regardless of context.
As opposed to doing something because of the context.
Any exploit should be notified to the software/platform maintainers with a proper disclosure timeline to ensure it gets fixed in a timely way.
That is the correct way.
Abusing the shit out of a poorly implemented nazi government is the moral thing to do, but would go against a white hat’s ethics. Collectively a good thing to do, but not the correct thing to do as a white hat.
Are gray hats more ethically and morally true?
This is getting to deep for me.
I guess you could consider someone who is staunchly whitehat with no exceptions to have a creed/code, where they consider the rules transcendent of any specific situation (e.g. nazi websites).
Coups aren’t just for unelected people. A self-coup is when you use your power to KEEP control.
https://en.m.wikipedia.org/wiki/Self-coup
I dont recall having heard of this term yet; although of course I’ve heard of what it refers to happening. Thank you for sharing this here!
Yeh, but they aren’t keeping control.
They have been elected. They have 4 years.
So far, it doesn’t seem that they have broken any laws or whatever, that would cause the system to reject their workings. They’ve rigged the courts, so the system is unlikely to reject their workings.
I’d say it’s more of a constitutional coup. They are using loop holes to seize more power.
I think it will be an attempted self-coup in 4 years.
Regardless, it isn’t worth arguing about.
It’s wrong. It’s a shit sandwich, the flavour of shit doesn’t matter.
They are breaking laws, including the constitution. The courts are trying to reject it, but have no method to enforce their rulings when the executive branch willingly ignores them and even explicitly lies the blame with the courts for trying to protect the system.
https://www.npr.org/2025/02/12/nx-s1-5294666/trump-white-house-constitutional-crisis-judges
I guess what I mean is that they are blasting through flimsy guardrails.
You’re wrong. Either they manage to eliminate the USG in the next six months or we fucking murder them.
There is no other way.
You’re wrong. This is a coup. Trump was not elected. Candidly admited his damn self.