and impliment a social credit score like China does.

Honestly you don't need such an official system, and such a commercial system, as that network of data brokers and credit rating providers, already exists. So of that in particular I wouldn't be scared because it's not avoidable anyway. What's avoidable is government's ability to discriminate based on data. Think how.

Could you please explain like I'm 10?

At this point I think you can legally opt out of any type of data collection by the government like the Census. You're required by law to participate but they are also required by law to keep your information safe, that's no longer possible in this administration and there's plenty of relevant data to back it up.

The simple act of comparing signatures meant that it was very difficult to randomly target people. We don't have anything like that today, like a key/token pair.

Given it's the government it's most likely AWS or Azure. That really isn't inherently bad, it's more the attitude of "move fast and break things" doesn't necessarily work for secure systems with sensitive data.

The SSA stores a lot of sensitive data. Normally with sensitive data you want to be very careful with who can access it and how.

What is potentially worrisome in this situation is it seems like the SSA is taking on the "move fast and break things" attitude of Silicon Valley.

More technically, most government agencies use AWS and Azure (cloud providers) to host data. So spinning up a new server isn't inherently bad. However, creating a new server that is secure and has the correct access controls (user permissions regarding who can see/change content) can be challenging. The whistle blower believes they are not doing this right, and it sounds like the head of the SSA isn't disagreeing, just saying he thinks the risk is worth it.

So again, it’s all just bullshit hopes and dreams by the anti-doge people. No data has been exposed or hacked, no evidence of it actually being on anything insecure.

It's times like this I wonder about the like/dislike paradigm I.E. "I like/dislike knowing this and/or appreciate the perceived reputability of the source" vs. "This is good news/I fucking hate this."

This one just got a "I fucking hate this" from me.

I think we should be able to have a national class action against DOGE. 100% serious, all US citizens for sure, and anyone else with data in the Social Security database, should sue the individuals responsible for this.

Then we take the money and start a company that contracts out to the government to create a national digital ID system that is the most secure in the world, and allows for amazing anonymity.

In cyber security you may never know if a bad actor got access to your systems/data. The issue with not following good security practices is that you increase the risk of this happening.

Its like saying we should stop mandating vaccines cause the diseases aren't around anymore. When you let down your defenses you end up with outbreaks that shouldn't have happened and are harder to control.

That makes sense, thanks for the explanation

Once a nuke goes off in a major city, we are pretty much guaranteed it from what I understand about multiple cyberpunk-style worlds

I hate this is a good point

The votes on the posting itself should reflect if the content is worth your time. I'm not even American and I have a really bad feeling after reading the article, but it's better to know than being in the dark, and the article itself is full of details which make it pretty reasonable to believe it's the truth.

Mr Borges really brought the receipts on this one, and he is one of the heros of the american people that will probably pay dearly for his courage, and he still did what's right.

Don't you think after 5 months without oversight who exactly has access to that server that the difference between this and a random s3 bucket is nearly nil? But you are right, in the light of integrity the title should reflect the facts as they present themselves currently.

this is a whole can of worms that you can look into but the entire western conception of the Chinese social credit system is essentially a myth propagated by western media outlets.

don’t get me wrong, the chinese government legislated local governors implement something vaguely similar to the financial credit system in the west but, as the law works in china, they all interpreted the order differently and it seems only the “good” parts get rolled out nationally.

situations similar to the western “social credit” myth existed for a brief time in a very small number of local pockets (think smaller divisions such as cities and towns), but they were quickly absconded and the architects of those systems punished, for essentially wasting government time and money.

note i’m definitely not a tankie fuck tankies but i also think if we’re gonna talk about china we don’t need to make shit up bc just like the US there is plenty of real shit to criticize. the “social credit” thing is a joke that westerners get made fun of internationally for believing, pretty much. it’s not remotely real, at least how you probably think of it.

realistically at this point you don’t have more or less rights or freedoms as a citizen of china or the united states. you’re pretty equally fucked either way now.

I do, yes, it's blazingly stupid and others have been jailed for less.

But I've noticed a number of misleading post titles recently, like the just today there was obe about a cyclist getting hit by a car when it was actually the cyclist turning into traffic. Tragic, but the title misleads. So I've started pointing them out.

Maybe I just long for the days when titles aren't rewritten to drive opinion and engagement (regardless of if I agree or disagree).

In cyber security you may never know if a bad actor got access to your systems/data. The issue with not following good security practices is that you increase the risk of this happening.

If they're using Azure or AWS then they have a level of built in good security practices. These people aren't morons, they know what they're doing. In fact, using AWS or Azure you have to fuck things up to make it insecure, because by default they're all pretty locked down.

Its like saying we should stop mandating vaccines cause the diseases aren’t around anymore.

I'm 100% a pro-vaccine person, but vaccines should not be mandatory. "My body, my choice" - isn't that the saying? Or is that only for women wanting an abortion? If someone doesn't want to get a vaccine then they can suffer the potential consequences while those who are vaccinated don't (but they have to deal with the potential side effects of the vaccine).

While AWS/Azure do make the initial configs rather fool proof, that falls apart the moment you start configuring them for actual use. It's also especially easy to mess things up when handling PII, at the SSA level it's probably something that DOGE staff don't have experience with.

As for vaccines. Largely through that out there cause it seemed like obvious bait for you, but I don't think a single slogan "my choice my body" really encapsulates the arguments around abortion

The people working at doge are mostly what people would consider geniuses in their field. Configuring azure databases to be secure is a piece of cake. Like I said, it’s harder to make them insecure than it is to make them secure. I know, I work with them every day. How does handling PII make it easier to mess things up exactly?

Good to know you were just trying to bait and “troll”, not really good faith arguing is it? You wouldn’t have been trying to find something to disagree with just because you can’t argue against my actual point I made, were you?

“My body my choice” perfectly encapsulates the argument for abortion because it literally is pro-abortion people’s main argument - and yes, I am 100% pro-abortion.