Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Republicans Security Communications Network Networking Privacy Software The Internet Politics Technology

Trump's Cyber Security Advisor Rudy Giuliani Runs Ancient, Utterly Hackable Website (theregister.co.uk) 280

mask.of.sanity writes from a report via The Register: U.S. president-elect Donald Trump's freshly minted cyber tsar Rudy Giuliani runs a website so insecure that its content management system is five years out of date, unpatched and is utterly hackable. Giulianisecurity.com, the website for Giuliani's eponymous infosec consultancy firm, runs Joomla! version 3.0, released in 2012, and since found to carry 15 separate vulnerabilities. More bugs and poor secure controls abound. The Register report adds: "Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server. This seemingly insecure system also has a surprising number of network ports open -- from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. It also runs a rather old version of FreeBSD. 'You can probably break into Giuliani's server,' said Robert Graham of Errata Security. 'I know this because other FreeBSD servers in the same data center have already been broken into, tagged by hackers, or are now serving viruses. 'But that doesn't matter. There's nothing on Giuliani's server worth hacking.'"
This discussion has been archived. No new comments can be posted.

Trump's Cyber Security Advisor Rudy Giuliani Runs Ancient, Utterly Hackable Website

Comments Filter:
  • by Lisandro ( 799651 ) on Friday January 13, 2017 @05:28PM (#53663361)

    Robert Graham explained it succinctly: http://blog.erratasec.com/2017... [erratasec.com] .

    The real story here is that Giuliani is now a goddamn cybersecurity advisor, not that this personal site is crap. The guy was hired not because of competence but because he spent the entire campaign kissing Trump's ass.

    • by H3lldr0p ( 40304 ) on Friday January 13, 2017 @05:29PM (#53663365) Homepage

      there's nothing else to talk about. /THREAD

      • by JoeMerchant ( 803320 ) on Friday January 13, 2017 @05:39PM (#53663453)

        Nothing to talk about, plenty to do... 15 known exploits: get to work.

      • Re: (Score:3, Funny)

        by Anonymous Coward

        Oh yes there is. You people might think this conversation is done, you might try to wiggle your way out of it, but it's not going to happen. There's a VITAL issue that needs to be addressed, and, frankly, I'm tired of people dancing around the real issues.

        Now... I understand that the guy is running FreeBSD. I mean, what the crap? He should be running OpenBSD for Pete's sake.

        FreeBSD is just, like, wrong.

      • There is, this line:

        But that doesn't matter. There's nothing on Giuliani's server worth hacking.

        It's awfully close to the "if you've got nothing to hide..." argument used when you're expected to hand over your privacy.

    • by Anonymous Coward on Friday January 13, 2017 @05:34PM (#53663415)

      Sorry that can't be true, Trump was elected to drain the swamp and no one could ever mislead the American people so this can't happen anymore.

      You're obviously just spreading fake news. Next you'll be saying Trump paid some Russian hookers to piss on each other in front of him in Moscow.

    • by Anonymous Coward on Friday January 13, 2017 @05:41PM (#53663465)

      You might not get anything interesting from the server, but you could use it to infect other systems and visitors, who might be high profile targets given what it's hosting. The complete disregard for a server might be acceptable for a mom & pop shop, but not for someone who's going to advise the President of the United States of America on security issues.

    • by Dr. Evil ( 3501 ) on Friday January 13, 2017 @05:49PM (#53663541)

      "All this tells us is that Verio/NTT.net is a crappy hosting provider, not that Giuliani has done anything wrong."

      He outsourced to a 2-bit shop with no recognition of the reputational risk. That's a security fail.

      • by unrtst ( 777550 ) on Friday January 13, 2017 @05:58PM (#53663613)

        Agreed, and I'd take it several steps further...

        Sure, not all people leading these positions are experts at those fields. I'd argue they should be, but if they're competent enough at leading people that are experts, that'd probably do as well.

        I'd also concede that Giuliani almost certainly didn't set up this server himself, so he's not directly to blame for that.

        However, when those two are combined, it's an utter failure. He is not qualified to do the actual work, and when he has had others do the work (for an "infosec consultancy firm", no less), they utterly failed - thus his leadership of them is also an utter failure. To fill the cyber security advisor role, one should be able to either do the work directly, or be smart enough to interface with those that can do the work. As Trump would say, so sad!

    • by gmack ( 197796 ) <gmack@@@innerfire...net> on Friday January 13, 2017 @05:56PM (#53663589) Homepage Journal
      He is completely wrong. It does matter. How can Rudy Giuliani be the cyber security czar if he doesn't even know enough to contract competent people to keep his website secure?
    • Random aspersions (Score:4, Informative)

      by Okian Warrior ( 537106 ) on Friday January 13, 2017 @06:02PM (#53663637) Homepage Journal

      Robert Graham explained it succinctly: http://blog.erratasec.com/2017... [erratasec.com] .

      The real story here is that Giuliani is now a goddamn cybersecurity advisor, not that this personal site is crap. The guy was hired not because of competence but because he spent the entire campaign kissing Trump's ass.

      "Thus historian Vincent J. Cannato concluded in September 2006 [washingtonpost.com], "With time, Giuliani's legacy will be based on more than just 9/11. He left a city immeasurably better off — safer, more prosperous, more confident — than the one he had inherited eight years earlier, even with the smoldering ruins of the World Trade Center at its heart. Debates about his accomplishments will continue, but the significance of his mayoralty is hard to deny."

      You might be correct, in that Giuliani was not hired because of competence, but you are completely incorrect implying that Giuliani is wholly without competance.

      And once again, I have to ask: is [what you said] this important? Is *why* someone is hired more important than their competence?

      And once again again, I have to ask: compared to what? Is hiring Giuliani any worse than the practices of the previous administration or the runner-up candidate?

      For contrast, note that Bush appointed a crony as head of FEMA who completely fell on his face during Katrina, and Obama appointed Caroline Kennedy as ambassador to Japan, who was completely outmastered in our recent Japanese treaty negotiations(*).

      Is it useful *at all* to just throw throws random aspersions around?

      (*) Resulting in a treaty which is beneficial to Japan, but a very bad deal for America. I have no opinion about Ms. Kennedy, good or bad, only note that she was unqualified for the position, was apparently appointed because of her ties to a famous family dynasty, and America was worse off because of it.

      • by Fire_Wraith ( 1460385 ) on Friday January 13, 2017 @06:25PM (#53663763)
        Just because someone is good at getting city bureaucrats in line doesn't mean they know jack squat about information security. I've dealt with lots of very successful people who run large businesses in various industries, and are very good at that. They're good in their field, but they don't know infosec. The ones who realize that (and that it's important) hire people who do know it... something Giuliani clearly hasn't done.

        I certainly don't expect Giuliani himself to go code up a solution or configure his servers himself. I do expect that he ought to know the importance of hiring good people, and of showing people that you know what you're talking about. Would you hire a plumber who has a broken toilet he can't/won't fix in his own shop's bathroom?
      • GeopoliticalFutures wrote, "in a revolution, competence is a luxury." Assuming "draining the swamp" of D.C. is really a form of revolution Trump intends to carry out, it's more effective for the end goal to have loyal than to have competent people in his inner circle.

      • Re:Random aspersions (Score:5, Informative)

        by guises ( 2423402 ) on Friday January 13, 2017 @07:21PM (#53664103)
        Ugh. I hate those posts which go line-by-line quoting and responding and ultimately don't say anything. That's really what I want to do here, because everything you've written here is just... terrible. I'm only going to focus on one thing though:

        Obama appointed Caroline Kennedy as ambassador to Japan, who was completely outmastered in our recent Japanese treaty negotiations(*). (*) Resulting in a treaty which is beneficial to Japan, but a very bad deal for America.

        I assume you're talking about the TPP [slashdot.org] and, in particular, the point that this person [slashdot.org] is trying to make about the TPP being good for the Japanese auto industry and bad for the American auto industry? If not I don't know what you're talking about, but that's the talking point which was making the rounds.

        Let me quote the AC directly underneath that:

        The negative impact on the US auto industry really misses the point, protectionism is almost always to the detriment of the country as a whole. Under the deal the Japanese agricultural industry suffers, but all Japanese people get cheaper food. It's a net benefit to Japan, even though it has a negative impact on that specific industry. At the same time the US agricultural industry gains from this. Likewise: under the deal the US auto industry suffers, but all Americans get cheaper cars. Since almost all Americans drive, it's a net benefit to the US. And, at the same time, the Japanese auto industry gains from this. Exactly the same situation as above.

        Disclaimer: I was that AC. Just didn't log in.

        Of your points, this is one that I wanted to address because this sort of protectionism is something which really resonates with people who don't think too hard about it. It seems so simple: "Protect American jobs! The only cost is screwing some foreigners! Why haven't we been doing this all along? Our government must be corrupt or stupid or something." It's a topic which demagogues can latch onto, but the only people who protectionism really benefits are the people in control of the industry in question. Even to the peons in that industry the benefit from protectionism is questionable.

        It's like those people who claim that climate change doesn't exist because it still gets cold in winter: it kinda makes sense as long as you don't think to hard about it. And that's all it takes to convince some people.

        • Of your points, this is one that I wanted to address because this sort of protectionism is something which really resonates with people who don't think too hard about it. It seems so simple: "Protect American jobs! The only cost is screwing some foreigners! Why haven't we been doing this all along? Our government must be corrupt or stupid or something." It's a topic which demagogues can latch onto, but the only people who protectionism really benefits are the people in control of the industry in question. Even to the peons in that industry the benefit from protectionism is questionable.

          Finally, a cogent argument and the start of a discussion.

          You say that protectionism seems good on the surface, but ultimately hurts the country.

          Firstly, I think you're drawing a black-white distinction between protectionism and globalism, as if there are no middle ground positions or other policies. We could easily be protectionist in one industry and globalist in another, or "slightly" protectionist (through tariffs, for instance), or isolationist (like North Korea) in some circumstances(*).

          Secondly, you'r

        • by dbIII ( 701233 )

          Protect American jobs! The only cost is screwing some foreigners!

          It's a very old approach with very old examples of unintended consequences. The reason the fourth crusade ended up in Constantiople/Byzantium/Istanbul in 1204 is mainly because of some tariffs.
          A current example is kids getting fat on corn syrup because cane sugar is a protected industry and jacked the prices up due to not having to worry about cheap imports. Another is car manufacturing moving to Mexico to take advantage of cheap steel inste

      • by mjm1231 ( 751545 )

        And once again, I have to ask: is [what you said] this important? Is *why* someone is hired more important than their competence?

        And once again again, I have to ask: compared to what? Is hiring Giuliani any worse than the practices of the previous administration or the runner-up candidate?

        For contrast, note that Bush appointed a crony as head of FEMA who completely fell on his face during Katrina, and Obama appointed Caroline Kennedy as ambassador to Japan, who was completely outmastered in our recent Japanese treaty negotiations(*).

        Ambassador appointments have a very long history of being handed to political insiders with questionable qualifications. Cabinet level positions are a completely different matter. Your point might be valid, but it would be better served by a less weak example.

        • Obama appointed a well connected idiot as secretary of state. To improve her chances at being president.

          • by dbIII ( 701233 )
            It was very obviously a deal to get Hillary off his back during the primaries.
            As for idiot, she's a lot of things so you have no excuse for choosing one of the few insults that doesn't fit.
      • by dbIII ( 701233 )
        Maybe, but he knows fuckall about the topic he's supposed to be dealing with. It's like hiring someone from Pepsi to run a telecommunications company or a Microsoft exec to run a phone manufacturing company - no actually far far more stupid than either of those catastrophic appointments.

        For contrast, note that Bush appointed a crony as head of FEMA

        Contrast? It's the same sort of fish out of water crony story so there is no contrast.

      • Re:Random aspersions (Score:4, Interesting)

        by Actually, I do RTFA ( 1058596 ) on Friday January 13, 2017 @11:09PM (#53665125)

        NYC was better off off after Giuliani because all of America improved during that time. Compared to the rest of America, NYC actually lost ground.

        Part of that was due to wasteful, counterproductive and possibly unconstitutional policing policies (broken window policing, stop and frisk). Part of that was due to setting up charter schools that actually underperformed the public schools. Part of that was due to botching the ability to respond to 9/11 by failing to properly prepare (e.g. putting the emergency command and control building in the WTC against all advice). And part of that was giving jobs to corrupt associates as opposed to qualified bureaucrats.

    • The real story here is that Giuliani is now a goddamn cybersecurity advisor, not that this personal site is crap.

      I'll give you that.

      But if you put up a wooden sign that advertises your services as a carpenter, that sign better not look like crap. Even if you hired somebody else to make the sign.

    • What makes you think he was not a competent arse kisser? Sounds like he did a fine job.

    • by tlhIngan ( 30335 )

      The real story here is that Giuliani is now a goddamn cybersecurity advisor, not that this personal site is crap. The guy was hired not because of competence but because he spent the entire campaign kissing Trump's ass.

      It's not a "personal website". It's the website to his Infosec company.

      That's why he was hired as cybersecurity czar - he owns a computing security company!

    • All this tells us is that Verio/NTT.net is a crappy hosting provider, not that Giuliani has done anything wrong.

      No, it tells us Guiliani failed to perform due diligence before selecting a hosting provider. This negligence or incompetence puts his customers directly at risk.

    • Robert Graham explained it succinctly: http://blog.erratasec.com/2017... [erratasec.com] .

      The real story here is that Giuliani is now a goddamn cybersecurity advisor, not that this personal site is crap. The guy was hired not because of competence but because he spent the entire campaign kissing Trump's ass.

      If that's how Trump works, then why didn't he give Giuliani what he wanted - the Secretary of State job? It would have saved Trump a lot of grief that he's going thru w/ Rex Tillerson, and Rudy would have got his first choice

      This role would probably not have been created so quickly, had the Dems not been obsessed w/ the Russians - something they conveniently ignored the last 8 years

    • by dbIII ( 701233 )
      It's a pity you can only be modded to five.
      This is FEMA horse judge stuff all over again.

      So much politics on Slashdot these days, but if things REALLY fuck up it becomes a geeky topic - last days of the old republic.
  • Does his server contain highly classified e-mail messages too?

  • Actually the website is apparently ran by a company called datarocket, which has an amazing website designed from the early 90s. (https://whois.icann.org/en/lookup?name=giulianisecurity.com & datarocket.com). I doubt Rudy even know what a webserver really is, let alone how to configure it.

    So he will be a great fit as a Cyber Security Advisor. /s
    • Re: (Score:3, Funny)

      I bet he can wipe a server ... like with a cloth.

    • I worked in a federal government department for Canada that did most of the website development and hosting internally. Sometimes they would outsource the development of a site if they were too busy. When I was there the Internet development and maintenance groups had a meeting with the new CIO for the department. First thing he says is that he knows nothing about the Internet. He's never even been on a website. This was around 2005.

      The group was made up of developers, graphics designers, product manager

    • Some of the best engineering department leads I've worked for had zero touch with the technology itself but they REALLY understood how teams function, great processes for development, and how to motivate people to work properly. I'd rather the person in charge of a huge effort like this one understand more about how to build and manage great organizations than the intricacies of configuring linux servers...
      • by dbIII ( 701233 )
        That's a vanishingly rare situation and that person probably actually knew far more about what they are managing than you are stating. I'm almost certain you didn't see them when they were new to that industry - is that the case? The newbie mistakes would have happened before you met the person.

        Where I am a politically well connected accounts clerk (not even an actual accountant) was put in charge of a large railway company and demonstrated what usually happens in that situation. When the topic is utter
    • Does someone who heads a cyber-security company have to actually be an admin w/ a good cyber-security certification? That's like demanding that Gates be a whiz at C++ programming and win APIs, or that Jobs should have been a whiz at Objective-C or AppBuilder. Rudy has a security company of his own, and he's recently added cyber-security as an area of focus in their mission. Question is - how much has he outsourced to the company hosting his site vs having his in-house admins managing it?

      The server is F

      • by dbIII ( 701233 )

        Does someone who heads a cyber-security company have to actually be an admin w/ a good cyber-security certification?

        Not the problem, the problem is the inability of someone to distinguish such a person from a used car salesman with a slick line in pretending to be an admin w/ a good cyber-security certification.
        A person without any exposure to an industry is going to make newbie mistakes. That's not the sort of thing you want in an important post.

        • Not the problem, the problem is the inability of someone to distinguish such a person from a used car salesman with a slick line in pretending

          No problem, no problem. You're the problem.

  • by DogDude ( 805747 ) on Friday January 13, 2017 @05:31PM (#53663381)
    "So we had to get very, very tough on cyber and cyber warfare. It is a huge problem. I have a son—he’s 10 years old. He has computers. He is so good with these computers. It’s unbelievable. The security aspect of cyber is very, very tough. And maybe, it's hardly doable. But I will say, we are not doing the job we should be doing. But that’s true throughout our whole governmental society. We have so many things that we have to do better, Lester. And certainly cyber is one of them."
    • by gtall ( 79522 ) on Friday January 13, 2017 @07:27PM (#53664133)

      Remember when asked to describe what undisclosed information he knew, Trump said, "You'll find out on Tuesday or Wednesday." That was last week or the week before. We're still waiting. Maybe he's too busy watching for Hollywood slights to get back to us on that.

      And there is this gem talking about the intelligence services, "I think it's unfair if they don't know," he said. "And I know a lot about hacking. And hacking is a very hard thing to prove."

      The trick is to bang the rocks together, Trump.
      (courtesy of Douglas Adams)

  • other than his professional reputation.
  • What website? (Score:4, Informative)

    by Grand Facade ( 35180 ) on Friday January 13, 2017 @05:32PM (#53663391)

    "giulianisecurity.com’s DNS address could not be found."

  • by tempo36 ( 2382592 ) on Friday January 13, 2017 @05:33PM (#53663407)

    Giuliani has been hired to endorse and push laws that further Trump's administration's ability to invade the privacy of those they dislike, and to prosecute those who dare to use technology or the internet to speak out against them.

    Require Muslim citizens to register their devices before being allowed to sign up for broadband? Sounds like cybersecurity to me! Emailing someone an article disparaging Trump? Sounds like CYBERTERRORISM right Rudy?

  • Competency (Score:5, Informative)

    by HogGeek ( 456673 ) on Friday January 13, 2017 @05:39PM (#53663455)

    The DNS entry has been removed, but the server continues to run:

    http://209.238.99.227/index.ph... [209.238.99.227]

    • by msauve ( 701917 )
      The summary didn't even bother to mention the Flash crap.
    • Mirror of the website: http://archive.is/CixsY [archive.is]

      And open ports:

      nmap -O 209.238.99.227

      Starting Nmap 7.40 ( https://nmap.org/ [nmap.org] ) at 2017-01-13 16:51 EST
      Nmap scan report for giulianisecurity.com (209.238.99.227)
      Host is up (0.21s latency).
      Not shown: 979 closed ports
      PORT STATE SERVICE
      21/tcp open ftp
      22/tcp open ssh
      25/tcp filtered smtp
      80/tcp open http
      110/tcp open pop3
      139/tcp filtered netbios-ssn
      143/tcp open imap
      161/tcp open snmp
      389/tcp open ldap
      443/tcp open https
      44

      • Giuliani is an ex DA (spit), his job will be to make NMap illegal.

      • by ls671 ( 1122017 )

        If you scan my web site, all ports will look open. Who knows? Maybe Giuliani is such a security tsar that he also runs tarpit on his server... ;-)

        $IPTABLES -A rule_custom_drop -p tcp --dport 113 -j REJECT
        $IPTABLES -A rule_custom_drop -p udp --dport 113 -j REJECT
        $IPTABLES -A rule_custom_drop -p tcp -m limit --limit 10/sec -j TARPIT
        $IPTABLES -A rule_custom_drop -j DROP

        • You might want to read this:

          http://serverfault.com/questio... [serverfault.com]
          • by ls671 ( 1122017 )

            You might want to read the official docs. The link you posted has a non-negligible amount of BS in it. For the valid points, I am covered and monitor things. Believe it or not, I even ran simulations to see what happens...

            The utter BS in your link: in realty, iptables tarpit doesn't use any connections, 0, nada. No connection overhead involved; 0.

            For me, the experience has been quite the opposite of the first poster in your link who states himself that he is outdated; I used to think iptables tarpit was a

    • by Macdude ( 23507 )

      The DNS entry has been removed, but the server continues to run:
      http://209.238.99.227/index.ph... [209.238.99.227]

      And it hasn't even been defaced yet, it's like you guys aren't even trying...

  • beware!

  • I got an idea what they're looking at. You know what they're looking at?
    Is that guy something; or is that guy something? I mean, you gotta give this crew credit. They are so fucking good... Know what he's looking at?
    Us. The L.A.P.D. The Police Department. We just got made...

    Hanna
    Heat (1995)

  • Get a clue (Score:2, Insightful)

    So I am sure all of these anti Trump/Giuliani posts are perfectly content with the job the Obama administration has done, what with the millions of accounts hacked at OPM and hundreds, if not thousands of cyber foreign cyber attacks on US companies and contractors???

    Anyone who thinks that Giuliani, a very active public figure, is going to update the Giuliani web site himself is an idiot. He paid someone to put that site together, and if it gets hacked, so what, i'ts not like he is storing classified govern

    • It's so cute you think Rudy got the job because he's qualified.

    • by unimacs ( 597299 )
      Giuliani is a lawyer and was a mayor of a very large city. Probably not an idiot but has very little geopolitical or security experience. There are probably a hundred people more qualified to do this job who can also lead teams and get things done.

      Part of good security is following best practices and keeping the software up to date regardless of the value of the information on the server itself. Not doing so allows the potential for the server to be used for nefarious purposes. No one expects Giuliani to
    • fuck off nazi
    • Finds a smart guy (Giuliani) who understands geopolitics and security in general, as well as how to lead a team and get shit done.

      And don't forget, he looks great in a dress (these are NOT photoshopped):

      http://media.vanityfair.com/ph... [vanityfair.com]

      http://www.wardoggie.com/uploa... [wardoggie.com]

      https://s3.amazonaws.com/wp-ag... [amazonaws.com]

    • Apparently he can't even do that.

    • by gtall ( 79522 )

      "So I am sure all of these anti Trump/Giuliani posts are perfectly content with the job the Obama administration has done"

      Comparing apples and oranges isn't a deep logical argument.

      • Nope, definitely apples to apples. Hacking has been rampant for the last 8 years and Obama has done jack shit about it, until the DNC gets hacked, then the dems shit a brick. Under a competent leader, hacking would have been diminished, both by reciprocal attacks on foreign countries, laws requiring standards of security around important information, black bag ops to take out eastern European/third world hacking gangs as well as physical attacks where appropriate (take out China's backbone connections for

    • but we're not talking about Obama, we're talking about Giuliani and Trump. You know, the shmucks your kind just elected.
      • The hack on the DNC, OPM, JSF blueprints, NASA, the DOE, FEC, USPS, NOAA, the White House, the State Department, DOD, IRS (and hundreds of large companies) all took place under Obama, jackass. Trump isn't even in power yet. Obama's presidency has been a giant cluster f-k on cyber security.

        https://investmentwatchblog.co... [investmentwatchblog.com]

        Trump selects an effective executive who was a US attorney for 10 plus years and you idiots lose your shit. Trump won, he is president. Sit down, shut up and take a Valium. Once the g

  • by Tenebrousedge ( 1226584 ) <.moc.liamg. .ta. .egdesuorbenet.> on Friday January 13, 2017 @05:53PM (#53663573)

    I figured it would have to be Joomla. I'm doing maintenance programming on a Joomla site right now, and it's just a complete mess. There is nothing good about any part of the framework and no one should use it for anything. There is no "right way" to do things, and the documentation is beyond awful: obsolete, incomplete, badly written. Beyond the official documentation, most books on Joomla either don't cover the latest major version, or mention it but focus on the legacy interfaces. One is forced to look at the code itself for examples of what to do, and apparently that means make it up as you go along, There is no consistency even in the unit tests, hell, even in which testing framework they're using. And (at least IMO) there is no consistent vision because the fundamental design is crap.

    Use of Joomla for any purpose should be a firing offense.

  • Wow . . . so this is just like that time Obama hired a tax cheat [wikipedia.org] to be his first US Secretary of the Treasury!
  • Rudy Giuliani has no idea what FreeBSD even is. He probably thinks it's someone that wants what he calls a handout. On the part of FreeBSD being insecure, the article is just wrong. It has far fewer holes than Linux
  • It seems most of Trump's appointments have been for people who are the opposite of the best choice for the job.

  • Better a proven executive who knows he needs to consult experts than a 'guru boss' who doesn't need no stink'n experts.
  • Par for the course (Score:5, Insightful)

    by damn_registrars ( 1103043 ) <damn.registrars@gmail.com> on Friday January 13, 2017 @06:29PM (#53663789) Homepage Journal
    Considering how many Trump cabinet appointees are openly opposed to the missions - or even existence - of the departments he is aiming to appoint them to head, why would it be a surprise that a "cyber security advisor" is running an atrociously insecure site?
  • by Khyber ( 864651 ) <techkitsune@gmail.com> on Friday January 13, 2017 @07:18PM (#53664085) Homepage Journal

    How else can you expect to push tougher cybersecurity laws if you can't get compromised at the highest levels?

  • "Make America Great Again!" Hackers need love too! As much as oil execs, business execs, people that abuse the environment, anyone that holds loans to Trumps' companies that he will NEVER talk about to his kids while in office *sic* believe him! BELIIIIIIIIIEVE HIM!

  • Indeed, an LDAP directory answers there, but it has little to say:

    $ ldapsearch -xLLLh 209.238.99.227 -s base -b '' +
    (nothing!)

  • You would think that the first thing you would do after accepting the job as cyber security poster child would be to run out and make sure your shit was secure. Being a political appointee I would not expect Rudy J to do it himself, but at least hire someone competent to do a review for you.

It is better to give than to lend, and it costs about the same.

Working...