Why Is This Idiot Running My Engineering Org?
Fear, loathing and failing up in technology
This is one of my favorite USDS stories: Very quickly in my career at USDS I developed a reputation for being a person you could send out an SOS distress call to, not so much inside USDS itself but externally with contractors and different government partners. There’s a fair amount of backstabbing in the government, even in the civil service. Whenever you chose to reach out to a 3rd party to ask for help you were taking a risk that the person you reached out to would screw you over. Just because DC doesn’t have a palace doesn’t mean we don’t have palace intrigues.
Anyway, one day this group of security researchers reached out to me and let me know that the agency they were working with was being actively targeted by domestic white supremacists. They had alerted the appropriate people and made recommendations but were getting the run around. The website the white supremacists were interested in targeting had thousands of known security vulnerabilities but it also had a very specific launch date non-negotiable and written into law (this is a stupidly common thing in government). Leadership did not want to stop development work to fix security issues, but they also could not be seen to be ignoring security issues. Especially not thousands of them. So they would engage with the researchers, put on…