>Mr. Borges said DOGE members copied the data to an internal agency server that only DOGE could access, forgoing the type of “independent security monitoring” normally required under agency policy for such sensitive data and creating “enormous vulnerabilities.”
The fact that the courts (largely SCOTUS) has allowed this whole mess to go on is bonkers. These are potentially terrible results for citizens by an organization that continuously has shown no care for the rights of citizens ... and yet is given a free hand to do what it wants.
There's no negative impact to saying "no you can't do the thing until you get your security shit together".
The negative impact would be that they couldn't do the very shadey things with the data that the intended from the onset had they had to subject to basically any security oversight.
It could be because the role of courts is to interpret the laws enacted by congress.
To my knowledge there is no law enacted by congress that dictates how SSN data is stored. Congress created the social security apparatus but day to day operations of said apparatus are in executive branch and executive branch ultimately carries the wishes of the president. So if president directs part of executive branch (DOGE) to audit another part of executive branch (social security) it's legal and works exactly as the constitution prescribed.
The departments of government do have laws on how they handle data and handing it to another organization with no rules clearly would violate those laws.
>> To my knowledge there is no law enacted by congress that dictates how SSN data is stored.
Like the Privacy Act of 1974?
"The Privacy Act prohibits the disclosure of information from a system of records absent of the written consent of the subject individual, unless the disclosure is pursuant to one of twelve statutory exceptions."
Unfortunately, the courts can largely only address harm. If someone's data actually gets stolen, or if a specific law is broken, the courts are the government arm to address it.
Avoiding ending up in court is the purpose of agency policy, and... gestures widely at the current state of the United States Executive regarding policy adherence.
It is absolutely the case that courts can address potential harm before it occurs. There have been already many cases rising up where people sue to stop government actions because if taken, they would cause harm. But... the current SCOTUS is all onboard the dictator train (unitary executive theory) and have stayed lower court orders on the basis that the president would have irreparable harm if orders, even unconstitutional ones, are not carried out immediately.
Can you give an example of the kind of prior restraint you're thinking of?
What you're describing is an injunction, and in general, courts are loathe to hand them out (this one notwithstanding). It happens, but the bar is generally extremely high. Even prior to Trump, I wouldn't expect one for this category of executive operation for the same reason that I wouldn't expect one if someone complained that the government was physically transferring PII in an agent's car instead of a Brinks truck.
Birthright citizenship was one. An injunction was granted, then stayed by SCOTUS. It was only when a new class action lawsuit was filed that kept it going.
Precisely. That's two examples of SCOTUS restraining the lower courts from imposing constraints before harm had happened. That's what I mean regarding the court generally not having the authority to act preemptively.
You're correct, but this policy is to enshrine a legal doctrine (rather than a statutory requirement) that harm must be allowed to occur - apparently without regard to the predictability or scope of the harm. It's like a trolley problem where one track has a large number of people about to be crushed by the trolley car, while the other track is completely empty - and SCOTUS arguing that the lever can't be pulled to divert the trolley because the accident hasn't happened yet.
These were actually examples of courts imposing blocks to prevent harm, but the SCOTUS over-riding them, without any legal justification!
Consider the same SCOTUS and its block on Biden's student loan relief. A notable example because the president has clear authority to waive or modify the loans. But it was blocked.
It blows my mind that DOGE continues to brag about their “savings” using the most naive version of contract accounting (add up all the ceiling values, ignore money already spent or money that won’t be spent)
It blows my mind people still believe this "doge" is about saving money, while the US government is leaking money left right and center in plain daylight. It's a diversion.
I mean, it’s also because rubes will buy anything they say solely because of one of the two guys saying it. It’s easy to tell a dumb lie when you know your fanbase won’t care and will repeat it as if it’s true.
SSA's CIO "accepts all risks" - but what does that actually mean in practice? Is he going to be held accountable?
> The agency’s chief information officer Aram Moghaddassi approved the move to copy the database to the agency’s cloud, saying he “determined the business need is higher than the security risk” and that he accepts “all risks” with the project.
You should assume that the identifying details in this database are already leaked. The Equifax breach in 2017 exposed about half of all Americans. The National Public Data breach last year included 272 million Social Security numbers.
You can get an inconvenient approximation of challenge/response by freezing your reports with the bureaus and only unfreezing them briefly when applying for new credit.
Yup, a guy who’s ketamined his brain cells to mush, leading a bunch of sociopathic criminals. Who, except literally everyone, could’ve seen this ending poorly?!
MAGA never ceases to amaze me on how they can create a problem from hosting an email server in your basement or create a conspiracy theory about pedophilia on the other side of the aisle, but when it comes to data they use the public cloud or services and when it comes to pedophilia they hide the records that prove the president is. Why are Americans accepting this?
Sort of off topic but this reminds me of a Hunter S Thompson quote I read yesterday about the Nixon administration
"Meanwhile, the Vice president of the United States has been lashed out of office and disbarred in his home state of Maryland, the president himself is teetering on the bring of a Burglary/Conspiracy indictment that will mean certain impeachment, and the whole structure of our government has become a stagnant mockery of itself and everybody who ever had faith in it"
> The more you read about Nixon, the more it seems like the popular narrative is likely less right than the CIA ousted a sitting president to install their guy.
Such as?
IMO, the more you allude to spooky things without adding substantive information, the more you sound like a loon.
some psychopaths stole a lot of personal data from the US federal government, and we don't know who took it, what they took, what they did with it, or why.
but don't worry, that's Politics, and so we should just ignore the crimes being done in public and talk about how we can enrich the technofascists who might give you some equity if you work hard.
Put at risk, or willfully given to their masters? All the ghouls suckling Yarvin's teats like Thiel want their tech driven tyranny, and SS data will help them on their way.
We have every reason to believe Musk and his young sidekicks stole every bit of government data they had access to, which in the end was most of it. So while I'm sure they also opened up some security loopholes during their whirlwind tour of firing people so they could be rehired (efficiency!), I'm more concerned with the longer term threat that data represents in the hands of someone with the resources and inclination to use it against us.
Who can prove to me that Elon Musk himself doesn't have a copy on a USB key/drive somewhere? This whole DOGE business has been an unmitigated failure. The savings are far, far, far from the claimed numbers.
Note the above story has already been submitted to HN - and flagged. Clearly there is a cabal of Musk/MAGA supporters gaming HN moderation to make sure a story from a reputable outlet, doing appropriate investigation and data analysis, about a tech/IT organization, claiming to do revolutionary improvements to the tune of billions of $, led by an "innovator" who might be the poster child of "hackers" and "startup founders" and whose interviews have been on HN front page repeatedly, is buried.
If the Therac-25 accident happened today and Musk was involved, would HN as it is now allow people to read and learn about it?
It sounds more like the CDO is butthurt that he's being ignored. Note that his claim says they uploaded it into an agency controlled aws environment that apparently lacking in independent security controls.
So he's saying his agency runs insecure cloud servers?
"Borges warned in the complaint that if this information were compromised, “it is possible that the sensitive [personally identifiable information] on every American including health diagnoses, income levels and banking information, family relationships, and personal biographic data could be exposed publicly, and shared widely.”"
Yeah, but this is always true. And it didn't happen.
I hate that the Move Fast And Break Shit motto is so demonized now.
I think if what you’re working on is very low stakes, e.g. the initial versions of Facebook, or an AI music generator app, and maybe even marketing, it’s not unreasonable to try and move really quickly because the likelihood of real damage is pretty low.
Of course when you’re dealing with money or social security data or medical stuff, it’s different; that stuff is very much “move slow and don’t break anything!”
To be fair. "Move Fast and Break Shit" was a garbage motto to begin with. Maybe better to be at least slow enough to realize the consequences of a broken app. If you're moving too fast and breaking too much shit, you won't know you have a suicide-assitance app until it's too late. So, it was a garbage motto to begin with and it's about time it's been taken down a notch, in my opinion. How about move fast and test/verify/validate shit instead? That way the entrepreneurs don't have to go full sociopath.
I don’t think that enterprise slowness and “verification” would prevent a suicide assistance application in this particular case, unless they were specifically testing for that which could be missed even with a rigid testing structure.
> How about move fast and test/verify/validate shit instead?
Because that inherently isn’t moving fast.
I don’t completely agree with the “Move Fast And Break Shit” mantra myself, but I think it comes out of genuine frustrations from the enterprise world.
I worked at a BigTechCo [1] in the past, and it felt like I would spend twenty minutes doing a ticket, and it would take two days for everyone to “verify” my PR. Even doing a quick fix for a null pointer exception can take three or four days to get deployed as a result of this. The stuff I was working on was not high stakes. I wasn’t dealing with money or medicine or pacemakers or weather analysis or anything like that.
The Move Fast and Break Shit stuff comes as a bit of an overcorrection on this, but I think fundamentally the idea is that a lot of this stuff really isn’t that important, and it’s better to just deploy something that “probably works” and fix problems as they happen.
[1] It’s not too hard to find based on my post history but I politely ask you do not post specifics here.
> but I think it comes out of genuine frustrations from the enterprise world.
Yet politicians continue to act like the government should operate like a business and for some reason all of us working in corporate America think this is a good idea...
2) they very easily could have determined how readily the bot talks about suicide under guise of "character development" or whatever they call that very well known jailbreak.
3) move fast and break shit with social media and AI is sociopathic. Better to save it for the todo apps. At this point MFABS is just another way to say unprofessional software engineering in favor of more profit.
Not what I meant. Even if the test suite itself executed instantly, which it doesn't and it's ridiculous to assume that test suites are "well designed" in the average case, it's still the bureaucratic slow nightmare of "enterprise development".
> they very easily could have determined how readily the bot talks about suicide under guise of "character development" or whatever they call that very well known jailbreak.
Even if it could be detected it is absolutely in no way implied, or even suggested, that having a bureaucratic enterprise test suite would have detected that. That's just an assertion that you're making.
> move fast and break shit with social media and AI is sociopathic.
As I said, I don't completely agree with the mantra. I just said that it comes out of a legitimate frustration with how awful enterprise development can be.
> At this point MFABS is just another way to say unprofessional software engineering in favor of more profit.
I don't disagree with this, hence why I said it's ok for stuff that's low-stakes. If you're working on something like, for example, a music recommendation system, and the system accidentally plays a Taylor Swift song instead of Metallica, and this happens because some software wasn't properly tested, it really isn't a big deal, somehow the metal-head will survive.
"Professional" and "unprofessional" aren't well defined terms. There are times when it's ok to half-ass something because it's better to just get something that works instead of getting something that's perfect. There are lots of applications, maybe even most applications, where that doesn't apply and it's better to try an strive for perfection, but it is intellectually dishonest to pretend that everything silicon valley is working on is high-stakes and that striving for perfection immediately is actually beneficial.
I would love a universe where everyone designed everything in TLA+ (or something similar) before building software, this would make me irrationally happy, but I understand that it's not realistic or even reasonable to do this for every application.
Meh, its fine for a company to be honest about their development process.
Most companies nowendays claim to be "Move Fast and don't break shit" when in reality they're "Move Fast and Break Shit". See the whole CrowdStrike debacle [1], both sides of that lawsuit are in the wrong here. Crowdstrike shouldn't've down a rapid deployment like that and Delta wasn't supposed to use the Falcon Agent on those systems. They both choose to move fast without verification and broke stuff. Neither of them are going to say that "Move Fast and Break Shit" is their style but it is!
https://archive.ph/D3vJ0
There's also https://techcrunch.com/2025/08/26/doge-uploaded-live-copy-of... (via https://news.ycombinator.com/item?id=45030836 but we merged that thread hither)
>Mr. Borges said DOGE members copied the data to an internal agency server that only DOGE could access, forgoing the type of “independent security monitoring” normally required under agency policy for such sensitive data and creating “enormous vulnerabilities.”
The fact that the courts (largely SCOTUS) has allowed this whole mess to go on is bonkers. These are potentially terrible results for citizens by an organization that continuously has shown no care for the rights of citizens ... and yet is given a free hand to do what it wants.
There's no negative impact to saying "no you can't do the thing until you get your security shit together".
The negative impact would be that they couldn't do the very shadey things with the data that the intended from the onset had they had to subject to basically any security oversight.
It could be because the role of courts is to interpret the laws enacted by congress.
To my knowledge there is no law enacted by congress that dictates how SSN data is stored. Congress created the social security apparatus but day to day operations of said apparatus are in executive branch and executive branch ultimately carries the wishes of the president. So if president directs part of executive branch (DOGE) to audit another part of executive branch (social security) it's legal and works exactly as the constitution prescribed.
The departments of government do have laws on how they handle data and handing it to another organization with no rules clearly would violate those laws.
Care to elaborate for this specific case?
https://www.justice.gov/opcl/privacy-act-1974
Doesn't seem to prescribe implementation details.
That’s how laws tend to work, yes.
>> To my knowledge there is no law enacted by congress that dictates how SSN data is stored.
Like the Privacy Act of 1974?
"The Privacy Act prohibits the disclosure of information from a system of records absent of the written consent of the subject individual, unless the disclosure is pursuant to one of twelve statutory exceptions."
https://en.wikipedia.org/wiki/Privacy_Act_of_1974
https://www.justice.gov/opcl/privacy-act-1974
Federal agencies are subject to this law and these actions are violations of the law: https://en.wikipedia.org/wiki/Privacy_Act_of_1974#Under_the_...
There used to be the right of privacy.
Unfortunately, the courts can largely only address harm. If someone's data actually gets stolen, or if a specific law is broken, the courts are the government arm to address it.
Avoiding ending up in court is the purpose of agency policy, and... gestures widely at the current state of the United States Executive regarding policy adherence.
It is absolutely the case that courts can address potential harm before it occurs. There have been already many cases rising up where people sue to stop government actions because if taken, they would cause harm. But... the current SCOTUS is all onboard the dictator train (unitary executive theory) and have stayed lower court orders on the basis that the president would have irreparable harm if orders, even unconstitutional ones, are not carried out immediately.
Can you give an example of the kind of prior restraint you're thinking of?
What you're describing is an injunction, and in general, courts are loathe to hand them out (this one notwithstanding). It happens, but the bar is generally extremely high. Even prior to Trump, I wouldn't expect one for this category of executive operation for the same reason that I wouldn't expect one if someone complained that the government was physically transferring PII in an agent's car instead of a Brinks truck.
Birthright citizenship was one. An injunction was granted, then stayed by SCOTUS. It was only when a new class action lawsuit was filed that kept it going.
Another is the NIH funding, where lower courts agreed and SCOTUS over-turned. https://www.npr.org/2025/08/21/g-s1-84441/supreme-court-nih-...
Precisely. That's two examples of SCOTUS restraining the lower courts from imposing constraints before harm had happened. That's what I mean regarding the court generally not having the authority to act preemptively.
You're correct, but this policy is to enshrine a legal doctrine (rather than a statutory requirement) that harm must be allowed to occur - apparently without regard to the predictability or scope of the harm. It's like a trolley problem where one track has a large number of people about to be crushed by the trolley car, while the other track is completely empty - and SCOTUS arguing that the lever can't be pulled to divert the trolley because the accident hasn't happened yet.
These were actually examples of courts imposing blocks to prevent harm, but the SCOTUS over-riding them, without any legal justification!
Consider the same SCOTUS and its block on Biden's student loan relief. A notable example because the president has clear authority to waive or modify the loans. But it was blocked.
[flagged]
The majority in SCOTUS is just as responsible IMO.
That’s “the party in power”.
It blows my mind that DOGE continues to brag about their “savings” using the most naive version of contract accounting (add up all the ceiling values, ignore money already spent or money that won’t be spent)
It blows my mind people still believe this "doge" is about saving money, while the US government is leaking money left right and center in plain daylight. It's a diversion.
That's because it's not an effort to get rid of waste, fraud, and abuse. It's a scam to steal data and give Republicans something to say.
I mean, it’s also because rubes will buy anything they say solely because of one of the two guys saying it. It’s easy to tell a dumb lie when you know your fanbase won’t care and will repeat it as if it’s true.
SSA's CIO "accepts all risks" - but what does that actually mean in practice? Is he going to be held accountable?
> The agency’s chief information officer Aram Moghaddassi approved the move to copy the database to the agency’s cloud, saying he “determined the business need is higher than the security risk” and that he accepts “all risks” with the project.
This is one of my pet peeves: people saying they accept risk/responsibility that they don't have the ability to accept.
It's like co-signing a $1M loan when you only have $100 to your name.
More like writing Mickey Mouse as the co-signer.
They made no effect to ensure security and will do so again.
You should assume that the identifying details in this database are already leaked. The Equifax breach in 2017 exposed about half of all Americans. The National Public Data breach last year included 272 million Social Security numbers.
You can get an inconvenient approximation of challenge/response by freezing your reports with the bureaus and only unfreezing them briefly when applying for new credit.
You put all the stupidest persons in the same "administration" and they do stupid reckless stuff. Who would have guessed.
Only idiots who think Musk is a "genius" (lol) would go there, so it shows their profound stupidity (and no, IQ is *not* the same as intelligence)
Of course they did. What more could we expect from this team of cracked vibe coders anymore, after everything we've already learned?
not just vibe coders, didn't some of these kids he hired have actual histories and alleged histories of cybercrimes?
Big Balls himself, star of the 2025 Reichstag Fire, yep. https://krebsonsecurity.com/2025/02/teen-on-musks-doge-team-...
Yup, a guy who’s ketamined his brain cells to mush, leading a bunch of sociopathic criminals. Who, except literally everyone, could’ve seen this ending poorly?!
MAGA never ceases to amaze me on how they can create a problem from hosting an email server in your basement or create a conspiracy theory about pedophilia on the other side of the aisle, but when it comes to data they use the public cloud or services and when it comes to pedophilia they hide the records that prove the president is. Why are Americans accepting this?
Sort of off topic but this reminds me of a Hunter S Thompson quote I read yesterday about the Nixon administration
"Meanwhile, the Vice president of the United States has been lashed out of office and disbarred in his home state of Maryland, the president himself is teetering on the bring of a Burglary/Conspiracy indictment that will mean certain impeachment, and the whole structure of our government has become a stagnant mockery of itself and everybody who ever had faith in it"
[flagged]
> The more you read about Nixon, the more it seems like the popular narrative is likely less right than the CIA ousted a sitting president to install their guy.
Such as?
IMO, the more you allude to spooky things without adding substantive information, the more you sound like a loon.
And you're saying that their guy was Ford? Or Carter? That's what the CIA wanted?
You're going to have to explain more.
This seems to point to collusion between Nixon and CIA for a lot of criminality. Or, is this inaccurate history?
https://www.thehistoryreader.com/military-history/nixons-bay...
If you are saying Nixon was a victim of CIA troublemaking, then you should point out which faction of the CIA you mean.
What makes it seem more likely the CIA did the thing?
The traditional history seems pretty plausible to me.
Well it's a good thing the risk was identified and mitigated.
ah, classic HN, flagged already!
some psychopaths stole a lot of personal data from the US federal government, and we don't know who took it, what they took, what they did with it, or why.
but don't worry, that's Politics, and so we should just ignore the crimes being done in public and talk about how we can enrich the technofascists who might give you some equity if you work hard.
just following orders (from hn guidelines) /s
Put at risk, or willfully given to their masters? All the ghouls suckling Yarvin's teats like Thiel want their tech driven tyranny, and SS data will help them on their way.
We have every reason to believe Musk and his young sidekicks stole every bit of government data they had access to, which in the end was most of it. So while I'm sure they also opened up some security loopholes during their whirlwind tour of firing people so they could be rehired (efficiency!), I'm more concerned with the longer term threat that data represents in the hands of someone with the resources and inclination to use it against us.
Exhibit B: whistleblower evidence that NLRB data was exfiltrated, and that CISA quashed any investigation.
https://federalnewsnetwork.com/workforce-rightsgovernance/20...
Most of the CISA leadership was gutted / left. :(
Trump already bragged about manipulating the market to enrich billionaires: https://www.independent.co.uk/news/world/americas/us-politic...
It’s not weird to think that maybe his new gestapo would be doing that too.
Who can prove to me that Elon Musk himself doesn't have a copy on a USB key/drive somewhere? This whole DOGE business has been an unmitigated failure. The savings are far, far, far from the claimed numbers.
https://www.politico.com/news/2025/08/12/trump-doge-contract...
Note the above story has already been submitted to HN - and flagged. Clearly there is a cabal of Musk/MAGA supporters gaming HN moderation to make sure a story from a reputable outlet, doing appropriate investigation and data analysis, about a tech/IT organization, claiming to do revolutionary improvements to the tune of billions of $, led by an "innovator" who might be the poster child of "hackers" and "startup founders" and whose interviews have been on HN front page repeatedly, is buried.
If the Therac-25 accident happened today and Musk was involved, would HN as it is now allow people to read and learn about it?
[dead]
[dead]
[flagged]
(NB: dang unflagged the post)
[flagged]
Did they upload it to aws govcloud?
It sounds more like the CDO is butthurt that he's being ignored. Note that his claim says they uploaded it into an agency controlled aws environment that apparently lacking in independent security controls.
So he's saying his agency runs insecure cloud servers?
"Borges warned in the complaint that if this information were compromised, “it is possible that the sensitive [personally identifiable information] on every American including health diagnoses, income levels and banking information, family relationships, and personal biographic data could be exposed publicly, and shared widely.”"
Yeah, but this is always true. And it didn't happen.
"Yeah, but this is always true. And it didn't happen."
Yet!
A culture of "we did something we shouldn't have done, but nothing happened this time" is how disasters happen.
I'd rather a bunch of move fast and break things short-sighted dipshits didn't make the risk higher, but here we are.
I hate that the Move Fast And Break Shit motto is so demonized now.
I think if what you’re working on is very low stakes, e.g. the initial versions of Facebook, or an AI music generator app, and maybe even marketing, it’s not unreasonable to try and move really quickly because the likelihood of real damage is pretty low.
Of course when you’re dealing with money or social security data or medical stuff, it’s different; that stuff is very much “move slow and don’t break anything!”
To be fair. "Move Fast and Break Shit" was a garbage motto to begin with. Maybe better to be at least slow enough to realize the consequences of a broken app. If you're moving too fast and breaking too much shit, you won't know you have a suicide-assitance app until it's too late. So, it was a garbage motto to begin with and it's about time it's been taken down a notch, in my opinion. How about move fast and test/verify/validate shit instead? That way the entrepreneurs don't have to go full sociopath.
I don’t think that enterprise slowness and “verification” would prevent a suicide assistance application in this particular case, unless they were specifically testing for that which could be missed even with a rigid testing structure.
> How about move fast and test/verify/validate shit instead?
Because that inherently isn’t moving fast.
I don’t completely agree with the “Move Fast And Break Shit” mantra myself, but I think it comes out of genuine frustrations from the enterprise world.
I worked at a BigTechCo [1] in the past, and it felt like I would spend twenty minutes doing a ticket, and it would take two days for everyone to “verify” my PR. Even doing a quick fix for a null pointer exception can take three or four days to get deployed as a result of this. The stuff I was working on was not high stakes. I wasn’t dealing with money or medicine or pacemakers or weather analysis or anything like that.
The Move Fast and Break Shit stuff comes as a bit of an overcorrection on this, but I think fundamentally the idea is that a lot of this stuff really isn’t that important, and it’s better to just deploy something that “probably works” and fix problems as they happen.
[1] It’s not too hard to find based on my post history but I politely ask you do not post specifics here.
> but I think it comes out of genuine frustrations from the enterprise world.
Yet politicians continue to act like the government should operate like a business and for some reason all of us working in corporate America think this is a good idea...
You won't catch me saying that. I have grown a pretty distilled and pure cynicism for corporate America.
The federal government certainly isn't perfect but the solution is not to try and make it more like the corporate dystopia.
1) a well designed test suite does run fast.
2) they very easily could have determined how readily the bot talks about suicide under guise of "character development" or whatever they call that very well known jailbreak.
3) move fast and break shit with social media and AI is sociopathic. Better to save it for the todo apps. At this point MFABS is just another way to say unprofessional software engineering in favor of more profit.
> a well designed test suite does run fast
Not what I meant. Even if the test suite itself executed instantly, which it doesn't and it's ridiculous to assume that test suites are "well designed" in the average case, it's still the bureaucratic slow nightmare of "enterprise development".
> they very easily could have determined how readily the bot talks about suicide under guise of "character development" or whatever they call that very well known jailbreak.
Even if it could be detected it is absolutely in no way implied, or even suggested, that having a bureaucratic enterprise test suite would have detected that. That's just an assertion that you're making.
> move fast and break shit with social media and AI is sociopathic.
As I said, I don't completely agree with the mantra. I just said that it comes out of a legitimate frustration with how awful enterprise development can be.
> At this point MFABS is just another way to say unprofessional software engineering in favor of more profit.
I don't disagree with this, hence why I said it's ok for stuff that's low-stakes. If you're working on something like, for example, a music recommendation system, and the system accidentally plays a Taylor Swift song instead of Metallica, and this happens because some software wasn't properly tested, it really isn't a big deal, somehow the metal-head will survive.
"Professional" and "unprofessional" aren't well defined terms. There are times when it's ok to half-ass something because it's better to just get something that works instead of getting something that's perfect. There are lots of applications, maybe even most applications, where that doesn't apply and it's better to try an strive for perfection, but it is intellectually dishonest to pretend that everything silicon valley is working on is high-stakes and that striving for perfection immediately is actually beneficial.
I would love a universe where everyone designed everything in TLA+ (or something similar) before building software, this would make me irrationally happy, but I understand that it's not realistic or even reasonable to do this for every application.
Meh, its fine for a company to be honest about their development process.
Most companies nowendays claim to be "Move Fast and don't break shit" when in reality they're "Move Fast and Break Shit". See the whole CrowdStrike debacle [1], both sides of that lawsuit are in the wrong here. Crowdstrike shouldn't've down a rapid deployment like that and Delta wasn't supposed to use the Falcon Agent on those systems. They both choose to move fast without verification and broke stuff. Neither of them are going to say that "Move Fast and Break Shit" is their style but it is!
[1]: https://en.wikipedia.org/wiki/Delta_Air_Lines_v._Crowdstrike