- cross-posted to:
- aiop
- cross-posted to:
- aiop
You must log in or register to comment.
Elez did in fact have write access, allowing him to push unvetted and untested changes straight to the Treasury’s payments system — a nightmare scenario that could introduce all sorts of cybersecurity vulnerabilities and leave doors open for adversary hacker groups
I feel for whoever has to deal with the fallout.
Us. It’s us who will have to deal with this.
This is like a reverse Mr Robot scenario.
Absolutely every prong of this attack on the government is for one goal: to declare mass emergencies by way of manufactured errors and chaos in order to seize ultimate power.
This “headline” reads like the title of a porn story.
What are you doing step-code?
Worse case scenario, he tried to add JS libraries to the ancient Fortran code.
Rofl, and now you need a toolchain of biblical extent to compile it all. Webpack, npm, rollup, ts, etc.
And it takes 16G of memory and 512G of disk space to compile.
npm install fortran
pnpm install fortran
Please, have some standards.
He wouldn’t want to get his young tech bro hands dirty with Fortran. Surely there are cross-compilers that will translate your mission-critical payments Fortran to JS, maybe with an intermediate Rust and/or TS step. Fortran -> TS -> Rust -> JS, or similar, it would be quite a feat to behold. Never mind testing (that would be “wasteful” and “inefficient”), just push to prod and sit back and watch then chaos unfold, then blame it all on Biden and, I dunno, Bill Gates maybe.
He can’t blame Russian hackers, so Chinese hackers it is.
deleted by creator
The article doesn’t say what he did, only that he had write abilities. Did he use them? How do we know? If yes, what were they specifically?
He could push directly to main/prod, so there weren’t explicitly any code reviews or necessarily oversight. Also, that code would be private. Only an insider with repository access could tell us that.
That said, I also want to know. I’m guessing we’ll hear about it soon enough.
“could” doesn’t mean “did”?
True. But there’s zero reason to give permissions that reckless unless you plan on using them.
Not really? Every single maintainer / owner of a repository can do that. The only thing stopping them is protecting a branch. And even that isn’t a thing in git, it’s just something that providers like github or gitlab did to prevent people accidentally pushing to main like that. So they got maintainer access and that’s the entire story?
Josh Marshall, the reporter from Talking Points Memo asserted that he did push changes.
Does he provide sources or a way to confirm what he says? I’d like to find out exactly what is known and what is the status of that code base.
WAS HE CAUGHT WITH HIS HANDS IN THE COOKIE JAR?
Does it really matter whether he did?
Der Müskrat has been screaming “LEMME AT THEM COOKIES” for a month straight while hiring unpaid cookie monsters. Whether or how it already happened, it’s pretty clear the cookie jar is gonna get raided by someone.
dogeboyo’s got naughty access! it’s the porn of security clearances in the world.
r-w-x-x-x
Did anyone come up with a demeaning name to call these little fucks yet? I submit “Elon’s cucks”
Share yours.
I heard “Traitor Tots” the other day and liked it
The supreme leader gave him the authority, cope libs 🤡
