Yes, I've seen a number of people with criminal records hired. I don't really want to present my comment as an argument against every point Krebs made. I don't really have an opinion on whether the individual mentioned is a suitable hire.
But in infosec a lot of people probably got into it because 'hacking' is cool and glorified by the media. It's rebellious and appeals to a lot of teens I think. I don't think it's as serious as Krebs suggested that you could be extorted or compromised. It seems like it's just a bunch of inexperienced people in a discord channel. Soliciting a DDoS on there, to me, just seems like youthful nonsense. If you were actually in some kind of criminal hacking enterprise I bet you would know not to make mistakes like leaving a paper trail to your identity in a discord channel where you solicited a crime.
I haven't seen the people with criminal records for cyber crimes be less trustworthy in the industry. Some of them just made stupid mistakes when they were younger and sometimes dumb kids get way overcharged for cyber crimes. For the most part I think it's fine for kids to go through a phase where they think it's cool but they don't really know what they are doing. A lot of people have done that. A lot of 13 yr old kids on the internet have talked about hacking banks and things like that and they aren't all going to be in a gang. Another analogy is how a lot of people get into chemistry because they like blowing things up. Not all those people are terrorists.
> Some of them just made stupid mistakes when they were younger and sometimes dumb kids get way overcharged for cyber crimes. For the most part I think it's fine for kids to go through a phase where they think it's cool but they don't really know what they are doing.
I think a lot of the concern is that these kids aren't out of that phase yet.
SIM swapping is where you spoof a caller identity of a target in order to make a phone call impersonating that individual and then drain his retirement fund into a crypto mixer.
He was never charged for these activities, let alone overcharged.
Agreed. There was a lot of stuff I thought was cool when I was 20 which I shudder to think about now, 20 years on. It took me a long time to grow up past those phases of my life.
Yeah. I'm all for kids hacking, and even hackers with criminal records getting a second chance at security firm. Hacking is done for a lot of reasons, it could be just an interest in solving puzzles, and they happened to get in trouble with the law.
The part I'm not digging, is they seem a bit young to be taking over the Treasury Dept, or any department. It seems like this would have been better done by an Accounting Audit Firm, not hackers.
Hackers are just trying to get in, get data. An accounting audit would be more about finding impropriety.
So, it seems on the surface like 'finding waste' is not the goal.
>> So, it seems on the surface like 'finding waste' is not the goal.
Finding waste is pretty easy. As we're seeing already, cutting the waste is harder than it looks:
- The Congressional Budget Office recently found that Congress provided $516 billion in appropriations this fiscal year to programs that had expired under federal law.
- Federal government agencies are using just 12% of the space in their headquarters buildings on average, according to the Public Buildings Reform Board, which is an independent federal agency focused on recommending the disposal of underutilized federal properties.
- The House Oversight Committee spent $3.3 billion on furniture over the past few years.
- The federal government made $247 billion worth of payment errors in fiscal year 2022 and $236 billion in 2023, according to the Government Accountability Office.
These errors, also known as improper payments, include overpayments or payments that should not have been made, such as to someone who died or someone no longer eligible for government programs.
Estimates show the federal government spent $2.7 trillion in payment errors since 2003.
Did any of those findings need teenage hackers to figure out?
Also, by the dates you supplied, it looks like Biden/Democrats were already successfully in-progress of cutting costs.
Every large organization needs reviews/audits to find waste. I think the problem with the 'right' is the idea that because there is waste, we should abolish government. But, every organization accumulates waste, and then needs to have a review process to make corrections. The whole burn it all down is pretty immature take on leadership.
There are numerous examples of American intelligence officials being turncoat because they were extorted and compromised. Compromise and extortion are the main things that spy agencies look for in turning people. It's all too common. This kid should be nowhere near federal databases or sensitive information on American citizens. How much background has DOGE done on him? With their 'Move Fast and Break Things' moniker, my guess is very little. You're also giving these kids access to huge swaths of sensitive information. Sure, intelligence agencies can recruit young hackers with shady backgrounds, but they are given narrow scopes to work with. And usually there's been some agreement that those individuals don't want to be black hats anymore.
But in infosec a lot of people probably got into it because 'hacking' is cool and glorified by the media. It's rebellious and appeals to a lot of teens I think. I don't think it's as serious as Krebs suggested that you could be extorted or compromised. It seems like it's just a bunch of inexperienced people in a discord channel. Soliciting a DDoS on there, to me, just seems like youthful nonsense. If you were actually in some kind of criminal hacking enterprise I bet you would know not to make mistakes like leaving a paper trail to your identity in a discord channel where you solicited a crime.
I haven't seen the people with criminal records for cyber crimes be less trustworthy in the industry. Some of them just made stupid mistakes when they were younger and sometimes dumb kids get way overcharged for cyber crimes. For the most part I think it's fine for kids to go through a phase where they think it's cool but they don't really know what they are doing. A lot of people have done that. A lot of 13 yr old kids on the internet have talked about hacking banks and things like that and they aren't all going to be in a gang. Another analogy is how a lot of people get into chemistry because they like blowing things up. Not all those people are terrorists.