From COBOL to chaos: Elon Musk, DOGE, and the Evil Housekeeper Downside

In attempting to make sense of the wrecking ball that’s Elon Musk and President Trump’s DOGE, it could be useful to consider the Evil Housekeeper Downside. It’s a precept of pc safety roughly stating that after somebody is in your resort room together with your laptop computer, all bets are off. As a result of the intruder has bodily entry, you’re in rather more hassle. And the particular person demanding to get into your pc could also be standing proper beside you.

So who’s going to cease the evil housekeeper from plugging a pc in and telling IT employees to attach it to the community?

What occurs if somebody is available in and tells you that you simply’ll be fired except you reveal the authenticator code out of your telephone, or log off on a code change, or flip over your PIV card, the Homeland Safety–permitted good card used to entry services and programs and securely signal paperwork and emails? What occurs if somebody says your identify will in any other case be printed in a web-based record of traitors? Already the brand new administration is firing, placing on go away, or outright escorting from the constructing individuals who refuse to do what they’re advised.

It’s extremely laborious to guard a system from somebody—the evil housekeeper from DOGE—who has made their means inside and desires to wreck it. This administration is on the document as desirous to outright delete total departments. Accelerationists are usually not solely setting coverage however implementing it by working throughout the administration. For those who can’t delete a division, then why not simply break it till it doesn’t work?

That’s why what DOGE is doing is a large, terrifying drawback, and one I talked by means of earlier in a thread on Bluesky.

Authorities is constructed to be steady. Collectively, we put programs and guidelines in place to make sure that stability. However whether or not they truly ship and protect stability in the actual world isn’t truly concerning the expertise used; it’s concerning the individuals utilizing it. When it comes right down to it, expertise is a software for use by people for human ends. The software program used to run our democratically elected authorities is deployed to perform objectives tied to insurance policies: amassing cash from individuals, or giving cash to states to allow them to give cash to individuals who qualify for meals stamps, or making covid checks out there to individuals.

Often, our expertise of presidency expertise is that it’s outdated or sluggish or unreliable. Actually not as shiny as what we see within the personal sector. And that expertise adjustments very, very slowly, if it occurs in any respect.

It’s not as if individuals don’t notice these programs might do with modernization. In my expertise troubleshooting and modernizing authorities programs in California and the federal authorities, I labored with Head Begin, Medicaid, youngster welfare, and logistics on the Division of Protection. A few of these programs have been already present process modernization makes an attempt, lots of which have been and proceed to be late, over price range, or simply plain damaged. However the adjustments which are wanted to make different programs extra trendy have been often seen as too dangerous or too costly. In different phrases, not vital sufficient.

In fact, some adjustments are deemed vital sufficient. The covid-19 pandemic and our unemployment insurance coverage programs supply good examples. When covid hit, sure crucial authorities applied sciences abruptly turned seen. These programs, like unemployment insurance coverage portals, additionally turned politically vital, identical to the launch of the Reasonably priced Care Act web site (which is why it bought a lot consideration when it was botched).

Political consideration can change all the things. In the course of the pandemic, abruptly it wasn’t simply doable to modernize and improve authorities programs, or to make them less complicated, clearer, and quicker to make use of. It truly occurred. Groups have been parachuted in. Overly restrictive guidelines and procedures have been reassessed and relaxed. All of a sudden, authorities staff have been allowed to work remotely and to make use of Slack.

Nevertheless, there’s a motive this was an exception.

In regular occasions, guidelines and procedures are definitely a part of what makes it very, very laborious to alter authorities expertise. However they’re in place to cease adjustments as a result of, properly, adjustments would possibly break these programs and authorities doesn’t work with out them working constantly.

A very long time in the past I labored on a mainframe system in California—the type that makes use of COBOL. It was as stable as a rock and labored day in, day trip. As a result of if it didn’t, and reimbursements weren’t acquired for Medicaid, then the state would possibly grow to be quickly bancrupt.

That’s why most of the guidelines about expertise in authorities make it laborious to make adjustments: as a result of typically the danger of issues breaking is simply too excessive. Generally what’s at stake is solely maintaining cash flowing; typically, as with 911, lives are on the road.

Nonetheless, authorities programs and the foundations that govern them are in the end solely nearly as good because the individuals who oversee and implement them. The expertise will solely do (and never do) what individuals inform it to. So if anybody is available in and breaks these guidelines on goal—with out concern of consequence—there are few sensible or technical guardrails to forestall it.

One system that’s meant to do this is the ATO, or the Authority to Function. It does what it says: It permits you to run a pc system. You aren’t purported to function a system with out one.

However DOGE staffers are behaving in a means that means they don’t care about getting ATOs. And nothing is actually stopping them. (Somebody on Bluesky replied to me: “My first thought concerning the OPM [email] server was, “there’s no means these fuckers have an ATO.”)

You would possibly assume that there can be technical measures to cease somebody proper out of highschool from coming in and altering the code to a authorities system. That the system might require two-factor authentication to deploy the code to the cloud. That you’d want a wise card to log in to a selected system to do this. Nope—all these technical measures could be circumvented by coercion by the hands of the evil housekeeper.

Certainly, none of our programs and guidelines work with out enforcement, and penalties flowing from that enforcement. However to an unprecedented diploma, this administration, and its particular person leaders, have proven completely no concern. That’s why, in response to Wired, the previous X and SpaceX engineer and DOGE staffer Marko Elez had the “potential not simply to learn however to put in writing code on two of essentially the most delicate programs within the US authorities: the Fee Automation Supervisor and Safe Fee System on the Bureau of the Fiscal Service (BFS).” (Elez reportedly resigned yesterday after the Wall Road Journal started reporting on a sequence of racist feedback he had allegedly made.)

We’re seeing in actual time that there aren’t any sensible technical measures stopping somebody from taking a spanner to the expertise that retains our authorities steady, that retains society operating each day—regardless of the very actual penalties.

So we should always plan for the worst, even when the chance of the worst is low.

We want a model of the UK authorities’s Nationwide Threat Register, protecting all the things from the collapse of monetary markets to “an assault on authorities” (however, unsurprisingly, that threat is described by way of exterior threats). The register principally predicts long-term penalties, with restoration taking months. That will find yourself being the case right here.

We have to mud off these “within the occasion of an emergency” catastrophe response procedures coping with the failure of federal authorities—at particular person organizations that will quickly hit cash-flow issues and large price range deficits with out federal funding, at statehouses that might want to preserve social applications operating, and in teams doing the laborious work of archiving and preserving information and data.

In the long run, all we’ve is one another—our potential to type communities and networks to help, assist, and look after one another. Generally all it takes is for the primary particular person to step ahead, or to say no, and for us to rally round so it’s simpler for the subsequent particular person. In the long run, it’s not concerning the expertise—it’s concerning the individuals.

Dan Hon is principal of Very Little Gravitas, the place he helps flip round and modernize massive and sophisticated authorities providers and merchandise.

Select a plan

Monthly plan

Yearly plan

As a supporter, you’ll get:

Search for an article

Latest articles

NCAA bracket 2026 live updates: Selection Sunday coverage, March Madness bracket for men’s NCAA Tournament

U.S. stock futures dip, oil climbs again as investors brace for escalation of Iran conflict

Ramadam: Governor Soludo Breaks Fast With Muslim Faithful

Gov. Soldo Begins 2nd Term Journey With Inter-Denominational Church Service

More like this