More than 80 TLS certificates used by US government websites have expired so far without being renewed, leaving some websites inaccessible to the public. From a report: NASA, the US Department of Justice, and the Court of Appeals are just some of the US government agencies currently impacted, according to Netcraft. The blame falls on the current US federal government shutdown caused by US President Donald Trump's refusal to sign any 2019 government budget bill that doesn't contain funding for a Mexico border wall he promised during his election campaign. This has resulted in hundreds of thousands of government workers being furloughed across all government agencies, including staff handling IT support and cybersecurity. As a result, government websites are dropping like flies, with no one being on hand to renew TLS certificates.

  • Often it seems that one of Trump's top motivations is to piss on the democrats, without concern for what it does to anyone who is not a hard core supporter of his. If we could get someone on Fox & Friends to say that the most dramatic thing he could do to piss off the democrats at this point would be to resign - leaving Pence in charge - he just might do it. Pence is not a great guy either but he's at least reasonably intelligent and honest enough to not stare into a camera and lie his ass off (yet). Just tell trump about the sweetheart deal Nixon got when he resigned and Trump might go for it. Hell if he goes out willingly he could still get lifetime secret service protection for him and his family for the rest of all their lives, saving him many millions of dollars.

    • Re:This might call for some Fox News counterhackin (Score:4, Insightful)

      by Joce640k ( 829181 ) on Friday January 11, 2019 @10:07AM (#57943634) Homepage

      If they pay for his wall because he has a tantrum, what's next?

      He'll be shutting down the government for every last little thing until he gets his way.

      There's no way anybody should give way on this (except The Donald, obviously).

      PS: Wasn't Mexico going to pay for this?

      • Re: (Score:2, Insightful)

        by WhiplashII ( 542766 )

        Whatever happened to "elections have consequences"?

        Perhaps there is room on both sides to stop acting like children, and learn to work together.

        • Re:This might call for some Fox News counterhackin (Score:5, Insightful)

          by Joce640k ( 829181 ) on Friday January 11, 2019 @10:24AM (#57943800) Homepage

          You mean by doing the sensible thing, eg. Postponing the wall until there's money to pay for it?

          (There'll be money, right? Trump's economic policies are working...?)

          • Re:This might call for some Fox News counterhackin (Score:4, Informative)

            by LynnwoodRooster ( 966895 ) on Friday January 11, 2019 @11:00AM (#57944168) Journal
            HINT: There isn't money to pay for 24% of what the Federal Government does. It brings in enough revenue to pay interest on the debt, pensions (Federal and SSI), healthcare, and welfare. No money for anything else - DOEs (both of them), EPA, FBI, OSHA, CBP, DOD, etc.

            • Re:This might call for some Fox News counterhackin (Score:5, Insightful)

              by TrekkieGod ( 627867 ) on Friday January 11, 2019 @12:37PM (#57945000) Homepage Journal

              Which means we should be spending less and taxing more, not spending $5 billion on something that's not even effective at preventing what it's designed to prevent. Considering the majority of illegal immigration is a result of overstayed visas, the majority of the drug traffic happens at legal ports of entry, and the known or suspected terrorists that have attempted to enter the US have been caught at airports, it seems to me the return on investment on building a border wall is nowhere near the $5 billion he's asking for.

              This is slashdot, so in programmer terms, this is premature optimization. Sure, there are thousands of people illegally crossing the border, but if you actually run a profiler you'll see that's not the even the hot path, so why are we proposing to spend so much of resources on that instead of elsewhere?

        • Re:This might call for some Fox News counterhackin (Score:5, Insightful)

          by cascadingstylesheet ( 140919 ) on Friday January 11, 2019 @10:36AM (#57943926)

          Whatever happened to "elections have consequences"?

          Perhaps there is room on both sides to stop acting like children, and learn to work together.

          Sorry, the "pen and a phone" only work when Dems win the presidency.

          Because reasons. Or something.

        • Re:This might call for some Fox News counterhackin (Score:4, Insightful)

          by ShanghaiBill ( 739463 ) on Friday January 11, 2019 @10:39AM (#57943966)

          Perhaps there is room on both sides to stop acting like children, and learn to work together.

          I don't think so. Every time Donald throws a tantrum, his base poll numbers go up, and congressional Republicans tremble in fear.

          Likewise for Democrats. Nancy Pelosi was demonized by people like AOC last fall, yet now that she is standing up to Trump, her popularity with the progressive base has soared.

          So far the shutdown has not affected me in the slightest. I wouldn't even know it was happening if I turned off the news.

          • You'll probably start to know pretty soon as those furloughed workers start not getting paychecks. The economic ripples are going to start.

        • Re:This might call for some Fox News counterhackin (Score:5, Insightful)

          by ilsaloving ( 1534307 ) on Friday January 11, 2019 @10:53AM (#57944108)

          There is no "two sides" to this. This problem falls squarely in the laps of the Republicans.

          Trump had an entire year to get this pushed through when the Reps had all three branches of gov't. He didn't.

          It only suddenly became a burning priority when the democrats took the house. There is only one side being childish right now, and that's been the case for a while now.

          (Yes, the democrats have their issues, but those issues are not what caused this current mess.)

          • Re: (Score:3, Informative)

            by Curunir_wolf ( 588405 )

            There is no "two sides" to this. This problem falls squarely in the laps of the Republicans.

            Trump had an entire year to get this pushed through when the Reps had all three branches of gov't. He didn't.

            It only suddenly became a burning priority when the democrats took the house. There is only one side being childish right now, and that's been the case for a while now.

            (Yes, the democrats have their issues, but those issues are not what caused this current mess.)

            Spending bills still require 60 senators to pass, not 51, so the Republicans could not get it passed by themselves. Trump actually said explicitly the last time they passed a CR with lots of added spending, but none for the wall, that he would never sign a bill like that again.

            You could have argued that McConnell could have changed the rules to allow those bills to pass with a simple majority, but if the Senate was flipped, which was not unlikely, the Dems would have used those rules as well.

            So the OP is

            • But Trump actually has a better hand.

              He had a better hand, right up until he said he would own the shutdown. At that point, he lost his bargaining power. Why? Because where is the incentive now for the Dems to compromise when Trump has already conceded.

              • But Trump actually has a better hand.

                He had a better hand, right up until he said he would own the shutdown. At that point, he lost his bargaining power. Why? Because where is the incentive now for the Dems to compromise when Trump has already conceded.

                Well that was my point. Both sides are obstinately refusing to compromise at this point, and Trump said he would take the blame even before it happened, so that's irrelevant. Trump's entire budget that was submitted to Congress was completely thrown out, and his only demand for any of it was $5.7 billion for border security, something like 0.1% of the budget. Pelosi and Shumer are arguing that it's too expensive (not persuasive), that walls are immoral (no traction on that), that he said Mexico would pay fo

            • As pointed out, the amount he's asking for really is a tiny fraction of the budget

              That is completely and utterly irrelevant. A budget bill was written that could have passed both houses of congress. Trump even said he would sign it. Then all of a sudden he decided that he would not sign anything that did not have wall funding in it. He sunk the whole process on his own. It doesn't matter whether he was asking for $5, $5,000, $5M, $5B, or $5T. If there is such great support for the wall he could have asked for the next bill from congress to address it directly so it could have any

            • Re:This might call for some Fox News counterhackin (Score:5, Insightful)

              by jeff4747 ( 256583 ) on Friday January 11, 2019 @04:26PM (#57946604)

              Spending bills still require 60 senators to pass, not 51, so the Republicans could not get it passed by themselves.

              No, the Republicans did not try to get it passed by themselves.

              The Democrats offered to vote for Trump's entire wall ($27b) in return for citizenship for the DACA kids. Republicans didn't even put that to a vote.

              You could have argued that McConnell could have changed the rules to allow those bills to pass with a simple majority

              Or, since it's a spending bill, McConnell could have left the rules alone and passed it via reconciliation.

              So the OP is right, the blame lies on both sides.

              Only if you pretend time started about 3 months ago.

              But Trump actually has a better hand. As pointed out, the amount he's asking for really is a tiny fraction of the budget. People's opinion of Trump is not going to change much over this, people that hate him will continue to do so. Pelosi and Schumer, though, are a different story.

              Polling doesn't bear out your prediction. Trump is getting the blame for the shutdown, people are responding that it's stupid to keep the shutdown going over the wall, and we're just starting to get to the point where it hurts the economy.

        • Re:This might call for some Fox News counterhackin (Score:5, Insightful)

          by N1AK ( 864906 ) on Friday January 11, 2019 @12:06PM (#57944748) Homepage
          Elections do have consequences, and the consequence of electing more Democrats to the house than Republicans is that Trump can't just demand what he likes and get it anymore.

          The Democrats, and the majority of Americans, don't support the wall. How is it acting like Children for them to refuse to sign something they don't agree with? A parent isn't acting like a child if they refuse to give their toddler more dessert every time they start having a temper tantrum; and depressingly that's a close analogy to the current President and his typical behaviour.

        • Re:This might call for some Fox News counterhackin (Score:5, Interesting)

          by thegarbz ( 1787294 ) on Friday January 11, 2019 @12:48PM (#57945096)

          Perhaps there is room on both sides to stop acting like children, and learn to work together.

          One side is upholding the democratic process preserved by the house and senate, the other side is holding a government to ransom for his pet project like a dictator.

          No. Not everything in the world should be compromised on. In fact quite the opposite. Not only should Trump NOT get his way but this stupid issue which allows the government to be shutdown through this legal process should be eliminated like other countries have done for the express purpose of preserving the democratic process.

        • Re: (Score:3, Insightful)

          by amicusNYCL ( 1538833 )

          Perhaps there is room on both sides to stop acting like children, and learn to work together.

          Right. Like funding the government while the debate about the wall continues. That would be the adult thing to do.

      • Clinton, Obama, Schumer, Pelosi all wanted a wall (Score:5, Informative)

        by raymorris ( 2726007 ) on Friday January 11, 2019 @10:34AM (#57943910) Journal

        Clinton, Obama, Schumer and Pelosi all voted for a wall before Trump made actually getting it done a major campaign promise. Millions of people entering illegally, and often getting injured, assaulted, or even killed during the trek, was a "crisis" that needed to be solved, until Trump decided to actually solve it. The funding was "urgently needed", these Democrats said on national TV, until Trump would "get credit" for having done it.

        "Illegal Immigration is wrong, plain and simple. Until the American people are convinced we will stop future flows of illegal immigration, we will make no progress." Sen. Chuck Schumer

          "We simply cannot allow people to pour into the United States undetected, undocumented and unchecked." - Barak Obama
        Less than a year later, Obama and 25 other Senate Democrats voted for the Secure Fence Act, the 2006 legislation that authorized the construction of 700 miles of barriers along the southern border.

        "[we must] spend money to build a barrier to try to prevent illegal immigrants from coming in. ... I do think you have to control your borders." - Hillary Clinton

        How about the Dems allow the government to do what they themselves have said is "urgently needed" rather than obstructing it because they don't want the orange idiot to get the credit for it?

        • context matter (Score:5, Insightful)

          by Anonymous Coward on Friday January 11, 2019 @11:28AM (#57944398)
          Those were not about walls along the whole fucking shebang southern border, but rather small portion, and about sensible policies. You know, like the one republican hate more than dems : fining hugely and financially crushing people hiring illegals. But wait, can't do that, most of those are rich folk voting republican AND donating money. Yet this crack down on the people hiring illegals is what WORK.

        • Re:Clinton, Obama, Schumer, Pelosi all wanted a wa (Score:4, Insightful)

          by greythax ( 880837 ) on Friday January 11, 2019 @11:38AM (#57944488)

          Could have something to do with the fact that the fence they are asking for is $361 PER INCH (generously, including the 150 miles of fence that is already built) and would only cover 11% of the border? Doesn't sound worth shutting down the government to me.

  • fake news (Score:2, Interesting)

    by Anonymous Coward

    One appears to be a test domain, one expired before the shutdown and the third does not resolve publicly and the article says the org was not affected by the shutdown.

  • Let's Encrypt (Score:5, Insightful)

    by Meneth ( 872868 ) on Friday January 11, 2019 @09:52AM (#57943484)
    If they set up Let's Encrypt properly, they can have automatic renewing of their certificates.

    • Re:Let's Encrypt (Score:5, Insightful)

      by Nkwe ( 604125 ) on Friday January 11, 2019 @11:46AM (#57944552)
      Putting a certificate on a website does two main things: 1) Allows the traffic to be encrypted, and 2) Provides assurance to people using the website that the website is genuine. Let's Encrypt only does the first thing - allows encryption. Let's Encrypt provides no real assurance that the website is what it claims to be. For many websites the encryption use case is sufficient, and using Let's Encrypt makes all kinds of sense both practically and economically. If you are a bank, the social security administration, a retail site that takes credit card numbers, or any site that your users may provide you with sensitive data, you really want to purchase a certificate from an authority that provides a higher level of identity assurance than does Let's Encrypt.

  • Letsencrypt and CRON (Score:3)

    by Murdoch5 ( 1563847 ) on Friday January 11, 2019 @10:06AM (#57943612)
    There's no reason this isn't automated, run a CRON job every 30 days that refreshes the TLS certs and move on with your day.

  • It's Pelosi, not Trump (Score:4, Insightful)

    by MikeRT ( 947531 ) on Friday January 11, 2019 @10:08AM (#57943642)

    The blame falls on the current US federal government shutdown caused by US President Donald Trump's refusal to sign any 2019 government budget bill that doesn't contain funding for a Mexico border wall he promised during his election campaign.

    No, it's her desire to see him not get a key campaign promise through and see him not get reelected in 2020. That's what this is about. They are willing to ensure than 800k federal employees don't get paid for months because they are that Hell-bent on seeing his chances reduced in 2020. That's it.

    The Democrats supported every wasteful thing Bush and Obama put out there. They supported Obama's expansion on Bush's militarism.

    The fact is that if Trump wanted $10B to bomb a randomly named country, half the Democrats would give him the money. It's only--only--when that money is put toward something that is a core campaign promise and related to what people want (border security) that they lose their minds and channel Ayn Rand.

    • Re:It's Pelosi, not Trump (Score:5, Insightful)

      by close_wait ( 697035 ) on Friday January 11, 2019 @10:15AM (#57943712)
      Oh, you mean that core election promise that Mexico would pay for the wall with a one-off payment. Looks like the Dems (and the GOP before Jan) are just holding him to that promise.

  • More an example of incompetience as system admin. (Score:5, Interesting)

    by will_die ( 586523 ) on Friday January 11, 2019 @10:25AM (#57943816) Homepage
    If your certs are about to expire(30-60 days out) and you are not planning for it, especially when they will be failing around the end of the year with Christmas and new years, that is just an example of you being a poor system administrator.

  • Netcraft confirms it. (Score:5, Funny)

    by Comboman ( 895500 ) on Friday January 11, 2019 @10:40AM (#57943974)

    NASA, the US Department of Justice, and the Court of Appeals are just some of the US government agencies currently impacted, according to Netcraft.

    US government is dead. Netcraft confirms it.

  • Poor IT practices? (Score:5, Insightful)

    by egriebel ( 177065 ) * <edgriebel@gmaNETBSDil.com minus bsd> on Friday January 11, 2019 @10:45AM (#57944038) Journal
    I know that this being /. that people like to bash Trump at every opportunity (even when unwarranted), but isn't this problem one of crappy cert management? Waiting until the very last minute before renewing a cert isn't a Best Practice. It's not like your wasting money by renewing a cert early.

    • The shutdown is happening because those parts of the government are not allowed to spend money. The last budget ended September 30th. They can't spend the money on a new cert until they get a new budget.

  • TLS anyone? (Score:4, Informative)

    by bill.pev ( 978836 ) on Friday January 11, 2019 @04:29PM (#57946626)
    Am I the only person that finds it oddly predictable that, in response to a story about TLS, almost every single comment is a biased (one way or the other) comment about "the Wall" or the Donald or the Problem with America Today.

    Cert expiration is a problem mostly because certificates cannot be renewed. They must be replaced, and as close to expiration as possible. If only there were a way to push the expiration out.. maybe by having a replacement cert, or a see-next-instance logic.

    This way, certs could be renewed before they expire, just as Domain names are. And yes, I understand the technical limitations making this a necessary evil today. But it is a problem for government users now, and is a problem in many other like cases. For instance, when a cert expires over a weekend. Who hasn't got the call at 5 am when this happened?

    As for the wall... I'll comment when its relevent.

