webjedi.bsky.social
Security Hobo, Itinerant Technologist, Policy Anti-Wonk, Former Senior Fellow at The Atlantic Council, Teller of Tales for Darknet Diaries #91 (and other venues). All opines are my own. RS/Fav/Follow≠Endorsement.
123 posts
904 followers
280 following
Regular Contributor
Active Commenter
comment in response to
post
Any particular day that worked well… I may try to be organizationally inclined.
comment in response to
post
Well, I’m down with Pho… as for organizing… somebody will have to give me items and preferences… it’s my first time for #RSAC (weird, I know)
comment in response to
post
Weird, because as a Fed who was in various technology roles, including a CIO and CTO role that we, indeed, used SQL among many other database query languages.
A simple contract examination will highlight products purchased, and source code analysis will bring to light.
Wait, they didn’t do that?!
comment in response to
post
A friend of mine worked with that effort at USDS too… shame.
comment in response to
post
Bro… seemed like Chad was picking a fight… I mean, he’s spicy
comment in response to
post
Well, he’s supposedly a lawyer and former Federal prosecutor.
www.popehat.com/c/about
Also, pretty sure the DOGE folks haven’t been fully cleared, not even with a Public Trust clearance for CUI. I get cleared pretty fast, and I don’t believe I got in under two weeks.
comment in response to
post
Very on brand for ya! TY!
comment in response to
post
Also a constituent who knows how these attacked agencies work and has a clue as to cybersecurity and IT ops… if you need some ideas on defensive tactics, give me a call.
Otherwise get to work and stop this - you’re the other branch of three in Federal government…
comment in response to
post
They should not. Just because they work for part of EOP/OMB does not give them carte blanche in agency systems, where many bureaus and offices are segmented, and some classified as national security systems with stringent access requirements. These lackeys are 100% not cleared by normal means.
comment in response to
post
No
comment in response to
post
...and I say this as a co-founder of USDS in the Summer of 2014.
comment in response to
post
USDS was an arm that was created in 2014 out of the WH's OSTP and OMB OFCIO.
It was funded via the ITOR budget, and IIRC, at last check had a budget of $80m.
It has the fastest hiring process in EOP, with Schedule A & Special Hiring Authority capability.
This is the quickest way to onboard & pay.
comment in response to
post
---> Defense Counterintelligence and Security Agency <---
In September 2019, background investigations were transferred from OPM's NBIB to Defense Counterintelligence and Security Agency.
comment in response to
post
Make note, OPM has determinations, but the clearance process, after the 2014 series of hacks, was moved to the joint OPM/DoD NBIB, and then later to Defense Counterintelligence and Security Agency as of September 2019.
comment in response to
post
Sounds like you need a cybersecurity expert who also had extensive and broad government experience… if you want to strategize on what to protect and how to do it… hit me up. I know the Federal enterprise.
(I suggest LinkedIn for bona fides, but there’s a good chance your staff knows who I am)
comment in response to
post
They could… but BFS is still functionally separate from the IRS on the Treasury network, as well as FinCEN is (which was a few floors below my office at the Treasury SOC).
There’s a shared data center in VA that a few Treasury office co-locate in owned by IRS. (There’s a funny story there too)
comment in response to
post
Also, this is exactly why we have the Federal Computer Fraud and Abuse Act
comment in response to
post
Why yes, yes it is.
comment in response to
post
Signal Boost: All U.S. federal government websites are already archived by the End of Term Web Archive
Let people know, download your own copies.
Don't let this digital book burn continue.
#Feds #Health #WHO #CDC #AMA #USPHS #FDA #NIH #NCHS #PCORI
comment in response to
post
Something, something, the Catholic Church has learned nothing from WWII… good to know.
comment in response to
post
It would be in violation of a number of directives and rules.
It would also fail FISMA compliance, and if triaged by the OPM SOC, should have been isolated, imaged, analyzed and removed from the network… among other actions in line with agency cybersecurity policies.
comment in response to
post
Could have been a worse outcome… also saved to my camera roll… you can thank me later
comment in response to
post
Thanks…
comment in response to
post
Sorry there wasn’t a better Target spread…
We had a lot of swag to distribute… our events person gave me a huge bag of stuff.
comment in response to
post
From what I saw, it was OFR, but probably pivoted through DO to get to OFAC.
comment in response to
post
BTW, the attack hug at the end was from Daniela… in case you didn’t recognize her….
comment in response to
post
I was at the range a few months ago… really nice location and capability there.