> At 4:59 pm, he asked an AI tool, “How do i clear system logs from SQL servers after deleting databases?” He later asked, “How do you clear all event and application logs from Microsoft windows server 2012?”
> In the space of a single hour, Muneeb deleted around 96 databases with US government information. He downloaded 1,805 files belonging to the EEOC and stashed them on a USB drive, then grabbed federal tax information for at least 450 people.
Maybe whoever runs infosec at that place should also be fired?
I love how this leaks out the fact that the DHS is running production databases on operating systems that are months away from end of extended support.
Windows Server has 5 years of mainstream support, 5 years of extended support, and then an extra 3 years paid Extended Security Updates (ESU) support. For 2012 and 2012 R2 that ends in October 2026.
The three years of ESU exists only for organisations like government departments that would rather pay Microsoft millions of dollars for patches than pay a competitive wage and hire competent IT staff that can complete upgrade projects on time.
> The three years of ESU exists only for organisations like government departments that would rather pay Microsoft millions of dollars for patches than pay a competitive wage and hire competent IT staff that can complete upgrade projects on time.
I'm not going to say the wages are fine but the issue is likely not to be the competence of the IT staff, but rather the overbearing IT management processes the U.S. Federal government uses. "Enterprise change management" processes separate from the already-long cybersecurity review processes can add weeks or even months to system updates.
In that kind of construct, you optimize for fewer but larger changes and then it's no surprise to see that there's no time in the project update schedule to update the OS in addition to making all the other long-overdue library / middleware / application changes that also are pending once a change finally can be made.
They hire US-based technology companies who fail in the exact same way.
(rare exception: Gov.uk government digital services; while they're not used for all projects, they are exactly the sort of committed and competent public servants we need more of)
The day-to-day operation of large government bureaucracies is surprisingly immune to elections. The same people stay in the same job for decades, the "churn" only happens at the highest levels, and even those positions tend to outlast changes in the current political party in charge.
Unfortunately this is a good example of kicking the can. Not to the next administration but to after the next elections. Some aspects are felt already but not all.
It's a good time to be kind to your neighbors. No matter their background, they're almost certainly not the ones to be upset at.
That’s a non-sequitur. You don’t need to defend AI, your parent comment isn’t attacking it, simply making an observation.
> doesn't mean you ban hammers
They didn’t suggest banning anything.
> You can kill with hammer
Not if you don’t have a hammer available. Which is the point. Ready access to a tool makes misusing the tool easy. And some tools are more conductive to misuse than others. You can kill maybe a couple of people in a crowd with a hammer, a few more with a handgun, a ton more with a machine gun or a bomb. The tool itself matters, and you should regulate each accordingly to their capacity and likelihood of harm. For example, plenty of countries restrict gun use significantly more than the US. Those countries have much fewer gun-related deaths and violence. This isn’t (shouldn’t be, in an honest discussion) hard to understand.
The tools we use are not neutral. A sword can be made to work like an axe, but we use axes for chopping wood because a sword makes a shitty axe. A sword is designed to kill people. The handle, the mass, the weight distribution, and every other aspect I am not qualified to get in to, means swords are designed to kill. They are a tool, and their use is not neutral.
This is a clear example, but I don't believe any tools are neutral. Your immediate fallback was to a hammer, not a mouse, with the obvious corrollary being to bludgeon, but the same line applies. Tools are not neutral, and that's why when you looked for something that causes harm, you grabbed something that's objectively been serving a dual-purpose for hundreds of years. Nobody's using a computer mouse to bludgeon someone to death; it makes a shitty bludgeon, and the design of the tool reflects that.
That's also why these comparisons always fall back to knives, or hammers, or the AK-47: they are dangerous tools that are designed to make killing easier. Nobody is making these comparisons to more benign tools, like desk lamps, coffee cups, or car stereos, and it's because tools are not neutral, and none of my examples are designed to make direct, bodily harm, easier.
The fact that you had to find an article from three decades ago for an instance of killing with a keyboard is telling. All the others aren’t exactly that recent and are mostly isolated cases. Meanwhile, on gun related deaths, there are entire Wikipedia pages for it:
Meanwhile, pages of deaths perpetrated with household items are curiosities. You parent comment stands: tools are designed for specific purposes and are used for those purposes.
My larger point is that nobody - nobody - defaults to telling us the coffee mug is unregulated, as AI allegedly ought to be. They always compare it to something much more commonly used as a weapon; something that, when asked to name a household object likely to be used as a weapon, the average person would guess.
Maybe whoever runs infosec at that place should also be fired?