A rumble in the distance...
That sound you hear? It's a multitude of 400lb hackers bouncing up and down on their beds in glee.
In their honour, forget the popcorn; get the donuts and Mountain Dew.
US presidential candidate Donald Trump’s criticism of rival Hillary Clinton's use of a private email server while Secretary of State appeared to have rebounded on him. Security researcher Kevin Beaumont discovered the Trump organisation uses a hopelessly outdated and insecure internet setup. Servers on the Trump Organization' …
“That's a bit like saying it's okay to install WordPress and leave it unpatched forever because there's a firewall,”
I think he summed up the attitude of just about every bank in the world. At Deutsche Bank the policy definitely was 'you can do anything, nothing gets past our firewall'.
Yeah, it's fantastic, isn't it:
US presidential candidate Donald Trump’s criticism of rival Hillary Clinton's use of a private email server while Secretary of State appeared to have rebounded on him.
It's pretty amazing that outright illegal behaviour engaged in while running the State Department, then lying about it, trying to shift the blame to Powell, and getting a free pass by law enforcement is now put on the same level as running an unsecure server when running for president (however ill-suited for that job, but the Clinton-level of "fuck everything that looks female" is there at least)
Says much about the sewer-grade "news reporting" one gets nowadays.
I'm actually expecting downvotes by Graun readers and progressive poseurs who can't wait to liberate Aleppo for the children by a no-fly zone.
It's pretty amazing that outright illegal behaviour engaged in while running the State Department, then lying about it, trying to shift the blame to Powell, and getting a free pass by law enforcement is now put on the same level as running an unsecure server when running for president (however ill-suited for that job, but the Clinton-level of "fuck everything that looks female" is there at least)
Yes yes.. We all know how much the FBI love left-wing people, especially Shillary HilarityHillary...
Oh, and as to "...outright illegal behaviour..."... Deleting emails, which the LEO have found no case to answer, or sexual assault of lots of women.. Hmm.. Which is worse.. Deleting some generally unimportant messages, or sexually assaulting someone.. Erm.. Gee, that's a hard one. Oh wait, maybe that's what the problem was..
Says much about the sewer-grade "news reporting" one gets nowadays.
Seems about the same level as the US election.. But I'm in the country with TVNZ and their "news", or that prick on one of the other stations in the mornings. The "news" organisations Fox/Daily Mail et all laugh at for their levels of journalistic integrity and accurate reporting! (yes TVNZ, your news sucks beyond imagination!)
[quote]Deleting some generally unimportant messages, or sexually assaulting someone.. [/quote]
Both are illegal. Especially destroying evidence after a subpeona and secondly since wikileaks revealed 2nd in command to US justice dept tipped off Clinton confidante Leon Panetta about the subpeona, its even more illegal.
When you are subpoenaed, you dont get to pick and chose what evidence you are going to withhold from law enforcement.
Let's not forget the classified nature of many of those emails as well. Storing those outside of government servers alone was "gross mishandling of classified documents" in itself. "Generally unimportant?" Not in the slightest.
He actually has public policy positions. Some of them are funny in subtle and not so subtle ways, but he does have them. He's not quite the caricature the media has portrayed him to be.
Actually the American media reminds me a lot of Internet trolls. Take something, distort it, then pretend that distortion is the truth.
He's much more of a mundane Republican than he's made out to be.
"Why aren't there any embarrassing emails being passed around already?"
Funny thing about that.. The Democratic campaign admitted that when their server got hacked the attackers got all of their background research on Trump but somehow none of that got released by Wikileaks so far.
He's got experts - believe him, real experts - looking at this right now. Ten years old, very smart - the smartest - and one might even be eleven.
*waves tiny hands*
And unlike Crooked Hillary, The Donald doesn't even know how to delete an email. He just doesn't know. But if he did know, he'd only be deleting emails from those people. You know. Those people.
*ahem*
More seriously - even if someone did break into his email, what do you hope to find? All of his bigotry and hatred is on Twitter at 3AM. All of his bankruptcies were public. His sexual assaults are somewhat public. The people he didn't pay for their work are common knowledge right now.
Oh. I get it. What's the betting at least one mailbox is just full of invoices from the company he stiffed for doing maintenance and upgrades on this system?
One of the things you will not find is an invoice from Paul Manafort. Paul does not charge the Trump campaign for his services, but I doubt that he contributes his time out of the goodness of his heart.
No need to hunt for clues in Trump's emails. Just check the changes to Republican policy.
That buzzword filled statement appears to me to be completely meaningless and designed to baffle anyone outside of the IT industry into thinking they are actually secure.
Its clever because any attempt to explain to anyone about IT security will be met with a yawn and a glazing of the eyes.
"I'm not interested in facts, dammit!"
Which secure government server is he not using because he wants to hide from FOIA requests? And how much classified information has he leaked?
Oh, wait- he's not a government employee, and isn't passing around classified material.
You know, like Hillary was, when she used an insecure server to dodge FOIA laws, and when she put classified information in emails that went through it, instead of using the required government system. And when she deleted tens of thousands of emails AFTER being informed that they were subject to government warrants and such...
No, the other one - the one where she used BleachBit to delete all those emails that the FBI wanted to have a look at ;)
Of course, the real question now is: does Trump having his own private email server mean that he is less or more qualified to be the next POTUS?
Or, you know, we could just resign ourselves to the fact that modern politics has the nuance of a cereal box and about as much substance.
Isn't it peculiar that 'Hillary' knew so little that 'she' let all those hackers read her emails, yet 'she' knew enough to do a secure delete of "tens of thousands" of emails?
It's almost as if the 'Hacker' contention isn't true and 'she' (i.e. her IT brigade) knew how to secure a server's contents properly from prying eyes.
Nah, can't be, right?
The domain, clintonemail.com, was registered on January 13, 2009 -- AFTER she accepted the position of Secretary of State (November 21, 2008), AFTER her appointment was formally announced (December 1, 2008).
It was apparently registered and set up immediately after she had been through the security training and found out that anything she did on a government account was discoverable.
The rule against was government use of personal email accounts went into effect in 2005, After Colin Powell, and before Clinton.
All of these dates are public, verifiable information. You are entitled to your own opinions, but you aren't entitled to your own facts - and the facts don't support your statements.
You mean the server Colin Powell approved? And then hastily denied when leaned on?
How could Colin Powell approve anything? He wasn't in government service at the time. Also he had a personal email account, not a server, and this was before the rule was in place. He merely advised the same and as he had not been in government service for four years he may not have been aware of the then new rule.
The server she set up BEFORE the rule against them was brought in?
While the server may have been set up before the new rules it has no bearing as she wasn't Secretary of State at the time nor is any earlier data subject to FOIA requests. Note that the new rules were in place when she did become Secretary of State and rather than follow the rules to which she was then subject, she did not.
Was there a grandfather clause put into that law that said "well, unless you already have an unsecure server with classified emails on it, in which case carry on"?
Here's the thing, if you are doing something, and a law against it is passed, you're supposed to stop doing that thing... you know why? Because after the law is made, it's then ILLEGAL!
Even if Trump hasn't secured his personal email server at all. It only puts him and his business at risk, not American security, lives or national secrets. Believe me.
~ The official State Department mail system was / notoriously / a POS.
It's clear that the Clintons had mastered double-speak long ago. And it's nothing short of ridiculous for her to assert the Trump is unsuitable because of his attitude towards women -- she had her chance to say that long ago when she was supporting a man who put the hard word on one of his interns. But...
... of course a technically competant organization with a history of opperating their own mail servers would have prefered that over what the State Department was offering. Yes it was wrong, but it doesn't need any other explanation.
"~ The official State Department mail system was / notoriously / a POS."
As a mail server admin I can guess exactly what they are talking about by the amount of whining about features such as the 1 hour lockout of IPs that get too many bad password attempts By far the largest complaint I get is that my server passwords are "too complicated" meaning I generate them randomly. I have seen people create secure default passwords such as 123456, asdf the company name or even an obfuscated (l33t) version of the username. (Seriously, 3 different workplaces have assigned me the exact same secure password "G3rh4rd") And I don't even deal with a secure environment that requires VPN for email access..
So all of these politicians do what managers do when faced with an annoyance: they go off and bypass the restrictions by doing their own thing. They go off and hire someone to setup a new user friendly mail server for them only to learn that it's harder than it looks Security? "it has a firewall"
, document retention? oops. George Bush, Colin Powell, Hillary Clinton: All form of the same techno illiterate stupidity.
It's not directly comparable to the Hillary thing, but then again, if you're going to run for president and try to give your adversary a hard time over her email indiscretions, then probably the thing you really really want to not screw up on, is your own email set up.
As we all know here, running out of support software is really not best practice, and is inexcusable if that software is internet connected.
Hmmm...
PA-7080. Country of origin: USA
Type: Hardware
Year of Manufacture: 2016
Connections per second: 1,200,000
Firewall Throughput: 200Gbps
Max Sessions: 80,000,000
Base Price: $300,000
I'm going to pick... price.
What've you got?
Sonicwall TZ600 Country of origin: USA
Type: Hardware
Year of Manufacture: 2015
Connections per second: 12,000
Firewall Throughput: 500Mbps
Max Sessions: 150,000
Base Price: $1,800
Is it lowest wins on price? Highest? Shit. OK. You've won that one too.
Right now his campaign is run just like a lot of misguided small businesses out there -- just enough IT experience to cause problems. They got email up and running and called it a day when it could send & receive.
They could have outsourced the whole thing to almost any competent hosting company and they wouldn't have to manage anything themselves. This is a non-story because he's just a regular citizen. That would change if he was holding an elected office, and the criticism and outrage would be justified from that point.
As others have pointed out: If it's so insecure, where is all the purloined information? You know it would be front page, right next to the articles trying to convince Trump voters to stay home because Hillary has it in the bag already.
"Right now his campaign is run just like a lot of misguided small businesses out there -- just enough IT experience to cause problems. They got email up and running and called it a day when it could send & receive."
sounds like a reasonable explanation to me.
Trump is a real estate guy, not an IT guy or an engineer.
(and he needs a BETTER I.T. staff - Micro-shaft servers? ew...)
Not so.
It is established by long practice that we hold our candidates for public office to a higher standard than "ordinary citizens". Just ask the Do Nothing Congress. They positively glory in raking such people over the coals for infractions of character that would hardly raise an eyebrow in polite society.
Additionally, *this* candidate has held himself up as a barometer of competence and integrity. More, he has said in as many words that he is the Acme of such values, a line in the sand from which we should compare all others ("No-one understands [whatever] like me", "No-one has more respect for [whatever] than me", "No-one has been more successful at [whatever] than me"). Such a man cannot now claim the umbrella of "ordinary citizenship" to shield him from increased scrutiny.
So yes, it's a story, just like "Carpetbagger Clinton" was during her run for the Senate.
Correct me if I'm wrong, but isn't Trump's whole case for his own fitness for office that "he knows how to hire the best people to get the best job done"?
So showing that he's hired the Three Stooges to maintain a crucial piece of his campaign infrastructure - is kinda relevant.
"Windows Server 2003 ... went end of life *years* ago":
Mwaaah... extended support incl security updates ended July 14 2015. Which would make the core OS one year and three months and five days end of life. One could arrange for a "custom support relationship" of course but that doesn't include security updates.
Obviously this is all a irresistible honey pot waiting for liberal hackers to walk straight into :-)
Because the low-value targets often contain a trail of breadcrumbs to the higher-value ones.
Maybe the server has links to other servers.
Maybe some of the credentials on there are the same as for other servers.
Maybe some malware could be installed on it which harvests passwords from Trump logging in to check his mail (you could even cleverly make it reject his password once, so he tries another one - now you have two passwords to try against his Linked In or Gmail accounts)
You lot might sneer but you must've missed the bit about the firewalls running 24/7.
Oh, yes, unlike you noobs they do not disable the firewall protection for public holidays and overnight and for rest breaks. Nope they leave that sucker running all of the time.
Security turned up to 11 folks.
This post has been deleted by its author
Everyone knows that Microsoft products have got steadily worse and worse, and suffer from more hacks, attack vectors and insecurities. After all, who ever heard of a cross scripting or heartbleed attack involving MSDOS? So Trump's IT setup is probably the most secure ever.
(Fingers crossed on my getting that Gartner job...)
In the same way that representatives of the late Mr Michael Jackson asked that he be referred to as 'The King of Pop' whenever discussed, can I respectfully ask Register authors and commenters to please refer to Mr Trump as 'Mr President King To Be' when writing about him, including any stories about the merry innocent fun he may or not have had with women young and old, single and in groups, over the years.
Thank you for your understanding.
Why not trump.org? Because someone else [Registrant Name: chris puchowicz] got there first!
And it says:
"Vote NO to Trump
He wasn’t even organized enough to purchase this domain (or www.trump.tv) at public auction, and he wants to run the U.S.A.?
Days after I won this domain at public auction I received a letter from Trump attorney’s threatening to sue me for trademark infringement for purchasing this domain.
Guess who still owns the domain… not that guy."
The primary difference between Trump's insecure email server and Clinton's insecure email server, is:
HILLARY CLINTON WAS SECRETARY OF STATE. A government position that is supposed to have transparency and auditing by the Government Accountability Office and the US Inspector General.
Your comments about Trump's insecure email server are lost on the fact that Trump hasnt held public office yet, under existing Federal Law that demands accountability and audit.
Just the mere fact that Clinton or any of her IT people could even delete emails written by the Secretary of State is a violation of those laws...