LESSWRONG
LW

Comment Permalink

Huh, I came at this with the background of doing data analysis in large organizations and had a very different take.

You're a data scientist. You want to analyze what this huge organization (US government) is spending its money on in concrete terms. That information is spread across 400 mutually incompatible ancient payment systems. I'm not sure if you've viscerally felt the frustration of being blocked, spending all your time trying to get permission to read from 5 incompatible systems, let alone 400. But it would take months or years.

Fortunately, your boss is exceptionally good at Getting Things Done. You tell him that there's one system (BFS) that has all the data you need in one place. But BFS is protected by an army of bureaucrats, most of whom are named Florence, who are Very Particular, are Very Good at their job, Will Not let this system go down, Will Not let you potentially expose personally identifiably information by violating Section 3 subparagraph 2 of code 5, Will Not let you sweet talk her into bypassing the safety systems she has spent the past 30 years setting up to protect oh-just-$6.13 trillion from fraud, embezzlement, and abuse, and if you manage somehow manage to get around these barriers she will Stop You.

Your boss Gets Things Done and threatens Florence's boss Mervin that if he does not give you absolutely all the permissions you ask for, Mervin will become the particular object of attention of two people named Elon Musk and Donald Trump.

You get absolutely all the permissions you want and go on with your day.

Ah, to have a boss like that!

EDIT TL/DR: I think this looks weirder in Far mode? Near mode (near to data science, not near government), giving outside consultant data scientists admin permissions for important databases does not seem weird or nefarious. It's the sort of thing that happens when the data scientist's boss is intimidatingly high in an organization, like the President/CEO hiring a management consultant.

Showing 3 of 8 replies (Click to show all)

1Shankar Sivarajan2mo

When there's little incentive against classifying harmless documents, and immense cost to making a mistake in the other direction, I'd expect overclassification to be rampant in these bureaucracies. And having documents basically be classified by default is handy if you're doing embarrassing things you'd rather not be public (or susceptible to FOIA requests). The claims that sidestepping procedural hurdles to enact significant reform of the system poses a serious threat to national security or whatever strike me as self-serving.

khafra2mo40

When there's little incentive against classifying harmless documents, and immense cost to making a mistake in the other direction, I'd expect overclassification to be rampant in these bureaucracies.

Your analysis of the default incentives is correct. However, if there is any institution that has noticed the mounds of skulls, it is the DoD. Overclassification, and classification for inappropriate reasons (explicitly enumerated in written guidance: avoiding embarrassment, covering up wrongdoing) is not allowed, and the DoD carries out audits of classified dat... (read more)

10jbash2mo

Because of the "flood the zone" strategy, I can't even remember all the illegal stuff Trump is doing, and I'm definitely not going to go dig up specific statutory citations for all of it. I tried Gemini deep research, and it refused to answer the question. I don't have access to OpenAI's deep research. Things that immediately jump to mind as black letter law are trying to fire inspectors general without the required notice to Congress, and various impoundments. I would have to do actual research to find the specific illegalities in all the "anti-DEI" stuff. I would also have to go do research before I could tell you what made it illegal to fire the chair of the FEC.[1] For DOGE specifically, here's a list that happened to cross my eyes this morning. It's in an interview format, so it's probably incomplete. https://www.vox.com/politics/398618/elon-musk-doge-illegal-lawbreaking-analysis The bottom line is that the "unitary executive" idea is dead in law. If there's a statute that says "the President shall establish a Department of Cat Videos, which shall promote cat videos [however], whose director shall be a calico cat which may not be dismissed once appointed, and here's $10,000,000 to do it", then the president is obligated to have a Department of Cat Videos, and find a cat to run it, and keep the cat on, and spend the money as directed. This is not a close call. Statutes have been passed, they've been litigated against, they've stood, other statutes have been passed relying on those precedents, there's been litigation about those, and a whole edifice of well-established law has been built up. That's what "black letter law" is. It's true that the current Supreme Court seems to have essentially no respect for precedent, and an, um, extremely idiosyncratic way of interpreting the actual text of the Constitution. It's entirely possible that this whole blitz is meant, at least in part, to generate test cases to tear down that structure. But that's more about the C

See in context

88 Wired on: "DOGE personnel with admin access to Federal Payment System"

by Raemon

5th Feb 2025

2 min read

88

This is a linkpost for https://web.archive.org/web/20250205123049/https://www.wired.com/story/elon-musk-associate-bfs-federal-payment-system/

I haven't looked into this in detail, and I'm not actually sure how unique a situation this is. But, it updated me on "institutional changes to the US that might be quite bad^[1]", and it seemed good if LessWrong folk did some sort of Orient Step on it.

(Please generally be cautious on LessWrong talking about politics. I am interested in people commenting here who have read the LessWrong Political Prerequisites sequence. I'll be deleting or at least unhesitatingly strong downvoting comments that seem to be doing unreflective partisan dunking)

((But, that's not meant to mean "don't talk about political actions." If this is as big a deal as it sounds, I want to be able to talk about "what to do do?". But I want that talking-about-it to feel more like practically thinking through an action space, than blindly getting sucked into a political egregore))

A 25-year-old engineer named Marko Elez, who previously worked for two Elon Musk companies, has direct access to Treasury Department systems responsible for nearly all payments made by the US government, three sources tell WIRED.
Two of those sources say that Elez’s privileges include the ability not just to read but to write code on two of the most sensitive systems in the US government: the Payment Automation Manager and Secure Payment System at the Bureau of the Fiscal Service (BFS). Housed on a secure mainframe, these systems control, on a granular level, government payments that in their totality amount to more than a fifth of the US economy.
Despite reporting that suggests that Musk’s so-called Department of Government Efficiency (DOGE) task force has access to these Treasury systems on a “read-only” level, sources say Elez, who has visited a Kansas City office housing BFS systems, has many administrator-level privileges. Typically, those admin privileges could give someone the power to log in to servers through secure shell access, navigate the entire file system, change user permissions, and delete or modify critical files. That could allow someone to bypass the security measures of, and potentially cause irreversible changes to, the very systems they have access to.
“You could do anything with these privileges,” says one source with knowledge of the system, who adds that they cannot conceive of a reason that anyone would need them for purposes of simply hunting down fraudulent payments or analyzing disbursement flow.
"Technically I don't see why this couldn't happen," a federal IT worker tells WIRED in a phone call late on Monday night, referring to the possibility of a DOGE employee being granted elevated access to a government server. "If you would have asked me a week ago, I'd have told you that this kind of thing would never in a million years happen. But now, who the fuck knows."

^{^}
I currently am more anticipating things like "institutional decay / general corruption / loss-of-trust" than "dictatorial takeover." But mostly I'm like "seems like weird and alarming things are happening and it's worth paying attention to with some scout mindset."

New to LessWrong?

Getting Started

FAQ

Library

Politics2World Optimization2

Personal Blog

88

New Comment

45 comments, sorted by

top scoring

Click to highlight new comments since: Today at 6:14 AM

[-]Max H2mo5218

My guess is that the IT and computer security concerns are somewhat exaggerated and probably not actually that big of a deal, nor are they likely to cause any significant or lasting damage on their own. At the very least, I wouldn't put much stock in what a random anonymous IT person says, especially when those words are filtered through and cherry-picked by a journalist.

These are almost certainly sprawling legacy systems, not a modern enterprise cloud where you can simply have a duly authorized superadmin grant a time-limited ReadOnly IAM permission to * or whatever, along with centralized audit logging and sophisticated change management. There are probably more old-school / manual processes in place, which require going through layers of humans who aren't inclined to be cooperative or speedy, especially at this particular moment. I think Elon (and Trump) have some justified skepticism of those processes and the people who implemented them.

Still, there's going to be some kind of audit logging + technical change management controls, and I kind of doubt that any of Elon's people are going to deliberately sidestep or hide from those, even if they don't follow all the on-paper procedures and slash some red tape.

And ultimately, even sophisticated technical controls are not a substitute for actual legal authority, which they (apparently / perhaps questionably) have. I'll be much more concerned if they start violating court orders, even temporarily. e.g. I think it would be very bad (and more plausible than IT malfeasance or negligence) if they are ordered to stop doing whatever by a lower court, but they don't actually stop, or slow-walk on reversing everything, because they expect to win on appeal to the Supreme Court (even if they're correct about their appeal prospects). IDK about Elon's people specifically, but I think ignoring court orders (especially lower courts and temporary injunctions) is a more dangerous form of institutional decay that Trump is likely to usher in, especially since the legislature seems unlikely to offer any real push-back / rebuke.

[-]jbash2mo427

I haven't looked into this in detail, and I'm not actually sure how unique a situation this is.

It's pretty gosh-darned unheard of in the modern era.

Before the civil service system was instituted, every time you got a new President, you'd get random wholesale replacements... but the government was a lot smaller then.

To have the President,

creating task forces of random people apparently selected mostly for personal loyalty, and
sending them into legislatively established agencies,
with the power to stop things from getting done or change how things are done, including things central to the missions of those agencies,
as an intentional way of getting around the chain of command,
explicitly because of systemic distrust in the civil service,
actively tasked to suddenly and radically disrupt the prevailing procedures,
without thinking about legislative mandates, let alone established regulations, that assume the normal chain of command in describing how things are to be done and who's allowed to do them,
justified by an at-best-controversial view of what powers the President actually has?

Yeah, that's beyond unusual. It's not even slightly normal. And it is in fact very coup-like behavior if you look at coups in other countries.

On edit: Oh, and if you're asking about the approach to computer security specifically? That part is absolutely insane and goes against the way everything is done in essentially every large organization.

[-]ChristianKl2mo92

creating task forces of random people apparently selected mostly for personal loyalty, and

Why do you believe that DOGE is mostly selected for personal loyalty? Elon Musk seems to say openly says whatever he wants even if that goes against what Trump said previously. Trump likely would have preferred not to have a public fight about H1B visas but Elon Musk took that fight. Publically tweeting against the 500 billion project was disloyalty to Trump.

Elon Musk has a history of not really having loyalty to anyone to the point that even his critics talk about how it's likely that he would have a fallout with Trump. True signals of loyalty as signs that there won't be a fallout.

Elon Musk is seen as highly skilled at running large organizations by many people. Trump picked Elon for DOGE because he believes that Elon is skilled at accomplishing the goals of DOGE.

When Elon hired for it he said he seeks:

"We don’t need more part-time idea generators. We need super high-IQ small-government revolutionaries willing to work 80+ hours per week on unglamorous cost-cutting."

The DOGE team brought their beds to the office to basically work nonstop. While we don't have the exact IQ scores, the background of the people we do have makes it quite plausible that they all have >140 IQ.

If personal loyalty is your main criteria you don't get a bunch of people who never leave the office and work non-stop with high IQs.

[-]jbash2mo42

Why do you believe that DOGE is mostly selected for personal loyalty? Elon Musk seems to say openly says whatever he wants even if that goes against what Trump said previously.

You're right. I shouldn't have said that, at least not without elaboration.

I don't think most of the people at the "talks to Trump" level are really picked for anything you could rightly call "personal loyalty" to Trump. They may be sold to Trump as loyal, but that's probably not even what's on his mind as long as he's never seen you to make him look bad. I don't think disagreeing with Trump on policy will make him see you as disloyal. He doesn't really care about that.

I do think many of the people in the lower tiers are picked for loyalty. In the case of DOGE, that means either personal loyalty to Musk, or loyalty to whatever story he's telling. I don't know whether you count the latter as "personal loyalty".

The DOGE team brought their beds to the office to basically work nonstop.

Well, I'm guessing Musk got them the beds as a "team building" thing, but yes.

If personal loyalty is your main criteria you don't get a bunch of people who never leave the office and work non-stop

You do, though. Personal loyalty, or ideological loyalty, or both, are exactly how you get people to never leave the office.

with high IQs.

They're not acting like they have high IQs. Or at least not high "G".

Start with sleeping in the office. If every single thing they say about the facts and their reasons for being there were 100 percent true, it'd be dumb to burn yourself out trying to make such massive changes on that kind of work schedule.

It's also dumb to ignore the collateral damage when you go around stopping Federal payments you may not understand.

And Marko Elez just had to resign because he wasn't effective enough in scrubbing his past tweets. Wall Street Journal says he "advocated repealing the Civil Rights Act, backed a 'eugenic immigration policy,' and wrote, 'You could not pay me to marry outside of my ethnicity.'". I actually would have thought they'd let him skate, but apparently you still can't get quite that blatant at this point. Smart people don't post stuff like that, for more than one reason.

[-]ChristianKl2mo40

They may be sold to Trump as loyal, but that's probably not even what's on his mind as long as he's never seen you to make him look bad. I don't think disagreeing with Trump on policy will make him see you as disloyal. He doesn't really care about that.

Saying that the 500 hundred thousand in investment aren't there after Trump holds an event to announce them is making Trump look back and not a disagreement on policy.

The phrase "ideological loyalty" seems a bit motte and bailey. In politics, you often get into situations where loyalty to other people and loyalty to ideological principles are opposed. When speaking about totalitarian states where people are picked based on loyalty you usually mean that the loyalty is not contingent on ideological principles.

If someone who's in DOGE driven by the mission of DOGE, they are less likely to do something that helps Elon's business interests but goes against the mission of DOGE. If they are chosen by what most people mean with loyalty they would help Elon with business interests even if it goes against the mission of DOGE.

If Elon would try to lead DOGE in a way that's not focused on the mission of cutting waste and increasing efficiency he probably would get a problem with the DOGE team.

Start with sleeping in the office. If every single thing they say about the facts and their reasons for being there were 100 percent true, it'd be dumb to burn yourself out trying to make such massive changes on that kind of work schedule.

Whether something is dumb or not depends on the strategy you pursue. It seems like they chose that strategy because it allowed to make them move very fast and outmaneuver other players. If they would have moved slower, efforts to mobilize forces to inhibit them from accessing the data might have been more effective.

And Marko Elez just had to resign because he wasn't effective enough in scrubbing his past tweets.

He did delete his account, but given that there are services that show you deleted tweets, there's not really anything he could have done to scrub all evidence of his past tweets.

I actually would have thought they'd let him skate, but apparently you still can't get quite that blatant at this point.

I doubt that his tweets were the only reason he resigned. It might be that DOGE communicated to Trump (or Susie Wiles / the head of the treasury) that his team wasn't seeking write permissions and Marko Elez seeking the write permission was upsetting people.

I do have seen high IQ people (even someone who definitely passed Mensa entry) to post inflammatory right wing content on social media, so I would not say that rules out Marko Elez having a high IQ.

[-]GeneSmith2mo*3726

Take my comments with a grain of salt because I haven't thought too deeply about this, but if I think to myself what I would do if I was tasked with cutting government waste and modernizing IT systems, it would probably look something like what Musk is doing.

You have a sprawling complex of legacy systems, a federal bureaucracy that (let's face it) is institutionally obsessed with process, often at the expense of getting thigns done. You're tasked with cutting out fraud and bloat and increasing efficiency but everything is all over the place. So the first place you go is directly to the treasury, because at least government payments are centralized.

Could the power they've been given be abused? Yes of course. And I think it's worth keeping an idea of signs that the team Musk has hired is abusing its authority.

If someone knows something I'm missing, such as clear signs that they're using their power for self-dealing or to target political rivals, please let me know. But until I see such signs my attitude is mostly just "wait and see".

EDIT: After talking about this more with a friend, I'm more concerned about DOGE. I think many of the things they're doing are pretty blatantly unconstitional (changing allocation of funds in ways that a pretty obvious violations of article 1).

I personally find the defunding of USAID (especially PEPFAR) to be pretty horrible. That's one of the best programs the government invests money in.

I think a lot of their actions will get thrown out by the courts. But they'll do some damage in the meantime.

[-]lc2mo13-5

Elon already has all of the money in the world. I think he and his employs are ideologically driven, and as far as I can tell they're making sensible decisions given their stated goals of reducing unnecessary spend/sprawl. I seriously doubt they're going to use this access to either raid the treasury or turn it into a personal fiefdom. It's possible that in their haste they're introducing security risks, but I also think the tendency of media outlets and their sources will be to exaggerate those security risks. I'd be happy to start a prediction market about this if a regular feels very differently.

If Trump himself was spearheading this effort I would be more worried.

[-]Martin Randall2mo55

I do see some security risk.

Although Trump isn't spearheading the effort I expect he will have access to the results.

[-]O O2mo-20

I feel like a lot of manifold is virtue signaling .

[-]momom22mo96

There are three traders on this market; it means nothing at the moment. No need for virtue signalling to explain a result you might perceive as abnormal, it's just not formed yet.

[-]AnthonyC2mo20

I'm in a similar position as you describe, perspective-wise, and would also like to understand the situation better.

I do think there are good reasons why someone should maybe have direct access to some of these systems, though probably not as a lone individual. I seem to remember a few government shutdown/debt ceiling fight/whatever crises ago, there were articles about how there were fundamentally no systems in place to control or prioritize which bills got paid and which didn't. Money came into the treasury, money left to pay for things, first in first out. The claim I remember being repeated was that first, this was a result of legacy systems, and second, because all the money was authorized by law to be spent it might be illegal to withhold or deprioritize it. Which is also an insane system - there should be a way to say "Pay the White House electric bill, make the florist wait." But to a first approximation, that can't easily be fixed without some unelected people having more authority than you'd normally feel comfortable with them using, which is a risk even if you do it well.

[-]Mikhail Samin2mo2521

Elez, who has visited a Kansas City office housing BFS systems, has many administrator-level privileges. Typically, those admin privileges could give someone the power to log in to servers through secure shell access, navigate the entire file system, change user permissions, and delete or modify critical files

as a policy, it seems bad to have more people with rm -rf-level access to the us economy.

the president can launch literal nukes and get some in return; there are other highly visible officials with the power to nuke the economy. but the president can't delegate the nuke launch decisions to others.

giving such access to more people, especially random, low-visibility people, seems Bad, regardless of how competent they seem to those who appointed them.

[-]robo2mo*244

Huh, I came at this with the background of doing data analysis in large organizations and had a very different take.

You get absolutely all the permissions you want and go on with your day.

Ah, to have a boss like that!

[-]khafra2mo*2818

As someone who has been allowed access into various private and government systems as a consultant, I think the near mode view for classified government systems is different for a reason.

E.g., data is classified as Confidential when its release could cause damage to national security. It's Secret if it could cause serious damage to national security, and it's Top Secret if it could cause exceptionally grave damage to national security.
People lose their jobs for accidentally putting a classified document onto the wrong system, even if it's still owned by the government and protected (but, protected at an insufficient level for the document). People go to jail for putting classified data onto the wrong system on purpose, even if they didn't intend to, say, sell it to the Chinese government.

Bringing in personnel who haven't had the standard single-scope background investigation and been granted a clearance, and a new set of computers which has not gone through any accreditation and authorization process, and giving unrestricted write and read access to classified data is technically something the president could allow. But it's a completely unprecedented level of risk to assume; and AFAICT the president has not actually written any authorizations for doing this.

There is, actually, a Government Accounting Office which does audits; they have identified billions in fraud, waste, and abuse, identified the perpetrators for punishment, and remediated the programs at fault. They have done it without unprecedented breaches in national security, or denying lawful, non-fraudulent payments from the US Treasury.
(Also, outside of my personal area of expertise, I believe denying lawful, non-fraudulent payments from the US Treasury is crossing a really big Chesterton's Fence. GPT-4o estimated a $1T-$5T impact from treasury bond yield spread, forex USD reserves, CDS spreads on US foreign debt, loss of seignorage in global trade, depending on how rare and targeted the payment denial is).

[-]robo2mo7-2

Sure, I think that's a fair objection! Maybe, for a business, it may be worth paying the marginal security costs of giving 20 new people admin accounts, but for the federal government that security cost is too high. Is that what people are objecting to? I'm reading comments like this:

Yeah, that's beyond unusual. It's not even slightly normal. And it is in fact very coup-like behavior if you look at coups in other countries.

And, I just don't think that's the case. I think this is pretty-darn-usual and very normal in the management consulting / private equity world.

I don't think foreign coups are a very good model for this? Coups don't tend to start by bringing in data scientists.

What I'm finding weird is...this was the action people thought worrying enough to make it to the LessWrong discussion. Cutting red tape to unblock data scientists in cost-cutting shakeups -- that sometimes works well! Assembling lists of all CIA officers and sending them emails, or trying to own the Gaza strip, or <take your pick>. I'm far mode on these, have less direct experience, but they seem much more worrying. Why did this make the threshold?

[-]jbash2mo157

And, I just don't think that's the case. I think this is pretty-darn-usual and very normal in the management consulting / private equity world.

I don't know anything about how things are done in management consulting or private equity.^[1] Ever try it in a commercial bank?

Now imagine that you're in an environment where rules are more important than that.

Coups don't tend to start by bringing in data scientists.

Coups tend to start by bypassing and/or purging professionals in your government and "bringing in your own people" to get direct control over key levers. It's very standard. The treasury is a big lever. It doesn't matter what you call the people.^[2] And DOGE is far from the only thing along those lines.

Sowing chaos is another fairly common coup tactic.

Assembling lists of all CIA officers and sending them emails

That's a bit garbled. What they did was request a list of CIA employees, including covert employees, and specifically demand that the list be sent in email on an unclassified system. Why that demand was made is unclear thus far, but yeah, it's a problem. It puts your people at risk for no clear reason.

So that's one example. They also asked for a list of FBI agents. Also at least threatened to mass-fire FBI agents. And did fire US Attorneys, explicitly for doing their jobs by charging criminal activity... in cases that they won in many different courts because they were legally in the right. Also purged military officers. Also sent a bunch of people into OMB and had them, plus White House staff, issue a bunch of memos freezing random government activities and demanding sudden disruptive changes at crash priority in the name of rooting out a very broad interpretation "DEI"... which, even if it were a problem, would definitely not be an emergency demanding Shutting. Down. Everything.

or trying to own the Gaza strip, or <take your pick>

The Gaza thing hasn't involved any actual action, and is the sort of thing Trump has always said. Same for the Greenland grab. He sounds a bit more serious now, but he still hasn't done anything. The worst of the tariffs were suspended after Trump got properly stroked by the right foreign leaders.

... and anyway those are all foreign policy things, and all within the purview of the Presidency. They're spectacularly bad ideas and would harm huge numbers of people. And they definitely could be part of a "flood the zone" strategy. But Trump has statutory authority to do the tariffs, even if he's abusing it. What he did there wasn't illegal. And Presidents have always been allowed to opine, and even negotiate, on foreign policy issues in general, even if the policies they advocate are stupid and even if they make foolish threats that alienate allies and damage US soft power. They usually don't do quite so many dumb things in such a short time, but it's not qualitatively new.

Some of this other stuff, including DOGE being at Treasury and trying to get into the DOL, involves actual action. Some of that action is clearly illegal under black letter law. And it's the kind of action that would suggest of a real attempt to fundamentally rework how the whole US Government works. At a minimum, it's definitely and openly trying to shift power to the executive and concentrating power within the executive in the office of the President and a few agencies. At least one of them brand new and created with no congressional buy-in with actual action behind it.

It's the difference between loudly threatening to misuse the US system and taking illegal actions that look like they might be attempts to fundamentally alter the US system.

We'll see how far that goes. The court orders have been coming in to stop a lot of this stuff. I don't actually expect those orders to be defied... at least not at this point. In fact, the best reason I can come up with for them wanting to do all this stuff so fast has been to do as much damage as possible before the orders come in to stop them. But Trump has surprised me before.

The USAID thing is a weird case. I'm not even sure what made USAID such a target. I've heard speculations, and none of them are very good, but they're also just that: speculations.

I'm far mode on these, have less direct experience, but they seem much more worrying. Why did this make the threshold?

I imagine it's the one Raemon happened to hear about. But it's also pretty typical of the truly fundamental things that are going on.

... and honestly neither of those has a very good reputation. Management consultants are not infrequently used in the corporate equivalent of coups. Private equity, well... not known for preserving value, let's say? ↩︎
In terms of whether they're acting or qualified as "data scientists", I'll quote a tweet from one of them (Luke Farritor) on December 10: "Are there LLMs made specifically for parsing things like documents/forms/PDFs/json/html/excel/etc and converting them from one format to another?". ↩︎

[+]frontier642mo-9-8

[-]Purplehermann2mo21

I very much hope the computers brought in were vetted and kept airgapped.

You keep systems separate, yes.

For some reason I assumed that write permissions were on user in the actual system/secure network and any data exporting would be into secured systems. If they created a massive security leak for other nations to exploit, that's a crux for me on whether this was reckless.

Added: what kind of idiot purposely puts data in the wrong system purposely? The DOGE guys doing this could somehow make sense, governmental workers??

[-]Shankar Sivarajan2mo1-4

The claims that sidestepping procedural hurdles to enact significant reform of the system poses a serious threat to national security or whatever strike me as self-serving.

[-]khafra2mo40

When there's little incentive against classifying harmless documents, and immense cost to making a mistake in the other direction, I'd expect overclassification to be rampant in these bureaucracies.

It’s possible they’re not doing enough to fight against the natural incentive gradient toward overclassification, but they’re trying hard enough that I wouldn’t expect positive EV from disregarding all the rules.

[-]Martin Randall2mo209

Sample questions I would ask if I was a security auditor, which I'm not.

Does Elez have anytime admin access, or for approved time blocks for specific tasks where there is no non-admin alternative? Is his use of the system while using admin rights logged to a separate tamper proof record? What data egress controls are in place on the workstation he uses to remotely access the system as an admin? Is Elez security screened, not a spy, not vulnerable to blackmail? Is Elez trained on secure practices?

Depending on the answers this could be done in a way that would pass an audit with no concerns, or it could be illegal, or something in between.

Avoiding further commentary that would be more political.

[-]jbash2mo93

Technically anything that's authorized by the right people will pass an audit. If you're the right person or group, you can establish a set of practices and procedures that allows access with absolutely none of those things, and use the magic words "I accept the risk" if you're questioned. That applies even when the rules are actually laws; it's just that then the "right group" is a legislative body. The remedy for a policy maker accepting risks they shouldn't isn't really something an auditor gets into.

So the question for an auditor is whether the properly adopted practices and procedures legitimately allow for whatever he's doing (they probably don't). But even if somebody with appropriate authority has established policies and procedures that do allow it, the question to ask as a superior policy maker, which is really where citizens stand, is whether it was a sane system of practices and procedures to adopt.

The issues you're raising would indeed be common and appropriate elements for a sane system. But you're missing a more important question that a sane system would ask: whether he needs whatever kind of administrative access to this thing at all.

Since another almost universal element of a sane system is that software updates or configuration changes to critical systems like that have to go through a multi-person change approval process, and since there is absolutely no way whatever he's doing would qualify for a sanely-adopted emergency exception, and since there are plenty of other people available who could apply any legitimately accepted change, the answer to that is realistically always going to be "no".

[-]Martin Randall2mo30

I wasn't intending to be comprehensive with my sample questions, and I agree with your additional questions. As others have noted, the takeover is similar to the Twitter takeover in style and effect. I don't know if it is true that there are plenty of other people available to apply changes, given that many high-level employees have lost access or been removed.

[-]Raemon2mo70

To be clear, I think it's okay to be more political. What I don't want is "unreflectively partisanly political." (Maybe try DMing what you had in mind to me and I'll see if it feels productive)

[-]frontier642mo15-3

The President is the chief executive of the United States and is supposed to control all the government agencies operating inside of it. Theoretically, Trump has the power to walk into any government office and start doing whatever jobs he wants to do himself. There is no reason why he can't hire people to do this for him instead. He also has the power to grant security clearances to whoever he wants to. The chief executive of the US has a lot of power.

Trump is doing an end-run around the old chain of command because US case law has set the legal precedent that government employees can't be fired at-will. This is why Trump is offering to buyout government employees instead of just firing them. This is also why Trump has a separate team directly accessing the systems at the treasury and other departments. If he just sent word down the chain of command to 'find government corruption and spending on stupid things and eliminate it' nothing would get done. Much of that preexisting, unfirable chain of command is either incompetent or participating in the corruption themselves.

Obviously if the new CEO of a private company wanted to shakeup the old system he would just fire the old workforce like Musk did with Twitter.

[-]Maxwell Peterson2mo20

I am not sure what people are disagreeing with here. The only factual claims I see are “the preexisting chain of command is incompetent or corrupt”, which I agree with (on incompetence), that “the president has a lot of power”, “is supposed to control all the agencies”, and “if the new CEO of a private company…”. None of these seem incorrect to me. I’ve strong-upvoted in both ways.

[-]gbear6052mo83

I disagree with basically all of them.

As I see it, the large majority of government employees are neither incompetent nor corrupt, and the Federal government overall works extremely well given all of the tasks that it's asked to do. The president is supposed to execute the will of the legislature according to the law (which he isn't, he's shutting down agencies that Congress has created and subverting other agencies to not do what Congress has instructed them to do). Musk did a bad job of it with Twitter (it's less profitable now than it was when he bought it, last time I checked the data) and it's a bad policy for a new CEO coming in with goals other than "destroy the old system because I think a well functioning system is bad".

Trump is radically reinterpreting the job of the executive branch to include "determine which laws I want to exist and only enforce those", which is a massive expansion of executive power.

If Congress passed laws for all of these things, I think it would be a bad choice, but at least it wouldn't be an unconstitutional coup.

[-]Simon Berens2mo20

Re twitter’s profitability, Musk about doubled EBITDA despite revenue halving, i.e. he more than tripled EBITDA margin

https://www.teslarati.com/elon-musk-x-doubled-ebitda-since-2022-takeover-report/amp

[-]Maxwell Peterson2mo20

Well okay then :)! You giving a disagree-vote makes a lot of sense. Thanks for explaining.

[-]ChristianKl2mo11-7

When it comes to Elon Musk's personal power it's worth speaking about what kind of goals Elon Musk has. At the recent Tesla earnings call, Elon said that deploying FSD for autonomous cars in China is difficult because Chinese law says that the videos Tesla records in China can't leave the US and US laws says that Tesla is not allowed to train AI models in China. In Elon Musk's presentation about what's important for Tesla, FSD is very important.

If Elon Musk's power would be equal to being a dictator, he would get the US laws changed so that he can train the models in China. The AI policy of the White House is however to be tough on China, and Elon Musk does not have the power to change US policy in the way that would be needed to train FSD in China. He does not have enough power to make his own interests trump the interest of the US as far as Trump sees the interests of the US.

Elon is okay with EV subsidies being lowered even if that's bad for Tesla's bottom line because Elon seems to actually believe in cutting government spending and that's incompatible with having a lot of EV subventions. All the signs we have seen look like Elon actually believes in the goals of DOGE and pursues his activity at DOGE to achieve its stated goals.

While you might agree or disagree with the stated goals of DOGE, saying that Elon run a coup is silly. Each coup starts by securing power over the monopoly of violence and all the actions of DOGE seem to be focused elsewhere than getting control over the monopoly of violence.

The treasury system seems to be written in COBOL. COBOL isn't user-friendly and if you want to run a bunch of analysis of payment flow you likely don't want to run it on the COBOL mainframe. For that reason, they seem to have decided to export the data out of the COBOL system to another server that's more traditional. I think it's quite plausible that the current COBOL system lacks a "export everything" feature and that the DOGE team needed write access to get the data export to work properly. They probably also wanted to add a feature that makes that data export automatic.

While I haven't looked into the laws myself, there are claims that the way DOGE operates might violate Privacy Act of 1974, Federal Information Security Modernization Act, Federal Records Act and the Administrative Procedure Act. While violating these kinds of laws might be standard operating procedure at intelligence agencies and the Snowden revelations did not lead to anyone being charged over violating privacy laws, the DOGE team might not be so lucky if the next president is a Democrat. It's possible that the whole DOGE team will need pardons. Given the precedent that Biden sat at the end of his term, Trump is likely willing to give them those pardons but it creates bad incentives. Anyone at the DOGE team who has a problem with the way the team operates can be told "If you don't play ball you don't get your pardon".

Elon has said that he wants to replace the current system by one that uses a blockchain to be tamperproof. That's likely a good idea in principle, if they however spent two months to create their minimal viable product of a new government payment system and then want to move over the whole existing government payment system there's a high likelihood for a few problems.

[-]Raemon2mo117

I edited the OP but wanted to add for people who missed it (bold part is new)

(Please generally be cautious on LessWrong talking about politics. I am interested in people commenting here who have read the LessWrong Political Prerequisites sequence. I'll be deleting or at least unhesitatingly strong downvoting comments that seem to be doing unreflective partisan dunking)
((But, that's not meant to mean "don't talk about political actions." If this is as big a deal as it sounds, I want to be able to talk about "what to do do?". But I want that talking-about-it to feel more like practically thinking through an action space, than blindly getting sucked into a political egregore))

[-]Martin Randall2mo82

I don't endorse the term "henchmen", these are not my markets. I offer these as an opportunity to orient by making predictions. Marko Elez is not currently on the list, but I will ask if he is included.

[-]ChristianKl2mo32

To me making predictions about whether one of them will be given a pardon before 2026 strange. If they get a pardon it will likely be at the end of Trump's term.

The main scenario where they might be charged with a federal crime are about Trump having a fallout with Elon and in that case they likely won't get pardons.

Pam Bondi is unlikely to charge people inside of DOGE as long as there's a good relationship between Elon and Trump.

[-]maia2mo70

What would a problem solving approach to this in the form of LW comments even look like?

[-]Milan W2mo1210

Historically, lesswrong has been better at truth-finding than at problem-solving.

I hope that this thread is useful as a high signal-to-noise ratio source.

This site is very much a public forum, so I would advise any actor whishing to implement a problem-solving stance to coordinate in a secure manner.

[-]Purplehermann2mo56

I know people who have gotten access to similarly important governmental systems at younger ages.

Don't worry about it too much.

If they abuse it, it'll cost their group lots of political goodwill. (Recursive remove for example)

[-]Milan W2mo31

I know people who have gotten access to similarly important governmental systems at younger ages.

Is there a way you could make this claim credible without compromising people you do not want to compromise? Alternatively, are there public sources documenting similar situations?

[-]Martin Randall2mo50

There are public examples. These ones are famous because something went wrong, at least from a security perspective. Of course there are thousands of young adults with access to sensitive data who don't become spies or whistleblowers, we just don't hear about them.

Theodore Hall, who worked at age 18 on the Manhatten Project.
Edward Snowden who worked from age 22 for the NSA.
Chelsea Manning who worked from age 22 as a US Army Intelligence Analyst.

[-]Purplehermann2mo30

No.

I'm not familiar with public documentation on this.

[-]cata2mo50

There's another blogger, Nathan Tankus, who is also reporting accounts directly from his sources within the BFS. He wears his bias on his sleeve and goes wild with the hyperbole, but he is a prolific public intellectual of some sort so he may be accurately reporting the basic facts. He also did an interview on Odd Lots but it didn't really have anything new.

[-]Trevor Hill-Hand2mo10

I thought these were pretty... let's say "exciting"... reads, but I'd be interested to hear more people's opinion of this as a trustworthy source.

[-]Scott Dickey2mo0-2

Bureaucracy and red tape are often written into law by Congress based on actual and theoretical damage to people and systems. To bypass them is to bypass all protections. The risk is enormous.

[-]GeneSmith2mo93

I guess I somewhat agree with this, but I've also seen many examples of regulations that were passed in response to a particular incident decades ago, whose other non-incident related harms were completely ignored.

Compliance costs are real, and my experience dealing with the federal bureaucracy is that they're often completely ignored.