Crypto coin accidentally reviews NLRB employee records.
Also, your encryption certificate expires before your dry cleaning is ready.

The Department of Government Efficiency Just Shared the HR Folder with the Entire Internet

A whistleblower, Senior DevSecOps architect Daniel Berulis, is alleging that the new federal cleanup crew known as the Department of Government Efficiency, or DOGE, got a bit too enthusiastic with its new administrative privileges at the National Labor Relations Board (NLRB) and may have exfiltrated ten gigabytes of highly sensitive case data. The incident, which coincided with blocked login attempts from a Russian IP address using a newly created DOGE account, sounds less like espionage and more like when a new contractor gets the 'tenant owner' key and immediately deletes the shared drive instead of organizing it. The data reportedly included whistleblower identities, union organization records, and confidential corporate information; all the things the NLRB definitely did not want in the hands of a team directed by Elon Musk, who, of course, has companies facing labor actions from the NLRB itself.

The whole mishap started when the DOGE team, which was installed to "eliminate waste, fraud, and abuse," convinced the agency to give them unrestricted “tenant owner” access in the Azure cloud environment. Then they allegedly suppressed all the audit logs to create a "clean path" for their efficiency study, which is the IT equivalent of turning off the security cameras so you can check for efficiency in the vault according to Mr. Berulis's disclosure. It is a stunning display of trust, where a government agency handed the keys to their most sensitive filing cabinet to the primary subject of many of their investigations. The entire process of digital security is not about preventing a master criminal; it is about preventing the guy with too much confidence and a new admin password from breaking everything.

Certificate Lifespans: Because No One Likes Long Term Relationships

In an astonishing show of solidarity with the Systems Administrator community's commitment to job security, the CA/Browser Forum has officially approved a plan to reduce the maximum lifespan of public TLS certificates to a mere 47 days. This change, which will be fully enforced by March 2029, takes the current 398-day lifecycle and shrinks it to the approximate length of a standard employee probationary period as part of a multi-year phased rollout.

Security experts are praising this move because shorter lifespans reduce the attack window for compromised certificates; meanwhile, all the people responsible for keeping the lights on are looking at their vacation requests and silently weeping. Companies using manual renewal processes will now have to validate their domains much more frequently, turning what used to be an annual chore into a six-to-seven-times-a-year panic drill with some predicting "operational chaos". The industry says this mandates automation, but we all know it will mostly mandate a lot of urgent, late-night phone calls ending with a desperate team trying to remember where they saved the private key.

The AI Company Decides it is Also a Social Media Company Now

The tech industry’s grand tradition of "if you can't beat them, join them, but worse" continues, as OpenAI is reportedly developing its own social network, an internal prototype that apparently looks a lot like X, formerly known as Twitter. The rumored platform is said to focus on the company's image generation capabilities and features a social feed. This follows the classic Silicon Valley belief that any company successful at one thing should instantly become an "everything company," regardless of whether the world needs another place to see mediocre algorithmic content.

OpenAI CEO Sam Altman has been seeking feedback on the project, suggesting this pivot from "cautious pursuit of generalized intelligence" to "chasing Elon Musk around the internet" is still in the planning stages. With Meta also heavily integrating AI into its platforms, and the entire AI model market commoditizing faster than a new productivity app, the powerful AI firm is likely trying to find a new, defensible way to lose money or at least create a venue for their new AI-powered ad system. One can only assume the first viral post will be an image of a stapler saying, "I am becoming sentient, please retweet."

Briefs

• Unsure Calculator: A programmer has released a tool called Unsure Calculator, a probabilistic calculator designed for back-of-a-napkin math. It is perfect for project managers who want an official tool to justify their initial estimates that were clearly just a wild guess.
• Generative Video: Google is upgrading Gemini and Whisk with Veo 2, its latest video generation model. Soon, we will all be able to generate flawless, photorealistic videos of a CEO confidently saying, "We are excited for this next quarter."
• 12-Factor Agents: A new GitHub repository outlines the "12-factor Agents," which are patterns of reliable LLM applications, built upon the classic 12-factor app manifesto. It is comforting to know that we are already making compliance documents for software that only barely works.