> According to a whistleblower complaint filed last week by Daniel J. Berulis, a 38-year-old security architect at the NLRB, officials from DOGE met with NLRB leaders on March 3 and demanded the creation of several all-powerful “tenant admin” accounts that were to be exempted from network logging activity that would otherwise keep a detailed record of all actions taken by those accounts.
Feels like a pretty good Occam’s razor case… but is there any legitimate reason why one would request this?
Even worse when you know more of the whistleblower's story which is that ~15 minutes after one of DOGE's accounts were made there was an attempted login with the correct password from Russia. Not many explanations for that that look good for DOGE...
Not to defend doge at be all, but the article specifically mentioned installing a bunch of proxy and scraping tools. Is this likely to be an actual Russian state attack or just extremely poor opsec / an attempt to evade internal controls, still likely very illegal. I'm all for holding all involved accountable to the fullest extent, but this is too sloppy for Russian state involvement to make me think they're on any intelligence payroll anywhere.
On the other side, why would Russia need to hide it's involvement in anything with this administration? If they're not willing collaborators they're seemingly entirely beguiled by Russia propaganda and schmoozing.
Brazenly just logging in from Russia can be a statement all its own.
> They work for Trump so they'll never be held to account, even if a Democrat wins the next election
Why? If Democrats take the House in the midterms, which looks more likely the longer Navarro and Musk have West Wing access, they can basically turn these folks' lives into a living hell of back-to-back hearings (and contempt charges down the road). And if Democrats win the next election, they'll presumably put someone with a pulse in charge who doesn't take two years to bring the most important cases of their administration to the docket.
Yeah, but you'd think racking up hundreds of thousands of non-combatants deaths and flash frying Pakastani wedding parties remotely because of target misidentification would be high on the list of things to prosecute, if you're the Democrats.
If they won't even investigate the wholesale murder of civilians by the command of the White House and CIA and prosecute those reaponsbile for murder and torture then what hope is there that they'll hold Trump and co to account?
> you'd think racking up hundreds of thousands of non-combatants deaths and flash frying Pakastani wedding parties remotely because of target misidentification would be high on the list of things to prosecute, if you're the Democrats
A consistent mistake by the Democrats is thinking foreign policy will win votes. It doesn’t. We’re the centre of the empire and that makes us arrogant and self centred. You can’t win a national election based on war crimes.
> A consistent mistake by the Democrats is thinking foreign policy will win votes.
Trump won votes in 2024 based on how he said he would handle several foreign policy issues: NATO, Ukraine, Palestine, tariffs, China, and Iran, so I'm not sure what you're getting at here.
> You can’t win a national election based on war crimes.
This clearly is the case, so do the prosecutions after winning the election and running on domestic issues. To do anything less is to both give up the moral high ground and endorse the war crimes by not vigorously investigating them.
>I think Trump could simply pardon them, unfortunately.
FWIW I think you're not correct here, or rather, it's not merely irrelevant but would actually harm them. The pardon power protects against criminal prosecution by the federal government. But it doesn't protect against mere embarrassment, nor against new actions performed after the pardon. Congress isn't prosecution, their inquiries are just about information finding, and while they can result in information on crimes surfacing, whether or not the USDOJ decides to pursue that or not is completely up to them. The reason a pardon might flat out hurt in such a scenario is that there is an argument it would eliminate any claim of 5th Amendment privileges. That's commonly referred to the right to be silent, and normally that's effectively what it is, but the actual right is the right against self incrimination [0]. If you've been pardoned for something purely federal then by definition it's impossible to incriminate yourself regarding that, because no criminal case can be brought against you. So there'd be no right to refuse to cooperate with a congressional inquiry, and if you didn't that could be treated as contempt which would not be covered by any pardon for the underlying actions.
So yes if a future Administration wanted to pursue criminal prosecutions for crimes that were undertaken by the current Trump Administration, Trump's pardons could certainly put a stop to that. But in terms of "they can basically turn these folks' lives into a living hell of back-to-back hearings", pardons don't help with that one. And if the Democrats just wanted to thoroughly document exactly what went down and who was responsible to make it an indelible part of the history books, with any social consequences that'd come from that, pardons can't help with that either.
----
0: Text of the 5th Amendement: "...nor shall be compelled in any criminal case to be a witness against himself..."
> in terms of "they can basically turn these folks' lives into a living hell of back-to-back hearings", pardons don't help with that one
Trump has so thoroughly poisoned the well on the "weaponized DOJ / weaponized IRS / weaponized Congressional investigations" that the Democrats, having no spine, won't bother doing any of that.
DOGE is a complete clusterfuck. Fwiw I think there is hard to spot fraud in the govt that should be looked at (eg price inflation at the pentagon, VA, Medicaid/Medicare, SS). They should have done the hard work of uncovering that. Instead they just went for clickbait headlines.
It depends what the objectives are. My impression is that they have been very successful pursuing their actual objectives, while providing a cover story of a 'clusterfuck'.
And conveniently gutting agencies that are or were soon to be thorns in Elon's side. FAA and EPA were annoying him around SpaceX's Starship test launches, CFPB would be annoying for his future everything app plans for Twitter, etc.
Maybe. But none of those make him as much money as Tesla which is in the dumps with all the shenanigans. From a motivation perspective it seems more like rank stupidity than Machiavellian.
Their aim seems to be power, and many wealthy people in the US have jumped on the bandwagon of supporting the seizure of power while sacrificing some money. Musk will have a roof over his head regardless.
It doesn't seem rational but he's not exactly been acting that way for a while, he's made a pretty hard right turn that was always going to damage Tesla's main market.
Also if Twitter/X became a payment and banking platform that's a huge revenue source that could dwarf Tesla.
> But none of those make him as much money as Tesla which is in the dumps with all the shenanigans.
Give Musk a year or two out of DOGE and it won't matter - Tesla will be back up after Musk isn't in the government spotlight. The voters in the US (who by and large are good little consumers) have the memory of a goldfish for things like this.
You can't even get progressives to not eat at Chick-fil-A despite their founders blantent homophobia. This incident is not going to keep people from buying Tesla in the long run.
> You can't even get progressives to not eat at Chick-fil-A despite their founders blantent homophobia. This incident is not going to keep people from buying Tesla in the long run.
That narrative is great at stopping people from taking action - I wonder who it comes from? In fact, companies bow to public pressure all the time. Look at those retreating from DEI or support of LGBTQ rights before Trump took office. One of the beer companies' marketing used a trans person and the transphobia, boycotts, etc. led to them firing people and dropping the trans person.
"This declaration details DOGE activity within NLRB, the exfiltration of data from NLRB systems, and – concerningly – near real-time access by users in Russia. Notably, within minutes of DOGE personnel creating user accounts in NLRB systems, on multiple occasions someone or something within Russia attempted to login using all of the valid credentials (eg. Usernames/Passwords)"
"For example: In the days after DOGE accessed NLRB’s systems, we noticed a user with an IP address in Primorskiy Krai, Russia started trying to log in. Those attempts were blocked, but they were especially alarming. Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE related activities and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating. There were more than 20 such attempts, and what is particularly concerning is that many of these login attempts occurred within 15 minutes of the accounts being created by DOGE engineers."
> Within minutes after DOGE accessed the NLRB's systems, someone with an IP address in Russia started trying to log in, according to Berulis' disclosure.
My company retains all e-mails for at least 5 years, for audit purposes. But if some troublemaker were to e-mail child porn to an employee, we'd need to remove that from the audit records, because the laws against possessing child porn don't have an exception for corporate audit records.
So there's essentially always some account with the power to erase things from the audit records.
It sounds like you haven't actually had to face that situation, because it is more complicated than just having to delete an offending attachment. You would still have an audit log of the deletion of that email record by the superuser, even if the content is deleted. And there would be other records generated to document the deletion, like I'm sure a long email or slack thread from this getting discovered and sent up the chain, over to legal, then to the FBI, then back to coordinating the logistics of manually deleting something from the audit logs. So if for a completely unrelated case, a third party auditor stumbles upon that mess, they will be able to reconstruct why a single attachment cannot be found in the audit logs.
"No" is the answer to GP: there is no legitimate reason for a fully unlogged superuser account.
Yeah, superuser accounts? Of course you need them to exist. Superuser accounts that produce no logs? There is never a reason for that. Anyone who claims they should have a superuser with no logging is up to no good.
Ah man... back in the day I worked for a company that built out records management software. One of the big things on the side of the cereal box was that not even an admin could delete something flagged as a record within its retention plan. Fast forward to a company doing that for emails, messing up spam filters, and getting a blast of 'normal' porn that was all flagged as records. I believe they ended up creating security groups for those files that help keep those who were using it .. safe for work.
I don't follow this example. You could still have an account delete the email while generating a record that an email was deleted. Why would you need an account that doesn't generate deletion records?
From a an old hackers perspective disabling shell history can have positive security implications. But in today's 'cattle not pets' systems mentality I'd expect all actions to have a log and not having that seems fishy to me. Keeping logging infra secure has a dubious, the log4j fiasco comes to mind. I'm not a fan of regulation for most things, but I think we need a higher cost for data leaking since security is an afterthought for many orgs. My personal leaning is to be very choosy about who I'll do business/share data with.
> “We have built in roles that auditors can use and have used extensively in the past but would not give the ability to make changes or access subsystems without approval,” he continued. “The suggestion that they use these accounts was not open to discussion.”
From the previous post, they had auditor roles built in that they purposely chose to go around
There’s no possible need for an admin-level user that bypasses logging. If anything these users should have additional logging to external systems to make it harder to hide their use.
At least at places I've worked, terminating the logger would cause a security incident, and the central logging service have some general heuristics that should trigger a review if a log is filled with junk. Of course with enough time and root, there's ways to avoid that. But that's also usually why those with root are limited to a small subset of users, and assuming root usually requires a reason and is time gated.
That still leaves highly visible log traces if you’re following most security standards (required in .gov) since you’d have the logs showing them disabling the forwarder. The difference here is that this was like an attacker but had backing from senior management to violate all of those rules which would normally get someone fired, if not criminally charged.
That is a very serious design flaw, but I also believe it is a flaw that is addressed by SELinux. (Perhaps someone with a knowledge of SELinux can offer some input here.) That said, I'm not sure how widespread the use of SELinux is and doubt that it would help in this case since the people in question have or can gain physical access.
Not without a reboot though, and while I haven’t done that, it should be possible to protect selinux ‘s config itself with a policy, requiring boot loader access to bypass, at which point you’re dealing with a different risk level.
I’ll agree that Linux security is quite limited and primitive if compared with, say, a mainframe, but it can be made less bad with a reasonable amount of effort.
That’s a big rabbit hole, reading about RACF is a good place to start.
The short answer would be that mainframes come with RBAC from design, unlike Unix, which has a different security model from conception and then had rbac added on top of it in some cases (such as selinux).
typically the admin account can createthings like super users, and super users can do anything with the data, but not sure there's a use case where a single account can do both, and why can any of them avoid logging?
Anything musk's dogs claim to find cannot be taken at face value because of this. Because there is no audit, and no evidence that they can offer that they didn't doctor their findings.
The next time they claim that a 170-year old person is receiving SS checks, they have no way to prove that they didn't subtract a century from that person's birthdate in some table.
> This might not actually be spying, but instead just an attempt to plant fake results.
That statement might be (slightly) more believable had there not been access attempts from Russian IP addresses using valid (and recently created) DOGE login credentials so very shortly thereafter.
They give away the game if you pay attention and read other internal sources from other agencies. This is all about shoving AI into the loop and removing federal workers from it.
They want to prove that AI can do "just as good a job" on these data sets and arrive at "equal conclusions" with a much higher level of effiency.
This is what happens when you get high on your own supply.
And even if it's not and everyone involved is a qualified, thoughtful, unimpeachable public servant with no agenda but the general welfare of the Glorious Republic of Arstotzka in their hearts, the lack of an audit trail means that you have to seriously consider that they aren't.
Of course, given the blatant dishonesty and criminality that the rest of this administration is producing (see: every immigration law case that they are losing in court), you'd have to be a useful idiot to actually assume good intent from them.
I am sure they demanded maximum access, but the logging activity phrasing sounds a little bit like spin...
I think if I wanted to describe an account with access to perform "sudo -s" as negatively as possible, I would say "an all-powerful admin account that is exempt from logging activity that would otherwise keep a detailed record of all actions taken by those accounts."
this guy's lawyer says: This is a difficult topic for Dan to discuss, but prior to our filing the whistle-blower disclosure this week, last week, somebody went to Dan's home and taped a threatening note, a menacing note on his door with personal information.
...
While he was at work, and it also contained photographs of him walking his dog taken by a drone.
I just finished watching Daredevil: Born Again[0] and this incident looks shockingly familiar to what happened in the show. I don't know how the show runners knew this was going to happen but it feels like they've been spying on the future. Do they have a time machine or are they really that good (and the current administration that bad)?
The Deep State! The government is filled with spies determined to "leak" the great work DOGE is doing is the press - so, of course, it needs "God mode" access. Totally legit.
The problem is, those tasked with upholding and enforcing the laws aren't doing their job (Congress), are swamped with a deluge of blatant lawbreaking but still have to maintain professional decorum to not open themselves up to attacks (the justice system), or are outright corrupt (higher level federal courts including, sadly, the Supreme Court).
conflating administrative employees with congress/senate is a hint you know nothing about your own government.
also lost of the laws being broken are civil liberties protection and separation of powers, ... the only things holding the corruption under some control, which further proves you are either extremely uninformed or malicious. or worse, an "accelerationist"
These aren't rules made by bureaucrats. They are laws written by Congress, a coequal branch of government, in response to the Nixon administration's abuse of executive power
And in some cases FDR's abuse of executive power. If we manage to get... Someone, I don't know who which is depressing, elected that is interested in preserving democracy above all the other current issues, I'm sure there will be a lot more laws to safeguard this happening again. Personal recommendations, nox the filibuster it creates incentive, use federal money to get all the states to switch to ranked choice voting for all federal positions. And MMP for house and electoral college. Maybe nix the filibuster as the last item of business so that the first Congress without it will have more than two parties (due to those electoral changes which lead to 4-8 parties usually).
I don't think that "arguing that something is against the rules" is in the CIA sabotage manual, because it's not generally considered sabotage. Maybe if you argue things are against the rules that you know aren't, to slow things down?
It’s not so much arguing against the rules. It’s following them to the letter when unnecessary.
It doesn’t matter that the big boss has said that purchasing a $5 knick-knack is ok. You will have that purchase go through the full procurement process, even up to and including an exhaustive search for (cheaper) alternatives.
If your logs show your actions are against the rules, pointing that out is not "sabotage". It is being good guy employee, reporting your against the rules actions.
This one is very very clear and unambiguous. There is no symmetry in your example. The Civil servant is actually in the right and doge bro in the wrong.
This doesn’t make sense unless they’re doing something illegal. They have backing from the top to audit the system. They don’t have to answer to any of the people who might complain, so the only reason they need to do this is if they’re doing something which violates federal laws where the penalties are worse then getting an angry email from someone in the security group who your boss will yell at for you.
The other big problem with this theory is that there’s no evidence of sabotage. During the first Trump administration, federal employees followed their leadership just like they had for Obama, Bush, etc. and every sign shows that would have happened again, except for the refusal to take on personal liability for breaking federal laws.
I'm not going to go 'gentle' on the team of clowns who have done things like make employees work for 36 hours straight to issue RIF notices while shouting at them for "incompetence", or "created new admin accounts that were within minutes attempting to log in from Russian IPs, immediately after demanding all logging be turned off", or "repeatedly lied about savings and contracts on their own website" in some ... "assume good faith" type scenario.
Whatever good faith they deserved, they burned within days (hours, even) of being let loose.
They're already plenty of evidence that they've exfiltrated sensitive information to a variety of non-government entities that are not even remotely entitled to that data, either at NLRB or elsewhere.
Your claim is that "it's entirely possible that these are all just innocent bureaucratic errors" and I would put it to you that that claim, in the face of everything already known, also needs substantiation, and yes, not that thin veneer of Wikipedia-like "assume the absolute possible best intention, regardless of plausibility" that we're getting.
The idea that they need to operate -- on hugely sensitive data and systems -- in darkness because any sort of accountability amounts to "sabotage" is dubious.
"Rules for thee, not for me"
This is some sort of "The Deep State is trying to foil them" nonsense.
And to be clear, aside from a weird brute forcing library and the fact that all of the DOGE employees seem to be spectacularly incompetent, there are rational technical reasons someone might want logging temporarily disabled for a one-off. For instance doing an activity that is justified and legitimate and secure and reasonable, but that would yield TB of logs unnecessarily, itself which might cause operational or availability issues. But having a bunch of incompetent script kiddies using their garbage scripts makes that fringe justification unlikely, and they're likely doing very criminal things.
> Setting aside legitimate (thats a matter of judgement)
By definition, a judge decides what's legitimate.
If DOGE expects their access to be blocked by a court judgement, and bum-rushes agencies to exfiltrate data ahead of the judgement, that's also criminal intent.
I am not sure what you are getting at. "Covert" isn't how I'd describe DOGE's actions. "Brazen" maybe?
People have admitted in news interviews to destroying government data to prevent others from knowing what the government was doing. That’s likely criminal. This is a legitimate reason to get at information before people who might destroy have the opportunity.
What’s happening with judges is very political. We likely won’t know what’s allowed until things have gone through the appeals process. There have been cases of judges admitting they will rule against the current administration no matter the topic or law. This is messy, to say the least.
>People have admitted in news interviews to destroying government data to prevent others from knowing what the government was doing. That’s likely criminal. This is a legitimate reason to get at information before people who might destroy have the opportunity.
Yes, this is precisely the accusation being made against DOGE: they are the government actors criminally trying to to prevent the public from knowing what they're doing.
>There have been cases of judges admitting they will rule against the current administration no matter the topic or law.
No, there haven't, but feel free to provide a source.
In American system, appeal process is a very formal thing - it checks whether all the ts were crossed, whether process was followed. It is not checking the evidence, it is bringing new evidence, nothing like that.
Feels like a pretty good Occam’s razor case… but is there any legitimate reason why one would request this?