CCI Training Center has the mission of providing the most effective accelerated, hands on training and enhancement training to the public in a convenient online/on campus schedule.

Our goal is to be a superior company through constant innovation, attention to details, and a focus on quality in all that we do.

We are dedicated to each student who walks through our doors with warmth and friendliness. We work to create an outstanding learning experience.

We believe that the greatest strength of CCI Training Center lies within our people. We are committed to providing an environment that recognizes initiative and performance.

We build relationships through participation and services. We work together to help meet the employment needs of our community.

QUESTION TWO:

SWITCH BOXES. you said that’s what monitors the connections between systems in the computer cluster, right? I assume it has software of its own but we don’t need to get into that, anyway, I am so curious about this— in really really large buildings full of servers, (like multiplayer game hosting servers, Google basically) how big would that switch box have to be? Do they even need one? Would taking out the switch box on a large system like that just completely crash it all?? While I’m on that note, when it’s really large professional server systems like that, how do THEY connect everything to power sources? Do they string it all together like fairy lights with one big cable, or??? …..the voices……..THE VOICES GRR

I’m acending (autism)

ALRIGHT! I'm starting with this one because the first question that should be answered is what the hell is a server rack?

Once again, long post under cut.

So! The first thing I should get out of the way is what is the difference between a computer and a server. Which, is like asking the difference between a gaming console and a computer. Or better yet, the difference between a gaming computer and a regular everyday PC. Which is... that they are pretty much the same thing! But if you game on a gaming computer, you'll get much better performance than on a standard PC. This is (mostly) because a gaming computer has a whole separate processor dedicated to processing graphics (GPU). A server is different from a PC in the same way, it's just a computer that is specifically built to handle the loads of running an online service. That's why you can run a server off a random PC in your closet, the core components are the same! (So good news about your other question. Short answer, yes! It would be possible to connect the hodgepodge of computers to the sexy server racks upstairs, but I'll get more into that in the next long post)

But if you want to cater to hundreds or thousands of customers, you need the professional stuff. So let's break down what's (most commonly) in a rack setup, starting with the individual units (sometimes referred to just as 'U').

Short version of someone setting one up!

18 fucking hard drives. 2 CPUs. How many sticks of ram???

Holy shit, that's a lot. Now depending on your priorities, the next question is, can we play video games on it? Not directly! This thing doesn't have a GPU so using it to render a video game works, but you won't have sparkly graphics with high frame rate. I'll put some video links at the bottom that goes more into the anatomy of the individual units themselves.

I pulled this screenshot from this video rewiring a server rack! As you can see, there are two switch boxes in this server rack! Each rack gets their own switch box to manage which unit in the rack gets what. So it's not like everything is connected to one massive switch box. You can add more capacity by making it bigger or you can just add another one! And if you take it out then shit is fucked. Communication has been broken, 404 website not found (<- not actually sure if this error will show).

So how do servers talk to one another? Again, I'll get more into that in my next essay response to your questions. But basically, they can talk over the internet the same way that your machine does (each server has their own address known as an IP and routers shoot you at one).

POWER SUPPLY FOR A SERVER RACK (finally back to shit I've learned in class) YOU ARE ASKING IF THEY ARE WIRED TOGETHER IN SERIES OR PARALLEL! The answer is parallel. Look back up at the image above, I've called out the power cables. In fact, watch the video of that guy wiring that rack back together very fast. Everything on the right is power. How are they able to plug everything together like that? Oh god I know too much about this topic do not talk to me about transformers (<- both the electrical type and the giant robots). BASICALLY, in a data center (place with WAY to many servers) the building is literally built with that kind of draw in mind (oh god the power demands of computing, I will write a long essay about that in your other question). Worrying about popping a fuse is only really a thing when plugging in a server into a plug in your house.

Links to useful youtube videos

How does a server work? (great guide in under 20 min)

Rackmount Server Anatomy 101 | A Beginner's Guide (more comprehensive breakdown but an hour long)

DATA CENTRE 101 | DISSECTING a SERVER and its COMPONENTS! (the guy is surrounded by screaming server racks and is close to incomprehensible)

What is a patch panel? (More stuff about switch boxes- HOLY SHIT there's more hardware just for managing the connection???)

Data Center Terminologies (basic breakdown of entire data center)

Networking Equipment Racks - How Do They Work? (very informative)

Funny

Empower Your Business with Dedicated IT Resources from Quarec Resources Pvt. Ltd.​

At Quarec Resources Pvt. Ltd., we provide top-tier Dedicated IT Resources to propel your business forward. Our skilled IT professionals seamlessly integrate with your team, offering expertise in software development, system administration, network management, and more. By choosing our dedicated resources, you gain flexibility, cost-efficiency, and the ability to swiftly adapt to evolving technological demands. Partner with Quarec to ensure your IT operations are robust, scalable, and aligned with your strategic goals.

Support Computer Science Education: Technician/Senior Technician Opportunity at NUST! - March 2025

The National University of Science and Technology (NUST) is seeking a skilled and versatile Technician/Senior Technician to join their Department of Computer Science! If you’re passionate about providing technical support in a computer science environment, and have experience in software development, network administration, and desktop support, this is an excellent opportunity. About the…

View On WordPress

The real skillset of assistants, secretaries, and admins who make it that long is that they're really good at taking on cognitive load.

Which is to say: When you look at the job description for those sorts of positions, they usually involve things like scheduling, filing, data entry, front desk management... the little annoying tasks that aren't particularly hard or even necessarily time-consuming individually, but having to do them takes away from the Actual work you want to be doing, like, idk, researching or inventing or destroying the middle class.

The attempt to move this work away from humans to automated machines happens because Brayden the tech bro only looks at his own individual instances of "schedule a meeting" or "file an expense report" and, perhaps not incorrectly, sees that those one-off actions can theoretically be done with a button and an if/else statement and also like it's now a field largely dominated by women so obvs it can't be that important ahahaha go home Barbara the men have optimized you out.

So if this simple action can be done with a button, Brayden's thinking then becomes "why not 'save' the time and expense of employing a whole separate person and just cut out the middle man? Won't that allow me and Barbara to concentrate on Important Work, now that we've both been 'freed' of 'tedious' tasks a robot can do?"

Leaving aside, like, so many things, this line of thinking entirely ignores that Barbara doesn't just take on the effort to handle the annoying one-off procedural tasks that take up Brayden's cognitive time and effort-- she does it for everyone else on the team too.

And sometimes the department.

And sometimes the company.

And all of those people may have subtly (or substantially) different needs or processes to account for, on different time scales, to greater or lesser degrees of importance to themselves or to the business as a whole-- and Barbara can not only balance these multiple cognitive loads (only one of which, remember, was considered so distracting and time/brain intrusive to just Brayden as to be considered a threat to getting "real" work done), but she can do it seamlessly, switching between different brains so quickly and integrating the unexpected with the perpetual so well that it ends up looking like there's no effort going in at all.

...and that's just when your average "good" assistant is still relatively new to the company.

Imagine what someone with that skillset can do over decades.

You want to know how these Lindas and Dianes and Cathys, and Barbaras can all warp time around themselves? Because they've literally been working with and manipulating the balance of time and energy and people their entire goddamn careers-- because that's the job.

Like, when I try to find media comparisons that describe the background mindscape capable of this work, I think it's fucking wild that what I find--

are goddamn Time Lords.

i think this is probably true of every office, but there's a middle aged woman working in business who doesn't hold any particular place in the chain of command but is Sovereign. i was running support and she has access to more secure network drives than i do. im pretty sure she has an admin account. i was having trouble with my parking pass and my boss just said to talk to kristen- one day later i had parking in any garage on campus. she's not even in charge of parking in our building

You are a sysadmin in the 90s

How to Advance Your Career with AWS Certifications

In the fast-paced world of cloud computing, Amazon Web Services (AWS) has established itself as a leader in providing scalable, reliable, and cost-effective cloud solutions. As organizations increasingly migrate their workloads to the cloud, the demand for skilled AWS professionals has surged. If you're looking to advance your career in the IT industry, AWS certifications can be your ticket to success. We'll explore how AWS certifications can propel your career forward and provide a step-by-step guide to achieving them.

The Power of AWS Certifications

AWS certifications are widely recognized in the IT industry and are considered a valuable asset for both newcomers and seasoned professionals. Here are some key reasons why AWS certifications can supercharge your career:

1. Industry Recognition

AWS is a trusted name in cloud computing, and their certifications are well-respected by employers worldwide. Holding an AWS certification demonstrates your expertise and commitment to staying current in a rapidly evolving field.

2. Career Advancement

AWS certifications can open doors to new job opportunities and promotions. Many organizations prefer to hire certified professionals because they are seen as more capable and knowledgeable in AWS technologies.

3. Increased Earning Potential

Certified AWS professionals often command higher salaries than their non-certified counterparts. According to a survey by Global Knowledge, AWS-certified individuals earn an average salary that is significantly above the industry average.

4. Skill Validation

Obtaining an AWS certification validates your skills and knowledge in specific AWS services and technologies. It serves as concrete evidence of your expertise in the eyes of potential employers.

Choosing the Right AWS Certification

AWS offers a wide range of certifications, catering to various roles and skill levels. Before you embark on your certification journey, it's essential to choose the one that aligns with your career goals and current experience. Here are a few popular AWS certifications:

1. AWS Certified Cloud Practitioner

Designed for individuals with little or no cloud experience, this entry-level certification provides a broad overview of AWS services, cloud concepts, and basic architectural best practices.

2. AWS Certified Solutions Architect

This certification is ideal for those interested in designing distributed systems on AWS. It covers topics like architectural best practices, security, and scalability.

3. AWS Certified SysOps Administrator

Focused on system operations and management, this certification is suitable for individuals responsible for deploying, managing, and operating systems on AWS.

4. AWS Certified DevOps Engineer

For those interested in automation, this certification validates skills related to continuous delivery, automation, and managing infrastructure as code.

5. AWS Certified Security - Specialty

For security professionals, this certification focuses on securing AWS workloads and implementing advanced security measures.

Steps to AWS Certification Success

Now that you've decided on the right certification, here are the steps to help you achieve your goal:

1. Set Clear Goals

Define your career goals and how AWS certifications align with them. Having a clear vision will keep you motivated throughout your certification journey.

2. Choose Relevant Training Resources

AWS provides extensive documentation and training resources, including online courses, practice exams, and official study guides. Consider enrolling in AWS Certified training courses, which are designed to help you prepare for the exams.

3. Hands-On Experience

Practice is key to mastering AWS. Create your AWS account and experiment with the services covered in your chosen certification. Hands-on experience will deepen your understanding and boost your confidence.

4. Study and Prepare

Devote time to study and review the certification's objectives. Use study guides, practice exams, and community forums to reinforce your knowledge.

5. Take Practice Exams

Practice exams are invaluable for gauging your readiness. They help you identify areas where you need to improve and build your test-taking skills.

6. Schedule and Take the Exam

Once you feel confident in your knowledge, schedule your exam. AWS offers both online and in-person testing options to accommodate your preferences.

7. Stay Informed

AWS constantly updates its services and certifications. Stay informed about changes and consider pursuing additional certifications to continue growing in your career.

Conclusion

AWS certifications have become a gold standard in the IT industry, and they offer an excellent opportunity to advance your career. Whether you're starting from scratch or looking to level up your skills, there's a certification tailored to your needs. Remember that certification is a journey, not a destination. Keep learning, stay updated, and embrace the dynamic world of AWS to unlock the full potential of your cloud computing career. With dedication and the right certifications, you can be on your way to a brighter and more rewarding future in the world of cloud computing.

System and Network Administration

System and Network Administration System and Network Administration – System administration is a job done by IT experts for an organization. The job is to ensure that computer systems and all related services are working well.    What is TCP/IP? Introduction of TCP/IP model TCP/IP is a set of network protocols (Protocol Suite) that enable communication between computers. Network protocols are…

View On WordPress

China hacked Verizon, AT&T and Lumen using the FBI’s backdoor

On OCTOBER 23 at 7PM, I'll be in DECATUR, presenting my novel THE BEZZLE at EAGLE EYE BOOKS.

State-affiliated Chinese hackers penetrated AT&T, Verizon, Lumen and others; they entered their networks and spent months intercepting US traffic – from individuals, firms, government officials, etc – and they did it all without having to exploit any code vulnerabilities. Instead, they used the back door that the FBI requires every carrier to furnish:

https://www.wsj.com/tech/cybersecurity/u-s-wiretap-systems-targeted-in-china-linked-hack-327fc63b?st=C5ywbp&reflink=desktopwebshare_permalink

In 1994, Bill Clinton signed CALEA into law. The Communications Assistance for Law Enforcement Act requires every US telecommunications network to be designed around facilitating access to law-enforcement wiretaps. Prior to CALEA, telecoms operators were often at pains to design their networks to resist infiltration and interception. Even if a telco didn't go that far, they were at the very least indifferent to the needs of law enforcement, and attuned instead to building efficient, robust networks.

Predictably, CALEA met stiff opposition from powerful telecoms companies as it worked its way through Congress, but the Clinton administration bought them off with hundreds of millions of dollars in subsidies to acquire wiretap-facilitation technologies. Immediately, a new industry sprang into being; companies that promised to help the carriers hack themselves, punching back doors into their networks. The pioneers of this dirty business were overwhelmingly founded by ex-Israeli signals intelligence personnel, though they often poached senior American military and intelligence officials to serve as the face of their operations and liase with their former colleagues in law enforcement and intelligence.

Telcos weren't the only opponents of CALEA, of course. Security experts – those who weren't hoping to cash in on government pork, anyways – warned that there was no way to make a back door that was only useful to the "good guys" but would keep the "bad guys" out.

These experts were – then as now – dismissed as neurotic worriers who simultaneously failed to understand the need to facilitate mass surveillance in order to keep the nation safe, and who lacked appropriate faith in American ingenuity. If we can put a man on the moon, surely we can build a security system that selectively fails when a cop needs it to, but stands up to every crook, bully, corporate snoop and foreign government. In other words: "We have faith in you! NERD HARDER!"

NERD HARDER! has been the answer ever since CALEA – and related Clinton-era initiatives, like the failed Clipper Chip program, which would have put a spy chip in every computer, and, eventually, every phone and gadget:

https://en.wikipedia.org/wiki/Clipper_chip

America may have invented NERD HARDER! but plenty of other countries have taken up the cause. The all-time champion is former Australian Prime Minister Malcolm Turnbull, who, when informed that the laws of mathematics dictate that it is impossible to make an encryption scheme that only protects good secrets and not bad ones, replied, "The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia":

https://www.zdnet.com/article/the-laws-of-australia-will-trump-the-laws-of-mathematics-turnbull/

CALEA forced a redesign of the foundational, physical layer of the internet. Thankfully, encryption at the protocol layer – in the programs we use – partially counters this deliberately introduced brittleness in the security of all our communications. CALEA can be used to intercept your communications, but mostly what an attacker gets is "metadata" ("so-and-so sent a message of X bytes to such and such") because the data is scrambled and they can't unscramble it, because cryptography actually works, unlike back doors. Of course, that's why governments in the EU, the US, the UK and all over the world are still trying to ban working encryption, insisting that the back doors they'll install will only let the good guys in:

https://pluralistic.net/2023/03/05/theyre-still-trying-to-ban-cryptography/

Any back door can be exploited by your adversaries. The Chinese sponsored hacking group know as Salt Typhoon intercepted the communications of hundreds of millions of American residents, businesses, and institutions. From that position, they could do NSA-style metadata-analysis, malware injection, and interception of unencrypted traffic. And they didn't have to hack anything, because the US government insists that all networking gear ship pre-hacked so that cops can get into it.

This isn't even the first time that CALEA back doors have been exploited by a hostile foreign power as a matter of geopolitical skullduggery. In 2004-2005, Greece's telecommunications were under mass surveillance by US spy agencies who wiretapped Greek officials, all the way up to the Prime Minister, in order to mess with the Greek Olympic bid:

https://en.wikipedia.org/wiki/Greek_wiretapping_case_2004%E2%80%9305

This is a wild story in so many ways. For one thing, CALEA isn't law in Greece! You can totally sell working, secure networking gear in Greece, and in many other countries around the world where they have not passed a stupid CALEA-style law. However the US telecoms market is so fucking huge that all the manufacturers build CALEA back doors into their gear, no matter where it's destined for. So the US has effectively exported this deliberate insecurity to the whole planet – and used it to screw around with Olympic bids, the most penny-ante bullshit imaginable.

Now Chinese-sponsored hackers with cool names like "Salt Typhoon" are traipsing around inside US telecoms infrastructure, using the back doors the FBI insisted would be safe.

Tor Books as just published two new, free LITTLE BROTHER stories: VIGILANT, about creepy surveillance in distance education; and SPILL, about oil pipelines and indigenous landback.

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/10/07/foreseeable-outcomes/#calea

Image: Kris Duda, modified https://www.flickr.com/photos/ahorcado/5433669707/

CC BY 2.0 https://creativecommons.org/licenses/by/2.0/

Increasing Business Success With Technology

We are a team of experts dedicated to providing IT solutions for small business. With our help, you can focus on your core business while we handle your IT needs.

TMAGP 31 - A Computer Nerd’s Breakdown Of The Error Logs

It’s round 3, bitches! (tumblr crashed twice when I was writing this so I’ve had to start again multiple times. I do in fact see the irony, considering the subject matter)

I was listening to TMAGP 31 and as a computer nerd, oh my god those error messages just HIT DIFFERENT. There are so many subtle details hiding in those lines that a typical non-computery person would probably miss, so I feel it is my duty to explain them and their possible implications. So that’s why I’ve decided to fully break down each part of the error report, complete with what they could potentially suggest — think of this as “the TMAGP theorist’s guide to deciphering Chester’s yapping”

So without further ado, let’s get this party started…

(NOTE: lines from the transcript are in red, ‘translations’ are in purple, jmj specific stuff is is green, explanations are in black)

Starting off with Category: fatal programmer error, notice it says programmer, not program. There is nothing wrong with the code - the user has truly fucked up. Uh oh, Colin has made a big mistake…

Also, clever double meaning here with the word fatal. Obviously we know it was fatal to Colin (RIP king 🥲), but error logs also typically have a criticality level describing if immediate action needs to be taken. There are 6 commonly used levels, with the most critical being, yep you guessed it, ‘fatal’ - this means that whatever Colin was doing was a critical threat to the system. In other words, Colin had figured out the problem and was dangerously close to fixing it so Freddie just went “oh shit, we need to deal with this guy quickly or we are in serious trouble.”

Then we’ve got the next line, attempted host compromise (the Errno611 isn’t significant - error codes vary from system to system). When it comes to network terminology, a host is basically just any device on the network, so in full this line basically means “somebody’s tried to damage part of the network.” Importantly, “host” seems to suggest that the computers aren’t the source of this evil but merely a vessel for it. Freddie is just the mouthpiece for these supernatural forces - a bit like a non-sentient (as far as we know…) avatar. Whatever these forces are, they didn’t come from within/they weren’t created by Freddie.

(NOTE: I will come back to jmj=null in a bit)

The program traceback, Traceback <module> by extension BECHER, is rather interesting. A network extension is a way of providing network access to remote users (think along the lines of a VPN) by creating a personal direct ‘route’ to the network. Therefore if it’s the subject of an error report, it means there’s been an issue with data transmission along that path. So this bit means “there’s a problem with this specific network route that’s allocated to Colin.” However, the darker implication here is that Colin is an extension of Freddie. Although he wasn’t initially a part of all of this, he’s become tangled in the web (no pun intended) to the point that he and Freddie are inseparably intertwined. The OIAR employees may be able to quit their jobs, but they’ll still be a part of Freddie…

There isn’t much to say about Host=self.host in this context. It’s just convention when it comes to object oriented programming. Not important here.

Extension BECHER compromised isn’t just saying “there’s an issue here.” It’s saying “there’s an issue here that is a serious threat to network operation.” In other words, Freddie’s going “uh oh. Colin needs to be dealt with.”

The next bit is pretty self explanatory. I really don’t think I need to explain what <hardware damage_crowbar> means for you guys to understand. This bit made me laugh so hard. One thing that’s interesting though is that it gave it a DPHW, so Freddie processed this like it was an incident… Perhaps this fully confirms that the ‘thing’ controlling Freddie is of the same origin as the cases - it’s not something else entirely?

And now onto Administrator privilege revoked. This was the moment when I fully realised “oh no. Colin is fucked,” because any control that Colin may have had over the situation is now gone for good. Freddie’s basically just said “fuck you Colin. You’re not in charge anymore. I am.”

As you can probably guess, Unexpected data isolated/resolved just means that the crowbar’s been dealt with and the program can run as usual. Similarly, the Colin threat is fixed now he’s not an administrator i.e. he can no longer control the system. However, it then gets weird with Independent operation permissions revoked… It’s not saying Colin can’t use the network independently, it’s saying that Colin can’t be used independently of the network. Remember what I was saying earlier about Colin being a part of Freddie? Yeah, well now he purely is a part of Freddie. They’re turning our boy into data!

NOTE: I know in the audio it said everything was discarded but I’m going by the transcript. Idk why they’re different

You know it’s a bad sign when you hear Re config: self.host - Freddie’s evolving. The network is literally reconfiguring itself to now include Colin. And then Freddie goes through each of his alchemical elements one by one and fucking deletes them! How rude. You go and eat this man only to spit everything out!? I guess he’s feeling generous though, because he decides to keep the sulphur, which in alchemy, refers to the soul… If this isn’t just a coincidence, then that means Colin’s actual soul has been uploaded to Freddie. That could be really cool. And messed up. But mostly cool.

Starting with the final line, everyone knows what New administrator permissions assigned means, but we don’t know yet who they’ve been assigned to. Maybe it’s Gwen? Maybe it’s a new character? Maybe there is no system administrator anymore? It’s a mystery.

Now that’s out the way, let’s get on to the real juicy stuff…

The top few lines are pretty simple - it’s Freddie’s way of saying “Colin was a problem. We ate him. Now he’s not a problem anymore.” The next line, however, is a reminder that none of this is simple” - .jmj error not resolved. There it is again. The infamous jmj error. What does it mean? Jon? Martin? Jonah? Is that you???? Nobody knows. One thing we do know though is that jmj=null (from the start of the error log). Now when it comes to interpreting values, null is weird. It’s not zero, it’s not empty, it’s sort of nothing but it’s not nothing. It’s just null. It means no value, but it doesn’t mean that the variable doesn’t have a value (if that makes any sense to you guys???). Ooh I think I know how to explain it?? Imagine you’re Jonathan Sims, head archivist of the Magnus Institute and you’re digitising some archived ID photos when you find one without a name. The recorded name in the database would be null - you can’t put anything in particular, but that doesn’t mean the person in the photo doesn’t have a name. I guess null means unknown or missing here. So basically, what jmj=null means is that the jmj is unknown and that is a problem because it can’t get ignored/it is important. So what it’s basically saying is that jmj is a mystery not only to us, but also to Freddie.

Take a look at Data integration cycle ongoing <0.02%> - Data integration is the process of combining data from multiple sources into a single source of truth. There are 4 stages: data ingestion, cleaning, transformation, and unification. Thanks to the whole Colin ordeal, I’m sure you are all quite familiar with these stages by now (and that, students, is what we call a case study!). The peculiar thing here though is that we’ve just witnessed most of the data integration cycle - surely it should be higher than 0.02%? Yes, that’s correct. It should be far higher than that. It makes no sense. UNLESS this isn’t about Colin. Most of Colin’s data has probably already integrated. This is something else entirely - something so much bigger and foreign than these computers were designed for (the only comparison I can think of is trying to run the sims 4 with all expansion packs on a 15 year old laptop. It really shouldn’t work, and it probably won’t, but it’s gonna try regardless). This seems to follow on nicely from the jmj=null comments above, because Freddie is clearly struggling to integrate something (hence System function margins down to 82%), and when you try to read data that hasn’t been fully integrated with the system, you end up with a lot of missing & unknown values. Sound familiar? Yep, that’s right - until more data is synchronised, many values will be null, like our good friend jmj. Why is it taking so long to integrate jmj? We don’t know. Perhaps its origins are so supernatural and otherworldly that it’s simply not tangible enough for Freddie to process it? That’s what I think at the moment, at least.

So yeah, that’s my line by line analysis done! Hope you found that helpful/interesting. This podcast is so well written I’m actually going insane! Jonny and Alex, you are the guys of all time! As I’ve already said, feel free to expand on any of this - I’d love to hear your theories

Signed, your friendly neighbourhood computer nerd who is very autistic about TMAGP :)

In the span of just weeks, the U.S. government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound.

First, it was reported that people associated with the newly created Department of Government Efficiency (DOGE) had accessed the U.S. Treasury computer system, giving them the ability to collect data on and potentially control the department’s roughly $5.45 trillion in annual federal payments.

Then, we learned that uncleared DOGE personnel had gained access to classified data from the U.S. Agency for International Development, possibly copying it onto their own systems. Next, the Office of Personnel Management—which holds detailed personal data on millions of federal employees, including those with security clearances—was compromised. After that, Medicaid and Medicare records were compromised.

Meanwhile, only partially redacted names of CIA employees were sent over an unclassified email account. DOGE personnel are also reported to be feeding Education Department data into artificial intelligence software, and they have also started working at the Department of Energy.

This story is moving very fast. On Feb. 8, a federal judge blocked the DOGE team from accessing the Treasury Department systems any further. But given that DOGE workers have already copied data and possibly installed and modified software, it’s unclear how this fixes anything.

In any case, breaches of other critical government systems are likely to follow unless federal employees stand firm on the protocols protecting national security.

The systems that DOGE is accessing are not esoteric pieces of our nation’s infrastructure—they are the sinews of government.

For example, the Treasury Department systems contain the technical blueprints for how the federal government moves money, while the Office of Personnel Management (OPM) network contains information on who and what organizations the government employs and contracts with.

What makes this situation unprecedented isn’t just the scope, but also the method of attack. Foreign adversaries typically spend years attempting to penetrate government systems such as these, using stealth to avoid being seen and carefully hiding any tells or tracks. The Chinese government’s 2015 breach of OPM was a significant U.S. security failure, and it illustrated how personnel data could be used to identify intelligence officers and compromise national security.

In this case, external operators with limited experience and minimal oversight are doing their work in plain sight and under massive public scrutiny: gaining the highest levels of administrative access and making changes to the United States’ most sensitive networks, potentially introducing new security vulnerabilities in the process.

But the most alarming aspect isn’t just the access being granted. It’s the systematic dismantling of security measures that would detect and prevent misuse—including standard incident response protocols, auditing, and change-tracking mechanisms—by removing the career officials in charge of those security measures and replacing them with inexperienced operators.

The Treasury’s computer systems have such an impact on national security that they were designed with the same principle that guides nuclear launch protocols: No single person should have unlimited power. Just as launching a nuclear missile requires two separate officers turning their keys simultaneously, making changes to critical financial systems traditionally requires multiple authorized personnel working in concert.

This approach, known as “separation of duties,” isn’t just bureaucratic red tape; it’s a fundamental security principle as old as banking itself. When your local bank processes a large transfer, it requires two different employees to verify the transaction. When a company issues a major financial report, separate teams must review and approve it. These aren’t just formalities—they’re essential safeguards against corruption and error.

These measures have been bypassed or ignored. It’s as if someone found a way to rob Fort Knox by simply declaring that the new official policy is to fire all the guards and allow unescorted visits to the vault.

The implications for national security are staggering. Sen. Ron Wyden said his office had learned that the attackers gained privileges that allow them to modify core programs in Treasury Department computers that verify federal payments, access encrypted keys that secure financial transactions, and alter audit logs that record system changes. Over at OPM, reports indicate that individuals associated with DOGE connected an unauthorized server into the network. They are also reportedly training AI software on all of this sensitive data.

This is much more critical than the initial unauthorized access. These new servers have unknown capabilities and configurations, and there’s no evidence that this new code has gone through any rigorous security testing protocols. The AIs being trained are certainly not secure enough for this kind of data. All are ideal targets for any adversary, foreign or domestic, also seeking access to federal data.

There’s a reason why every modification—hardware or software—to these systems goes through a complex planning process and includes sophisticated access-control mechanisms. The national security crisis is that these systems are now much more vulnerable to dangerous attacks at the same time that the legitimate system administrators trained to protect them have been locked out.

By modifying core systems, the attackers have not only compromised current operations, but have also left behind vulnerabilities that could be exploited in future attacks—giving adversaries such as Russia and China an unprecedented opportunity. These countries have long targeted these systems. And they don’t just want to gather intelligence—they also want to understand how to disrupt these systems in a crisis.

Now, the technical details of how these systems operate, their security protocols, and their vulnerabilities are now potentially exposed to unknown parties without any of the usual safeguards. Instead of having to breach heavily fortified digital walls, these parties  can simply walk through doors that are being propped open—and then erase evidence of their actions.

The security implications span three critical areas.

First, system manipulation: External operators can now modify operations while also altering audit trails that would track their changes. Second, data exposure: Beyond accessing personal information and transaction records, these operators can copy entire system architectures and security configurations—in one case, the technical blueprint of the country’s federal payment infrastructure. Third, and most critically, is the issue of system control: These operators can alter core systems and authentication mechanisms while disabling the very tools designed to detect such changes. This is more than modifying operations; it is modifying the infrastructure that those operations use.

To address these vulnerabilities, three immediate steps are essential. First, unauthorized access must be revoked and proper authentication protocols restored. Next, comprehensive system monitoring and change management must be reinstated—which, given the difficulty of cleaning a compromised system, will likely require a complete system reset. Finally, thorough audits must be conducted of all system changes made during this period.

This is beyond politics—this is a matter of national security. Foreign national intelligence organizations will be quick to take advantage of both the chaos and the new insecurities to steal U.S. data and install backdoors to allow for future access.

Each day of continued unrestricted access makes the eventual recovery more difficult and increases the risk of irreversible damage to these critical systems. While the full impact may take time to assess, these steps represent the minimum necessary actions to begin restoring system integrity and security protocols.

Assuming that anyone in the government still cares.

Keep NUST's Network Running Smoothly: Network Administrator Opportunity! - March 2025

The National University of Science and Technology (NUST) is seeking a skilled and proactive Network Administrator to join their Information and Communication Technology Services (ICTS) Department! If you’re passionate about maintaining and optimizing network infrastructure, ensuring seamless operations, and providing excellent technical support, this is an excellent opportunity. About the…

View On WordPress

Musk’s DOGE Teen Was Fired By Cybersecurity Firm for Leaking Company Secrets

Edward Coristine, a 19-year-old member of Elon Musk’s squad that’s criss-crossing US government agencies, was fired from an internship after he was accused of sharing information with a competitor. “Edward has been terminated for leaking internal information to the competitors,” said a June 2022 message from an executive of the firm, Path Network, which was seen by Bloomberg News. “This is unacceptable and there is zero tolerance for this.” Afterward, Coristine wrote that he’d retained access to the cybersecurity company’s computers, though he said he hadn’t taken advantage of it. “I had access to every single machine,” he wrote on Discord in late 2022, weeks after he was dismissed from Path Network, according to messages seen by Bloomberg. Posting under the name “Rivage,” which six people who know him said was his alias, Coristine said he could have wiped Path’s customer-supporting servers if he’d wished. He added, "I never exploited it because it's just not me." His comments, made in a Discord server focused on another competitor company, worried executives at Path Network, who believed there was no legitimate reason for a former employee to access their machines, according to a person familiar with the incident. The person asked not to be named, citing the sensitivity of the matter. [...] In meetings at the US Agency for International Development and the General Services Administration, Coristine and other colleagues have discussed how they can use that data to potentially replace government employees with artificial intelligence and train chatbots to do the work. [...] Coristine regularly posted on both Discord and the messaging service Telegram in 2021 and 2022, when he was under 18. His posts are a mix of discussions about Path Network, coder-talk and lewd insults. [...] JoeyCrafter was a member of Telegram groups called “Kiwi Farms Christmas Chat” and “Kiwi Farms 100% Real No Fake No Virus,” both referencing an online forum known for harassment campaigns. Typically, the site has been used to share the personal information of a target, encouraging others to harass them online, in-person, over the phone or by falsely alerting police to a violent crime or active shooter incident at their home. In online messages, the aliases that investigators said Coristine uses have regularly discussed free speech and internet providers’ role in keeping websites online, including one that hosted the neo-Nazi site the Daily Stormer.

these people have access to your SSN, your medicaid, your relatives' medicare, everyone's medical history, etc

Machine learning boosts search for new materials - Technology Org

New Post has been published on https://thedigitalinsider.com/machine-learning-boosts-search-for-new-materials-technology-org/

Machine learning boosts search for new materials - Technology Org

Scientists have developed deep-learning models that can sift through the massive amounts of data generated by X-ray diffraction techniques.

Scientists from the University of Rochester say deep learning can supercharge a technique that is already the gold standard for characterizing new materials. In an npj Computational Materials paper, the interdisciplinary team describes models they developed to leverage the massive amounts of data better than X-ray diffraction experiments produce.

During X-ray diffraction experiments, bright lasers shine on a sample, producing diffracted images that contain important information about the material’s structure and properties. Project lead Niaz Abdolrahim, an associate professor in the Department of Mechanical Engineering and a scientist at the Laboratory for Laser Energetics (LLE), says conventional methods of analyzing these images can be contentious, time-consuming, and often ineffective.

“There is a lot of materials science and physics hidden in each one of these images and terabytes of data are being produced every day at facilities and labs worldwide,” says Abdolrahim. “Developing a good model to analyze this data can really help expedite materials innovation, understand materials at extreme conditions, and develop materials for different technological applications.”

The study, led by materials science PhD student Jerardo Salgado, holds particular promise for high-energy-density experiments like those conducted at LLE by researchers from the Center for Matter at Atomic Pressures. By examining the precise moment when materials under extreme conditions change phases, scientists can discover ways to create new materials and learn about the formation of stars and planets.

Abdolrahim says the project, funded by the US Department of Energy’s National Nuclear Security Administration and the National Science Foundation, improves upon previous attempts to develop machine learning models for X-ray diffraction analysis that were trained and evaluated primarily with synthetic data. Abdolrahim, Associate Professor Chenliang Xu from the Department of Computer Science, and their students incorporated real-world data from experiments with inorganic materials to train their deep-learning models.

More experimental X-ray diffraction analysis data needs to be publicly available to help refine the models, according to Abdolrahim. She says the team is working on creating platforms for others to share data that can help train and evaluate the system, making it even more effective.

Source: University of Rochester

You can offer your link to a page which is relevant to the topic of this post.