• Moderators, please send me a PM if you are unable to access mod permissions. Thanks, Habsy.

OT: American Politics

The White House pressed for fast negotiations with its shock and awe tariffs. Now it can’t drum up enough interest from a ‘first mover’​

"We may fail if we rush, and I don’t think it’s good to compromise a lot in order to just get the negotiations done,” Ishiba said in parliament yesterday.

www.yahoo.com

The White House pressed for fast negotiations with its shock and awe tariffs. Now it can’t drum up enough interest from a ‘first mover’

The rhetoric out of Trump’s cabinet on tariffs is changing, with Scott Bessent pushing for a “first mover” to sign on the dotted line for a deal with the U.S.
www.yahoo.com www.yahoo.com
 
Wayward DP said:
holy shit
Click to expand...
more from the article:

The employees grew concerned that the NLRB's confidential data could be exposed, particularly after they started detecting suspicious log-in attempts from an IP address in Russia, according to the disclosure. Eventually, the disclosure continued, the IT department launched a formal review of what it deemed a serious, ongoing security breach or potentially illegal removal of personally identifiable information. The whistleblower believes that the suspicious activity warrants further investigation by agencies with more resources, like the Cybersecurity and Infrastructure Security Agency or the FBI.

...

When an IT staffer suggested a streamlined process to activate those accounts in a way that would let their activities be tracked, in accordance with NLRB security policies, the IT staffers were told to stay out of DOGE's way, the disclosure continues.

For cybersecurity professionals, a failure to log activity is a cardinal sin and contradicts best practices as recommended by the National Institute of Standards and Technology and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, as well as the FBI and the National Security Agency.

"That was a huge red flag," said Berulis. "That's something that you just don't do. It violates every core concept of security and best practice."

...

Massachusetts Institute of Technology graduate and DOGE engineer Jordan Wick had been sharing information about coding projects he was working on to his public account with GitHub, a website that allows developers to create, store and collaborate on code.

After journalist Roger Sollenberger started posting on X about the account, Berulis noticed something Wick was working on: a project, or repository, titled "NxGenBdoorExtract."

...

NxGen is an internal system that was designed specifically for the NLRB in-house, according to several of the engineers who created the tool and who all spoke to NPR on condition of anonymity to avoid retaliation or adverse consequences for any future government work.

The engineers explained that while many of the NLRB's records are eventually made public, the NxGen case management system hosts proprietary data from corporate competitors, personal information about union members or employees voting to join a union, and witness testimony in ongoing cases. Access to that data is protected by numerous federal laws, including the Privacy Act.

...

Then, Berulis started tracking sensitive data leaving the places it's meant to live, according to his official disclosure. First, he saw a chunk of data exiting the NxGen case management system's "nucleus," inside the NLRB system, Berulis explained. Then, he saw a large spike in outbound traffic leaving the network itself.

From what he could see, the data leaving, almost all text files, added up to around 10 gigabytes — or the equivalent of a full stack of encyclopedias if someone printed them, he explained. It's a sizable chunk of the total data in the NLRB system, though the agency itself hosts over 10 terabytes in historical data. It's unclear which files were copied and removed or whether they were consolidated and compressed, which could mean even more data was exfiltrated. It's also possible that DOGE ran queries looking for specific files in the NLRB's system and took only what it was looking for, according to the disclosure.

...

"None of that confidential and deliberative information should ever leave the agency," said Richard Griffin, who was the NLRB general counsel from 2013 to 2017, in an interview with NPR.
 
You must log in or register to reply here.
Back
Top