komali_2
Micah LeeDHS's Office of Industry Partnership was hacked by a group called "Department of Peace" and info about ICE contracts with over 6,000 companies is now published on @ddosecrets.org!
I just threw together a website visualizing this ICE contract data! You can browse through the companies and their contracts, and filter them by state https://micahflee.github.io/ice-contracts/
overfloThat is very interesting!
Some files are missing, are they ging to be available eventually?
Paula Gordon@micahflee Thank you for making this info available! Disheartening how many universities are listed...
Lioh@micahflee I find this scrolling visible between floating menus quite irritating.
Jamey Sharp@micahflee Oh, I see this is from all of DHS, not just ICE, and also that it includes contracts which ended years ago. That's good to be aware of. I actually worked on part of this one contract, over a decade ago, and it was purely about improving cybersecurity for people's smartphones; it had nothing to do with immigration. https://micahflee.github.io/ice-contracts/?state=OR&modalType=contract&modalAwardId=937
phildini@micahflee @yomimono this is super freaking cool.
I run @civicband where we have a lot of the city and county records that probably talked about this data, and I’m in the process of adding campaign finance data for all of California.
I’d love to collaborate on a joint project using all this data, chat?
Mother Anarchy@micahflee thank you for putting this together, I hope we can make good use of it. I'm partway through divesting from every company that participates in any of this. This will definitely help.
Tor Iver Wilhelmsen@micahflee Was it a proper hack, or did Kirsti Noem’s nephew throw together the site with vibe-coding and the database was exposed with no authentication? That seems to be the current trend in leaks.
manchicken@micahflee The Linux Foundation got half a million dollars from ICE contracts.
Phillip 
@manchicken @micahflee looks like it was from the DHS overall (not ICE specifically), lasted from 2017-2018, and the funds were used to improve the security of OSS in general. Unless I’m missing more context, not exactly a bad thing imo
@phillip @micahflee I do hope that's true. It would be disappointing to see any organization doing business with DHS/ICE since they made it plain how they have chosen to operate.
@manchicken @micahflee that’s what it says in the leaked contract files
@phillip @micahflee Yeah; I do think it's important to note that we don't actually have the full data set from what I can tell. We _should_ have the full data set, these contracts _should_ be public.
Scott Williams 🐧@phillip @manchicken @micahflee "CII is a private sector solution" in the Linux foundation..
"This funding would include a DHS representative holding a voting seat on the CII Steering Group"
Does this mean current DHS has a seat on a Linux Foundation entity?
@vwbusguy @manchicken @micahflee No, the DHS does not have a voting seat with the Linux Foundation. The CII Steering Group is a sub-project of the Linux foundation that accepts monetary donations, then doles them out to open source projects in need.
https://en.wikipedia.org/wiki/Core_Infrastructure_Initiative
So the DHS has (or had maybe?) a voting seat to give them a say in how their donations are spent.
Kofi Loves Efia 
@phillip sure that's correct and the best type of correct. Broadly it's true that donors with money always have some kind of vote
Andrew
wyatt@manchicken @micahflee it looks like that started in 2014 and ended in 2018?
if i'm reading the dataset correctly. Still not a good look
if i'm reading the dataset correctly. Still not a good look
varx/tech@micahflee I'm very amused by all of the Bugcrowd garbage data that ended up in the DHS contractors table.
Who knew that the Fortune 500 company `<a href=\"https://www.bugcrowd.com/\">Phishing</a><br><img src=http://194.164.169.161/p.png><!--` was working with DHS? 😮
@micahflee Wow if this is true, UC San Diego got over $2.3m from three ICE contracts. Not sure what "Full Proposal" means, though? Did they actually get that or was it some faculty member applying for grants they didn't receive?
iam-py-testJust adding something I noticed: these grants and contract are part of DHS' Long Range Broad Agency Announcement (LRBAA) program:
The Science and Technology Directorate's (S&T) Long Range Broad Agency Announcement (LRBAA) is a standing, open invitation to the scientific and technical communities to fund pioneering research and development (R&D) projects in support of our nation’s security.
https://www.dhs.gov/science-and-technology/st-lrbaa
That doesn't answer your question, though.
@iampytest1 Yeah, looking at the contract, it seems more InfoSec research related for DHS during Biden era.
K2
skua@micahflee
Anyone got the geeks to set up a bot that posts the names of 10 of the companies once every 12 hours?
#ICEContractor #ICEComplicit
Anyone got the geeks to set up a bot that posts the names of 10 of the companies once every 12 hours?
#ICEContractor #ICEComplicit
Cassandrich@skua @micahflee Maybe every hour?
@dalias
Forking Reply
"Frequency of bot posts" - ideally something that could be swapped over to "User selected frequency of receiving posts by a bot".
For me, if I checked my notifications after 2 days away from Mastodon and found 48 posts by a bot I'd unFollow.
But really I have no idea where a sweet spot might be found.
@skua Posts go in your home feed not notifications.
@dalias
You're right.
And on my home feed I'm choosing to unFollow some accounts as I want a Home feed that moves pretty slowly - ideally slowly enough that I "often" get to see posts by my most favourite accounts.
Thinking multiple bots could work.
@HourlyQuislings
@DailyQuislings
@WeeklyQuislings
User gets to choose frequency.
Tokyo Outsider (337ppm)@skua @dalias These last few days I've been really glad I put a chunk of time in a while back organising accounts onto topic-based lists (which works better now you can have those posts excluded from your home timeline). Let's me avoid news when I want to, but still have it right there when something big happens.
Juliet (Ryel), Rollerskating Elf 🏳️⚧️@micahflee Uhhh... looks like DHS may have had their contracts system get popped during a penetration test in 2025?
[Edit: LOL]
[Edit: LOL]
TerrorBite 🦁@julie @micahflee that means they were probably aware of the vulnerability that allowed this leak to happen… and then they didn't fix it (nor did they remove the data that the pentesters injected into their production database, apparently!)
k3ym𖺀@micahflee oh no, how terrible.
Havyhh2@micahflee glorious!!
Vincent Sparks@micahflee I cannot help but notice the "Contractors" file is about three times the size of the "Contracts" file.
Dave Slusher - Tech StuffFYI - some of the more perplexing names on this list:
The Linux Foundation
National Public Radio, Inc.
opio ⏚
Tofuhuehnchen@micahflee Departement of Peace? Reminds me a bit of "Minipax" from Orwell's 1984 or the same Ministry in Babylon 5
@MireiaYesterday’s documents confirm the deep role of Microsoft and Palantir in ICE’s repressive machinery, with technologies enabling mass surveillance disguised as “immigration management.”