I can't even count the number of times I have seen privileged information dropped onto a "presentation" laptop during a meeting. I hope they are better at controlling that than most.
Yep, plus the configuration of the laptop could possibly be of value. Depending on how it's setup, you could see the AD domain name, naming pattern of usernames and domain computers, setup and names of network drives, group policy settings, etc. Nothing too crazy on its own but could help facilitate a larger breach. Having a portable computer that's already configured to connect to the network you want to breach is possibly pretty useful.
Snowden's leaks were largely NSA presentation materials. Not implying that Pelosi had TSCI/noforn materials but just saying, being used as presentation doesn't mean much. Especially if it's connected to internal networks.
Clearly a big deal and congressional IT staff are going to have a crazy few weeks ahead of them. However, my understanding is that any classified information would have to be in a SCIF. I assume that would be the case with congresspeople as well.
I've also heard that the congressional paging system locks devices when an emergency is announced, but haven't seen that corroborated anywhere. Anyone know if that's true?
Plus, classification is reserved for government documents, right? If someone's goal was to specifically expose "DNC secrets," a la Watergate, the most damaging information would likely not be "classified" in the formal sense of the word.
Special room for classified stuff. Even once you're inside the classified room (usually windowless and behind a locked keypad) a lot of stuff is also behind locked filing cabinets.
Imagine something like 'The Thing' but with ~75 years of technological advancement.
The Capitol is going to need to be cleaned for such devices and equipment for a long time before it can be considered secure again.
On the flip side, any devices that may be found are likely to be close to the latest models, and like with project SATYR, the US may have a potential goldmine of new tech in the coming years.
EDIT: Combined with the recent hacking of the US, the synergy of having physical access creates a load of headaches and nightmares. If I were in the federal information security space I would be very interested in visa and flight logs in and out of the US right now.
Truly a nightmare situation. I really hope they have a solid means to recover the stolen assets. Does anyone have insight into what types of tracking high level government laptops would have?
That may or may not be true, but I feel it's worth mentioning that often those individuals need some level of security clearance. See listings on job boards for janitorial staff/etc. that require security clearance (often at private corporations, like defence contractors, but I see no reason why it wouldn't extend to public employment i.e. at the Capitol).
Given that Pelosi's desktop was logged on and unlocked, there's a fair chance the laptop was too which would render full disk encryption useless. As long as whoever stole it didn't close it and send it to sleep anyway.
Pelosi is in her 80s and a politician, it's common for people in that generation to not actually use computers themselves but rely on their assistants to "do the computer stuff".
I'm sure they didn't send in their best IT experts in the first wave. Billy Bob likely won't know to keep the machine from going to sleep, esp in the chaotic scene.
Billy Bob is a name stereotypically used to refer to someone to imply that they are rural, ignorant and/or unsophisticated.
Billy Bob (short for William Robert) at one time was a common set of first names for Americans that lived in country areas.
Well training for much more mundane events should cover it. I wonder if they’re personal laptops otherwise IT security would have an auto lock enabled.
Do we know it was Pelosi's computer and not just a staffer in her office? I also imagine it's a lot harder to walk out of the building with an open laptop in hand than a closed one in a bag.
Agree with this... also though capitol police were overwhelmed and 3 % control (ie managed to keep politicians out of harms way excluding covid implications) of the situation.
Yes, after seeing the video today of the shooting, it's clear that the Capitol police were very barely able to keep people safe. But later, when so much backup arrived, it appeared as if many people simply walked away and went home, which is baffling to me.
>Nancy Pelosi told fellow House Democrats that she had received reassurances about safeguards to prevent Donald Trump from launching a nuclear attack
Maybe this is too political or HN, but this is the bigger news on that page. It tells me we don't have a functioning chain of command and our government is currently responding to a hard coup attempt with a soft coup which is also pretty scary. Trump should either be removed through the 25th amendment or he should be president with all its power and responsibility. Putting "safeguards" in place so no one really knows who is in charge can be dangerous. Hopefully nothing too serious happens in the next week and a half.
EDIT: To be clear and to address the multiple replies, I am not a Trump fan or a supporter of nuclear weapons or anything along those lines. The problem here is that there needs to be a clear chain of command in case of an actual emergency. People being insubordinate to the president and taking on power that they do not constitutionally could be extremely dangerous in an emergency. The unelected bureaucrats of the government shouldn't be the ones making these decisions.
I would hope all entities with nuclear capabilities have de facto safeguards in place to prevent anyone from actually launching a nuclear attack. Although, I would also hope they wouldn't talk about them as it diminishes the deterrent effect that is the only potentially good thing about such weapons. Nuclear weapons should never be used but people who can use them should not say that.
I read that comment as saying there are extra safeguards currently in place that go above and beyond the normal safeguards. If the existing safeguards for a normal president would be enough, Pelosi being third in line for the president likely wouldn't have to ask about them.
Comrade, you are only allowed to comment on what you are instructed to comment on, and how you are instructed to comment. Do not deviate from your instructions.
Ok. At the present time, the Reuters article at https://www.reuters.com/article/BigStory12/idUSKBN29D2HA does not have mention of safeguards to prevent Donald Trump from launching a nuclear attack. Did something change in the article?
And what makes you think that it wasn't? If you were in charge of the nuke launch process you would never give the power to one man, would you? You would have probably done two things:
1. Require a broad consensus to launch (possibly with a dead-hand).
2. Don't tell anyone on the outside. Best keep the enemy guessing and the people in awe.
Throughout the history people clamored for a strong leader, so you either give them one and suffer the risks of having a dictatorship, or you give them an illusion of a strong leader. The fictitious red button works perfectly - the man carries the literal Armageddon in his pocket, his power must be divine (subject to expiration on Jan 20th).
Putting "safeguards" in place so no one really knows who is in charge can be dangerous.
If the personnel involved hadn't overruled their orders several times during "the Cold War", we would already have had several post-Nagasaki nuclear disasters. These weapons are ongoing dangers to everyone.
Even the US military doesn't have the doctrine to blindly follow any order under any circumstances. Or at least, that's what I would expect from any modern military. In any case, there is no real danger here and Pelosi is exaggerating a bit.
Fun fact: If there had been a clear chain of command and lieutenant colonel Stanislav Petrov of the Soviet Air Defense Forces had followed his orders without questioning them, then the world would probably have been destroyed in a nuclear Armageddon in 1983.[1]
There are plenty of szenarios where you don't want to launch a nuclear attack without several people checking the attack order. To my knowledge, the president can't just order an attack, this has to be at least confirmed by one member of a small group of people of necessary rank. Beyond being mostly a political move, Nancy Pelosi reminded by this this group, that a possible launch order most likely is bogus and they should be extremely careful before confirming it.
If it is a laptop of consequence (even if not classified), hopefully it had security and tracking capabilities that can be activated.
That info would probably be helpful for law enforcement and prosecutors.
This all assumes that congress, the DNC, or whoever owns the laptop has upped their personal computer op-sec significantly since the DNC hacks of 2016.
Beyond the information security risk around the loss of this specific device, what really worries me is the physical security implications here. I'm certainly no expert on the subject, but it seems to me like, in a building like the US Capitol, it should not be anywhere near this easy for unauthorized people to waltz into an office or conference room in the first place. Let alone walk away with items from within that room.
Ha! These people are in their 70's and 80's, getting any legitimate security is near impossible. Try telling your grandparents not to play flash games on their computer. The best security should have been by the entrances of the building.
Age isn’t the problem, lack of digital security literacy might well be.
My dad was born in ‘39, he did a degree in electrical engineering, and it took until something like his second job after graduation for his employer to send him on a two-day training course for the new-fangled [0] invention of something called “software”. He then worked in software from that course until retirement.
However, he never understood RSA despite working on UK military IFF systems.
[0] “new-fangled” was his description; the closest he came to acknowledging Ada Lovelace before I learned of her was to complain about the language Ada.
To prevent unauthorized entry, Capitol Police would have had to put up a fight. Seems they were unwilling to do so. If America continues down this path Russia (and others) are just gonna have a field day.
You're being naive if you believe that Russia and others didn't already have a field day at the Capitol yesterday. I wouldn't worry as much about what these guys took from offices and server rooms as I would worry about what little digital gifts these guys may have left behind in the offices and server rooms.
Yep. The entire building needs to be completely scrubbed down and all tech needs to be taken and destroyed. A complete fresh start. Move operations to a new building while this is happening.
It honestly boggles the mind that capitol police announced the all-clear as soon as they did. I mean they found pipe bombs in the RNC and DNC headquarters. No way did the conduct the kind of thorough search that would ensure that nobody left a pipe bomb in an air vent or in a random filing cabinet.
And that goes double for mysterious flash drives randomly stuck in people's computers, or bugs hidden in planters etc. Just an absolute travesty.
I guess? I would have expected the doors to put up a fight, too. But it doesn't sound like there was much forced entry going on beyond getting into the building itself.
At my own workplace, all the areas that are not intended for public use - office blocks and most meeting rooms, for example - are locked at all times and have keycard access. Defense in depth, y'know? And we're not even a juicy target like the US Capitol, we're just some company.
Congress isn't really one office, though. It's hundreds of individually run ones, each intended to serve the public fairly frequently. You can (generally) pop in and see your congressperson and/or their staff if you want.
My office is likely set up the same as yours, or at least close enough to yours. You could absolutely pop in to visit me.
But you could also grab enough of your friends to obtain a decisive numerical advantage – let's say, you and twenty of your closest friends, that probably gets close to what we saw yesterday. Be sure one or two of them are visibly armed.
Once you have your buddies, you can go break through the glass door leading to the receptionist's desk. We saw that yesterday too.
Once you're in, game over: I don't expect Nancy to tackle you at the door, or my friend Brian to kick you when you try to come into the conference room. I expect when you're inside you'll get a guest badge – or an employees – and proceed to go about doing whatever you were interested in doing.
My office's threat model – and yours – is not based on defending against a mob of people storming the building.
> My office's threat model – and yours – is not based on defending against a mob of people storming the building.
That's sort of exactly the point I'm making. My office's threat model isn't even in the same league, and yet it still seems to have more thought put into physical security than the Capitol building. It would appear that, unlike in the hypothetical you're constructing, in the real event, people didn't even need keycards in order to freely move about the building after getting past the exterior doors.
So Nancy Pelosi's office is generally open to the public, and it's fine for people to go on in whenever they want, even when she's not there?
I've honestly never tried to visit a congressperson in DC, so I suppose I wouldn't know, but it sounds unlikely. My public library is even more intended for public use than the US Capitol, but I still need a key to go back into the offices.
> So Nancy Pelosi's office is generally open to the public, and it's fine for people to go on in whenever they want, even when she's not there?
Generally, yes. Their offices are suites with a reception that'll be staffed for constituent services most of the day. Staff are also typically there all day taking calls from the public.
The Capitol Police were either incompetent or complicit. There are literally no other options. They knew there would be a big protests, numbers put it around 200k~300k (a tiny percentage of which actually went into the capitol building mind you).
If they weren't prepared for this: incompetence. But there are videos of people getting selfies with guards, and staying within the velvet ropes when coming in. Something isn't right here and no one is talking about it.
They were understaffed, and it was clear that they could not protect both the building and the people. They correctly prioritized evacuating the people.
They turned down an offer from the Pentagon to supplement manpower, days before the protest. Why?
A police department with an intelligence unit couldn't guess that things might get a little out of hand when 3 weeks before, the President publicly used Twitter to ask his followers[1] to attend a "wild" protest on January 6th? Not that an intelligence unit was required as the plans were in the open. I have great difficulty in putting this down to incompetence, all things considered.
For this specific decision I think we can put it down to incompetence over malice - it'd presumably be easy for whoever was co-ordinating it dismiss all the riot talks as bluster and figure it'd just be yet another protest with a lot of shouting. I imagine we'll hear more about it, but I would be surprised if it was a co-ordinated effort in concert with the rioters (I don't know what to call them).
The footage of police opening barriers and stuff, and taking selfies is however a bit more worrying. I think it's pretty well known that individuals within the police could identify or sympathise with Q or the far right - so if it turns out that this footage was exactly what it's seems to be (and we know how easily things can be misrepresented and shown out of context) then I imagine some cops are gonna be in big trouble.
I agree with this take. It's possible that after a year of particularly intense criticism of police department's actions vs protesters across the country they didn't want to appear to be over-reacting (which could fan all kinds of flames) and didn't expect the crowds to be quite so wild.
I don't know what kinds of contingency planning may have taken place, but ultimately this event seems to have been ended and cleaned up pretty quickly compared to some other demonstrations we've seen recently.
Yeah we're definitely in speculation territory here so I'm wary of going too far. But I would imagine it was not a conscious attempt clean up their act and do their job with a less heavy hand. The idea that they'd suddenly decide to have a change of heart and that the first people who encountered this new, soft-touch policing happened to be right wingers - I don't buy it.
If it is reasonable to assume that some individual members of the police force are sympathetic to the Q/Boogaloo cause, who is to say the person responsible for coordinating with the Pentagon wasn't a fellow traveler? Police forces, on the whole aren't exactly politically neutral: during primary season, I recall a republican politician getting a picture taken with a policeman who had a "Q" patch on his uniform.
There is not enough information to come to either conclusion, but I would like to think the DC police leadership didn't/doesn't plumb those depths of incompetence. The public (and congress) deserves answers on what happened and why.
They definitely deserve answers, you are right. But jumping to "This was an op and the DC police as a unit were in on it" is approaching wheelhouse of the crazies who instigated this whole debacle. That runaway cascade of believing lots of little things that could be possible is what led to millions believing in dumb stuff like Mole Children being kept as slaves by Hillary Clinton and friends.
Unless something more sinister emerges the simplest explanation is probably the best - there some cops who are far-right sympathisers and there are incompetently managed and organized Police forces. Both of those things are already demonstrably true and explain how the response quite well without introducing a grand conspiracy.
I was careful to say individuals - my point was that there is no reason to doubt the possibility of those sympathetic individual(s) being decision-makers in the force. I was careful to not suggest it was a group decision.
However, it is no secret that the FBI has long-reported (2006!) on white-supremecist infiltration of police forces[1] - this is not crazy talk. If someone joined the police as a rookie in 2006 to enforce their personal agenda, how far up the leadership hierarchy would they be now?
I'm not so certain; with the possibility of installed loyalists and/or 'regulatory capture' we may have intentional malfeasance to make a troubling situation worse.
> it's pretty well known that individuals within the police could identify or sympathise with Q
This is worrying in its own terms. Policemen are adult, and shouldn't believe in fairy tales.
Being able to use deductive reasoning, understand basic principles of science (like the difference between cheratine and DNA), double-check the facts, and find the truth between the lies is THE work of the police.
Somebody unable to see a hole for years in theories that most 5 Yo curious children could dismantle in a hour is unfit for this kind of work. They simply shouldn't be policemen. Period.
Will end distroying the lifes of innocent people.
Most obviously, if you invite the military in and ask them to secure a portion of the building, you're exposed to the risk that the commander-in-chief will order them out (or order them to stand aside); it's unlikely that forces could be redeployed fast enough to respond to such a defection. (And no, you can't avoid this danger by having all the forces working together everywhere; far too many command-and-control issues arise.) If you don't invite the military to assist in the first place... well, then you're not relying on them to guard your back.
There's also a fundamental democratic issue at stake: It's not by coincidence that the United States Capitol Police answers to the legislature and not to the executive -- indeed, this is seen around the world (e.g. Canada's Parliamentary Protective Service answers to the Speakers of the House and Senate) and arguably the principle that military forces should not be brought to the seat of legislative power dates back to the Roman Republic... which swiftly became the Roman Empire after Caesar crossed the Rubicon with an army at his back.
Those are all valid points. Though I will argue that the assumption that the Capitol Police answers to the legislature is shaky, at best (in practice). If I had to guess who is more likely to refuse an unlawful order, I'd say a member of the military, rather than the police, based on my limited knowledge of their respective cultures. Combined with the idea of police officers who believe they are part of a semi-secret, ad-hoc, patriot's army, things can go wrong indeed.
Let's do a thought experiment: let's say there are a few elements in the police who are active QAnon believers, sprinkled in at various levels. Let's also assume some more force members are not believers, per se, but sympathize with the cause, and are willing to look aside since they may dislike some legislators who they see as enabling BLM, Antifa and other un-American actors (in their eyes) and believe that something "weird" happened with the elections and/or the whole establishment is dirty. Would these individuals not listen to the orders of the commander in chief, even when not delivered via the official chain of command?
> Though I will argue that the assumption that the Capitol Police answers to the legislature is shaky, at best (in practice).
It's a matter of law that they answer to the legislature, this isn't an "assumption." Individually they have answered to a not very sharp police chief, and the Sergeants-At-Arms of the House and Senate, who are all in the process of resigning because of how badly they recently screwed up, if that's what you mean.
> It's a matter of law that they answer to the legislature, this isn't an "assumption."
I could have expressed myself better there - I was distinguishing between them being answerable to the legislature (de jure) in the logical, org chat way, and them "answering" to a mercurial president they ideologically agree with (de facto), in the here and now.
Being understaffed on a day when protesters have warned you they may take direct action is incompetence or complicity. They have agreements with nearby law enforcement who are often deputized in DC, yet didn’t activate those agreements until the perimeter had been fully breached.
This can be correct, but so can GPs point: two possible findings are that the capitol police were deliberately left understaffed because
* higher level leadership judged the threat of the protestors to be insignificant (incompetence)
* higher level leadership wanted the potential for a mob to enter the building (complicity)
However they found themselves in the position, they did, and once there I think they had an unenviable task. And the fact that the occupants of the building were safely sheltered until a larger force came to clear the building shows that they made a good decision.
It's not murder if it's legal. If you don't want to get shot, don't invade the seat of government during a constitutionally prescribed transition of power, break through a barricade, ignore a cop's orders and approach a cop pointing his gun at you. Hard, I know.
And you assume that's everything that happened? Did she break through a barrier? People were walking right in.You don't know which group she cam in with. In the various videos, she was trying to get out. They all were.
The dude who fired the shot, are you really defending him? A man with no real reasonable threat to his life? None of the people in that shot were shown to be armed.
Honest question, what are your views on Jacob Blake? Do you defend him? Because he sexually assaulted a women who had a restraining order against him, ignored police orders to stop, got up after being tazed twice and reached into a car with children. The DA found the police were completely justified in shooting him 7 times in the back.
This is the double standard. If you say she had no excuse for getting shot, than neither did Jacob Blake, or Breyanna Taylor.
It doesn't matter if she's mother Theresa and came here with the cure for cancer. You cannot interrupt the transition of power. We have laws that must be followed. If you try to overthrow the government you will be stopped. I watched a video of her getting shot. She was breaking through a barricaded door and making her way towards officers with guns drawn.
There's multiple camera angles which captured the minutes leading up to her death, posted on major news sites like The Washington Post, so no assumption needed.
I still don't feel the shoot to kill was justified (especially as a shot in an area that would immobilize a person, like the chest or the gut, would've been safer of collateral damage vs a shot to the head, similar to the one taken, which unequivocally is a shot intended to kill), but trying to argue she was not completely and totally in the wrong is just absurd to me.
You betray your ignorance about firearms. You cannot shoot to immobilize. Every shot taken is practically and legally a shot intending to kill. Real life is not a hollywood movie.
> You betray your ignorance about firearms. You cannot shoot to immobilize. Every shot taken is practically and legally a shot intending to kill. Real life is not a hollywood movie.
Someone knowledgeable of the subject, which you imply I am not, would know that shooting someone in the middle of their body is the standard operating procedure (and is potentially less fatal, but yes legally still intended to kill) rather than taking an (essentially) headshot as this officer did.
Also notice I did not say what the officer did was "against policy" or illegal, I simply said I didn't feel it was justified (especially with where the shot hit). It's for the department and the courts to decide if the officer violated his duty.
Could have (likely was) aiming for center of mass but ended up a little high. Real life is not a shooting range with a target that is perfectly still.
Shooting a center of mass is not at all about being "less fatal" it is about it being the biggest target with the biggest chance of stopping your adversary.
> Shooting a center of mass is not at all about being "less fatal"
Did I say it was? I believe I used the word "potentially" in the reply you are commenting to. The officer was shooting from ~6ft away and had a firm grip and was well composed, if they can't hit the chest of a target that was mostly still at the moment of the shot then they need to be spending a lot more time in the gun range (at the absolute minimum).
She was climbing through a broken window past a barricade that was the last line of defense to where members of Congress were taking shelter. The guard was pointing his gun at her and other people were warning about the danger. I don’t think she should have been shot, but the guard who shot her acted reasonably. It was a failure of the police present, who should have prevented the situation.
I'd agree that police defenders often use the rhetoric of "approaching a cop with his gun drawn" or "being somewhere you shouldn't," but surely we can make a distinction between those killed in public areas versus this woman who was trespassing in a very important federal facility, specifically to impede a very important government procedure.
> trespassing in a very important federal facility
She was part of an armed mob trying in the process of breaking into the speakers lobby that posed an imminent threat to members of Congress, whom members of the mob had moments before loudly expressed concern were trying to leave.
>They were understaffed, and it was clear that they could not protect both the building and the people. They correctly prioritized evacuating the people.
I think it's pretty clear at this point that they would have been overstaffed if the protestors had a different skin color.
I don’t think that’s clear at all. I’ve seen it often repeated by the media, but there is absolutely no evidence to support it. Repeating this is only driving the two sides further apart.
In the 1970s, armed Black Panther members took the California State Capitol and no one died.
At least one officer is dead (this changes daily so who knows) and one protestor (she was unarmed, that's a protestor, trespasser at best) was shot by sorry excuse of a Capitol Officer who shot wildly into a crowd (almost hitting the other Federal Officer behind her!)
You're not a protester if you are breaking into congress, breaking past a barricade, being told to stop, and walking towards an officer pointing his gun at you. You're suicidal.
The lady that was shot was attempting to enter a hallway through a window while people in the hallway were pointing guns at her. Just because she didn't have a visible weapon doesn't mean she wasn't a threat. Climbing through a broken window into a hallway protected by a makeshift barricade is itself a threatening action. No one at the head of a mob climbing over a barricade ever did so for innocent and non-threatening reasons. Suggesting otherwise is ludicrously stupid.
Having seen multiple videos of the event it's clear the shooter was not firing wildly into the crowd. They were aiming specifically at the person trying to break into the area. She's dead because of her own actions.
Note that she was wearing a good sized backpack. The shooter was wearing plainclothes- possibly Secret Service. It appears he was protecting something or someone important. Pence?
To what end? Certainly the Capitol police leadership wasn't part of some conspiracy to overthrow the government- letting a few hundred protestors in wouldn't accomplish much.
So you are saying that the Capitol police succeeded in creating a honeypot that was meant to embarrass Trump?
> They were understaffed, and it was clear that they could not protect both the building and the people. They correctly prioritized evacuating the people.
This is all true but might be crediting the Capitol Police leadership with a little more coordination and planning than they truly exhibited. There were clearly some law enforcement officers who did not simply step aside and let the rioters have their way once lawmakers had been evacuated.
Based on some of the comments here I get the feeling it's not common knowledge yet that at least one involved law enforcement officer has died [1] and a couple of dozen were injured. Possibly they could have done better for themselves if they'd all been as easygoing about things as the officers photographed in the rotunda.
Were the BLM people who stormed city hall in Seattle insurrectionists? Where the Black Panthers who took the California State Capitol in the 1970s insurrectionists?
Stop with the bullshit name games. These were not rioters. They didn't set anything on fire. They should not have stolen or broken anything. That's wrong and bad and should be condemned. Those people should get federal time
But man...you have to admit...there is something beautiful about the peasants entering the royal court, and the town idiot putting his feet up on the table that belongs to the Hand of the King.
The villagers entered the royal court and the senators clutched their pearls.
America has had a long history of occupying federal buildings. This is certainly not unprecedented.
These people were not a coup or insurrection. They had no plan. There was no person with a new founding document they were going to read. They didn't bring in an armed force and take and occupy the capital.
The overreaction to what happened is fucking insane, especially compared to what actual Rioters where allowed to get away with for the past year. In May, DC was literally on fire from the BLM riots, and we didn't see this type of DoubleSpeak.
> But man...you have to admit...there is something beautiful about the peasants entering the royal court, and the town idiot putting his feet up on the table that belongs to the Hand of the King.
>The villagers entered the royal court and the senators clutched their pearls.
I agree. Although I’m definitely anti-Trump and condemn his garbage about the election being stolen, and while I don’t condone the behavior of the protestors, I don’t really see how this so much worse than business owners who had their livelihoods destroyed during the BLM riots over the summer. I don’t remember CNN or Democrats tripping over themselves to see who could use the harshest language for what had happened.
Again I’m not condoning this, but honestly, given what happened, the only real tragedy was a woman was shot because a jumpy police officer shot blindly into a crowd. Our pride was embarrassed but that’s ok. Let’s learn from this and make sure it doesn’t happen again.
The real problem with what happened is Trump incited it. But that’s another story.
Haha yeah, there wasn't this much outrage before because it was the peasant's businesses being destroyed. Protesting is now bad because it actually affected the rich, political class.
Look at how different the MSM response was. Destroyed businesses and disruption to innocent people's lives was a necessary sacrifice for BLM riots. And best of all, covid is only dangerous depending on what you're protesting for. But some people going into a building?! No! Stop that!
How many is that? I can't even count. More than 50, less than 100? Versus 10, possibly way less, depending on what kind of comparisons one wants to draw? [1]
Doesn't this point exactly to the significance of what happened on the 6th? Race riots have been happening in the United States for a hundred some years. They are obviously not significant in achieving the goals of the rioters. Meanwhile the storming of seats of power by an ousted leaders' supporters has the potential to change history. The former is a passing event, the latter is a rare event with some potential to change global history.
> Were the BLM people who stormed city hall in Seattle insurrectionists? Where the Black Panthers who took the California State Capitol in the 1970s insurrectionists?
No, because their goal wasn't to overturn a legally held election.
> The overreaction to what happened is fucking insane, especially compared to what actual Rioters where allowed to get away with for the past year. In May, DC was literally on fire from the BLM riots, and we didn't see this type of DoubleSpeak.
Not really when you consider that the protests in may were for the correct side with the media and elites fully on board. They were for all intents and purposes sanctioned events. The 6th mob was absolutely terrifying for the media and elite since they had zero control over it. What looks like just another mob riot to a common peasant appears to be an actual threat to those which never see threats.
> The overreaction ... In May, DC was literally on fire from the BLM riots
Speaking of overreactions ...
> They didn't set anything on fire. They should not have stolen or broken anything. That's wrong and bad and should be condemned.
Okay, so to be clear, there's a difference between breaking things with your hands and setting it on fire. One is "bad", and one is "rioting". Huh, interesting.
Inviting insurrectionists into the capitol to stop the certification of an election they didn't like by force is different from... giving their support to people who are against unarmed black people being murdered on sight.
I wonder if, since so many on HN feel that they are enlightened people, it is possible for us to give the benefit of the doubt to people who's jobs we don't do and probably know nothing about?
Just because we work in tech does not mean we know everything, and not having been there means we don't know the circumstances anyway. It is disgustingly arrogant of any of us to proclaim that these people must be incompetent or complicit like some armchair quarterback.
Christ, I mean, this is roughly the same mentality as the people who think the election was stolen based on some anecdotes and bullshit despite what election officials, courts, and other experts are saying.
Indeed, the hyperbole and conspiracy theories on all sides have lead me to detach myself from politics. There were a few hundred/thousand people who rioted at the Capitol, law enforcement in riot gear fought them with clubs and pepper spray, got overwhelmed, fell back, regrouped, and responded with a lot of force a couple hours later. One of the rioters was shot, dozens were arrested. Not a good scenario, but I've seen a lot of people who I had thought were more measured yelling about how police were assisting with an attempted coup attempt (even supposedly respected news stations were going off the deep end). It feels like the 24/7 news cycle has fried a lot of people's minds and turned everything into a final battle between good and evil.
The Capitol Police seem to be a facade and don't stop crowds. Here's a different example from 2 years ago:
"@womensmarch just took the Capitol. Women, survivors, and allies walked straight past the police, climbed over barricades, and sat down on the Capitol steps."
This Twitter thread is a gold mine for anyone looking for perspective on what happens when the “right” group versus the “wrong” group storms past baracades and into the Capital, while describing it as “taking the Capital”.
It's also possible they were competent but don't have the required staff to handle a large protest. Under normal circumstances, they might request help from other groups (DC police, national guard, whatever) but due to jurisdictional restrictions help can't come unless it's approved at high levels and no approvals were given.
In other words, they may have been set up to fail.
(There's still the issue of that video of protesters being let in, which would imply that capital police do have some explaining to do.)
It has not been proven. This is false. Please stop spreading it. Multiple people were killed in clashes with the police. They did not help the rioters. This is the type of misinformation that caused all these problems.
Without any specific knowledge on this case one way or the other, both of these things can be simultaneously true: Some Capitol police stuck to their duty and tried to keep the insurrectionists out, while others agreed with them, let them in, and took selfies with them.
"The Capitol Police" is not a single, monolithic entity; it's made up of individual people, with their own political views.
Re the second one - I also saw some footage where a couple of police were, I dunno, ushering them or encouraging them through barriers towards the building. Like "come on, come on!" - that kind of gesture.
I have to stress though that I agree with "danaris" one level up from from this comment - it seems perfectly believable that individual police sympathised and aided these people. However it's not "The Police" as an entity as some others are suggesting, that's venturing into Q territory and is a bit Conspiracy Theory for me.
The video (letting them in) doesn't show what you think it does. Capital Police leadership planned poorly and their leadership is at fault. They had to fall back to more secure chokepoints because they were outnumbered and overwhelmed. The cops didn't let anyone in. They killed someone and one of them was killed in the fighting. Please don't stir up trouble with fake conjecture over a 30 second clip that doesn't show what really happened. It is what caused a lot of these problems. You are making it worse.
No... if those officers had fallen back, sure, all good. I don't see an issue there. But literally you have an officer (and yes, I get it, individual versus collective) who moves gates, and starts waving protestors through.
If you're falling back because you're overwhelmed by a surge, the last thing you do is _remove obstacles between you and the surge_!
Here are videos from 2 locations where protestors fought the police and pushed past them. That is the opposite of letting them in. IMO I think the instances where they were "letting people in" were because the barriers had already been breached on other sides so there was no point holding lines where there would already be people in behind them.
> Multiple people were killed in clashes with the police.
"Multiple"? Do you have proof of this? There was one woman who was shot by police.
As far as I know, it is not yet clear how the others (excluding the Capitol officer) died. I've seen reports that one man got a heart attack after tasing himself and another fell off some scaffolding.
Firing on a mob is risky as hell and not morally clear. I can't blame Capitol Police--at least for the actions after it already got out of hand.
If federal security at Court House shoots BLM protestors who are entering a federal court house, those security people would probably get charged with murder.
It's unreasonable to expect Capitol Police to make that sort of moral choice in the moment. And if you give cops the greenlight to shoot people to protect property, there will be a lot of unnecessarily death going forward.
That said, they may (probably?) screwed up containing the crowd contained in the first place. Though to play devils advocate, the President had just told a mob to go "wild." Not sure if Capitol Police could successfully manage that.
>That said, they may (probably?) screwed up containing the crowd contained in the first place.
Certainly with the benefit of hindsight, there should have been a much stronger show of force/barricades/etc. Should that have been obvious even without hindsight? Don't know.
That said, once the Capitol Police were outnumbered and things were getting out of hand, I'm pretty sure the best outcome if they had used deadly force to stop a rush would have been headlines like "Dozens of Trump supporters dead after police open fire on crowd." Worse scenarios include the police getting overwhelmed anyway and many of them killed also leading to a firefight within the capitol.
There have been several pro-Trump rallies since the election. The city got locked down hard, but nothing happened. They were much more peaceful than the rallies this summer. (I drove by all of these because my wife’s office is a couple of blocks from the White House).
And the real damage was to our rule of law. That was already accomplished when the supposed President directed a mob against congress.
The actual level of violence done by the mob is relatively tame. Shooting a bunch of people in the halls of Congress isn't going to stop the damage to the rule of law. And it would have what? Prevented a few laptops from being stolen, a couple doors from being broken down, etc. It's not like they torched the place.
I personally don't think violence by a mob is acceptable. But it seems most people do--as long as they are sympathetic to the cause.
There’s photographs of one of the “peaceful” protestors in bdus and a helmet with zip ties, and there was multiple videos of the mob yelling to grab the politicians. It was relatively peaceful because congress was able to evacuate before they could be kidnapped and held hostage, with them safely away the pipe bombs wouldn’t have had much point.
I think it was a happy accident that possibly being complicit meant this didn't go as bad as it could have. We have a great example of de-escalation working.
> If federal security at Court House shoots BLM protestors who are entering a federal court house, those security people would probably get charged with murder.
Probably? Says who? In fact, multiple people have been shot (fatally or otherwise) during BLM protests, and actions against those officers have been very much the exception.
I'm not aware of police using live bullets against unarmed people to prevent them from entering a government facility. Though I could be ignorant of clear examples.
At least in Minnesota and Portland they let looters burn/occupy the buildings without contest.
I've traveled to countries before whose offices of government are behind very large fences, protected by unfriendly looking men standing behind heavy machine guns in armored vehicles – and the guide books are very clear that you are not to take photos of them.
I much prefer the approach taken in the USA, where our offices of government are accessible to the people that the government serves. It's very good that I can protest out front without worrying about that unfriendly man with his finger by the trigger to the Browning M2.
I agree with the more open approach, but shouldn't her office have a simple keycard or combo lock on the door? Even Starbucks toilets have better security.
From the pictures I saw, she was still logged in and had the evacuation message onscreen. I'm guessing she didn't have 'require login after screensaver' option enabled. If the account is still logged in, this is a massive breach!
tl;dr: the government has appropriate computer security in place to prevent this sort of thing, and it's not clear what the deal was with that particular computer.
When you hear the mob screaming outside, glass breaking, and are likely being told to evacuate by messages on your computer and security outside? I wouldn't bet that I'd remember. Not locking your screen is as expected as it is forgivable under the circumstances.
> I agree with the more open approach, but shouldn't her office have a simple keycard or combo lock on the door?
Congressional offices are frequent meeting spaces with people who do not work there. Their job, after all, is to represent the public. Locking the public out of their offices is kind of antithetical to the job description.
Seems like it ought to be possible to have both, to some degree. I don't want the capitol to be a fortress, but they need to prevent stuff like this. I mean... the US spends massive amounts of money on the police and military.
I think it should be kind of like a non-Newtonian fluid. Walk in slowly and peacefully and it's ok. Try and punch it, it solidifies quickly.
American history[1] shows this probably isn't a requirement - beyond a foreign military attacking, which is clearly out of scope of policing, the other attacks were acts carried out by isolated people. "Storming the gates" hasn't happened before now.
I suspect the main reason that this hasn't happened before is that very large protests/gatherings are often met with a large show of police force to ensure the protestors know this isn't an option. Why that didn't happen today will be interesting to investigate. We all probably have a theory, but what comes out of the inevitable hearings on this will be interesting to see.
There are hundreds of thousands of people behind the camera, going all the way to the Lincoln Memorial. You can see some security milling around, but no large show of police force.
The Million Man March's attendance didn't include people with an established history of bringing weapons and wearing body armor at ostensibly peaceful demonstrations.
That couldn't be further from the truth. A large group of Black Panthers armed with assault weapons stormed the CA capitol in 1967 as part of a protest.
There are, for instance, buildings with large areas that are open to the public and other areas which hold large amounts of money that are very important to protect.
If the people really want to overthrow the government, some jacked up defenses around capitol buildings won't stop anything imho, it just means the resistance will bring heavier weapons to match.
Occupying buildings is, honestly, pretty silly if your goal is to overthrow the government.
A few years(?) ago, Mitch McConnell's dinner at a restaurant was interrupted by protestors yelling at him. And that was after what happened to Gabby Giffords.
Targets with higher ROI are available to people willing to take, ahem, kinetic actions.
I actually really like this analogy. I'm curious if there's there's a term for that kind of playbook for folks who are more familiar with building security.
The only analogue that comes to mind is in financial fraud detection: moving money slowly or in a predictable pattern (monthly rent payments etc.) triggers no alarms, but large or unexpected transfers raise alarms.
I remember when I left my last job that my manager cautioned me against making any large file transfers since it would trigger IT alarms about employees trying to steal the company's IP.
Clearly, he didn't think I was a threat, or if I was, that I would have been smart enough to do it long ago, and slowly :-)
> I don't want the capitol to be a fortress, but they need to prevent stuff like this.
And they would have, had the Trump Administration not denied the D.C
Mayor's request the day before for the D.C. National Guard to be deployed.
The Administration also delayed approval of requests by Virginia and Maryland to send Guard units to the Capitol in response to urgent calls for aid from Congressional leaders when it became clear the MPD and Capitol Police were overwhelmed.
Of course, it's a problem when the person inciting the insurrection has authority over important components of the security against it.
They (the people inciting it) were literally dancing and having a party and watching the start of the chaos on livestream while it went down: https://www.youtube.com/watch?v=mZQDgBSSYjI
I think the reality is that we could have prevented it. We just chose not to murder half the crowd. Preventing it without using lethal force requires a much larger force than you want to keep on hand.
Most days that’s fair. This week however, they should’ve had the unfriendly man with the M2. This was a predictable problem to literally everyone but the people in charge of protecting the capital.
This makes it sound like the people in charge of protecting the capital did not know that this was a legitimate threat. From the articles I've read, they did in fact help that it was a legitimate threat, which raises the question: why did they do nothing about it?
The only reasonable conclusion I can think of is that the security team had no worry that politicians would be in any danger (e.g. easy, isolated, fast escape routes) and that it would be hard to rationalize to bring out the troops/big security forces with a threat of violence for a group of people that was supported by the current president and a significant fraction of congress and the senate. The whole situation feels very strange and it feels like I'm missing some key facts.
I think there are many plausible (but not necessarily "reasonable") alternative explanations.
As far as I can tell, this event seems to have had an extremely persuasive effect on the psyche and opinions of the average person. Who might benefit from this change in the mental state of the population, and in what ways?
Most people seem to find the very idea of thinking such thoughts to be extremely unpleasant, if not downright inappropriate. But to me, this is simple risk management. The lack of this sort of thinking in society seems downright dangerous to me.
I sometimes wonder what the origin of such norms is - is it organic (a common characteristic derived from evolution), or might it be synthetic?
I truly am struggling to extract any coherent meaning from that comment. Democrats, controlling just the House – when Repulicans are running the federal gov't with the Senate and the presidency – have instituted this event? Some big capitalists maybe? Putin? The Jews?
The Democrat/Republican duopoly is mutually beneficial to both party. Grassroots populist candidates (Perot, Trump, Sanders) are a pain in the ass for both of them, as would future ones be.
Wouldn't it be convenient if a massive spectacle was to occur, whereby the US public could see in 4K HDR the danger that populist political candidates introduce to the system, how it "threatens our most sacred institution: Democracy.
And as luck would have it, along comes a massive throng of obviously angry and delusional Trump supporters, with well advertised (and well known to authorities) plans to descend on the US Capitol, to "rescue Democracy", or some such nonsense.
So, what do you do in a situation where you have hordes of angry (and possibly armed) political extremists heading towards a politically strategic location, on a particularly important day (in your democracy)?
Do you:
a) Beef up security
b) Not beef up security
It seems like option (b) was chosen. Depending on what variable one is optimizing for, this was a terrible choice, or an excellent one.
According to some reports, the problem was in fact predicted, and that's why the National Guard chose not to prepare for forceful confrontation. Not wanting photos of armed uniformed soldiers in state buildings or some such.
I think more core to the issue is status quo bias. Cops are much more likely to agree or strongly agree to questions like “the current US system is fair and just” and similar pro-status quo ideas. Typically speaking left wing protestors are agitating to change the system, especially policing, which is why cops do not respond as well. Is it any surprise that cops respond worse to those protesting against the police, no matter the slogan, than they do against the “blue lives matter” crowd?
Oh, and cop organizations are run through with neo-nazis and white supremacists who have made a concerted effort to make inroads with police departments and military members.
What? This most recent was literally an attempt to take over the Capitol building, presumably to delay one step in the formal recognition of the next President, and perhaps worse.
So just a couple hundreds of people can protest in front of the building, enter elected official offices and steal laptops most likely containing very sensitive data (hopefully encrypted though)?
I agree with you but I think there ought to be a little more protection of that.
You don't need to fence the whole area off. Just a few reinforced doors at strategic places would have stopped anyone without heavy equipment. Also they would have been a place for the police to stand their ground.
Just all stairs going upwards should be easy to defend if the police stands their ground. Add a few police dogs and the officers wouldn't even have to engage themselves.
There was a smaller crowd trying to enter the German parliament just a few weeks ago, politically pretty close to the rioters of Washington. A whole three policemen were able to stop them by just consequently standing their ground, not armend beyond batons: https://www.youtube.com/watch?v=Pc-56opg-Xg
This is a false dichotomy, though. There is an enormous gamut of security steps in between turning the capitol into a fortress, and locking the door to your office when you're not there.
As a huge democrat (lower case d) I totally agree. Locking down the Capitol is antithetical to the notion of open democracy. Lawmakers and the law making process needs to be physically accessible by the People. This was what the Founders intended. Of course there is some risk here and Jefferson himself noted this.
That’s the price we pay for living in an open and transparent society. While I don’t condone or support what happened this week, the building belongs to the People and not the government and the People have every right to enter the building and demand accountability.
The way the US Capitol is right now feels very police-state to me compared to how it used to be. I have memories of running around the Capitol building with my Cub Scout pack including ending up in private areas. There were no assault weapons and we weren’t met with police. We were politely shooed away.
Today you cannot walk up the steps of the Capitol building. It’s fenced off and manned by armed guard. Last time I was there I stepped aside to let some people pass in a crowded area and crossed some arbitrary unmarked do not cross line but about 12 inches. I was physically grabbed by Police.
> the People have every right to enter the building and demand accountability.
the "People" can't just do whatever they want just because they feel like it. Can they go and bang hammers on nuclear warheads because the warheads "belong to the People"? Storm the doors of JPL and play horsey on the Mars Rovers?
When some subset of the "People" attempt to overthrow the duly elected government of the other 99% of the People, they are traitors, and should be erased from society.
I think that's nonsense. Access to a lawmaker or representative in a village may work like that. When you represent a state of 20 million, access means making an appointment and going through security clearance. There is a voting mechanism, a free press and various other mechanisms to back me up if I am consistently deterred from speaking to my public representative. But I'm in no way expecting to just walk in there, unannounced, without security clearance, at any time of the day, to demand attention.
Might as well argue that you should be able to just walk into the white house and speak to the top public representative.
> Entirely different situation. The reason that people need to talk with the legislature is because those are the people’s representatives.
Totally different, were it not for the fact the president is also the Chief of State: The chief public representative of a country.
Besides, even if this wasn't the case, humor me and suppose it was (which it actually is), would you then conclude that the president should simply be accessible at will by 300 million Americans? It makes absolutely no sense.
Just because something is publicly accessible doesn't mean you throw all reason out the window. Plenty of national parks are simultaneously open to everyone, as well as require registration and some basic ground rules to entrance. Similarly, it's entirely uncontroversial to argue that accessing the capitol is freely available to all, but there will be some minimum security checks, and some areas (e.g. private offices or places holding confidential data) are off-limits. Virtually all democracies have no problem separating visitor's areas from private working offices, and implementing appropriate controls in both.
The notion that the speaker of the house's laptop could be casually stolen by people without heavy equipment walking in is a joke, pure and simple. Claiming it has something to do with the fact she's a representative thereby implying her laptop should just be freely accessible instead of secured by some basic measures, as some (not you) have done in this thread, makes no sense if you ask me.
Where did anyone say any of the things you are claiming?
The statement was simply that the People have a right to entry into the building and physical access to lawmakers and the law making process. Further, the statement is that access is a foundational principle to the US implementation of liberal democracy since our Nation’s founding.
It’s so foundational that it’s also quite literally built into the building as there are galleries for public viewing of Senate and House proceedings.
It is also an ideal that we strive for like equality and justice. We recognize our union as imperfect yet these ideals are what drive us as a Nation.
Your comment I feel confuses implementation with the discussion of ideals. The implementation should follow the ideals as guiding principles with access being the default.
Lastly, historically the building and lawmakers were much more accessible. This was during my lifetime. We had lots of people then too.
No, now you're mischaracterising me. All this while I've spoken about implementation, I've never claimed that the public should not have access to representatives. I've claimed that it must be implemented according to the conditions necessary to ensure it is orderly and secure.
Indeed, access is the default. And in a village with a handful of visits and no armed psychopats plotting to kill your local representative, that default is all you need and may proceed as such.
But as you'll agree, the chief public representative (the president) lives in a different reality. Public unfettered access is a threat to his life. And while the public should have a form of access regardless, practically a 300 million to 1 communication relationship doesn't work, so you must implement it accordingly, differently. That's why most presidents had a habit of spending an hour a day reading letters from citizens, hosting debates, participating in public forums, holding press conferences, inviting people to the white house to discuss, speaking to various organisations representing people's causes etc. But walking into his office at 4PM to speak to the president? That's a joke. I'm fully aware that in a democracy a public servant works for the public, no need to discuss the ideal. I'm discussing the practical implementation, which is why I started with the village vs capitol example, which sees different outcomes on the basis of the same principles, which is exactly because the ideals are the same but the implementation cannot be. Similarly, you would organize access to certain parts of the capitol in a secure manner, e.g. those parts of the capitol holding a laptop of the speaker of the house.
In a post 9/11 world you cannot just say the capitol belongs to the people and access should be free (again, obviously talking about practice, not ideals, here), without concluding in the same breath that it should be freely accessible to any terrorist as well. And it's just an example. This week it were people thinking they were sent by Q or incited by Trump to de-facto participate in a coup (i.e. storming the capitol to prevent an elected official from being confirmed, while spreading propagandistic lies that the election was stolen, a direct attack on the democracy if you ask me). Next week it might be a psychopath thinking he is doing god's work. And yes, times have changed, if you're also interested in discussing how airport security used to be different back in the day, be my guest, I don't see the point.
Plenty of countries have well-functioning (and by many subjective and objective measures, better functioning) democracies, with high-level access to public representatives, while taking proper security and practicality measures.
> It’s so foundational that it’s also quite literally built into the building as there are galleries for public viewing of Senate and House proceedings.
You say some of these things as if access to public viewing of proceedings isn't the norm in countless democracies worldwide. But if I go to a viewing, I go through this: https://news.ycombinator.com/item?id=25690107
Not because I don't have access, but precisely because I do, as does everyone else, and that creates risks, which can be mitigated without reducing access. A basic measure which would've prevented the debacle at the Capitol altogether.
> Totally different, were it not for the fact the president is also the Chief of State: The chief public representative of a country.
It’s kind of a stretch to frame it that way. The president quite literally represents the states, not the people. The US does not require that states assign electors by popular vote, states have chosen to do that. And in the past, they have chosen to do it other ways. Before the civil war, there were states that selected electors without conducting a popular vote.
The way the US government is architected, the legislature is the extent of federal representative government.
6 of the 13 original states held a popular vote for president Washington.
But to respond to the bulk of your statement: it was like airport security back when I was a kid, and I don’t see any reason why that wouldn’t also be appropriate on any other typical (i.e. not a special event) day. Angry mobs should never make it to the building in the first place. Crowd control happens outside of the building.
Compare a similar issue with schools; in the 80s, teenagers left their guns in their cars while they went to class. Now, schools are basically a rights-free zone.
Totally agree, great point! The fear mongering is only useful for states to impose more draconian rules. Its likely if there are further lockdowns, and more livelihoods are destroyed during the Biden admin, more people will be revolting. We don't want to give them the moral authority to Tiananmen square unarmed protesters, just because they fear their own people
The security risk is also less of a problem in a mostly rational society, which is what we have had for a long time. You'll get lone wolves, but finding a group of people so angry with a politician they're willing to conspire to kill them? Very, very rare. Violence is a last resort for people who feel totally powerless. So, in a dark way, easy access keeps politicians from pissing off their constituents too much.
Which is why the stream of "fraudulent election" lies is so dangerous. A person in a position that confers trust is telling people the government is openly defying them. For people who believe that, violence is the only logical way to affect politics.
US embassies just about everywhere are like that. The one in Budapest has two inch thick metal bar gates and guards armed with machine guns. Lesson learned from the embassy hostage crisis in Iran.
Anyway, an angry mob of wacko rioters shouldn't violently force their way into the legislative's building. They should respect the outcome of the democratic vote and vote again in four years. Maybe if this was Iran I would say okay, people are fed up with the ayatollah and the revolutionary guards, but this is the US and the poor buggers are being manipulated, shot tear gas at and four of them got killed. For what? Absolutely nothing. The unfortunate officer died doing his job. This is very sad and scary, it looks like civil war brewing. A really bad thing to happen to a nation armed with nukes. Please do not let it happen, it is within your power to distance yourselves from these people and just say no to violence and vandalism.
For national security buildings (e.g. the NSA) it is the exact same as your foreign country experience. The guards around the perimeter are very quick to engage and ask what you are doing if you meander around the outside.
Yes, it is understandable that security works that way in a building occupied by people whose job it is to keep secrets... but that is not the way security should work at a building of democratic representatives where their job is to be publicly accountable.
The NASA HQ administration building off 4th and E just south of the Mall has no armed guards posted outside, and there's even a NASA public credit union in the building, which does not require passing through the metal detectors or security post just a couple doors away in the same open lobby.
It is visited by plenty of non-NASA, non-government ordinary customers who could easily blend in with official foot traffic on a busy day and make just a dozen paces to the main elevator banks or stairwells looking for an opportunity.
I misread the OP as NASA, which was careless but I still think the observation is worth noting. Also worth noting is that there is a museum on the NSA campus (National Cryptologic Museum) that anyone can visit without any clearance, and though there are vastly trickier chicanes to contend with compared to the access at NASA administrative HQ, merely visiting the cryptologic museum ushers one past several otherwise highly restricted perimeter zones.
I agree. One of my favorite aspects of visiting DC is the remarkable extent to which ordinary citizens have access to the workings of government. Sure, there's some security, but mostly to keep things orderly, not secret.
They should beef up security. And keep it open. And not so obvious.
The simple fact of the matter is that a violent riot stormed the capitol building and nearly overwhelmed local forces. Congress asked for extra help and it wasn't provided. Governors asked if they could send in the guard to help and the man whom stoked the riot gave no permission.
It's a fucking miracle that January 6th wasn't one of the worst days in the history of the US.
They should have appropriate security when large events are going on outside. But I sure hope we do not see barricades between representatives and their constituents on a normal day. Democracies rely on trust in both directions.
> I much prefer the approach taken in the USA, where our offices of government are accessible to the people that the government serves. It's very good that I can protest out front without worrying about that unfriendly man with his finger by the trigger to the Browning M2.
And yet your government offices abroad (embassies) are the most fortified I've ever seen.
I've been to several countries' embassies and the US one was like entering a secret nuclear bunker. There was airport-style security, and everyone I talked to was behind a massive sheet of bullet-proof glass; never mind the gates and moat around the building. This was in a small, US-friendly and highly developed country.
Then there's the excessive amount of security around any US governmental visit to a foreign country.
So I think it comes to a surprise to many outside the US that one of your main government buildings has less security than a museum even when all the most important politicians are inside.
But yes I agree, I think government buildings should be 'friendly'.
I think you should read up on how western countries typically prefer to have very light visible security in front of buildings like these. It sends a message of non-approachability if you have heavily-armed forces out front, which politicans don't like.
I'm assuming a similar security plan is in place in e.g. European countries' parliaments; extracting the high value targets is P1. The building is just a building; if it's damaged it can be repaired. And killing a bunch of people defending a building is a political no-go.
Looks to me like they stood down, being complicit with the insurrection. This often is how 3rd world nations are overthrown by dictators with the militarys help.
A police force of 2200, just for one building. Compare that to the Atlanta Police Department which has 1800 officers for a city of 500,000+ people and a size of 136 sq miles.
Not one bldg. There are multiple House and Senate offices and the Library of Congress. It's a huge complex which does not seem well designed from a security standpoint. I don't know if they've fixed that, but after 9/11 it was a mess of access.
That’s just how the Capitol (and most US state houses) is. My wife has on multiple occasions waltzed down to the (non-public) underground subway that connects the Capitol to the Senate and House office buildings to chat with members of Congress. The Capitol Police usually say “well you’re not supposed to be here, but I guess it’s okay.”
I may be paranoid, and thus don't get why the downvotes?
1. The person specified he has a wife that chats with members of Congress out of usual channels of communications.
2. The person specified place where it happens in the open.
How hard for some non-friendly party to get there directly given the instructions above, or start tracking his wife through other means and get there through her?
The president massed rioters down the road and had them attack the building shortly after 1pm when the tally started in the Capitol building.
He watched the riots unfold live, and refused federal backup for local forces.
Giuliani is Trump's lawyer, he called for "trial by combat" during the rally and after the riot started he was calling Republicans to press them into going along with the coup attempt.
This was a coup attempt, with a violent and legislative side to it. They were both organized and timed by the same parties. Both failed fortunately.
They're configured one-way only, can be fully opened for high through-put or emergencies, but are otherwise single-person only. They can detect multiple people in various ways. The default for sensitive areas would be biometric (e.g. weight, some parlement members coming back from vacation a little overweight have had to get a manual override in the past). Of course bulletproof, and can be controlled at a distance by an operator.
It makes sense that not everything requires something like this, but the office of the speaker of the house of course should be in any situation. If she wishes to meet people in less-secure rooms it's entirely possible to create meeting rooms with fewer or even no significant entry or security controls if you wish, but your personal office, places where you store sensitive data etc... can't just have em behind a few wooden doors.
Of course some countries opted for the benefit of a modern building. The capitol is more than two centuries old, you can only retrofit it so much.
The US Capitol belongs to the people. There are risks from that which fall on the people who serve there. In counties with monarchs there are different traditions expressed by the architecture of public institutions and the seats of power.
Without referencing any source I'll just assume you made that up. As far as I know there's no difference between say the French or German republic or the Dutch (symbolic) monarchy in this regard.
Dutch representatives are accessible by the people. They have a walk-in hour, you can call them, email them, write them, you can join hearings and meetings where they're present, they go out into the country to talk to citizens. But what you can't do is waltz into their office. This has obvious reasons in a post 9/11 world, and it has nothing to do with the fact the Netherlands has a king who has a purely symbolic function and does not participate in politics, no different from say France which is a republic, or Germany which saw a mob storm the Reichstag a few months ago and was easily held off by the police, which is also a republic.
Dutch Parliament has a visitors entrance and is (in non-covid times) easily accessible to the public. But for obvious security reasons their private offices are behind these kinds of locked doors. Since a few years I think you have to go through a metal detector to be allowed into the public areas.
It makes no sense at all that the US Capitol doesn't have stronger barriers between the public areas and the private offices. Every bank or other large company has such a setup for information security reasons.
But why does a public official's office need to be a public area? I'm sure you're not allowed to walk into it without an appointment, so having appropriate security barriers wouldn't stop them doing their job at all and would improve security.
The link appears to be some sort of live news feed and right now unrelated stuff about covid, articles of impeachment, and Trump's power to launch nukes is dominating the page, you really have to scroll to get to the laptop story
You can't have that kind of insanity inside of a workplace and expect to secure every device. There are multiple layers of security for the congress people, and many of them were exploited. They don't practice putting on masks and running their asses out of a building. I'm sure every staffer was thinking, "Did I get everything that needs to be secured?". No they were thinking, "I'm getting the hell out of here." Especially if they weren't part of the tribe storming the castle, (aka a Democrat).
Better than that might be an internet-free LoJack. Finding a laptop thief might be at least as valuable as retaining the encrypted information that's on disk.
Edit: Also, stealing a laptop that belongs to the office of the US Speaker of the House will essentially never end well. There are endless examples to suggest that yesterday's fracas wasn't thought-through by the participants. This is one of them.
There's also plenty of evidence that it was planned, like people openly planning doing exactly this on forums. They had merch printed up. It was Trump who either wasn't in on the planning or got cold feet when the time for the actual coup came.
Came here to say I hope it was encrypted.
Being a laptop I hope the IT person saw it fit to have it encrypted just because it is more easily prone to theft.
I mean, why are we paying the NSA, if Congress has unencrypted laptops. Literally their role to recommend security methods for encryption of companies and US interests. That is what I wonder every time I’m required to throw away my bottle of water and remove clothes to board a plane.
> So all laptops they were issued before 2017 didn't have full disk encryption.
That's an illogical assumption to make. Not encrypted at time of issue != not encrypted ever. Who says all previously-issued laptops weren't encrypted at a later time?
No, it doesn't mean that. It's a possibility, but it's not what the comment above says. From this date X is enforced doesn't mean that X didn't happen before.
It could also mean a change in policy which makes official what was already happening.
For staffers, sure. But it's a better-than-even-odds bet that if senators and representatives raise a stink about how secure laptops are hard to use, they get special treatment.
Did you see the picture of Pelosi's desktop monitor? Pelosi was on the House floor at the time, wasn't she? Why wasn't there even a screen lock?
I don't understand why Windows 10 doesn't take an encryption first approach. When you install Windows 10, it should default to having disk encryption checked.
Not certain this is the reason why, but there is a real perf hit for full disk encryption which not everyone needs to take, especially for devices without hardware accelerated crypto. Lower end devices can slow to a crawl.
Can you specify what are those devices which do not have hardware encryption support? Processors have had hardware support for ages. On the Intel side, at least from 2006, with the Core2Duo.
Any modern system(even on the low end) that you could conceivably want to trust important data to can handle encryption requirements with ease.
One problem if we are talking about Bitlocker specifically is that if the drive reports that it supports encryption, then Bitlocker offloads the responsibility to the drive. And the drive encryption might be badly implemented.
Did Linux ever fix the hibernate stuff? I remember 5 years ago, it was a MUST to disable it, because the system would go to hibernate and never wake up again without a hard restart.
On most of my linux computers it always works. On one of them it works 90% of the time, which sounds high but is really annoying. (Probably an interaction with AMDGPU.)
Sleep and hibernate is not really a linux problem, it's more of a OEM closed-source firmware implementation which is only tested to work on Windows problem so the linux devs have to eyeball it and pray that it works which makes it a constant game of whack-a-mole. So until there is an open standard for firmware used by all OEMs it will never be truly fixed. Hell, sleep doesn't even work half the time on my XPS15 with Windows so Dell can't even get that right.
That's why the likes of System76 develop their own firmware.
Full disk encryption and a strict policy of always closing the laptop / lock the screen when leaving. In some scenarios USB ports also need to be physically disabled.
Laptop is stolen by a foreign intelligence agency who can do things like "pour liquid nitrogen on the ram and swap it to another computer to recover encryption keys" or whatever (I've been told that's a real attack... but it always seemed like an intelligence agency ought to just make a device to read the ram without pulling it at all... just hijack the wires communicating to the ram or something...)
If that's your threat, the device doesn't leave your sight or possession, ever. I work at a significantly lower threat level than that and we're regularly told that when off site devices don't leave your possession, and on-site, deviecs should be tethered and locked when not in use.
Speaking of lock screens (and Speakers), did you see Pelosi's screen? Wasn't she on the floor of the House at that time? Why wasn't her screen locked? I can think of half a dozen scenarios of carelessness or time pressure. The first one comes to mind is that she was using it, suddenly evacuated and didn't flip the lock on, and the mob reached her desk before the lock timer expired. But I do wonder if the was even a screen lock.
Against what threat model? The general answer is "yes, most of them, including all the ones being used as defaults in major distros" -- they will not allow a user that isn't in possession of the password to log back into the session.
They don't necessarily prevent against other threat models, like "the attacker dumps the laptop's RAM" (which you could technically protect against if you froze all session processes and encrypted their working set with a key held in a secure element).
DMA attacks - once you get access to a bus that allows direct memory access, you can unlock the machine.
Not something a thief that wants the laptop would do, but definitely something a targeted attacker who specifically steals a laptop to get your data would do.
Another commenter mentioned DMA, so I'll expand on that.
If the device has only USB, network, and display outputs, not a lot. Modern systems are pretty hardened with this config.
However, if it has Thunderbolt, ExpressCard, PCMCIA, or even FireWire, it's hosed.
This kind of attack has been highly researched by intelligence, for example the 'Sonic Screwdriver' attack revealed in 2017 [1] targeted Macs by tampering with boot parameters, and was installed over thunderbolt.
There have also been some PoC exploits for extracting BitLocker encryption keys out of memory using FireWire [2], though I'm not sure those have ever been widespread attack vectors.
Basically, the old adage still holds up - physical access is full access. The only thing you can really do is fill up any ports that could be used for DMA sidechannel attacks with epoxy, then hope nobody attacks your TCP stack or USB controller...
There's some lienience to be given with the newer versions of Thunderbolt. On many Windows machines, and given that it's configured correctly, a TB device has to be explicitly allowed to access anything other than USB and Display modes.
Even when powered on, full disk encryption still changes the scenario from "reboot from a live CD" to "perform some advanced attack involving special hardware".
Unless someone specifically targets you for your data, FDE will keep your data safe from thieves who may sell the laptop (unwiped) or take a look otherwise.
I'm no small stater, but we need to find a way to put the interesting stuff back in democratic control...like a parliamentary system that recognizes executive vs legislative division is a bad idea.
I am kind of curious about that. Are they allowed to use the same computer for official business and campaign work? I know a fuss was made in the past about someone using the wrong phone in the White House. In theory donor interactions should be done on non-publicly funded devices. Though I doubt that actually stops them. I am curious what policy actually states.
You'd never see any of it. Depending upon who it damages, it either (a) wouldn't be published, or (b) it would be suppressed by media outlets for violating some obscure policy.
Every conservative narrative will now be about some evidence found on this laptop that will never be materialized in court. Just like the hunter Biden laptop that tucker Carlson supposedly lost in the mail.
If I recall UPS put a statement saying they searched and found the package. But then later Carlson magically backed off
> But after all of his commotion, Carlson suddenly backed off the story by Thursday night. “There are a lot of documents about Hunter Biden’s personal life that we haven’t brought to you and we’re not going to, and we should tell you why,” he said, adding that “Hunter Biden is a fallen man at this point.” And while he believes the Biden son is not “a bad person,” he does have “demons” and “lost control of those demons, and the world knows that now. He’s now humiliated and alone. It’s probably too strong to say we feel sorry for Hunter Biden, but the point is, pounding on a man, jumping on, piling on when he’s already down is something that we don’t want to be involved in.”
> belonged to a conference room and was used for presentations
Yikes. My first though was - oh this should be no big deal chances are there are good policies in place for laptops that go home with people.
Then I realized it is a shared/central machine which means it probably has the most effed up and relaxed security in the fleet, post-it notes with passwords taped to the palm rests, and god knows what else. IT departments are notorious for over-granting privileges to these shared machines due to the mixed use they typically recieve. After X help desk complaints you get fed up and check all the boxes in the permissions manager.
Hopefully, though, it is locked up and the data is inaccessible.
Honestly, those people didn’t even need that. They need nothing founded in reality to make up their conspiracy theories, which is why no argument from reality can weaken them.
One of the most intelligent programmers who has been in the game since the early 80s posted the he is refusing to ever vote again till he knows his vote isn't stolen.
One of the most intelligent programmers who has been in the game since the early 80s posted the he is refusing to ever vote again till he knows his vote isn't stolen.
They WON in 2016 House Senate and Presidential and claimed MILLIONS of votes were fraud and the commission setup by Republicans found nothing and went away.
2018 They kept the Senate and lost the house by a smaller number then anticipated
2020 Republicans WON seats though it was expected to lose seats. They "Kept the Senate" just had a run off in Georgia. November 2020 was a good night for Republicans minus President Trump who is a love him or hate him person. Republicans didn't vote for Trump and is why he is out.
Optimistic thinking. Chances are it has many PDF and PowerPoint files scattered on it. And probably a shared user account where the files fill up a Windows desktop.
Well back in Win 98 I used "My documents" a lot ahah. Now on Windows 10 Documents/ is often automatically backed-up in Onedrive (it is for me) so I started using it for saving some documents that I want to back up in the cloud.
on my laptop that's the default when i do save-as. I see someone plugging in a jump drive, opening the presentation, and then doing a save-as to Documents so "it runs faster"
I'm on Mac OSX and almost all my non-programming files are in /Downloads. Maybe some other HN-ers have a better folder management technique than mine (which basically is absent), I'm curious what that is.
I have the opposite problem. I abhor things sitting in Downloads because I pretty frequently wipe out that folder to clear out the garbage.
But I struggle to follow a consistent structure, so it could be in Documents or Notes, or a random folder somewhere else because I ignored my hierarchy in a hurry.
Honestly, now if I need to make sure I keep something, I upload it to Google Drive. It sucks for privacy, but their search is good enough that I rarely need to use the hierarchy. The hierarchy is now mostly to group things I want to perform actions on together.
Honestly I make pretty heavy use of /tmp. Almost all downloads go there, along with anything that I won't be using again after the next hour. Self-cleanup whenever I reboot (which is rare).
Anything of importance, I have broad directories under Documents, and then sub folders. Or sometimes I'll put them on my fileserver with similar directory structure. The Documents folder is backed up with Spideroak.
This would require them to be in the front line early. I think it's more likely that somebody was randomly there and saw the opportunity. If you look at the videos most seem to be surprised to be in some of low manner. If you have some operative in there you increase chaos by creating some small fire or something ...
Would they have had to be there early? Russian embassy isn't that far away and I think rioters were in there plenty long (wasn't it a couple hours?) for someone to walk over, pay 20 dollars for a trump flag, and walk in unnoticed. I wouldn't be surprised if our embassies and CIA outposts have people ready to take advantage of such situations in other countries.
You have to get through the crowd, and you have to be there before somebody else stole it and in time before police manages to lock down critical offices. Quite some effort.
Compare it to a random person suddenly standing in front of an unprotected laptop from those "bad politicians" ...
There's a lot more value to a conference room PC than residual files.
It's a machine probably on the same LAN as a lot of the meeting attendees in the conference room, probably has Bluetooth radio as well, may have wifi radios, probably has access to a calendar of meetings and attendees (as a defined room resource). Depending on how the PC is used (a room system vs the ol' conference room PC) it may also a key logger would be valuable.
Reminds me of the scene in Firefly: "let me get this straight, you put multiple high-ranking intelligence officials in the same room as a psychic??" https://www.youtube.com/watch?v=AC9SF7TOyHQ
The presentation machines at my workplace (in addition to being desktops in a locked cabinet, because why would they leave the room?) just allow you to remote desktop back to your real workstation or to a VM. They have nothing locally.
I think that's a good solution to avoiding over-granting privileges.
I don't know what the best practice for doing this would be but I would change the default shell from explorer to mstsc (the terminal services/remote desktop client) and disable task manager and internet explorer. I don't think that would perfectly lock it down, but it would do the job for ~90% of use cases.
Right, the goal is not to prevent a malicious user from running things, it's to make a usable environment for non-malicious users (via giving them Remote Desktop) so they don't feel the need to install anything that someone else could later attack.
Please don't break the site guidelines like this, regardless of how right you are or feel you are. The idea is to not have every thread turn into the same flamewar.
- (W10) Assigned Access - microsoft's solution to kiosk computers. You can make the app run on top of the lock screen, so users can use their one app without actually needing privileges on the computer.
- Software Restriction Policies - You can whitelist select applications or publishers and every other executable will fail to launch. requires enterprise licensing.
- Mandatory Profile - You log in to a temporary profile. All changes are lost when you log out.
- Deep Freeze - 3rd party variant of Mandatory Profile. Can be made to roll back the whole operating system to a given snapshot.
- Non-persistent VDI - You actually log in to a Virtual Machine. When you log out, that VM is deleted and recreated automatically.
Additionally, many antivirus solutions have some capability.
I'm guessing ours is software restriction policies + mandatory profile: I log in with my network credentials, but I don't get my usual desktop / home directory and the only apps installed on the system are Remote Desktop and Citrix Receiver. Since I don't have either physical access or a web browser I have no way to try to get new files/apps on it but I assume it would be locked down too.
You can lock up windows to where all a user can do is shut the computer down. Group policy, etc.
When our company used conference room PCs (instead of room systems) we had a program that would reboot them nightly to reload the known good image. I suppose some risk of file recovery was present, but this was also a half-way decent approach as long as the machine wasn't deeply compromised (bios level or something).
Really? Every place I have worked with more than about 50 employees has used full drive encryption, so a laptop being stolen is not an infosec risk at all.
FDE only works if the machine is powered off. If a machine is stolen while it is still running there's a risk the user account could be compromised. Depending how sophisticated your adversary is they could potentially completely compromise the machine and extract all of the data. When you have physical access and no time pressure the options are vast.
The videos I saw don't inspire much dread, there, but they may give the laptop to someone that can do digital forensics. Lots of LEOs in that lot. They would be smart enough to stay out of the building, but might have been waiting for someone to come out with something like that.
But, as someone pointed out, a lot of the folks wouldn't bother trying to read anything. They'd probably try to plant their own fantasies onto it, and send it to Rudy The Hair Dye Man.
They'll probably give it to that computer repair guy in Deleware so he can pull off all of the emails from March of 2021 and somehow lose them in the mail when he tries to send them to Fox News.
There have been several arrests already. Thus far it seems to be right wing extremists.
For example, the lady who was shot trying to enter the VP bunker has a social media profile with extensive Qanon related postings.
Another was a Republican member of the House of Representatives. He was caught because he livestreamed himself breaking the law, as all genius criminals do.
The story about Antifa being in the riots was made up out of whole cloth by the Washington Times. The company they cited put out a press release saying that they had done no such thing and the whole story was a fabrication.
On another note, the same publication (a redtop, so the language is rather "pithy") has this story[0], in which the "Fine People on All Sides" smeared feces around the place.
They have a photo of a guy on his hands and knees, cleaning the place. He's a congressman.[1]
Who is to say that a few opportunistic spies weren't in that push looking for anything of interest? Historically, this has been the case during these sorts of events. When the Stasi HQ was overwhelmed by protestors, Western intelligence agents were the first in the building securing lots of information.
FDE could be made to protect the data when the machine is out of range of its secure home network too.
Leaving it on, the machine would detect loss of home network fairly quickly and lock itself.
The FDE key would depend on a key server on the home network, so it could not be rebooted and unlocked just with the physical on-board devices.
If some parts of the FDE were handled on the storage itself and required a periodic end-to-end refresh with the home network key server, then even freezing main RAM (literally) to extract keys later would not work.
More generally, the FDE key could be split over a number of components on the machine, all of them requiring end-to-end periodic refresh from the home network key server, making it extremely difficult to freeze all on-board devices effectively enough to extract the whole key and decrypt the storage contents. Add RAM encryption to complete the job.
Really? When I worked at one of the Big Four a stolen/lost laptop was DefCon 4, despite all of the security precautions. We were actually required to notify a partner in the firm before contacting law enforcement.
Not to detract from the point you're trying to make with meaningless pedantry, but minimum DEFCON is 5, current is 4, we spend most of our time swapping between the two. I assume what you mean is 2.
me too, i have a special "corporate 911" card that i've been informed during onboarding is the "real" 911. No matter the emergency, lost/stolen passports, lost/stolen corp computer, place crash, car crash, anywhere in the world the company does business, i've been told to call it first before doing anythign else.
Uh.. I think it's standard security policy in most enterprises to discuss matters internally before getting law enforcement involved. That's just prudent. If I walked into a company where the policy was "let IT staff talk to LE first, then notify chief counsel" I'd change that on day 1.
Why do you think any of your rogue nation club have any interest hacking US politicians, except for, probably, blackmail?
US is an open society, and most US politicians speak what they think, or at least you can guess, or even ask them yourself! Those people are like open books.
Unlike of your usual cabal totalitarians, who either don't speak at all, or purposefully try to hide their real aims by engaging in double speak, triple, quadruple speak.
Seems safe to assume that the Speaker of the House and her aides would have access to classified national intelligence that might not be open to the world, and would be valuable in it's own right. Things like progress and updates with Covid vaccines, their deployment plans, and lack of security around them would make information like it ripe for the black market and adversary governments in these times.
Even prima fascie top military secrets like battle plans (those must be updated and shuffled regularly to prevent a situation exactly like that) have very little immediate usefulness.
It's 21st century, it's beyond anybody's ability to hide things like size, dislocation, and basic capabilities of your force
Oh you think the generals readily involve old Pelosi with the battle plans? I sort of doubt they would trust her with anything digital that’s supposed to be a secret.
Access to classified intelligence means that they are allowed to enter a secure room/facility and view the material. They still should not be taking said material out into an unclassified environment.
There are different levels of classification that carry different restrictions. Also, govt infosec being what it is, there are likely plenty of lapses.
Even the lowest level of classification (confidential) means that the data should not be stored on an unclassified system, and has additional physical storage requirements that Pelosi's main office doesn't meet.
At worst, the laptop had FOUO/CUI (for official use only/controlled unclassified information) data. Not great for that to get leaked; but not that scary from a national security perspective (we're pretty aggressive about classifying stuff).
If anything damaging comes out of this, I would expect it to be of a political nature; where something that Pelosi and friends would prefer to keep secret gets leaked, but doesn't have much influence on national security.
Black market? Legislators use that info on the stock market. Somebody is going to go Robinhood on defense, construction and pharma stocks with that laptop.
I can't imagine you really believe that. The US may have an open society, but the US doesn't have an open government. Look at just the tiniest amount of publicly known items from Snowden and Wikileaks. Those alone indicate a greater iceberg of secrets.
Very good argument, but I cannot believe that anything of Wikileaks leaks would be really new, or of much value to Russians, or Chinese.
US diplomatic talks with sketchy regimes? I bet China, and Russia would've not needed any spies there really.
US sales of weapons? US sells them everywhere, and they don't need spies to know the bottom price, when most of weapon buyers would just tell them that themselves. You don't have too much alternatives in a duopoly market.
US spies on Russian, or Chinese soil? You don't need to tell regimes like that of them being penetrated. Xi, and Pu realize perfectly well that they are surrounded by thousands of sketchy, and unreliable officers.
You say that, but they have had spies being exposed for a lot of stupid reasons. Like having their address on driving licenses be the FSB headquarters to avoid getting traffic tickets.
Also, it seems entirely possible to me that they would do that not for the purposes of spying, but to sow chaos.
Putin is, indeed, a huge fan of non-linear warfare. One side effect that it's extremely difficult to predict and can only be, possibly, recognized, and intent (the "true" end) is virtually impossible to discern. If you push a ton of buttons at once, you create opportunities for yourself that you might not even have predicted, and people can ascribe all sorts of intent that never existed.
It's part of why I roll my eyes at election interference—not that it's somehow "fake", but the amount of hysteria generated has got to be a better return than anyone could have guessed throwing a couple million dollars at an online propaganda campaign.
That sounds intentional. The only reason to use novichok as the weapon is precisely so everyone knows who did it. It's meant to be an example to others so they don't cross the Russian government.
Isn't Stalin rumored to have said, "There's a certain quality in quantity" in response to criticism that quality beats quantity? I think the quote is one of those unproven maybe-it-happened-but-we-have-no-solid-evidence things, but it seems to sum up the Russian approach to tanks and troops in WWII well enough, and from stories I've read, seems to be reflect their approach in the spy world as well. They are immensely practical.
Seems like the kind of expendable person they might send for what is basically a smash-and-grab.
How undercover does he need to be if American citizens are openly planning online to storm the Capitol? He just needs to wear a MAGA hat and walk in with them.
OTOH, if it is set up such that presenters need to log in with their official credentials to access their shared documents, it would actually be the machine to keylog.
I worked on a barely do-not-distribute. Someone's spouse took a project member's laptop as hostage for alimony. Within 45 minutes of discovery and a phone call to the army equivalent of the FBI, agents were at the spouse's work and home searching for the laptop.
Lucky for the spouse they thought it was the personal laptop (it was not marked) so they weren't prosecuted.
This would never be used by USG.
Confidential -> Classified
The classification scheme is broadly cut up into Confidential, Secret, Top Secret, and Codeword. There are many modifiers to that such as Five-Eyes, Cosmic (NATO), and Restricted-Data (Nuclear Weapon Design).
There are a menagerie of controls that don't rise to classification, like NOFORN, Law Enforcement Sensitive, For official use only, etc.
Code word compartments cut horizontally across the Confidential/Secret/Top Secret hierarchy. I’ve seen stuff that was classified Confidential, but also in a code word protected compartment. I had a TS/SCI/SI/CT/NATO/ATOMAL clearance when I worked for the Defense Information Systems Agency in the Pentagon. Many times over the past 25+ years I have had to correct people who think the compartmented stuff is classified at a level “above Top Secret”, when in fact the compartments just cut horizontally across the hierarchy.
Below Confidential exist other “unclassified” states, like “For Official Use Only” and “No Foreign” (a.k.a., NOFORN). Then, regardless of the classification, you should also have to prove “Need to Know”.
Put the quotes around DND... It was mostly unimportant mostly already public do not distribute data but you can't be sure what was actually on the laptop. NOFORN would be a good exact version.
This was also years ago, and for obvious reasons I don't want to be more exact.
IT should be able to revoke any access the machine has, so the only compromise would be what was already on the machine; which would be the case regardless of security policy, as they could just access the harddrive directly regardless of OS security policy.
In practice, it wouldn't suprise me if that computer was locally storing passwords that were not specific to that machine, which might mean needing to revoke a bunch of passwords
From what I've read, full disk encryption was optional in the House until very recently. If this was a shared machine it's almost certainly not encrypted.
Possible? Very. Likelihood of the computer's login password and thus hard drive decryption key attached to the computer's screen with a post-it note thus obviating the protection gained from full disk encryption? On a shared computer, high.
True. I was thinking they'd be using their centralized accounts once they reach the OS logon screen, thus no post-it necessary, but maybe that's not the case.
Absolutely it's possible, but as it was a shared computer, it's also likely to be one of the oldest in the fleet. It's also likely to be one that no one bothers to ask for specific attention to. As a result, it's likely that no full disk encryption was ever applied.
I'm not talking about telling the laptop that it's access is revoked; I'm talking about just revoking it's access, so if it every tries to connect to the House's intranet, it would have no more permissions than any other laptop.
If IT wanted to wipe the drive, then they would need the laptop to phone home in some way.
>which might mean needing to revoke a bunch of passwords
That doesn't help much because many people use patterns to their passwords and use the same passwords elsewhere. Seeing the expired passwords of many important people would have a very high chance of having a few which would be of use in breaking into accounts even if they were already expired.
Remote wipe only works if you can communicate with the device. If it’s in some backwoods Appalachia klan den I’d imagine there isn’t good connectivity.
I was thinking even just merely about physical security while this was going on. One bad actor going from room to room planting listening devices would take a short bit to weed out no?
https://twitter.com/doctorow/status/1347244300527013889:
"Resecuring the Capitol's IT infrastructure should probably involve shredding every device, cable and thumb-drive, tearing open every light-socket and power-outlet, and even then, it will be hard to fully trust the building and its systems."
If this is done, does everyone lose all of their unbacked up work or is there some way to recover it safely? There are for sure internal notes, draft bills and changes, etc. on these computers that is not backed up.
"So far, hearing that cyber risks of the Capitol attack were low.
* Congress isn't one big network
* Vulnerable machines held unclassified files
* Hill leaks so much already that truly sensitive stuff is walled off
* Rioters weren't there long enough for thorough, careful access"
[...]
For those wondering about the SCIFs, used for classified files and conversations, their doors were built to withstand embassy sieges, and they’re swept for bugs before every use.
We haven’t seen any indication that they were even targeted, much less seriously attacked. Could one of the terrorists have seen a sensitive but unclassified email somewhere? Yes.
Could there have been Russian spies in the terrorist mob? Yes."
Everthing in that building that plugs into the wall should be discarded and with a known good device. That includes network infrastructure and even cabling.
Between this and the recent SUNBURST fiasco, there are going to be some long discussions about security policy.
I think that would be a good start. Then again, I also don't think it should have been so trivial for infiltrators to access content on congressional computing devices in the first place, even with physical access.
I'm not sure about other devices in the building, but there's plenty of stuff going around about Pelosi's laptop in her office. Was it just left unlocked and unattended? Did it even have an OS password? If it did, was that password written down somewhere such that infiltrators could easily access it?
Replacing all of the compromised tech is a good start, but clearly we need to hold our politicians to a higher standard when it comes to securing their devices.
I admire the restraint on display here, but if even one of those guys had been black, the cops would have iced every one of them. Imagine someone grabbing a cop's gas mask at a BLM march and not being dead 2 seconds later.
Are you aware an unarmed white woman was shot and killed by police at the capitol that day?
Yes, on average black folks are treated more unfairly than white folks by police, but exaggerated claims like “the cops would have iced every one of them” help no one.
She was climbing through a barricaded door through a broken window with a person with a drawn gun on the other side protecting who knows who, armed or not the outcome was kind of a given when she decided that was a good idea. Not the best comparison to put up against the treatment of BLM protestors throughout the year.
There was at least one person near her in the video of that women getting shot who was clearly armed with an assault rifle. She may have been unarmed but was storming the chamber with other armed people. The security on the other side had good reason to believe she was a dangerous threat.
The guy with a carbine in the video is a police tactical officer. The main question about this scene is not why the secret service officer shot the woman who defied a lawful order by entering the chambers through a broken window and over the top of a barricade. The question is why she hadn't been shot long before.
Yeah, you're right, the original video I saw was tightly shot and only showed the weapon. There was a similar video released later where those officers where coming up a staircase from behind.
If you're going to operate at the intersection of gun nuttery and prescriptive English usage, it would help you to be right. The US Army "Small Arms Identification Guide" defined the term at least 50 years ago.
I believe you are thinking of the term “assault weapon”, which was a term invented to help ban semi-automatic military-style rifles, that arguably aren’t significantly deadlier than other less scary looking semi-automatic rifles, but are politically more convenient to ban.
“Assault rifle” is a valid term but it only refers to automatic rifles, which were already effectively banned for civilians.
I don’t know whether that rifle (carried by a police officer) is automatic or semi-automatic.
And several incidents of police using their vehicles or horses to ram, trample, or assault people (e.g. by opening a car door to hit protestors as they drove by). Those could easily have been lethal, though they weren't in this case.
Edit: I know this is all super polarizing stuff, but I'm trying to provide a specific and direct answer to the question above.
Yeah, I tried to not list too many events that 'only' resulted in maiming, loss of sight, or permanent injury, because the parent poster specifically called out deaths. But yes, there were many incidents like you described where the police clearly used force in potentially lethal ways.
Were they enforcing arbitrary curfews and trying to incite their own police riots or defending VIPs? Police seem to choose to escalate only when faced with certain groups.
No, it's not hyperbole. I was at the Portland protests this summer, and nothing even close to this happened. They'd have gone to mass use of tear gas and less lethal munitions long before that point, and if by some improbable chance a context like the above video push into a building arose, there's no question in my mind the CBP and related agency unmarked officers would have just straight up opened fire.
There are two standards at work in how protests are treated. This is a factual matter, not an opinion. It doesn't mean every protester on the left is a blameless, as obviously that's a straw man position on its face. But the disparity in how violence is used, and in particular how early its used is very clear. You can't just handwave that away. Likewise you can't handwave away that showing up with military style gear and loaded firearms is a defining feature of right wing protests that is not duplicated on the left.
Strongly disagree I firmly believe the reason the police held back so much was the number of guns in the crowd. They want to make it home at the end of the day too.
It's a real testament to the effectiveness of the BLM protests that the police took a good hard look at themselves and decided to use a light touch from here on out.
Armed terrorists in MI invaded the state Capitol in May, before the murder of George Floyd. Police there took a similar hands off strategy. Are you being facetious?
She had clear instructions to proceed no further, then climbed through a broken window towards Secret Service members who had guns drawn.
She was partway through the window to the hallway that leads directly to the congressional chambers and was attempting to get past the Secret Service members.
You don't mess with the Secret Service -- they have a very uncompromising view on protecting elected officials and will absolutely draw lines in the sand and firmly enforce them.
Edit:
Secret Service were present, but the officer who shot was not a member. He was, however, protecting the immediate vicinity to where congresspeople were sheltering in place.
Because someone on the inside opened the door and let them in, it’s not “storming”? Those Twitter comments are all suggesting this was a setup, but the more likely scenario is that most of those that should be serving as police either were sympathetic to today’s right wing rhetoric or weren’t prepared for a mess of people. What were they supposed to do at the point of this video? Pull out their guns and escalate the situation?
When they let you walk in quietly, yeah. You can stretch language all you want until it has no meaning, but "storming" has a definition, and it isn't "people I don't like went somewhere I didn't want them to go." u/doomslice did post an example of something that would be considered "storming."
Why not post the verb definitions directly below the noun definitions you posted?
1. To assault or capture suddenly: The troops stormed the fortress. See Synonyms at attack.
2. To travel around (a place) vigorously in an attempt to gain support: The candidates stormed the country.
3. To shout angrily: "Never!" she stormed.
Even if you're pretending that there was no violence in the event that left 5 people dead and many more hospitalized, those all apply.
I was talking about the action of walking though a door when the guards opened the doors and allowed them in. If you want to strawman things I say to feel better about yourself, have fun.
2/3 have no relevance to the situation, and 1 requires an assault. So, no, they don’t “all apply.”
Same happened at CHAZ, a couple black kids got killed by some nutjob police LARPers.
I don’t recall a big hubbub blaming left wing rhetoric or arguing for the immediate destruction and disbanding of the autonomous zones. I remember an absolute heartbreaking interview with the kid’s father.
There was no interest for the BLM crowd to hold their own accountable.
Are we really sitting here comparing storming the capitol building and interrupting the certification of the electoral vote, to CHAZ? Pipe bombs were placed in capital buildings, the insurrectionists were armed and had zip ties. Five people died as a result of these actions. The idea that this is at all comparable to CHAZ, is ridiculous.
I can guarantee more died as a direct result of BLM "protests" in 2020.
Nevermind billions of dollars of damage that fell on the shoulders of minority and lower class communities.
I have a hard time imagining that someone concerned about insurrection would unabashedly gloss over CHAZ/CHOP as though it's not a cut-and-dry act of secession.
I don't support CHAZ and I never said I did. Claiming to secede for a couple of blocks in a neighborhood in Seattle, is incredibly stupid and dangerous.
My point here is the scope of things, armed insurrectionists stormed the capitol building. Three pipe bombs were recovered and disarmed. What do you think would have happened if the person who laid the pipe bombs had gotten to Nancy Pelosi? Further the President of the united states was pleased by these actions and told them he loved them. He refused to call the national guard and the department of defense initially refused several requests. Somehow, the VP who doesn't have the authority to, called in the national guard. CHAZ was not supported or incited by Joe Biden. And CHAZ did not threaten our democracy or interrupt the democratic process.
There was complete chaos across the country last year.
With many reminiscent if not worse scenes of complete disregard for public spaces and institutions.
The media was practically giddy about justifications of why we shouldn't be opposing the destruction of statues of the founding fathers. Freaking abolitionist statues were targeted.
There is unquestionably more total damage, building burned to the ground, etc from what happened last year.
I'm not saying what occurred at the Capitol is to be dismissed - quite the contrary. What I'm saying is that it's like one half of the country just woke up to the idea that mass political violence and bedlam should be denounced.
How are you conscionably comparing the treatment of public spaces vs the attempted physical violence against democratically elected representatives carrying out their statutory duty? Are you just a total idiot or a neo-nazi?
Just to be clear, there are longer videos of the event that show people banging doors down. I watched a live stream from one of the people upfront - some cops gave up after overwhelmed, and some even fraternized with people, but it was a confrontation to be clear. I encourage you to look up full livestreams of it.
744 comments
[ 4.3 ms ] story [ 342 ms ] thread> I've also heard that the congressional paging system locks devices when an emergency is announced
If computers locked automatically when an emergency is announced, it doesn't matter if the staffers evacuated quickly.
https://en.wikipedia.org/wiki/The_Thing_%28listening_device%...
Imagine something like 'The Thing' but with ~75 years of technological advancement.
The Capitol is going to need to be cleaned for such devices and equipment for a long time before it can be considered secure again.
On the flip side, any devices that may be found are likely to be close to the latest models, and like with project SATYR, the US may have a potential goldmine of new tech in the coming years.
EDIT: Combined with the recent hacking of the US, the synergy of having physical access creates a load of headaches and nightmares. If I were in the federal information security space I would be very interested in visa and flight logs in and out of the US right now.
Edit: Do you people not understand physical security of network assets?
It was in her office, though.
There were smart people in that group.
2) Don't assume tech people are smart.
The video: https://www.washingtonpost.com/investigations/2021/01/08/ash...
Maybe this is too political or HN, but this is the bigger news on that page. It tells me we don't have a functioning chain of command and our government is currently responding to a hard coup attempt with a soft coup which is also pretty scary. Trump should either be removed through the 25th amendment or he should be president with all its power and responsibility. Putting "safeguards" in place so no one really knows who is in charge can be dangerous. Hopefully nothing too serious happens in the next week and a half.
EDIT: To be clear and to address the multiple replies, I am not a Trump fan or a supporter of nuclear weapons or anything along those lines. The problem here is that there needs to be a clear chain of command in case of an actual emergency. People being insubordinate to the president and taking on power that they do not constitutionally could be extremely dangerous in an emergency. The unelected bureaucrats of the government shouldn't be the ones making these decisions.
Nixon's aides did likewise in the days before his resignation.
The fact that the president has the power to decide to punch nukes all by himself is terrifying and should have been fixed long ago
1. Require a broad consensus to launch (possibly with a dead-hand).
2. Don't tell anyone on the outside. Best keep the enemy guessing and the people in awe.
Throughout the history people clamored for a strong leader, so you either give them one and suffer the risks of having a dictatorship, or you give them an illusion of a strong leader. The fictitious red button works perfectly - the man carries the literal Armageddon in his pocket, his power must be divine (subject to expiration on Jan 20th).
If the personnel involved hadn't overruled their orders several times during "the Cold War", we would already have had several post-Nagasaki nuclear disasters. These weapons are ongoing dangers to everyone.
Fun fact: If there had been a clear chain of command and lieutenant colonel Stanislav Petrov of the Soviet Air Defense Forces had followed his orders without questioning them, then the world would probably have been destroyed in a nuclear Armageddon in 1983.[1]
[1] https://en.wikipedia.org/wiki/Stanislav_Petrov
As of ~5 pm eastern, the Reuters article [1] does not have this text. If I assume it was there at one point, what happened?
[1]: https://www.reuters.com/article/BigStory12/idUSKBN29D2HA
The dude who stole her mail wasn't even wearing a mask.
That info would probably be helpful for law enforcement and prosecutors.
This all assumes that congress, the DNC, or whoever owns the laptop has upped their personal computer op-sec significantly since the DNC hacks of 2016.
Edit: Pelosi is 80 years old.
My dad was born in ‘39, he did a degree in electrical engineering, and it took until something like his second job after graduation for his employer to send him on a two-day training course for the new-fangled [0] invention of something called “software”. He then worked in software from that course until retirement.
However, he never understood RSA despite working on UK military IFF systems.
[0] “new-fangled” was his description; the closest he came to acknowledging Ada Lovelace before I learned of her was to complain about the language Ada.
And that goes double for mysterious flash drives randomly stuck in people's computers, or bugs hidden in planters etc. Just an absolute travesty.
At my own workplace, all the areas that are not intended for public use - office blocks and most meeting rooms, for example - are locked at all times and have keycard access. Defense in depth, y'know? And we're not even a juicy target like the US Capitol, we're just some company.
But you could also grab enough of your friends to obtain a decisive numerical advantage – let's say, you and twenty of your closest friends, that probably gets close to what we saw yesterday. Be sure one or two of them are visibly armed.
Once you have your buddies, you can go break through the glass door leading to the receptionist's desk. We saw that yesterday too.
Once you're in, game over: I don't expect Nancy to tackle you at the door, or my friend Brian to kick you when you try to come into the conference room. I expect when you're inside you'll get a guest badge – or an employees – and proceed to go about doing whatever you were interested in doing.
My office's threat model – and yours – is not based on defending against a mob of people storming the building.
That's sort of exactly the point I'm making. My office's threat model isn't even in the same league, and yet it still seems to have more thought put into physical security than the Capitol building. It would appear that, unlike in the hypothetical you're constructing, in the real event, people didn't even need keycards in order to freely move about the building after getting past the exterior doors.
The Capitol is intended to allow most people most of the time.
I've honestly never tried to visit a congressperson in DC, so I suppose I wouldn't know, but it sounds unlikely. My public library is even more intended for public use than the US Capitol, but I still need a key to go back into the offices.
Generally, yes. Their offices are suites with a reception that'll be staffed for constituent services most of the day. Staff are also typically there all day taking calls from the public.
Found a quick tour of one (small office; leadership will have much larger ones) on YouTube: https://www.youtube.com/watch?v=UnIMUfF3U8I
If they weren't prepared for this: incompetence. But there are videos of people getting selfies with guards, and staying within the velvet ropes when coming in. Something isn't right here and no one is talking about it.
A police department with an intelligence unit couldn't guess that things might get a little out of hand when 3 weeks before, the President publicly used Twitter to ask his followers[1] to attend a "wild" protest on January 6th? Not that an intelligence unit was required as the plans were in the open. I have great difficulty in putting this down to incompetence, all things considered.
1. https://twitter.com/realDonaldTrump/status/13401857732205158...
The footage of police opening barriers and stuff, and taking selfies is however a bit more worrying. I think it's pretty well known that individuals within the police could identify or sympathise with Q or the far right - so if it turns out that this footage was exactly what it's seems to be (and we know how easily things can be misrepresented and shown out of context) then I imagine some cops are gonna be in big trouble.
I don't know what kinds of contingency planning may have taken place, but ultimately this event seems to have been ended and cleaned up pretty quickly compared to some other demonstrations we've seen recently.
There is not enough information to come to either conclusion, but I would like to think the DC police leadership didn't/doesn't plumb those depths of incompetence. The public (and congress) deserves answers on what happened and why.
This picture?
https://commons.m.wikimedia.org/wiki/File:Pence_posing_with_...
Unless something more sinister emerges the simplest explanation is probably the best - there some cops who are far-right sympathisers and there are incompetently managed and organized Police forces. Both of those things are already demonstrably true and explain how the response quite well without introducing a grand conspiracy.
However, it is no secret that the FBI has long-reported (2006!) on white-supremecist infiltration of police forces[1] - this is not crazy talk. If someone joined the police as a rookie in 2006 to enforce their personal agenda, how far up the leadership hierarchy would they be now?
1. https://www.pbs.org/newshour/nation/fbi-white-supremacists-i...
This is worrying in its own terms. Policemen are adult, and shouldn't believe in fairy tales.
Being able to use deductive reasoning, understand basic principles of science (like the difference between cheratine and DNA), double-check the facts, and find the truth between the lies is THE work of the police.
Somebody unable to see a hole for years in theories that most 5 Yo curious children could dismantle in a hour is unfit for this kind of work. They simply shouldn't be policemen. Period. Will end distroying the lifes of innocent people.
Hmm, why turn down an offer of assistance from a military whose commander-in-chief wants to overturn the election? I can think of a few reasons...
There's also a fundamental democratic issue at stake: It's not by coincidence that the United States Capitol Police answers to the legislature and not to the executive -- indeed, this is seen around the world (e.g. Canada's Parliamentary Protective Service answers to the Speakers of the House and Senate) and arguably the principle that military forces should not be brought to the seat of legislative power dates back to the Roman Republic... which swiftly became the Roman Empire after Caesar crossed the Rubicon with an army at his back.
Let's do a thought experiment: let's say there are a few elements in the police who are active QAnon believers, sprinkled in at various levels. Let's also assume some more force members are not believers, per se, but sympathize with the cause, and are willing to look aside since they may dislike some legislators who they see as enabling BLM, Antifa and other un-American actors (in their eyes) and believe that something "weird" happened with the elections and/or the whole establishment is dirty. Would these individuals not listen to the orders of the commander in chief, even when not delivered via the official chain of command?
It's a matter of law that they answer to the legislature, this isn't an "assumption." Individually they have answered to a not very sharp police chief, and the Sergeants-At-Arms of the House and Senate, who are all in the process of resigning because of how badly they recently screwed up, if that's what you mean.
I could have expressed myself better there - I was distinguishing between them being answerable to the legislature (de jure) in the logical, org chat way, and them "answering" to a mercurial president they ideologically agree with (de facto), in the here and now.
* higher level leadership judged the threat of the protestors to be insignificant (incompetence)
* higher level leadership wanted the potential for a mob to enter the building (complicity)
However they found themselves in the position, they did, and once there I think they had an unenviable task. And the fact that the occupants of the building were safely sheltered until a larger force came to clear the building shows that they made a good decision.
The dude who fired the shot, are you really defending him? A man with no real reasonable threat to his life? None of the people in that shot were shown to be armed.
Honest question, what are your views on Jacob Blake? Do you defend him? Because he sexually assaulted a women who had a restraining order against him, ignored police orders to stop, got up after being tazed twice and reached into a car with children. The DA found the police were completely justified in shooting him 7 times in the back.
This is the double standard. If you say she had no excuse for getting shot, than neither did Jacob Blake, or Breyanna Taylor.
There's multiple camera angles which captured the minutes leading up to her death, posted on major news sites like The Washington Post, so no assumption needed.
I still don't feel the shoot to kill was justified (especially as a shot in an area that would immobilize a person, like the chest or the gut, would've been safer of collateral damage vs a shot to the head, similar to the one taken, which unequivocally is a shot intended to kill), but trying to argue she was not completely and totally in the wrong is just absurd to me.
Someone knowledgeable of the subject, which you imply I am not, would know that shooting someone in the middle of their body is the standard operating procedure (and is potentially less fatal, but yes legally still intended to kill) rather than taking an (essentially) headshot as this officer did.
Also notice I did not say what the officer did was "against policy" or illegal, I simply said I didn't feel it was justified (especially with where the shot hit). It's for the department and the courts to decide if the officer violated his duty.
Shooting a center of mass is not at all about being "less fatal" it is about it being the biggest target with the biggest chance of stopping your adversary.
Did I say it was? I believe I used the word "potentially" in the reply you are commenting to. The officer was shooting from ~6ft away and had a firm grip and was well composed, if they can't hit the chest of a target that was mostly still at the moment of the shot then they need to be spending a lot more time in the gun range (at the absolute minimum).
Not at all unlikely.
She was part of an armed mob trying in the process of breaking into the speakers lobby that posed an imminent threat to members of Congress, whom members of the mob had moments before loudly expressed concern were trying to leave.
“Trespassing” wasn't at all the issue.
I think it's pretty clear at this point that they would have been overstaffed if the protestors had a different skin color.
In the 1970s, armed Black Panther members took the California State Capitol and no one died.
At least one officer is dead (this changes daily so who knows) and one protestor (she was unarmed, that's a protestor, trespasser at best) was shot by sorry excuse of a Capitol Officer who shot wildly into a crowd (almost hitting the other Federal Officer behind her!)
Please stop making this about race.
https://twitter.com/i/status/1347615998610911234
Having seen multiple videos of the event it's clear the shooter was not firing wildly into the crowd. They were aiming specifically at the person trying to break into the area. She's dead because of her own actions.
https://twitter.com/i/status/1347615998610911234
So you are saying that the Capitol police succeeded in creating a honeypot that was meant to embarrass Trump?
This is all true but might be crediting the Capitol Police leadership with a little more coordination and planning than they truly exhibited. There were clearly some law enforcement officers who did not simply step aside and let the rioters have their way once lawmakers had been evacuated.
Based on some of the comments here I get the feeling it's not common knowledge yet that at least one involved law enforcement officer has died [1] and a couple of dozen were injured. Possibly they could have done better for themselves if they'd all been as easygoing about things as the officers photographed in the rotunda.
[1] https://www.washingtonpost.com/local/public-safety/brian-sic...
Peaceful protestors.
Were the BLM people who stormed city hall in Seattle insurrectionists? Where the Black Panthers who took the California State Capitol in the 1970s insurrectionists?
Stop with the bullshit name games. These were not rioters. They didn't set anything on fire. They should not have stolen or broken anything. That's wrong and bad and should be condemned. Those people should get federal time
But man...you have to admit...there is something beautiful about the peasants entering the royal court, and the town idiot putting his feet up on the table that belongs to the Hand of the King.
The villagers entered the royal court and the senators clutched their pearls.
America has had a long history of occupying federal buildings. This is certainly not unprecedented.
These people were not a coup or insurrection. They had no plan. There was no person with a new founding document they were going to read. They didn't bring in an armed force and take and occupy the capital.
The overreaction to what happened is fucking insane, especially compared to what actual Rioters where allowed to get away with for the past year. In May, DC was literally on fire from the BLM riots, and we didn't see this type of DoubleSpeak.
They had zip ties meant for the purpose of taking hostages: https://twitter.com/Adiscen/status/1347189171362918400
IEDs were found at the DNC and RNC: https://www.nytimes.com/2021/01/06/us/politics/pipe-bomb-rnc... https://abcnews.go.com/Politics/abc-news-exclusive-photo-sus...
I agree. Although I’m definitely anti-Trump and condemn his garbage about the election being stolen, and while I don’t condone the behavior of the protestors, I don’t really see how this so much worse than business owners who had their livelihoods destroyed during the BLM riots over the summer. I don’t remember CNN or Democrats tripping over themselves to see who could use the harshest language for what had happened.
Again I’m not condoning this, but honestly, given what happened, the only real tragedy was a woman was shot because a jumpy police officer shot blindly into a crowd. Our pride was embarrassed but that’s ok. Let’s learn from this and make sure it doesn’t happen again.
The real problem with what happened is Trump incited it. But that’s another story.
Look at how different the MSM response was. Destroyed businesses and disruption to innocent people's lives was a necessary sacrifice for BLM riots. And best of all, covid is only dangerous depending on what you're protesting for. But some people going into a building?! No! Stop that!
https://en.wikipedia.org/wiki/Mass_racial_violence_in_the_Un...
How many is that? I can't even count. More than 50, less than 100? Versus 10, possibly way less, depending on what kind of comparisons one wants to draw? [1]
Doesn't this point exactly to the significance of what happened on the 6th? Race riots have been happening in the United States for a hundred some years. They are obviously not significant in achieving the goals of the rioters. Meanwhile the storming of seats of power by an ousted leaders' supporters has the potential to change history. The former is a passing event, the latter is a rare event with some potential to change global history.
[1] https://www.livescience.com/political-violence-us-capital.ht...
No, because their goal wasn't to overturn a legally held election.
> They had no plan.
You got that part right.
When BLM stormed and occupied the city hall in Seattle, their primary demand was to remove the mayor.
https://youtu.be/aA1GHvHzy8M
“Hey hey. Ho ho. Jenny Durkan’s got to go!”
Not really when you consider that the protests in may were for the correct side with the media and elites fully on board. They were for all intents and purposes sanctioned events. The 6th mob was absolutely terrifying for the media and elite since they had zero control over it. What looks like just another mob riot to a common peasant appears to be an actual threat to those which never see threats.
Speaking of overreactions ...
> They didn't set anything on fire. They should not have stolen or broken anything. That's wrong and bad and should be condemned.
Okay, so to be clear, there's a difference between breaking things with your hands and setting it on fire. One is "bad", and one is "rioting". Huh, interesting.
https://twitter.com/aletweetsnews/status/1346948665013751809
https://twitter.com/RichieMcGinniss/status/13469488668689776...
https://twitter.com/KathrynDiss/status/1346947617893265421
I saw a video yesterday of tear gas being used inside the capitol building but today I was only able to find videos of when it was used outside.
Just because we work in tech does not mean we know everything, and not having been there means we don't know the circumstances anyway. It is disgustingly arrogant of any of us to proclaim that these people must be incompetent or complicit like some armchair quarterback.
Christ, I mean, this is roughly the same mentality as the people who think the election was stolen based on some anecdotes and bullshit despite what election officials, courts, and other experts are saying.
Trump’s “show of force” during the BLM protests (where he brought in the national guard) was an aberration for that reason.
You have a very very low bar for what you think an attempted coup was.
But the riot was a riot. There was no organization and no attempt to take the government and rule it. It was vandalism.
Your definition of a low bar different than mine.
Five Congressmen were shot by Puerto Rican nationalists on the floor of the house in the 50s.
Protestors interrupt things fairly often. Happened during the Kavanaugh confirmation hearings and again during the vote.
This is probably the most overwhelmed the Capitol has been since the British captured it.
It would be interesting to see exactly how often the capitol police have been overwhelmed and civilians have entered the building or chosen not to.
"@womensmarch just took the Capitol. Women, survivors, and allies walked straight past the police, climbed over barricades, and sat down on the Capitol steps."
https://twitter.com/EgSophie/status/1048634940169048064
In other words, they may have been set up to fail.
(There's still the issue of that video of protesters being let in, which would imply that capital police do have some explaining to do.)
"The Capitol Police" is not a single, monolithic entity; it's made up of individual people, with their own political views.
Police letting terrorists in: https://twitter.com/joshuapotash/status/1346931235176783873
I have to stress though that I agree with "danaris" one level up from from this comment - it seems perfectly believable that individual police sympathised and aided these people. However it's not "The Police" as an entity as some others are suggesting, that's venturing into Q territory and is a bit Conspiracy Theory for me.
If you're falling back because you're overwhelmed by a surge, the last thing you do is _remove obstacles between you and the surge_!
The bigger concern for me is the understaffing and declining of offers of assistance made by other police departments.
https://twitter.com/christina_bobb/status/134759627858319769...
Not sure what happened, I hope we find out, but this video is especially damning.
https://www.youtube.com/watch?t=1216&v=cJOgGsC0G9U
https://twitter.com/trbrtc/status/1347077988756676608
https://twitter.com/KySportsRadio/status/1347031398176223233
"Multiple"? Do you have proof of this? There was one woman who was shot by police.
As far as I know, it is not yet clear how the others (excluding the Capitol officer) died. I've seen reports that one man got a heart attack after tasing himself and another fell off some scaffolding.
If federal security at Court House shoots BLM protestors who are entering a federal court house, those security people would probably get charged with murder.
It's unreasonable to expect Capitol Police to make that sort of moral choice in the moment. And if you give cops the greenlight to shoot people to protect property, there will be a lot of unnecessarily death going forward.
That said, they may (probably?) screwed up containing the crowd contained in the first place. Though to play devils advocate, the President had just told a mob to go "wild." Not sure if Capitol Police could successfully manage that.
Certainly with the benefit of hindsight, there should have been a much stronger show of force/barricades/etc. Should that have been obvious even without hindsight? Don't know.
That said, once the Capitol Police were outnumbered and things were getting out of hand, I'm pretty sure the best outcome if they had used deadly force to stop a rush would have been headlines like "Dozens of Trump supporters dead after police open fire on crowd." Worse scenarios include the police getting overwhelmed anyway and many of them killed also leading to a firefight within the capitol.
The very idea that no-one could see this coming is ridiculous.
The actual level of violence done by the mob is relatively tame. Shooting a bunch of people in the halls of Congress isn't going to stop the damage to the rule of law. And it would have what? Prevented a few laptops from being stolen, a couple doors from being broken down, etc. It's not like they torched the place.
I personally don't think violence by a mob is acceptable. But it seems most people do--as long as they are sympathetic to the cause.
Which is contrast of the “mostly peaceful” protests that involved arson and beatings.
This is just as bad but everyone acknowledges it.
Why do people jump to the most extreme side of things in discussions now a days?
There are many many many ways to disperse of a crowd that doesn't involve firing live rounds at a crowd. In fact: they were able to do it later!
Tear gas, flash bangs, barricades, rubber bullets. None of these were used until well after they made it inside.
So its sort of irrelevant to what police who were suddenly asked to hold a door from a violent mob.
With hindsight they should have had teargas ready. But they probably didn't expect the President to direct a mob to capture the Capitol.
Probably? Says who? In fact, multiple people have been shot (fatally or otherwise) during BLM protests, and actions against those officers have been very much the exception.
At least in Minnesota and Portland they let looters burn/occupy the buildings without contest.
I much prefer the approach taken in the USA, where our offices of government are accessible to the people that the government serves. It's very good that I can protest out front without worrying about that unfriendly man with his finger by the trigger to the Browning M2.
From the pictures I saw, she was still logged in and had the evacuation message onscreen. I'm guessing she didn't have 'require login after screensaver' option enabled. If the account is still logged in, this is a massive breach!
https://twitter.com/Foone/status/1346924327996772354
tl;dr: the government has appropriate computer security in place to prevent this sort of thing, and it's not clear what the deal was with that particular computer.
Congressional offices are frequent meeting spaces with people who do not work there. Their job, after all, is to represent the public. Locking the public out of their offices is kind of antithetical to the job description.
I think it should be kind of like a non-Newtonian fluid. Walk in slowly and peacefully and it's ok. Try and punch it, it solidifies quickly.
I suspect the main reason that this hasn't happened before is that very large protests/gatherings are often met with a large show of police force to ensure the protestors know this isn't an option. Why that didn't happen today will be interesting to investigate. We all probably have a theory, but what comes out of the inevitable hearings on this will be interesting to see.
[1]: https://www.cnn.com/2021/01/07/us/us-capitol-violence-histor...
There are hundreds of thousands of people behind the camera, going all the way to the Lincoln Memorial. You can see some security milling around, but no large show of police force.
https://www.sacbee.com/news/local/history/article148667224.h...
A few years(?) ago, Mitch McConnell's dinner at a restaurant was interrupted by protestors yelling at him. And that was after what happened to Gabby Giffords.
Targets with higher ROI are available to people willing to take, ahem, kinetic actions.
Clearly, he didn't think I was a threat, or if I was, that I would have been smart enough to do it long ago, and slowly :-)
And they would have, had the Trump Administration not denied the D.C Mayor's request the day before for the D.C. National Guard to be deployed.
The Administration also delayed approval of requests by Virginia and Maryland to send Guard units to the Capitol in response to urgent calls for aid from Congressional leaders when it became clear the MPD and Capitol Police were overwhelmed.
Of course, it's a problem when the person inciting the insurrection has authority over important components of the security against it.
> A new report Thursday revealed that Sund turned down an offer from the FBI and the National Guard to help cops in the event of unrest.
https://nypost.com/2021/01/07/capitol-police-chief-steven-su...
I love that so much.
There is a major opposition movement growing, and it pains me to say it but Trump was right in his last speech.
'This is just the beginning'
As far as I can tell, this event seems to have had an extremely persuasive effect on the psyche and opinions of the average person. Who might benefit from this change in the mental state of the population, and in what ways?
Most people seem to find the very idea of thinking such thoughts to be extremely unpleasant, if not downright inappropriate. But to me, this is simple risk management. The lack of this sort of thinking in society seems downright dangerous to me.
I sometimes wonder what the origin of such norms is - is it organic (a common characteristic derived from evolution), or might it be synthetic?
Wouldn't it be convenient if a massive spectacle was to occur, whereby the US public could see in 4K HDR the danger that populist political candidates introduce to the system, how it "threatens our most sacred institution: Democracy.
And as luck would have it, along comes a massive throng of obviously angry and delusional Trump supporters, with well advertised (and well known to authorities) plans to descend on the US Capitol, to "rescue Democracy", or some such nonsense.
So, what do you do in a situation where you have hordes of angry (and possibly armed) political extremists heading towards a politically strategic location, on a particularly important day (in your democracy)?
Do you:
a) Beef up security
b) Not beef up security
It seems like option (b) was chosen. Depending on what variable one is optimizing for, this was a terrible choice, or an excellent one.
Oh, and cop organizations are run through with neo-nazis and white supremacists who have made a concerted effort to make inroads with police departments and military members.
I agree with you but I think there ought to be a little more protection of that.
Just all stairs going upwards should be easy to defend if the police stands their ground. Add a few police dogs and the officers wouldn't even have to engage themselves.
There was a smaller crowd trying to enter the German parliament just a few weeks ago, politically pretty close to the rioters of Washington. A whole three policemen were able to stop them by just consequently standing their ground, not armend beyond batons: https://www.youtube.com/watch?v=Pc-56opg-Xg
That’s the price we pay for living in an open and transparent society. While I don’t condone or support what happened this week, the building belongs to the People and not the government and the People have every right to enter the building and demand accountability.
The way the US Capitol is right now feels very police-state to me compared to how it used to be. I have memories of running around the Capitol building with my Cub Scout pack including ending up in private areas. There were no assault weapons and we weren’t met with police. We were politely shooed away.
Today you cannot walk up the steps of the Capitol building. It’s fenced off and manned by armed guard. Last time I was there I stepped aside to let some people pass in a crowded area and crossed some arbitrary unmarked do not cross line but about 12 inches. I was physically grabbed by Police.
To quote Donald Rumsfeld “freedom is untidy.”
the "People" can't just do whatever they want just because they feel like it. Can they go and bang hammers on nuclear warheads because the warheads "belong to the People"? Storm the doors of JPL and play horsey on the Mars Rovers?
When some subset of the "People" attempt to overthrow the duly elected government of the other 99% of the People, they are traitors, and should be erased from society.
Might as well argue that you should be able to just walk into the white house and speak to the top public representative.
> Might as well argue that you should be able to just walk into the white house and speak to the top public representative.
Entirely different situation. The reason that people need to talk with the legislature is because those are the people’s representatives.
Totally different, were it not for the fact the president is also the Chief of State: The chief public representative of a country.
Besides, even if this wasn't the case, humor me and suppose it was (which it actually is), would you then conclude that the president should simply be accessible at will by 300 million Americans? It makes absolutely no sense.
Just because something is publicly accessible doesn't mean you throw all reason out the window. Plenty of national parks are simultaneously open to everyone, as well as require registration and some basic ground rules to entrance. Similarly, it's entirely uncontroversial to argue that accessing the capitol is freely available to all, but there will be some minimum security checks, and some areas (e.g. private offices or places holding confidential data) are off-limits. Virtually all democracies have no problem separating visitor's areas from private working offices, and implementing appropriate controls in both.
The notion that the speaker of the house's laptop could be casually stolen by people without heavy equipment walking in is a joke, pure and simple. Claiming it has something to do with the fact she's a representative thereby implying her laptop should just be freely accessible instead of secured by some basic measures, as some (not you) have done in this thread, makes no sense if you ask me.
Where did anyone say any of the things you are claiming?
The statement was simply that the People have a right to entry into the building and physical access to lawmakers and the law making process. Further, the statement is that access is a foundational principle to the US implementation of liberal democracy since our Nation’s founding. It’s so foundational that it’s also quite literally built into the building as there are galleries for public viewing of Senate and House proceedings.
It is also an ideal that we strive for like equality and justice. We recognize our union as imperfect yet these ideals are what drive us as a Nation.
Your comment I feel confuses implementation with the discussion of ideals. The implementation should follow the ideals as guiding principles with access being the default.
Lastly, historically the building and lawmakers were much more accessible. This was during my lifetime. We had lots of people then too.
Indeed, access is the default. And in a village with a handful of visits and no armed psychopats plotting to kill your local representative, that default is all you need and may proceed as such.
But as you'll agree, the chief public representative (the president) lives in a different reality. Public unfettered access is a threat to his life. And while the public should have a form of access regardless, practically a 300 million to 1 communication relationship doesn't work, so you must implement it accordingly, differently. That's why most presidents had a habit of spending an hour a day reading letters from citizens, hosting debates, participating in public forums, holding press conferences, inviting people to the white house to discuss, speaking to various organisations representing people's causes etc. But walking into his office at 4PM to speak to the president? That's a joke. I'm fully aware that in a democracy a public servant works for the public, no need to discuss the ideal. I'm discussing the practical implementation, which is why I started with the village vs capitol example, which sees different outcomes on the basis of the same principles, which is exactly because the ideals are the same but the implementation cannot be. Similarly, you would organize access to certain parts of the capitol in a secure manner, e.g. those parts of the capitol holding a laptop of the speaker of the house.
In a post 9/11 world you cannot just say the capitol belongs to the people and access should be free (again, obviously talking about practice, not ideals, here), without concluding in the same breath that it should be freely accessible to any terrorist as well. And it's just an example. This week it were people thinking they were sent by Q or incited by Trump to de-facto participate in a coup (i.e. storming the capitol to prevent an elected official from being confirmed, while spreading propagandistic lies that the election was stolen, a direct attack on the democracy if you ask me). Next week it might be a psychopath thinking he is doing god's work. And yes, times have changed, if you're also interested in discussing how airport security used to be different back in the day, be my guest, I don't see the point.
Plenty of countries have well-functioning (and by many subjective and objective measures, better functioning) democracies, with high-level access to public representatives, while taking proper security and practicality measures.
> It’s so foundational that it’s also quite literally built into the building as there are galleries for public viewing of Senate and House proceedings.
You say some of these things as if access to public viewing of proceedings isn't the norm in countless democracies worldwide. But if I go to a viewing, I go through this: https://news.ycombinator.com/item?id=25690107
Not because I don't have access, but precisely because I do, as does everyone else, and that creates risks, which can be mitigated without reducing access. A basic measure which would've prevented the debacle at the Capitol altogether.
It’s kind of a stretch to frame it that way. The president quite literally represents the states, not the people. The US does not require that states assign electors by popular vote, states have chosen to do that. And in the past, they have chosen to do it other ways. Before the civil war, there were states that selected electors without conducting a popular vote.
The way the US government is architected, the legislature is the extent of federal representative government.
6 of the 13 original states held a popular vote for president Washington.
But to respond to the bulk of your statement: it was like airport security back when I was a kid, and I don’t see any reason why that wouldn’t also be appropriate on any other typical (i.e. not a special event) day. Angry mobs should never make it to the building in the first place. Crowd control happens outside of the building.
Which is why the stream of "fraudulent election" lies is so dangerous. A person in a position that confers trust is telling people the government is openly defying them. For people who believe that, violence is the only logical way to affect politics.
https://dictionary.cambridge.org/us/dictionary/english/tongu...
Anyway, an angry mob of wacko rioters shouldn't violently force their way into the legislative's building. They should respect the outcome of the democratic vote and vote again in four years. Maybe if this was Iran I would say okay, people are fed up with the ayatollah and the revolutionary guards, but this is the US and the poor buggers are being manipulated, shot tear gas at and four of them got killed. For what? Absolutely nothing. The unfortunate officer died doing his job. This is very sad and scary, it looks like civil war brewing. A really bad thing to happen to a nation armed with nukes. Please do not let it happen, it is within your power to distance yourselves from these people and just say no to violence and vandalism.
It is visited by plenty of non-NASA, non-government ordinary customers who could easily blend in with official foot traffic on a busy day and make just a dozen paces to the main elevator banks or stairwells looking for an opportunity.
The simple fact of the matter is that a violent riot stormed the capitol building and nearly overwhelmed local forces. Congress asked for extra help and it wasn't provided. Governors asked if they could send in the guard to help and the man whom stoked the riot gave no permission.
It's a fucking miracle that January 6th wasn't one of the worst days in the history of the US.
Here is a longer video of them at one of the entrances of the building: https://youtu.be/cJOgGsC0G9U?t=140
And yet your government offices abroad (embassies) are the most fortified I've ever seen.
I've been to several countries' embassies and the US one was like entering a secret nuclear bunker. There was airport-style security, and everyone I talked to was behind a massive sheet of bullet-proof glass; never mind the gates and moat around the building. This was in a small, US-friendly and highly developed country.
Then there's the excessive amount of security around any US governmental visit to a foreign country.
So I think it comes to a surprise to many outside the US that one of your main government buildings has less security than a museum even when all the most important politicians are inside.
But yes I agree, I think government buildings should be 'friendly'.
Just a few months ago that is exactly what the steps of the US Capitol looked like [1].
Even when disabled people try to protest there they are removed by force [2]
They have no trouble keeping people out they really don't want inside, it seems.
But when people show up wearing body armour and carrying weapons, for some reason they are not stopped.
[1] https://twitter.com/oliviamunn/status/1346933669869481986
[2] https://www.esquire.com/news-politics/a12466578/disabled-pro...
I'm assuming a similar security plan is in place in e.g. European countries' parliaments; extracting the high value targets is P1. The building is just a building; if it's damaged it can be repaired. And killing a bunch of people defending a building is a political no-go.
None of this applies to an embassy.
He watched the riots unfold live, and refused federal backup for local forces.
Giuliani is Trump's lawyer, he called for "trial by combat" during the rally and after the riot started he was calling Republicans to press them into going along with the coup attempt.
This was a coup attempt, with a violent and legislative side to it. They were both organized and timed by the same parties. Both failed fortunately.
https://www.dormakaba.com/resource/blob/128222/7d74af646dce4...
They're configured one-way only, can be fully opened for high through-put or emergencies, but are otherwise single-person only. They can detect multiple people in various ways. The default for sensitive areas would be biometric (e.g. weight, some parlement members coming back from vacation a little overweight have had to get a manual override in the past). Of course bulletproof, and can be controlled at a distance by an operator.
It makes sense that not everything requires something like this, but the office of the speaker of the house of course should be in any situation. If she wishes to meet people in less-secure rooms it's entirely possible to create meeting rooms with fewer or even no significant entry or security controls if you wish, but your personal office, places where you store sensitive data etc... can't just have em behind a few wooden doors.
Of course some countries opted for the benefit of a modern building. The capitol is more than two centuries old, you can only retrofit it so much.
Dutch representatives are accessible by the people. They have a walk-in hour, you can call them, email them, write them, you can join hearings and meetings where they're present, they go out into the country to talk to citizens. But what you can't do is waltz into their office. This has obvious reasons in a post 9/11 world, and it has nothing to do with the fact the Netherlands has a king who has a purely symbolic function and does not participate in politics, no different from say France which is a republic, or Germany which saw a mob storm the Reichstag a few months ago and was easily held off by the police, which is also a republic.
It makes no sense at all that the US Capitol doesn't have stronger barriers between the public areas and the private offices. Every bank or other large company has such a setup for information security reasons.
I think this is the direct link: https://www.theguardian.com/us-news/live/2021/jan/08/donald-...
The "story" is also really just a link to this tweet: https://twitter.com/Drew_Hammill/status/1347598063620206592?...
edit: it's confusing as to what the actual, documented source other than "he said she said" is after looking at all three
edit edit: a previous HN submission which didn't gain comment traction pointed at Reuters: https://news.ycombinator.com/item?id=25688418
Not that it will slow down the corporate takeover, but it will be of historical interest.
I guess that would assume they connected to the internet though.
You can't have that kind of insanity inside of a workplace and expect to secure every device. There are multiple layers of security for the congress people, and many of them were exploited. They don't practice putting on masks and running their asses out of a building. I'm sure every staffer was thinking, "Did I get everything that needs to be secured?". No they were thinking, "I'm getting the hell out of here." Especially if they weren't part of the tribe storming the castle, (aka a Democrat).
Edit: Also, stealing a laptop that belongs to the office of the US Speaker of the House will essentially never end well. There are endless examples to suggest that yesterday's fracas wasn't thought-through by the participants. This is one of them.
I read yesterday that all computers issued for Congressional staffers after 2017 have full disk encryption enabled by default.
Do you hear that? That's the sound of me face-palming.
That's an illogical assumption to make. Not encrypted at time of issue != not encrypted ever. Who says all previously-issued laptops weren't encrypted at a later time?
It could also mean a change in policy which makes official what was already happening.
Did you see the picture of Pelosi's desktop monitor? Pelosi was on the House floor at the time, wasn't she? Why wasn't there even a screen lock?
Any modern system(even on the low end) that you could conceivably want to trust important data to can handle encryption requirements with ease.
One problem if we are talking about Bitlocker specifically is that if the drive reports that it supports encryption, then Bitlocker offloads the responsibility to the drive. And the drive encryption might be badly implemented.
Full disk encryption is good for when the machine is powered off.
What about for the scenario when it gets swiped during the work day when I'm in the bathroom?
:D
That's why the likes of System76 develop their own firmware.
First and foremost you need to ensure physical security anyway. Otherwise a dedicated attacker can also just install a bug.
Can you help me understand what attacks you think can be done with a locked screen, powered on laptop ? (given Full disk encryption is on)
They don't necessarily prevent against other threat models, like "the attacker dumps the laptop's RAM" (which you could technically protect against if you froze all session processes and encrypted their working set with a key held in a secure element).
Not something a thief that wants the laptop would do, but definitely something a targeted attacker who specifically steals a laptop to get your data would do.
I believe a system like Apple’s Secure Enclave (everything contained in one chip) is better in that regard, although I’m not an expert.
If the device has only USB, network, and display outputs, not a lot. Modern systems are pretty hardened with this config.
However, if it has Thunderbolt, ExpressCard, PCMCIA, or even FireWire, it's hosed.
This kind of attack has been highly researched by intelligence, for example the 'Sonic Screwdriver' attack revealed in 2017 [1] targeted Macs by tampering with boot parameters, and was installed over thunderbolt.
There have also been some PoC exploits for extracting BitLocker encryption keys out of memory using FireWire [2], though I'm not sure those have ever been widespread attack vectors.
Basically, the old adage still holds up - physical access is full access. The only thing you can really do is fill up any ports that could be used for DMA sidechannel attacks with epoxy, then hope nobody attacks your TCP stack or USB controller...
---
[1] https://arstechnica.com/information-technology/2017/03/new-w...
[2] https://support.microsoft.com/en-ca/help/2516445/blocking-th...
Unless someone specifically targets you for your data, FDE will keep your data safe from thieves who may sell the laptop (unwiped) or take a look otherwise.
I'm no small stater, but we need to find a way to put the interesting stuff back in democratic control...like a parliamentary system that recognizes executive vs legislative division is a bad idea.
Mitch McConnell’s documents would be similarly interesting.
I’d love to see how these two speak to their donors and each other vs how they speak to the public, for example.
All you need to do is look at the stimulus bill. It's full of "I'll give you this if you give me that" items.
> But after all of his commotion, Carlson suddenly backed off the story by Thursday night. “There are a lot of documents about Hunter Biden’s personal life that we haven’t brought to you and we’re not going to, and we should tell you why,” he said, adding that “Hunter Biden is a fallen man at this point.” And while he believes the Biden son is not “a bad person,” he does have “demons” and “lost control of those demons, and the world knows that now. He’s now humiliated and alone. It’s probably too strong to say we feel sorry for Hunter Biden, but the point is, pounding on a man, jumping on, piling on when he’s already down is something that we don’t want to be involved in.”
Yikes. My first though was - oh this should be no big deal chances are there are good policies in place for laptops that go home with people.
Then I realized it is a shared/central machine which means it probably has the most effed up and relaxed security in the fleet, post-it notes with passwords taped to the palm rests, and god knows what else. IT departments are notorious for over-granting privileges to these shared machines due to the mixed use they typically recieve. After X help desk complaints you get fed up and check all the boxes in the permissions manager.
Hopefully, though, it is locked up and the data is inaccessible.
We just don't know.
presentation-BROKEN.PPT
anotherpresentation.doc
cantopen_presentaion-dontdelete,PPT
MOMs_COOKIE_RECIPE.doc
caterpillar french fry funny.bmp
and so on...
Damn alternative data streams.
Speaking of which, I always wondered why windows didn't make better use of those. Seems like it would cut down on the FS bloat.
Literally laughed out loud, as my grandma had actually sent me that comic just a month ago. It's the quintessential Forward From Grandma.
Pretty sure that one's been floating around the Internet since the 90s at least, and likely existed way before then.
-- someone accidentally stored something
-- that thing is no big deal, perhaps technically a secret
-- people who get ahold of it and read it will make up conspiracy theories about it
Breaking! This below was found on Pelosi's laptop!
-----====POWER POINT PRESENTATION====----
ALL GOVERNMENT ARE PEDOPHILES EXCEPT TRUMP
PROOF: CIA REPORT
They WON in 2016 House Senate and Presidential and claimed MILLIONS of votes were fraud and the commission setup by Republicans found nothing and went away.
2018 They kept the Senate and lost the house by a smaller number then anticipated
2020 Republicans WON seats though it was expected to lose seats. They "Kept the Senate" just had a run off in Georgia. November 2020 was a good night for Republicans minus President Trump who is a love him or hate him person. Republicans didn't vote for Trump and is why he is out.
... realistic
But I struggle to follow a consistent structure, so it could be in Documents or Notes, or a random folder somewhere else because I ignored my hierarchy in a hurry.
Honestly, now if I need to make sure I keep something, I upload it to Google Drive. It sucks for privacy, but their search is good enough that I rarely need to use the hierarchy. The hierarchy is now mostly to group things I want to perform actions on together.
Anything of importance, I have broad directories under Documents, and then sub folders. Or sometimes I'll put them on my fileserver with similar directory structure. The Documents folder is backed up with Spideroak.
And if not, then they should hire me and I'll set it up for them. :D
But after the number of big hacks in the last few years I'd hope the guys in charge of general security laid down some ground rules.
Compare it to a random person suddenly standing in front of an unprotected laptop from those "bad politicians" ...
https://sanfrancisco.cbslocal.com/2018/08/01/details-chinese...
https://www.eurasiareview.com/11122020-eric-swalwells-honeyp...
So yeah, pardon if I'm not full of confidence in the levels of discretion these guys exercise.
It's a machine probably on the same LAN as a lot of the meeting attendees in the conference room, probably has Bluetooth radio as well, may have wifi radios, probably has access to a calendar of meetings and attendees (as a defined room resource). Depending on how the PC is used (a room system vs the ol' conference room PC) it may also a key logger would be valuable.
Reminds me of the scene in Firefly: "let me get this straight, you put multiple high-ranking intelligence officials in the same room as a psychic??" https://www.youtube.com/watch?v=AC9SF7TOyHQ
I think that's a good solution to avoiding over-granting privileges.
https://news.ycombinator.com/newsguidelines.html
I've seen it done badly a number of times, and I've seen it done correctly, and work really well.
- (W10) Assigned Access - microsoft's solution to kiosk computers. You can make the app run on top of the lock screen, so users can use their one app without actually needing privileges on the computer.
- Software Restriction Policies - You can whitelist select applications or publishers and every other executable will fail to launch. requires enterprise licensing.
- Mandatory Profile - You log in to a temporary profile. All changes are lost when you log out.
- Deep Freeze - 3rd party variant of Mandatory Profile. Can be made to roll back the whole operating system to a given snapshot.
- Non-persistent VDI - You actually log in to a Virtual Machine. When you log out, that VM is deleted and recreated automatically.
Additionally, many antivirus solutions have some capability.
When our company used conference room PCs (instead of room systems) we had a program that would reboot them nightly to reload the known good image. I suppose some risk of file recovery was present, but this was also a half-way decent approach as long as the machine wasn't deeply compromised (bios level or something).
A stolen laptop is usually not considered "no big deal" basically everywhere I worked.
The videos I saw don't inspire much dread, there, but they may give the laptop to someone that can do digital forensics. Lots of LEOs in that lot. They would be smart enough to stay out of the building, but might have been waiting for someone to come out with something like that.
But, as someone pointed out, a lot of the folks wouldn't bother trying to read anything. They'd probably try to plant their own fantasies onto it, and send it to Rudy The Hair Dye Man.
https://www.independent.co.uk/news/world/americas/us-electio...
Most of the rioters seem like herpa-derpers, but some came there on a mission, like this guy: https://www.thesun.co.uk/news/13690389/us-capitol-rioters-zi...
(those are not regular zipties, but the "taking hostages" kind)
There were definitely some folks there with mayhem in mind.
For example, the lady who was shot trying to enter the VP bunker has a social media profile with extensive Qanon related postings.
Another was a Republican member of the House of Representatives. He was caught because he livestreamed himself breaking the law, as all genius criminals do.
The story about Antifa being in the riots was made up out of whole cloth by the Washington Times. The company they cited put out a press release saying that they had done no such thing and the whole story was a fabrication.
They have a photo of a guy on his hands and knees, cleaning the place. He's a congressman.[1]
[0] https://www.the-sun.com/news/2105149/trump-supporters-smeare...
[1] https://www.cnn.com/2021/01/08/us/congressman-capitol-trash-...
Leaving it on, the machine would detect loss of home network fairly quickly and lock itself.
The FDE key would depend on a key server on the home network, so it could not be rebooted and unlocked just with the physical on-board devices.
If some parts of the FDE were handled on the storage itself and required a periodic end-to-end refresh with the home network key server, then even freezing main RAM (literally) to extract keys later would not work.
More generally, the FDE key could be split over a number of components on the machine, all of them requiring end-to-end periodic refresh from the home network key server, making it extremely difficult to freeze all on-board devices effectively enough to extract the whole key and decrypt the storage contents. Add RAM encryption to complete the job.
Not to mention cold boot attacks if the laptop was still running.
"How can we remove this compromised system from the building without letting on that we know"
"just have a 'theft' remove it!"
US is an open society, and most US politicians speak what they think, or at least you can guess, or even ask them yourself! Those people are like open books.
Unlike of your usual cabal totalitarians, who either don't speak at all, or purposefully try to hide their real aims by engaging in double speak, triple, quadruple speak.
Even prima fascie top military secrets like battle plans (those must be updated and shuffled regularly to prevent a situation exactly like that) have very little immediate usefulness.
It's 21st century, it's beyond anybody's ability to hide things like size, dislocation, and basic capabilities of your force
Intel reports? Again, most real deal intel sources would be either kept real deal secret, or really not being such.
https://www.ausa.org/sites/default/files/SR-1998-CPMW-Tactic...
At worst, the laptop had FOUO/CUI (for official use only/controlled unclassified information) data. Not great for that to get leaked; but not that scary from a national security perspective (we're pretty aggressive about classifying stuff).
If anything damaging comes out of this, I would expect it to be of a political nature; where something that Pelosi and friends would prefer to keep secret gets leaked, but doesn't have much influence on national security.
US diplomatic talks with sketchy regimes? I bet China, and Russia would've not needed any spies there really.
US sales of weapons? US sells them everywhere, and they don't need spies to know the bottom price, when most of weapon buyers would just tell them that themselves. You don't have too much alternatives in a duopoly market.
US spies on Russian, or Chinese soil? You don't need to tell regimes like that of them being penetrated. Xi, and Pu realize perfectly well that they are surrounded by thousands of sketchy, and unreliable officers.
If they missed the opportunity at the Capitol the other day to plant listening devices though, they must be kicking themselves now.
Also, it seems entirely possible to me that they would do that not for the purposes of spying, but to sow chaos.
It's part of why I roll my eyes at election interference—not that it's somehow "fake", but the amount of hysteria generated has got to be a better return than anyone could have guessed throwing a couple million dollars at an online propaganda campaign.
How undercover does he need to be if American citizens are openly planning online to storm the Capitol? He just needs to wear a MAGA hat and walk in with them.
Ok, probably not a spy, but who knows?
Clearly they never tried calling those phones to test...
Space. Space. Space. Backspace. Space.
Lucky for the spouse they thought it was the personal laptop (it was not marked) so they weren't prosecuted.
This laptop could be much worse, or just fine.
The classification scheme is broadly cut up into Confidential, Secret, Top Secret, and Codeword. There are many modifiers to that such as Five-Eyes, Cosmic (NATO), and Restricted-Data (Nuclear Weapon Design).
There are a menagerie of controls that don't rise to classification, like NOFORN, Law Enforcement Sensitive, For official use only, etc.
Below Confidential exist other “unclassified” states, like “For Official Use Only” and “No Foreign” (a.k.a., NOFORN). Then, regardless of the classification, you should also have to prove “Need to Know”.
To me, the most interesting aspects of classification were that the title, content, and classification level itself don't necessarily share levels.
As others have pointed out, Confidential is classified, the lowest classification level.
And yes, "no-forn"
Information could be Secret and NOFORN or Secret and Five-Eyes, for instance.
This was also years ago, and for obvious reasons I don't want to be more exact.
Apparently it was deemed a random theft [1].
[0]: https://www.engadget.com/2005-04-25-laptop-thief-not-scared-...
[1]: https://www.berkeley.edu/news/media/releases/2005/09/15_lapt...
In practice, it wouldn't suprise me if that computer was locally storing passwords that were not specific to that machine, which might mean needing to revoke a bunch of passwords
I think that's wrong if you consider disk encryption.
reminds me of this xkcd: https://xkcd.com/538/
If IT wanted to wipe the drive, then they would need the laptop to phone home in some way.
That doesn't help much because many people use patterns to their passwords and use the same passwords elsewhere. Seeing the expired passwords of many important people would have a very high chance of having a few which would be of use in breaking into accounts even if they were already expired.
"So far, hearing that cyber risks of the Capitol attack were low.
* Congress isn't one big network * Vulnerable machines held unclassified files * Hill leaks so much already that truly sensitive stuff is walled off * Rioters weren't there long enough for thorough, careful access" [...] For those wondering about the SCIFs, used for classified files and conversations, their doors were built to withstand embassy sieges, and they’re swept for bugs before every use.
We haven’t seen any indication that they were even targeted, much less seriously attacked. Could one of the terrorists have seen a sensitive but unclassified email somewhere? Yes.
Could there have been Russian spies in the terrorist mob? Yes."
Everthing in that building that plugs into the wall should be discarded and with a known good device. That includes network infrastructure and even cabling.
Between this and the recent SUNBURST fiasco, there are going to be some long discussions about security policy.
I'm not sure about other devices in the building, but there's plenty of stuff going around about Pelosi's laptop in her office. Was it just left unlocked and unattended? Did it even have an OS password? If it did, was that password written down somewhere such that infiltrators could easily access it?
Replacing all of the compromised tech is a good start, but clearly we need to hold our politicians to a higher standard when it comes to securing their devices.
https://twitter.com/gatewaypundit/status/1347615270504955904...
Which explains this hilarious picture of a 70-year old grandma “coup plotter” posing with coffee mug.
https://twitter.com/TheRealEWILLZ/status/1346999976899932161...
Yes, on average black folks are treated more unfairly than white folks by police, but exaggerated claims like “the cops would have iced every one of them” help no one.
https://web.archive.org/web/20190904213732/http://031d26d.na...
“Assault rifle” is a valid term but it only refers to automatic rifles, which were already effectively banned for civilians.
I don’t know whether that rifle (carried by a police officer) is automatic or semi-automatic.
How many BLM protestors were shot and killed by police?
I’m genuinely curious, as I’m not aware of any.
* Sarah Grossman was pepper-sprayed at a demonstration and later died in the hospital from acute respiratory issues.
* David McAtee was fatally shot by police at a protest : https://www.cnn.com/2020/06/01/us/louisville-protests-man-sh...
* Sean Monterossa was killed while kneeling with hands raised when shot to death by police because they mistook a hammer in his pocket for a gun. https://www.sfchronicle.com/crime/article/Attorney-identifie...
* Aubreana Inda was sent into cardiac arrest, 'dying' three times, after being shot in the chest. https://www.kuow.org/stories/this-26-year-old-died-three-tim...
There are countless incident reports of 'less lethal' ammunition being aimed at faces. Less lethal is still lethal. This woman was placed into a medically induced coma: https://timesofsandiego.com/crime/2020/06/02/family-of-woman...
And several incidents of police using their vehicles or horses to ram, trample, or assault people (e.g. by opening a car door to hit protestors as they drove by). Those could easily have been lethal, though they weren't in this case.
Edit: I know this is all super polarizing stuff, but I'm trying to provide a specific and direct answer to the question above.
There are two standards at work in how protests are treated. This is a factual matter, not an opinion. It doesn't mean every protester on the left is a blameless, as obviously that's a straw man position on its face. But the disparity in how violence is used, and in particular how early its used is very clear. You can't just handwave that away. Likewise you can't handwave away that showing up with military style gear and loaded firearms is a defining feature of right wing protests that is not duplicated on the left.
https://www.bbc.com/news/world-us-canada-55581206
She was partway through the window to the hallway that leads directly to the congressional chambers and was attempting to get past the Secret Service members.
You don't mess with the Secret Service -- they have a very uncompromising view on protecting elected officials and will absolutely draw lines in the sand and firmly enforce them.
Edit: Secret Service were present, but the officer who shot was not a member. He was, however, protecting the immediate vicinity to where congresspeople were sheltering in place.
https://fivethirtyeight.com/features/the-polices-tepid-respo...
Also the protesters look pretty tame. Looks more like the crowd at a festival pushing each other.
People died anyway.
https://www.thefreedictionary.com/storming
5. A violent disturbance or upheaval, as in political, social, or domestic affairs: a storm of protest.
6. A violent, sudden attack on a fortified place.
2/3 have no relevance to the situation, and 1 requires an assault. So, no, they don’t “all apply.”
Same happened at CHAZ, a couple black kids got killed by some nutjob police LARPers.
I don’t recall a big hubbub blaming left wing rhetoric or arguing for the immediate destruction and disbanding of the autonomous zones. I remember an absolute heartbreaking interview with the kid’s father.
There was no interest for the BLM crowd to hold their own accountable.
I can guarantee more died as a direct result of BLM "protests" in 2020.
Nevermind billions of dollars of damage that fell on the shoulders of minority and lower class communities.
I have a hard time imagining that someone concerned about insurrection would unabashedly gloss over CHAZ/CHOP as though it's not a cut-and-dry act of secession.
I guess you support secession.
My point here is the scope of things, armed insurrectionists stormed the capitol building. Three pipe bombs were recovered and disarmed. What do you think would have happened if the person who laid the pipe bombs had gotten to Nancy Pelosi? Further the President of the united states was pleased by these actions and told them he loved them. He refused to call the national guard and the department of defense initially refused several requests. Somehow, the VP who doesn't have the authority to, called in the national guard. CHAZ was not supported or incited by Joe Biden. And CHAZ did not threaten our democracy or interrupt the democratic process.
My point is the scope of things too.
There was complete chaos across the country last year.
With many reminiscent if not worse scenes of complete disregard for public spaces and institutions.
The media was practically giddy about justifications of why we shouldn't be opposing the destruction of statues of the founding fathers. Freaking abolitionist statues were targeted.
There is unquestionably more total damage, building burned to the ground, etc from what happened last year.
I'm not saying what occurred at the Capitol is to be dismissed - quite the contrary. What I'm saying is that it's like one half of the country just woke up to the idea that mass political violence and bedlam should be denounced.