In trying to make sense of the wrecking ball that is Elon Musk and President Trumps DOGE, it may be helpful to think about the Evil Housekeeper Problem. Its a principle of computer security roughly stating that once someone is in your hotel room with your laptop, all bets are off. Because the intruder has physical access, you are in much more trouble. And the person demanding to get into your computer may be standing right beside you.So who is going to stop the evil housekeeper from plugging a computer in and telling IT staff to connect it to the network?What happens if someone comes in and tells you that youll be fired unless you reveal the authenticator code from your phone, or sign off on a code change, or turn over your PIV card, the Homeland Securityapproved smart card used to access facilities and systems and securely sign documents and emails? What happens if someone says your name will otherwise be published in an online list of traitors? Already the new administration is firing, putting on leave, or outright escorting from the building people who refuse to do what theyre told.Its incredibly hard to protect a system from someonethe evil housekeeper from DOGEwho has made their way inside and wants to wreck it. This administration is on the record as wanting to outright delete entire departments. Accelerationists are not only setting policy but implementing it by working within the administration. If you cant delete a department, then why not just break it until it doesnt work?Thats why what DOGE is doing is a massive, terrifying problem, and one I talked through earlier in a thread on Bluesky.Government is built to be stable. Collectively, we put systems and rules in place to ensure that stability. But whether they actually deliver and preserve stability in the real world isnt actually about the technology used; its about the people using it. When it comes down to it, technology is a tool to be used by humans for human ends. The software used to run our democratically elected government is deployed to accomplish goals tied to policies: collecting money from people, or giving money to states so they can give money to people who qualify for food stamps, or making covid tests available to people.Usually, our experience of government technology is that its out of date or slow or unreliable. Certainly not as shiny as what we see in the private sector. And that technology changes very, very slowly, if it happens at all.Its not as if people dont realize these systems could do with modernization. In my experience troubleshooting and modernizing government systems in California and the federal government, I worked with Head Start, Medicaid, child welfare, and logistics at the Department of Defense. Some of those systems were already undergoing modernization attempts, many of which were and continue to be late, over budget, or just plain broken. But the changes that are needed to make other systems more modern were frequently seen as too risky or too expensive. In other words, not important enough.Of course, some changes are deemed important enough. The covid-19 pandemic and our unemployment insurance systems offer good examples. When covid hit, certain critical government technologies suddenly became visible. Those systems, like unemployment insurance portals, also became politically important, just like the launch of the Affordable Care Act website (which is why it got so much attention when it was botched).Political attention can change everything. During the pandemic, suddenly it wasnt just possible to modernize and upgrade government systems, or to make them simpler, clearer, and faster to use. It actually happened. Teams were parachuted in. Overly restrictive rules and procedures were reassessed and relaxed. Suddenly, government workers were allowed to work remotely and to use Slack.However, there is a reason this was an exception.In normal times, rules and procedures are certainly part of what makes it very, very hard to change government technology. But they are in place to stop changes because, well, changes might break those systems and government doesnt work without them working consistently.A long time ago I worked on a mainframe system in Californiathe kind that uses COBOL. It was as solid as a rock and worked day in, day out. Because if it didnt, and reimbursements werent received for Medicaid, then the state might become temporarily insolvent.Thats why many of the rules about technology in government make it hard to make changes: because sometimes the risk of things breaking is just too high. Sometimes whats at stake is simply keeping money flowing; sometimes, as with 911, lives are on the line.Still, government systems and the rules that govern them are ultimately only as good as the people who oversee and enforce them. The technology will only do (and not do) what people tell it to. So if anyone comes in and breaks those rules on purposewithout fear of consequencethere are few practical or technical guardrails to prevent it.One system thats meant to do that is the ATO, or the Authority to Operate. It does what it says: It lets you run a computer system. You are not supposed to operate a system without one.But DOGE staffers are behaving in a way that suggests they dont care about getting ATOs. And nothing is really stopping them. (Someone on Bluesky replied to me: My first thought about the OPM [email] server was, theres no way those fuckers have an ATO.)You might think that there would be technical measures to stop someone right out of high school from coming in and changing the code to a government system. That the system could require two-factor authentication to deploy the code to the cloud. That you would need a smart card to log in to a specific system to do that. Nopeall those technical measures can be circumvented by coercion at the hands of the evil housekeeper.Indeed, none of our systems and rules work without enforcement, and consequences flowing from that enforcement. But to an unprecedented degree, this administration, and its individual leaders, have shown absolutely no fear. Thats why, according to Wired, the former X and SpaceX engineer and DOGE staffer Marko Elez had the ability not just to read but to write code on two of the most sensitive systems in the US government: the Payment Automation Manager and Secure Payment System at the Bureau of the Fiscal Service (BFS). (Elez reportedly resigned yesterday after the Wall Street Journal began reporting on a series of racist comments he had allegedly made.)Were seeing in real time that there are no practical technical measures preventing someone from taking a spanner to the technology that keeps our government stable, that keeps society running every daydespite the very real consequences.So we should plan for the worst, even if the likelihood of the worst is low.We need a version of the UK governments National Risk Register, covering everything from the collapse of financial markets to an attack on government (but, unsurprisingly, that risk is described in terms of external threats). The register mostly predicts long-term consequences, with recovery taking months. That may end up being the case here.We need to dust off those in the event of an emergency disaster response procedures dealing with the failure of federal governmentat individual organizations that may soon hit cash-flow problems and huge budget deficits without federal funding, at statehouses that will need to keep social programs running, and in groups doing the hard work of archiving and preserving data and knowledge.In the end, all we have is each otherour ability to form communities and networks to support, help, and care for each other. Sometimes all it takes is for the first person to step forward, or to say no, and for us to rally around so its easier for the next person. In the end, its not about the technologyits about the people.Dan Hon is principal of Very Little Gravitas, where he helps turn around and modernize large and complex government services and products.