This is a good reminder that while some security policies are pointless or ineffectual, many exist for very good reasons. I haven’t worked with this guy so I have no idea how skilled he is but even bona fide experts make mistakes or get targeted by sophisticated adversaries. Layers of defense, monitoring, and especially requiring multiple people to do sensitive things all seem like overhead until you see an attack get past some but not all of your defenses.<p>The endless corners cut by DOGE significantly increase the odds of that happening and we are likely not to know about everything which happens because the administration is going to do damage control and any smart adversary is going to be as quiet as possible. I especially wonder about data leaks where you can’t do anything like rotating keys, and things like personal data might show up on the dark web without enough context to determine where it came from.