Are we gonna gloss over the fact that the EEOC was storing plaintext passwords? Fucking incompetent
this post was submitted on 11 May 2026
341 points (98.9% liked)
Technology
84603 readers
4308 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Yeah and whoever designed that system needs to be fired. 40 years ago you could maybe call it a reasonable mistake (although it wasn't really acceptable even back then), but these days anyone storing plaintext passwords anywhere is bordering on criminal negligence. Unless you have a damned good reason passwords should be hashed, but at a minimum at least encrypted with something reasonably secure.
I would argue that there is no such thing as a good reason to store plain text passwords.
They are not saying that you should have a good reason to store plain text, but to have a good reason not to hash, but only to encrypt.
I'm comfortable with boot having a either a plaintext key or two key halves to XOR together, used to unlock the base OS. I honestly don't trust a TPM to store this, and as long as the OS is designed to guard the key from all but root, I don't see any security issue.
Salt it, hash it, put it in a stew.
I'd like to say that nobody cared about security even 25 years ago, but in government, they have ALWAYS cared about security.
25 years ago I was still programming in php and I was salting my passwords before hashing even back then.
admin123 is likely the password.
If it was anyone hired by the current administration to be the security software engineer, I'd imagine it being someone severely under qualified with some kind of reality TV, media background who probably only mentioned "I stayed at a Holiday Inn last night.." when asked if they had any security authentication background. The interviewer probably just got a grand kick out of that response and after an intense belly laugh said, "Fuck it, you're hired!"
Over several hours, the brothers deleted approximately 96 databases storing government information, including systems tied to case management and Freedom of Information Act request processing. The affected systems were hosted on servers in Ashburn, Virginia.
Damn. If they deleted NSA or CIA data they could have been heroes. Deleting FOIAs and people's equal opportunity cases is just shitty.
This is definitely a case of hurting anyone they could rather than targeting their rage. Now members of the public have to suffer it.
One could call it shitty, I call it fascist, but fascism is indeed, very shitty.
The managers who gave him that access should also be put on trial
Ok now charge those broccoli-permed goons of Musk's
At least we can feel content in the knowledge that one of them was dragged from their car and had the shit beat out of him.
I always thought it was kind of standard process to kill all of a users processes, and cancel their credentials before telling someone they're fired.
Probably is, but the admin isn't much for doing things right.
Just pull backups from the DOGE guys.
they didn't even delete any bullshit DBs like ones doing dragnet surveillance
Because those one are how Palantir makes money.
credit score db
Funnily enough, credit scores have literally nothing to do with the government.
21 years is to short for destroying that much public data.
86 96
Chaotic good?
It takes a lot of restraint to have total access to important systems and be in a poorly ending situation with a company.
Restraint or a realistic sense of how easily they could figure out who did it.