Interesting, and not all that implausible. The real test: his personal email should be pretty uninteresting except for stuff like HIPAA, amazon purchases, communications with friends / family. (good for HUMINT) But other than that, there shouldn't be anything in there which should make the news. It'll be interesting to see whether or not that bears out.
If they wanted to maintain access, they certainly wouldn't celebrate it publicly, which is why I assume they want to release information. But, there shouldn't be anything damning to release. ie, there ought not to be if the director is acting professionally. We'll see how the facts bear out. I also suppose it's possible they're just going for any win they can and there's nothing interesting here whatsoever, or it's a really boring secondary address or something.
I think this is actually the opposite of the correct conclusion—just look how influential Patreus cheating on his wife was (https://en.wikipedia.org/wiki/Petraeus_scandal). I seriously doubt that Kash Patel doesn't have a bunch of skeletons to dust off and show the world; the man is a weirdo (much like the rest of the administration).
EDIT: I actually misread the comment; I think we're likely in agreement. My bad.
I was just reading a X thread that published some of the more notable things and overall it's pretty innocuous. The most "controversial" thing thus far is he took a trip to Cuba
I'd like to chime in and say that that Kash Patel, while completely unprofessional and incompetent, is way less of a weirdo than the rest of the administration.
His scandals are all about shirking job responsibilities to party and sightsee. That's not great from the FBI director but its way more normal than the rest of them.
That's not remotely true of his history.. he's a full on Jan-6er, deep into Q-Anon, he was involved in numerous serious scandals during the first Trump admin (Nunes Memo / Russiagate 'parallel' investigation: https://www.theatlantic.com/politics/archive/2018/01/the-men...), he has a number of sketchy moneymaking side-businesses, he was formerly living with a GOP megadonor 'Timeshare Tycoon' as roommates in Vegas (https://thenevadaindependent.com/article/trump-fbi-pick-kash...), he collected enemies' lists for Trump which resulted in firing of most of the Iran counterintel team right before we started launching attacks because they had the termerity to investigate why Trump was showing donors top-secret maps of Iran after he left office..
In the current environment, those are more expecteds than scandalous.
Insider trades around government activities, same-sex behavior, overt racism for example might nudge the needle.
I dunno, a sitting FBI director testifying under oath about details that are clearly false, goes above and way beyond "to party and sightsee". At least in my world it puts him up there together with the rest of the weirdos.
The press was stupid. They were doing stupid gotchas like swiftboats, fake reports on GWB (Dan Rather), but couldn’t care less about things like the CIA and the crack cocaine connection[1], or lots of other things the government gets away with (including Clappers total information awareness unconstitutional surveillance efforts) The press is always carrying water for someone but that someone is rarely the public unless is just pure coincidence.
[1] there was one reporter who dared but the toll from the story resulted in his suicide, some years later. His colleagues poo-pooed his reporting on the connection.
Maybe the hackers will release information connecting Patel to the Noem and Lewandowski grift operations with govt contracts. Out of the four companies allowed to bid for the $220 million advertising contract, 3 were linked to Noem and Lewandowski and one to Patel.
There is so much corruption and impropriety in this administration that skeletons don't matter anymore. Looking at what sunk officials in previous administrations provides a sense for just how far gone we are, but it's not an indicator of what future consequences will be.
Surely we are currently clean on OPSEC. There couldn't be any precedent for government officials using private email servers for confidential information!
obligatory - that first famous private server was done because someone wanted a blackberry like Obama had, and was told no by NSA. Man that BB keyboard was good.
I’ve been using a Clicks case since the early days and have personally loved every second of it but it’s definitely an acquired taste. Let us know how you find it.
Are we talking about the same FBI director here? Professional and competent are not how I would describe Kash Patel. Given his overt buffoonishness and the whole administration's disdain for procedure and expertise I would be shocked if he didn't have extremely inappropriate content in his inbox.
> his personal email should be pretty uninteresting except for stuff like HIPAA, amazon purchases, communications with friends / family. (good for HUMINT) But other than that, there shouldn't be anything in there which should make the news. It'll be interesting to see whether or not that bears out.
Aren't these the same people who apparently used Signal with a journalist in the chat, and had military conversations in that very chat?
Color me surprised if these people haven't heard of opsec before, and mix their work/personal life all over the place.
Also wildly illegal to use to conduct government business, especially confidential government business. (and yes the messages were auto-deleting and largely lost before anyone chimes in with technically they could be archived!)
Yes, and I wouldn't be shocked if there was classified information in there. I struggled with wording, but what I meant was "you're not supposed to be able to find classified or sensitive information in personal email, but I who knows what will be the case here."
Signal started being used during the Biden administration, the issue was how they were managing contacts which could be added to groups. They weren't carefully vetting access and a journalist with the same name as another military guy was added to the group by accident.
The public record of a contract to the Israeli company which handled archiving Signal chats for the DoD was done during Biden admin. And it's been well reported if you just Google it:
> Alexa Henning, spokesperson for the Office of the Director of National Intelligence, tweeted last week that “widespread use” of Signal began under the Biden administration, adding that “at ODNI, when I got my phone, it was pre-installed.”
You're missing some key distinctions. The issues are: 1) putting classified information into a non-classified system; 2) putting information that needs to be preserved under laws like the presidential records act into systems where it's set to be auto-deleted. Both are illegal. Simply saying that the Biden administration pre-installed Signal is irrelevant. There are legitimate uses.
Your own article makes this exact point:
> Matthew Shoemaker, a former Defense Intelligence Agency analyst who left the agency in 2021, said that while Signal was used during his time in government, “it was almost exclusively restricted to scheduling purposes,” such as letting their boss know that they’ll be late to work because of personal circumstances.
“That’s why Signalgate is all the more staggering — because these senior leaders were doing the exact opposite of what even my most junior intelligence officers knew not to do,” he said.
You're doing bullshit partisan whataboutism. "well the democrats did it first".
This has nothing to do with adding the wrong contacts. It has to do with putting highly-sensitive material into Signal to circumvent the law around records preservation and as a result creating a situation where it's possible to accidentally add the wrong contact and therefore exposing that information to a journalist.
> The investigation has led to turmoil within the Defense Department, raising tensions and the firings and resignations of several top DoD officials, including former Chief of Staff Joe Kasper. [...] On May 1, 2025, it was revealed that both national security adviser Mike Waltz and his deputy Alex Wong would be leaving their posts in the National Security Council
Let me guess, the "leak" was intentional just to break a bunch of laws and to cause a bunch of people to get fired and leave their posts?
Yeah, the fact they announced it proves it’s nothing. I saw a picture of him smoking a cigar. We’ve already seen him drinking beer and acting foolish; probably enough to get you executed in Isfahan, but a giant nothining in the USA.
> The real test: his personal email should be pretty uninteresting except for stuff like HIPAA, amazon purchases, communications with friends / family. (good for HUMINT) But other than that, there shouldn't be anything in there which should make the news.
I have no idea why this would be the default assumption for somebody as sloppy and erratic as Patel. Look at how many people were emailing damning stuff to/from Epstein's personal email accounts from their own personal email accounts!
A couple of DOGE teenagers were able to casually walk in and steal the entire country's social security and healthcare data (and probably more), and we were cheering them on. There is still no accountability, and it has probably already been sold to the highest bidder. So this would be the least surprising thing in the world.
We? I don't think I've seen anyone but the people absolutely not understanding the gravity of the situation were cheering on. And I'm not even American.
"We" is such an imprecise word for a pool of people. I believe Chinese has two flavors, "zanmen" including the listener too, and "women" excluding the listener. Obviously "we" did not elect Trump, only "a majority of the US voters who voted", and even the others may sadly use "we" though they didn't, because they are members of the political body that did. Just like the "they" of Israel that harass Palestinians and throw up West Bank settlements do not reflect all of Israel, and the average Soviet citizen did not reflect the behavior of the Soviet government.
That sure is a lot of probablies for those accusations.
But anyway it doesn't matter since all that information was probably sold by the previous administration's son, who probably funded a lot of drug parties with the money.
I don't know if this is an irony thing I'm not getting, but we know they had untracked access to data they shouldn't have (violating data access rules and orders from a judge), and there is a whistleblower accusation that the data was retained and some DOGE staffers were at least talking with other groups who could use the data.
Meanwhile how would Hunter Biden, not a government employee nor having access to government systems, get that data in the first place?
Allow me to put on my tinfoil hat for a moment and propose that maybe DOGE did loudly what the Solarwinds paired with OPM breach did quietly years prior.
I've been wondering if we'd see a cyber campaign emerge in this conflict. To my knowledge Iran seems to have pretty advanced cyber capabilities and increasingly fewer reasons to hold back. Gloves-off cyber war doesn't sound good to me. The US CISA already been cut back, has lost "virtually all of its top officials"^, doesn't have a permanent director, and is operating at a further reduced capacity because of the DHS shutdown.
that's the thing that people overlook the most in regards to this war.iran isn’t doing this on its own. Russia, China and north korea have been backing it from the start. they’re the ones helping with intel on US base locations across the Middle East, supplying drones, and working out strategies to drag things into a stalemate, plus whatever else iran needs along the way
Can you blame them? Iran is fighting for its own survival and has to find help where it can.
If the US had an educated administration not composed by lap dogs they would've known that attacking Iran was going to be a terrible idea.
Saddam did the same mistake in 1980.
He thought that the Iranian Kurds, the political opponents, the Iranian Arabs, civilians were going to raise against the regime.
None of this happened. None. In fact, hundreds of thousands of people, even kids, rallied around the banner. There are documented stories of 13 year olds, jumping on barbed wire to use their bodies as bridges for infantry. Disgusting, yet telling of the fact that the Persians will do everything to defend their land even if they don't like its leadership.
It's very difficult to convince people you're bombing left that you're helping them get rid of a regime (which, you never know for sure how popular or unpopular it is).
Iranians, yet again, are rallying around the flag for what is effectively a foreign aggression.
Iran has been preparing for this war for 40 years. So has Israel. They will engage in a battle of supremacy over the Middle East. Both want the USA knocked out so that the Americans can't use their influence there anymore (both consider the USA a nuisance).
As soon as ground troops land in Iran, it's over for the USA. As it is, oil and goods shipping via the Persian Gulf and the Red Sea will be controlled by Iran for a very long time to come. All Iran has to do is withstand the pummeling, which it very likely will do. And they'll get plenty of support from China, since this plays into the South China Seas plan quite nicely as the USA moves carrier after carrier out of Asia.
The thing getting overlooked is all of the recent moves by Trump all lead back to China. Venezuela, Cuba, now Iran. These are all tentacles of China. The aggression against these 3 countries is not a coincidence. It’s a concerted and indirect attack on China in an attempt to weaken their subsidiaries. In the eyes of this administration, this is unpleasant, but necessary housekeeping that should have been done decades ago but no one was willing to spend the political capital to do it.
In Iran, Trump was clearly hoping (and verbally requested) the same thing you say about Sadam. I think we actually do know how unpopular the regime is, the mass protests demonstrated that. But the religious hardliners are the ones with the guns. And they clearly aren’t afraid to use them. So while there was some momentum, after everyone got gunned down in the streets by the IRGC it quickly deflated. So asking unarmed protesters to step up again is kind of big ask, without any material support.
Iranian protesters were not calling for US interference. Let's be very clear about that. They were doing it for their own regime change, not some US imposition. What they think of the US or whether they are for this war or supposed regime change by the US is a totally different consideration.
Russia and North Korea are obviously doing so, but I haven't seen any direct evidence that China is providing intelligence support to Iran, do you have any links? It is certainly plausible, China would love to see Russia tied up in Ukraine and the US tied up in Iran.
I too am very curious about this. Even if his password was exposed and he didn’t have 2-factor auth, doesn’t Google by default ask for confirmation — e.g. texting a number or backup email associated with the account — when seeing an unrecognized device? Maybe he didn’t have any alt contact methods associated with his account?
(which might not be that unusual, he’s old enough to have opened a gmail account upon launch, before extra info hoops were put in place, and maybe he never touched his account config in the past 2 decades?
You are probably right... I tend to change my password semi often. It's always a super complex impossible to remember string - and always keep an eye on the account activity.
Not to mention ; you would assume he should have more than one device linked to the account and then that adds another layer, since Google will ask you " is this you trying to logon ". <-- that is the only way to get Google to do the unrecognized flow you mention.
If you are suggesting it was exposed and he didn't immediately randomise all his passwords.. WORDS FAIL ME
It's all security 101 the irony is immense...
if the US government / FBI need someone to give some talks on how to do security ...
Honeypot sure I didn't think of that.. But I was under the impression the FBI confirmed it ? So we can rule it out.
Making the password impossible to guess - how could that not be?
Since then you know you have a breach, as its randomised gibberish, if you then get the 2nd device asking " is this you trying to login " you can definitely know you are compromised....
I can't see your logic here, that isn't " theatre " ????
If you think that is theatre what is better then? Words and numbers.. easily brute forced.. Sorry can't agree.
Why would they willingly destroy their successful honeypot if the other party announced they've access to it?
I haven't seen what's in it either though, but I would not rule it out yet, especially when the FBI is involved - which love those tactics
When you're compromised, changing the password is obviously not theatre - but changing a password which is randomly generated with enough entropy is what's pointless theatre. A secure password is secure, esp. If you're already using a password manager then the act of changing isn't meaningfully increasing your security (unless you're aware that your password was compromised) because the way to compromise it is what...? Having a keylogger on a device you logged in on? Then the changed password will be just as compromised
That's why keepass is really useful since you aren't ever typing in the password.. its generated and then copied to the clipboard.. That clipboard is then wiped after X seconds.
So then you know that you have been rooted => If that fails to resolve it.
Reduce the number of vectors to know what you have to change asap. in this scenario you don't want to be guessing about how they did it.
The randomised gibberish just means you can rule out certain things. I can agree on part of what your saying but a string high entropy password, makes it harder to brute..
Many services don't really do that whole retries thing properly. So make it take as long as possible.
If you don't use a random gibberish your password can be cracked on any consumer device in a surprisingly short amount of time...
This way you can then focus on that a session token is probably how they got in.. It's the most common vector these days...
Just saying that there's a working link if you search. It's a useful information on its own.
There's no reason to post it directly. Their server is slow today even without adding lazy (ok, HN readers not interested in applying some effort to the matter) HN readers to the mix.
America had the advantage of getting through WW2 relatively unscathed with lots of resources and intact infrastructure that it used to leverage against the reconstruction of Europe, Japan and the USSR and entrench its cultural and economic hegemony. Also the US essentially colonized the West with nuclear weapons under the guise of "Pax Americana" and making the dollar the reserve currency.
That's really it. Not moral superiority, not technical ingenuity, not the indomitable American spirit. Just imperialist opportunism.
Loads of natural resources, no local military threats, and historically a government that stayed out of the way and allowed individuals to reap the rewards of their efforts.
The first is almost impossible to screw up, though we're really trying on the last front.
We're ranked number one based on the summation of all the angsty teen America bad comments on social media. At least that is the stat the press goes off of I believe
> "Russia, if you're listening, I hope you're able to find the 30,000 emails that are missing, I think you will probably be rewarded mightily by our press," Trump said in a July 27, 2016 news conference.
Interesting, and not all that implausible. The real test: his personal email should be pretty uninteresting except for stuff like HIPAA, amazon purchases, communications with friends / family. (good for HUMINT) But other than that, there shouldn't be anything in there which should make the news. It'll be interesting to see whether or not that bears out.
If they wanted to maintain access, they certainly wouldn't celebrate it publicly, which is why I assume they want to release information. But, there shouldn't be anything damning to release. ie, there ought not to be if the director is acting professionally. We'll see how the facts bear out. I also suppose it's possible they're just going for any win they can and there's nothing interesting here whatsoever, or it's a really boring secondary address or something.
I think this is actually the opposite of the correct conclusion—just look how influential Patreus cheating on his wife was (https://en.wikipedia.org/wiki/Petraeus_scandal). I seriously doubt that Kash Patel doesn't have a bunch of skeletons to dust off and show the world; the man is a weirdo (much like the rest of the administration).
EDIT: I actually misread the comment; I think we're likely in agreement. My bad.
I don't know, these days skeletons seem to be treated as funny decoration and we're in a permanent state of Halloween.
Sullying Halloween's good name
I was just reading a X thread that published some of the more notable things and overall it's pretty innocuous. The most "controversial" thing thus far is he took a trip to Cuba
I'd like to chime in and say that that Kash Patel, while completely unprofessional and incompetent, is way less of a weirdo than the rest of the administration.
His scandals are all about shirking job responsibilities to party and sightsee. That's not great from the FBI director but its way more normal than the rest of them.
That's not remotely true of his history.. he's a full on Jan-6er, deep into Q-Anon, he was involved in numerous serious scandals during the first Trump admin (Nunes Memo / Russiagate 'parallel' investigation: https://www.theatlantic.com/politics/archive/2018/01/the-men...), he has a number of sketchy moneymaking side-businesses, he was formerly living with a GOP megadonor 'Timeshare Tycoon' as roommates in Vegas (https://thenevadaindependent.com/article/trump-fbi-pick-kash...), he collected enemies' lists for Trump which resulted in firing of most of the Iran counterintel team right before we started launching attacks because they had the termerity to investigate why Trump was showing donors top-secret maps of Iran after he left office..
In the current environment, those are more expecteds than scandalous. Insider trades around government activities, same-sex behavior, overt racism for example might nudge the needle.
I'm not defending or advocating for the guy, just saying, if you're gonna be a piece of shit, he seems more relatable than the rest of them.
I dunno, a sitting FBI director testifying under oath about details that are clearly false, goes above and way beyond "to party and sightsee". At least in my world it puts him up there together with the rest of the weirdos.
So you mean to point out that the sitting FBI director is a bro's bro.
> look how influential Patreus cheating on his wife was
Those times have passed. I'll restate what I said in a comment some days ago:
>> 50 years ago the press was "impeaching" presidents. Today presidents are "impeaching" the press
The current strategy is "keep the outrage hose on full blast and eventually people get desensitized". It works.
The press was stupid. They were doing stupid gotchas like swiftboats, fake reports on GWB (Dan Rather), but couldn’t care less about things like the CIA and the crack cocaine connection[1], or lots of other things the government gets away with (including Clappers total information awareness unconstitutional surveillance efforts) The press is always carrying water for someone but that someone is rarely the public unless is just pure coincidence.
[1] there was one reporter who dared but the toll from the story resulted in his suicide, some years later. His colleagues poo-pooed his reporting on the connection.
Maybe the hackers will release information connecting Patel to the Noem and Lewandowski grift operations with govt contracts. Out of the four companies allowed to bid for the $220 million advertising contract, 3 were linked to Noem and Lewandowski and one to Patel.
Im sure they are all doing it...
Well, if the president sets the example. What can you expect from the rest ?
There is so much corruption and impropriety in this administration that skeletons don't matter anymore. Looking at what sunk officials in previous administrations provides a sense for just how far gone we are, but it's not an indicator of what future consequences will be.
Dan Quayle lost a serious bid because he couldn't spell potato.
Now look at where we're at. It really is wild. Right, wrong, or indifferent. How far we've shifted is absolutely wild.
Surely we are currently clean on OPSEC. There couldn't be any precedent for government officials using private email servers for confidential information!
obligatory - that first famous private server was done because someone wanted a blackberry like Obama had, and was told no by NSA. Man that BB keyboard was good.
Check this out (can't wait til mine arrives): https://www.clicks.tech/
I’ve been using a Clicks case since the early days and have personally loved every second of it but it’s definitely an acquired taste. Let us know how you find it.
Are we talking about the same FBI director here? Professional and competent are not how I would describe Kash Patel. Given his overt buffoonishness and the whole administration's disdain for procedure and expertise I would be shocked if he didn't have extremely inappropriate content in his inbox.
I believe “if” is doing a tremendous amount of work in parent’s comment.
>his personal email should be pretty uninteresting except for stuff like HIPAA
medical diagnoses can be incredibly useful in understanding past and future actions
>there shouldn't be anything damning to release. ie, there ought not to be if the director is acting professionally
that "if" is doing some heavy lifting given who we are discussing
> his personal email should be pretty uninteresting except for stuff like HIPAA, amazon purchases, communications with friends / family. (good for HUMINT) But other than that, there shouldn't be anything in there which should make the news. It'll be interesting to see whether or not that bears out.
Aren't these the same people who apparently used Signal with a journalist in the chat, and had military conversations in that very chat?
Color me surprised if these people haven't heard of opsec before, and mix their work/personal life all over the place.
> Aren't these the same people who apparently used Signal with a journalist in the chat, and had military conversations in that very chat?
Signal is one of the most secure communication platforms out there, but it is obviously not immune to human error or social engineering.
Also wildly illegal to use to conduct government business, especially confidential government business. (and yes the messages were auto-deleting and largely lost before anyone chimes in with technically they could be archived!)
It was a custom (presumably DoD-approved) build. And the story gets much better than that:
https://youtu.be/KFYyfrTIPQY&t=724
Ok? Signal is not the topic of my comment really, nor has anyone claimed it's less secure than other chat apps.
Yes, and I wouldn't be shocked if there was classified information in there. I struggled with wording, but what I meant was "you're not supposed to be able to find classified or sensitive information in personal email, but I who knows what will be the case here."
Signal started being used during the Biden administration, the issue was how they were managing contacts which could be added to groups. They weren't carefully vetting access and a journalist with the same name as another military guy was added to the group by accident.
Source?
The public record of a contract to the Israeli company which handled archiving Signal chats for the DoD was done during Biden admin. And it's been well reported if you just Google it:
> Alexa Henning, spokesperson for the Office of the Director of National Intelligence, tweeted last week that “widespread use” of Signal began under the Biden administration, adding that “at ODNI, when I got my phone, it was pre-installed.”
https://www.politico.com/news/2025/04/02/inside-the-hazy-fra...
You're missing some key distinctions. The issues are: 1) putting classified information into a non-classified system; 2) putting information that needs to be preserved under laws like the presidential records act into systems where it's set to be auto-deleted. Both are illegal. Simply saying that the Biden administration pre-installed Signal is irrelevant. There are legitimate uses.
Your own article makes this exact point: > Matthew Shoemaker, a former Defense Intelligence Agency analyst who left the agency in 2021, said that while Signal was used during his time in government, “it was almost exclusively restricted to scheduling purposes,” such as letting their boss know that they’ll be late to work because of personal circumstances. “That’s why Signalgate is all the more staggering — because these senior leaders were doing the exact opposite of what even my most junior intelligence officers knew not to do,” he said.
You're doing bullshit partisan whataboutism. "well the democrats did it first".
This has nothing to do with adding the wrong contacts. It has to do with putting highly-sensitive material into Signal to circumvent the law around records preservation and as a result creating a situation where it's possible to accidentally add the wrong contact and therefore exposing that information to a journalist.
The whole thing looked like a digital version of a stage whisper.
> The investigation has led to turmoil within the Defense Department, raising tensions and the firings and resignations of several top DoD officials, including former Chief of Staff Joe Kasper. [...] On May 1, 2025, it was revealed that both national security adviser Mike Waltz and his deputy Alex Wong would be leaving their posts in the National Security Council
Let me guess, the "leak" was intentional just to break a bunch of laws and to cause a bunch of people to get fired and leave their posts?
They do a lot of mental heavy lifting to support a corrupt and incompetent administration- sunk cost fallacy I imagine.
The facts simply do not bear this interpretation out. Investigations and heads rolling for a stage whisper? Nah
Yeah, the fact they announced it proves it’s nothing. I saw a picture of him smoking a cigar. We’ve already seen him drinking beer and acting foolish; probably enough to get you executed in Isfahan, but a giant nothining in the USA.
> The real test: his personal email should be pretty uninteresting except for stuff like HIPAA, amazon purchases, communications with friends / family. (good for HUMINT) But other than that, there shouldn't be anything in there which should make the news.
I have no idea why this would be the default assumption for somebody as sloppy and erratic as Patel. Look at how many people were emailing damning stuff to/from Epstein's personal email accounts from their own personal email accounts!
Those "should"s are doing a lot of heavy lifting.
A couple of DOGE teenagers were able to casually walk in and steal the entire country's social security and healthcare data (and probably more), and we were cheering them on. There is still no accountability, and it has probably already been sold to the highest bidder. So this would be the least surprising thing in the world.
We? I don't think I've seen anyone but the people absolutely not understanding the gravity of the situation were cheering on. And I'm not even American.
"We" is such an imprecise word for a pool of people. I believe Chinese has two flavors, "zanmen" including the listener too, and "women" excluding the listener. Obviously "we" did not elect Trump, only "a majority of the US voters who voted", and even the others may sadly use "we" though they didn't, because they are members of the political body that did. Just like the "they" of Israel that harass Palestinians and throw up West Bank settlements do not reflect all of Israel, and the average Soviet citizen did not reflect the behavior of the Soviet government.
In English, you can say "we" or "they"
That sure is a lot of probablies for those accusations.
But anyway it doesn't matter since all that information was probably sold by the previous administration's son, who probably funded a lot of drug parties with the money.
I don't know if this is an irony thing I'm not getting, but we know they had untracked access to data they shouldn't have (violating data access rules and orders from a judge), and there is a whistleblower accusation that the data was retained and some DOGE staffers were at least talking with other groups who could use the data.
Meanwhile how would Hunter Biden, not a government employee nor having access to government systems, get that data in the first place?
Hunter Biden was accused of many crimes too. He probably got access from his dad.
“Probably” sources please. We know for a fact that unvetted jerks(“big balls” and so on) had access thanks to Donald Trump.
Allow me to put on my tinfoil hat for a moment and propose that maybe DOGE did loudly what the Solarwinds paired with OPM breach did quietly years prior.
OPM was much more serious. Equifax had already leaked the social security data and more.
I've been wondering if we'd see a cyber campaign emerge in this conflict. To my knowledge Iran seems to have pretty advanced cyber capabilities and increasingly fewer reasons to hold back. Gloves-off cyber war doesn't sound good to me. The US CISA already been cut back, has lost "virtually all of its top officials"^, doesn't have a permanent director, and is operating at a further reduced capacity because of the DHS shutdown.
^ https://www.cybersecuritydive.com/news/cisa-senior-official-...
> To my knowledge Iran seems to have pretty advanced cyber capabilities and increasingly fewer reasons to hold back.
Iran isn’t alone!! They are a quad along with China, Russia, and North Korea.
that's the thing that people overlook the most in regards to this war.iran isn’t doing this on its own. Russia, China and north korea have been backing it from the start. they’re the ones helping with intel on US base locations across the Middle East, supplying drones, and working out strategies to drag things into a stalemate, plus whatever else iran needs along the way
Can you blame them? Iran is fighting for its own survival and has to find help where it can.
If the US had an educated administration not composed by lap dogs they would've known that attacking Iran was going to be a terrible idea.
Saddam did the same mistake in 1980.
He thought that the Iranian Kurds, the political opponents, the Iranian Arabs, civilians were going to raise against the regime.
None of this happened. None. In fact, hundreds of thousands of people, even kids, rallied around the banner. There are documented stories of 13 year olds, jumping on barbed wire to use their bodies as bridges for infantry. Disgusting, yet telling of the fact that the Persians will do everything to defend their land even if they don't like its leadership.
It's very difficult to convince people you're bombing left that you're helping them get rid of a regime (which, you never know for sure how popular or unpopular it is).
Iranians, yet again, are rallying around the flag for what is effectively a foreign aggression.
Iran has been preparing for this war for 40 years. So has Israel. They will engage in a battle of supremacy over the Middle East. Both want the USA knocked out so that the Americans can't use their influence there anymore (both consider the USA a nuisance).
As soon as ground troops land in Iran, it's over for the USA. As it is, oil and goods shipping via the Persian Gulf and the Red Sea will be controlled by Iran for a very long time to come. All Iran has to do is withstand the pummeling, which it very likely will do. And they'll get plenty of support from China, since this plays into the South China Seas plan quite nicely as the USA moves carrier after carrier out of Asia.
The thing getting overlooked is all of the recent moves by Trump all lead back to China. Venezuela, Cuba, now Iran. These are all tentacles of China. The aggression against these 3 countries is not a coincidence. It’s a concerted and indirect attack on China in an attempt to weaken their subsidiaries. In the eyes of this administration, this is unpleasant, but necessary housekeeping that should have been done decades ago but no one was willing to spend the political capital to do it.
In Iran, Trump was clearly hoping (and verbally requested) the same thing you say about Sadam. I think we actually do know how unpopular the regime is, the mass protests demonstrated that. But the religious hardliners are the ones with the guns. And they clearly aren’t afraid to use them. So while there was some momentum, after everyone got gunned down in the streets by the IRGC it quickly deflated. So asking unarmed protesters to step up again is kind of big ask, without any material support.
Iranian protesters were not calling for US interference. Let's be very clear about that. They were doing it for their own regime change, not some US imposition. What they think of the US or whether they are for this war or supposed regime change by the US is a totally different consideration.
Russia and North Korea are obviously doing so, but I haven't seen any direct evidence that China is providing intelligence support to Iran, do you have any links? It is certainly plausible, China would love to see Russia tied up in Ukraine and the US tied up in Iran.
I forget all the details but a hacker group associated with Iran already hacked the infrastructure of a major US health care tech company
Stryker. FWIW a friend in ER medicine said it had very very limited effect.
That’s right thanks. The same Hacker group as this story. Yeah I didn’t hear much after the initial breach so I assumed it was minor.
Edit: apparently 80000 employee workstations got remotely wiped. So not so I guess I wouldn’t call that minor.
Also that’s what I get for commenting before reading the story, they mention the Styker incident in the story lol
I really want to know how they did it.. was it some terrible password?
He doesn't strike me as the kinda person even using a local password manager; like keepass.
Somebody needs to find this out.
I doubt it was gmail support... surely it could not be via his phone sim, and if he didn't have two factor on; That would be so funny.
I'm tempted to check out the dark web or the telegram, but i'd rather not do either of those things.
I too am very curious about this. Even if his password was exposed and he didn’t have 2-factor auth, doesn’t Google by default ask for confirmation — e.g. texting a number or backup email associated with the account — when seeing an unrecognized device? Maybe he didn’t have any alt contact methods associated with his account?
(which might not be that unusual, he’s old enough to have opened a gmail account upon launch, before extra info hoops were put in place, and maybe he never touched his account config in the past 2 decades?
You are probably right... I tend to change my password semi often. It's always a super complex impossible to remember string - and always keep an eye on the account activity.
Not to mention ; you would assume he should have more than one device linked to the account and then that adds another layer, since Google will ask you " is this you trying to logon ". <-- that is the only way to get Google to do the unrecognized flow you mention.
If you are suggesting it was exposed and he didn't immediately randomise all his passwords.. WORDS FAIL ME
It's all security 101 the irony is immense...
if the US government / FBI need someone to give some talks on how to do security ...
Changing a password that's randomly generated is security theatre. It doesn't meaningfully improve security
Also it's entirely possible they only compromised a honeypot.
Considering their track record, that's actually more likely tbh
Honeypot sure I didn't think of that.. But I was under the impression the FBI confirmed it ? So we can rule it out.
Making the password impossible to guess - how could that not be?
Since then you know you have a breach, as its randomised gibberish, if you then get the 2nd device asking " is this you trying to login " you can definitely know you are compromised....
I can't see your logic here, that isn't " theatre " ????
If you think that is theatre what is better then? Words and numbers.. easily brute forced.. Sorry can't agree.
Why would they willingly destroy their successful honeypot if the other party announced they've access to it?
I haven't seen what's in it either though, but I would not rule it out yet, especially when the FBI is involved - which love those tactics
When you're compromised, changing the password is obviously not theatre - but changing a password which is randomly generated with enough entropy is what's pointless theatre. A secure password is secure, esp. If you're already using a password manager then the act of changing isn't meaningfully increasing your security (unless you're aware that your password was compromised) because the way to compromise it is what...? Having a keylogger on a device you logged in on? Then the changed password will be just as compromised
That's why keepass is really useful since you aren't ever typing in the password.. its generated and then copied to the clipboard.. That clipboard is then wiped after X seconds.
So then you know that you have been rooted => If that fails to resolve it.
Reduce the number of vectors to know what you have to change asap. in this scenario you don't want to be guessing about how they did it.
The randomised gibberish just means you can rule out certain things. I can agree on part of what your saying but a string high entropy password, makes it harder to brute..
Many services don't really do that whole retries thing properly. So make it take as long as possible.
If you don't use a random gibberish your password can be cracked on any consumer device in a surprisingly short amount of time...
This way you can then focus on that a session token is probably how they got in.. It's the most common vector these days...
> On their website, the hacker group Handala Hack Team said . . . .
Anybody have a link? You know, for science ...
Edit: Apparently, just last week the DoJ snatched their domains: https://www.justice.gov/opa/pr/justice-department-disrupts-i...
not all of them, search harder
So, to echo the previous comment, got a link?
"Search harder" is a pretty unfriendly response to a request for a link...
Just saying that there's a working link if you search. It's a useful information on its own.
There's no reason to post it directly. Their server is slow today even without adding lazy (ok, HN readers not interested in applying some effort to the matter) HN readers to the mix.
Forget the Iran attribution for a second. The FBI director's personal email was already in leaked credential databases from prior breaches.
Every now and then something happens that makes me wonder how the fuck America is number one, this being one of them.
Don't worry, it's on its way out.
Number one based on what metric other than they constantly say they're number one?
America had the advantage of getting through WW2 relatively unscathed with lots of resources and intact infrastructure that it used to leverage against the reconstruction of Europe, Japan and the USSR and entrench its cultural and economic hegemony. Also the US essentially colonized the West with nuclear weapons under the guise of "Pax Americana" and making the dollar the reserve currency.
That's really it. Not moral superiority, not technical ingenuity, not the indomitable American spirit. Just imperialist opportunism.
Loads of natural resources, no local military threats, and historically a government that stayed out of the way and allowed individuals to reap the rewards of their efforts.
The first is almost impossible to screw up, though we're really trying on the last front.
We're ranked number one based on the summation of all the angsty teen America bad comments on social media. At least that is the stat the press goes off of I believe
Because America is a lot more than a podcaster put into a position that he has no qualifications for.
If you check their telegram channel they have some humorous photos and his resume.
Looking good there, murica, looking good
Iran... if you're listening...
We'd love to see all of those Epstein files.
Is this a reference to
https://www.pbs.org/newshour/politics/trump-asked-russia-to-...
> "Russia, if you're listening, I hope you're able to find the 30,000 emails that are missing, I think you will probably be rewarded mightily by our press," Trump said in a July 27, 2016 news conference.
Haha - yes exactly.
Where did the article go?
How the heck is the buried down to page 4 after one hour?? The head of the FBI having his email hacked is a pretty big tech story.
Negative voting.