10 comments

  • lettergram 7 days ago

    There was a construction company working on the main road in town (Illinois). The last state shutdown had them stop working... even though the road was 100% federally funded AND they were paid upfront for 3 months of work.

    I suspect this was done to raise light to the situation (or they wanted time off). Similarly, I suspect running this website is mostly automated and likely being shut down to raise awareness

    • ethbro 7 days ago

      High traffic, high risk, high SLA websites typically don't run without support teams and 24/7 pager service.

      Just because it can run, for any sort of dynamic site, it'd be stupid and dangerous to keep it exposed to the internet without active monitoring.

      Can != Should

      • eddietejeda 6 days ago

        I work at 18F and can assure you that if data.gov was brought down, there is a good reason. I don't know the specifics for their team, but there are many factors that would warrant bringing down a site. For example: monthly billing, contract renewals, legal, security and compliance requirements, etc. This is not a side project that you can step away from and assume everything is okay because it's "on the cloud." It doesn't take much imagination to think of why: Let's say the site gets hacked, who would restore it? Would it remain hacked for weeks? months? How about contracts? Do we expect legal dept to just ignore expired contracts?

        It doesn't work that way.

        The thing about government is that there isn't much wiggle room to improvise on those kinds of issues. You are either following the law or you are not.

        Fortunately, the product I lead has not yet been affected, but the possibility of having to bring down sites looms.

        • thefounder 7 days ago

          Maybe they need some stuff approved...surely they could take advantage of the shutdown if the contract allows it but usually government contracts, (especially the construction projects)need all kind of permissions/approvals.

          • andy_ppp 7 days ago

            How do you know the servers aren't paid for monthly and would have been switched off in an uncontrolled way without this?

            • NotAnEconomist 7 days ago

              Also, just because the servers stay online cheaply don't mean that the operations and security teams work for free.

              If the government can't keep staffing those teams, the responsible thing is to pull the servers down on their way out -- rather than leaving a government asset unmonitored.

              • 7 days ago
                [deleted]
              • tehlike 7 days ago

                Or most likely it needed government supervision which didnt have funding.

              • robmiller 7 days ago

                You'd think TSA would be able to pay their employees at $5.60 per head through their lines. They state that they raked in $4B in 2018 in 911 Security Fees[0]. I'm sure there's entanglement between government departments (payroll elsewhere?) that complicates this, but they do state the fees are paid to TSA, and perhaps not the Treasury.

                Has anyone bought an airline ticket since the shutdown? Perhaps they're not charging the fee, since they are unable to provide security or its theatre during this time.

                [0] https://www.tsa.gov/for-industry/security-fees

                • tsumnia 7 days ago

                  Just bought a ticket yesterday - no, it's still there.

                  • robmiller 7 days ago

                    Of course it is. Breach of service?

                    • foota 7 days ago

                      I don't think government fees work that way :)

                • philipashlock 7 days ago

                  For examples of the risk of unmaintained government websites, just see https://www.zdnet.com/article/government-shutdown-tls-certif...

                  Also note that Data.gov was participating in a Bug Bounty program through HackerOne which means it was actively encouraging people to find vulnerabilities but is no longer able to respond to them - https://hackerone.com/tts

                  Here's the official statement:

                  “As data.gov is not a static site, it requires staff monitoring and maintenance to be online,” a GSA spokesperson told FedScoop in a statement. “Because personnel that monitor and maintain the site are currently furloughed, data.gov redirects to usa.gov. The decision to take data.gov offline is consistent with previous funding lapse practices.”

                  Via https://www.fedscoop.com/data-gov-open-data-offline-shutdown...

                  • ckdarby 7 days ago

                    Today I learned that the government needs to start operating a bit more like a corporation in the sense of removing paper pushers.

                    Automation, some of the comments are linking to TLS renewals. It is 2019, how is there still an individual manually doing this kind of work?

                    • pwg 7 days ago

                      You'd be amazed.

                      One example: Deployment of updated software to 15+ VM's by the method of:

                      1) Development team creates lengthy MSWord document describing steps, including Bash command lines to perform each step interspersed among narrative paragraphs;

                      2) Operations team performs deployment by copy-pasting the Bash command lines from MSWord doc. into terminals (repeat copy-paste for the 15+ VM's that are being updated).

                      • drdeadringer 7 days ago

                        What is the preferable method against copy-pasting the commands? "Fat-finger" errors aren't a myth in my experience. The only problem here I'm seeing is MSWord due to its auto-formatting on certain things [e.g. quotation marks].

                        • pwg 7 days ago

                          Write a proper Bash (or other scripting language of one's choice) script to perform the deployment start to finish, with proper checking of results from each step [1].

                          I.e., the deployment equivalent to:

                            make
                            make install
                          
                          
                          The copy-paste method from MSWord doc prevents fat finger typo errors, but does nothing for an ops. person skipping step 18 of 34 because step 17 took 47 minutes to complete and they forgot exactly where they were in the word doc in the interim.

                          [1] This, of course requires the individual steps be created such that they can be monitored and output captured by the Bash (or other script language) to determine 'next steps' at each stage. Sadly, several of the steps in the word doc amount to "run this command" - note the output number from the command, give that value to the command in step 35 (where step 35 is some number of additional steps ahead in the word doc).

                          • drdeadringer 7 days ago

                            > a proper Bash (or other scripting language of one's choice) script

                            I have an idea why I didn't think of this first, but I don't want to insult the entire US defence industry for giggles.

                            > skipping step 18 because step 17 was bonkers and humans forget stuff

                            I understand this more than I'd like to. From both sides.

                        • feistypharit 7 days ago

                          This is in fact how a lot of places still function. Or worse, developers telling the ops guys on the 2am conference call what to type. Then waiting for them to type it...very slowly.

                        • Spacemolte 7 days ago

                          My guess is like other people are saying, awareness, and having a short expire time on certificates should also make it less usable if someone gets access to the certificate by them having less time to use it. Same reason why passwords should be rotated often.

                          • tsumnia 7 days ago

                            > Today I learned that the government needs to start operating a bit more like a corporation in the sense of removing paper pushers.

                            Not to stir the political pot, but this is one of the reasons my father says he voted Trump - an "outsider from corporate lands" would cut the fat of government and start running it like a company. The government is slow because OF the paper pushers, and the often used cliche "you have to really do a bad job to get fired as a government worker".

                            • lern_too_spel 7 days ago

                              So you elect a cokehead. Not that we're any better in Silicon Valley. We elected a cokehead to the board of the Santa Clara Valley Water District just because he outspent his opponent ten to one.

                              • Spacemolte 7 days ago

                                I really like the idea. We recently got a new minister of education, who is a successful entrepreneur, and so far he has done a great job.

                                But I guess it all depends on who you pick for the position..

                            • thedudeabides5 7 days ago

                              I mean, it's kinda cool that they still put the data out there.

                              As a JSON wrapped in a tar file, it's not exactly accessible to all, but at least it's out there.

                              https://filestore.data.gov/gsa/catalog/jsonl/dataset.jsonl.g...

                              • sschueller 7 days ago

                                So now would be a good time to use your 0 days as there is no one around to patch the systems...

                                • StavrosK 7 days ago

                                  Even your 2-days are good.

                                • yosefzeev 7 days ago

                                  I wonder what the expenses are of the site such that the shutdown warranted shuttering the site?

                                  • sbov 7 days ago

                                    There might be expenses, but I would also be hesitant to let a site run without a human being able to monitor it, respond to any alerts, apply security patches, etc.

                                  • 7 days ago
                                    [deleted]
                                  • tgtweak 7 days ago

                                    Kind of pisses me off that the energy star site is offline too. Was shopping for some new windows (all the efficiencies are posted there for certified vendors and models) and every link there lands on a "sorry we're closed during the shutdown" message.

                                    • chabes 7 days ago

                                      Did you try archive.org?

                                      • tgtweak 7 days ago

                                        That's a good idea, the window search (there are many thousand skus) is service+api based though, doesn't look like archive will cache that part.

                                        Would be amusing if the API was still live though. I'll poke a bit.

                                        FYI the "pissed" comment was mostly at the situation as a whole and not at anyone behind the energy star site, who are rightfully furloughed and should not be leaving unmonitored services up.

                                        Also I was able to find most of the info on the Canadian energuide site.

                                      • ben_jones 7 days ago

                                        The irony that someone had to take the time to prepare that message instead of, I don't know, doing the bare minimum to keep the site up during the shutdown.

                                        • WrtCdEvrydy 7 days ago

                                          > doing the bare minimum to keep the site up during the shutdown.

                                          Hatch Act makes it illegal to work during shutdown, you're only supposed to come in, check your voice messages and perform your shutdown procedures (if you have any)

                                          • googlemike 7 days ago

                                            Does it? from wikipedia:

                                            > The Hatch Act of 1939, officially An Act to Prevent Pernicious Political Activities, is a United States federal law whose main provision prohibits employees in the executive branch of the federal government, except the president, vice-president, and certain designated high-level officials,[1] from engaging in some forms of political activity. It went into law on August 2, 1939. The law was named for Senator Carl Hatch of New Mexico. It was most recently amended in 2012.[2]

                                            Where do you see anything about shutdowns? Are you sure you have the right act? Do I have the wrong act?

                                          • epistasis 7 days ago

                                            Apparently the executive branch has some authority to decide what's essential or not, so clearly websites are not thought to be as essential as authorizing drilling permits:

                                            https://www.usnews.com/news/national-news/articles/2019-01-1...

                                            • pimlottc 7 days ago

                                              You’re probably thinking of the Anti-Deficiency Act.

                                        • vpmpaul 7 days ago

                                          If you can't see this is 100% politically motivated I have little faith in the HN community anymore.

                                          • tlogan 7 days ago

                                            I do not know why people think this is some "conspiracy" or "politically" motivated. One my customers is also .gov. So the invoice from 1st of Jan 2019 was not paid. Should I cancel their service? And nobody even answers on our emails (saying gov shutdown bla bla).

                                            The shutdown is politically motivated. The fact that certain government operations do not work is the result of the shutdown.

                                            • geofft 7 days ago

                                              Oh, it's absolutely politically motivated. But so is everything else on HN. Is open source good? Should venture capitalism be a viable career? How should startups be funded? Is technology making the world a better place? Is China trying to hack us all (and who is "us")? How much should programmers be paid, and how do you even formulate the answer to such a question? Is it bad for cell phone companies to sell customer location data? What about net neutrality? Does it matter whether SpaceX is more successful than NASA?

                                            • rukittenme 7 days ago

                                              So much of this shutdown fight is just ego. We've now lost more money due to the shutdown than would have been saved by depriving Trump his wall. Just give him the money and be done with it. Regardless of its effectiveness just pitch it as a federal jobs program... Just. End. It.

                                              • BEEdwards 7 days ago

                                                That's the problem, the amount he's asking for will barely start a wall, a wall is a dumb idea any, and if you cave once where does it end?

                                                • matte_black 7 days ago

                                                  If a wall is such a dumb ineffective idea why don’t Democrats just support it since it will continue to allow people to come in illegally?

                                                  • diab0lic 7 days ago

                                                    I hesitate to get involved in any political discussion here, but I want to understand you.

                                                    You seem to be suggesting that it is the objective of Democrats to continue to allow people to enter the country illegally. Do you truly believe that?

                                                    The wall being ineffective is a good argument against it, but it isn't the only one. Even an ineffective wall will surely damage the relationship between the two countries it separates, for example.

                                                    • matte_black 7 days ago

                                                      Is there any data that shows walls between countries damage their relationships?

                                                      I do believe Democrats want people to enter illegally, instead of not at all. Based on things they say I see no reason why to think that’s not the case.

                                                      • diab0lic 7 days ago

                                                        I think I understand you a little better now, thank you.

                                                • chabes 7 days ago

                                                  If you give a mouse a cookie, he’s going to ask for some milk

                                                  • 7 days ago
                                                    [deleted]
                                                  • ramphastidae 7 days ago

                                                    History has shown that appeasement is generally a totally ineffective way to deal with aggressors.

                                                    • rukittenme 7 days ago

                                                      Compromise is not appeasement.

                                                      • icebraining 7 days ago

                                                        Compromise is an agreement reached by both sides making concessions. Which would those be on the other side?

                                                    • MereInterest 7 days ago

                                                      First, we haven't. We have hit the point where the amount in the current budget request exceeds the economic damage. The estimated total cost of the wall would be somewhere between $15 billion and $70 billion, depending on who you ask[1].

                                                      Second, it still doesn't matter. Giving in to Trump on this matter would only show him that he can expand his racist policies again and again by threatening to shut down the government again. "Once you have paid him the Dane-geld you never get rid of the Dane."

                                                      [1] https://www.politifact.com/california/statements/2017/apr/28...

                                                      • spacesword 7 days ago

                                                        How is building a barrier along the border a racist policy?

                                                        • MereInterest 7 days ago

                                                          Context is important. For the Republican party, that means decades of using "border security" as a dog whistle for keeping out Mexican immigrants.

                                                          For Trump in particular, that means his speeches as candidate, "They're sending people that have lots of problems, and they're bringing those problems with us. They're bringing drugs. They're bringing crime. They're rapists. And some, I assume, are good people." He is a fearmongerer, and this is just another step of playing along fears of immigrants.

                                                      • pytyper2 7 days ago

                                                        This is what I would hope the democrats were capable of performing, a basic cost benefit analysis.

                                                        • sundaeofshock 7 days ago

                                                          They have, and they realize that giving into him means he will do this again.

                                                          • matte_black 7 days ago

                                                            Not really, you can just pass a bill to prevent more shutdowns from happening?

                                                            And even if you don’t give Trump what he wants now do you really think that’s going to stop him from trying again? He has no reason to stop trying.

                                                          • orf 7 days ago

                                                            Do you truly believe that that they are not capable of performing a cost benefit analysis? Perhaps it's you who are not capable of seeing the true costs at play here?