Calgarypuck Forums - The Unofficial Calgary Flames Fan Community - View Single Post - American Politics Thread: Orange is the new POTUS

photon · 05-09-2017, 01:46 PM

The Trump camp has talked a lot about cybersecurity—or “the cyber”—particularly to criticize Hillary Clinton for the risks posed by her private email server and to savor the damage done by hacks against the Democratic National Committee and Clinton campaign chairman John Podesta. Its own record, however, is less than sterling—in January, notably, after Trump named Rudolph Giuliani as a cybersecurity advisor, experts promptly discovered that the Giuliani Security corporate website was riddled with known vulnerabilities.

So, three weeks ago, Gizmodo Media Group’s Special Projects Desk launched a security preparedness test directed at Giuliani and 14 other people associated with the Trump Administration. We sent them an email that mimicked an invitation to view a spreadsheet in Google Docs. The emails came from the address security.test@gizmodomedia.com, but the sender name each one displayed was that of someone who might plausibly email the recipient, such as a colleague, friend, or family member.

The link in the document would take them to what looked like a Google sign-in page, asking them to submit their Google credentials. The url of the page included the word “test.” The page was not set up to actually record or retain the text of their passwords, just to register who had attempted to submit login information.

Some of the Trump Administration people completely ignored our email, the right move. But it appears that more than half the recipients clicked the link: Eight different unique devices visited the site, one of them multiple times. There’s no way to tell for sure if the recipients themselves did all the clicking (as opposed to, say, an IT specialist they’d forwarded it to), but seven of the connections occurred within 10 minutes of the emails being sent.

At least the recipients didn’t go farther. Our testing setup—which included disclaimers for careful readers at each step—did not induce anyone to go all the way and try to hand over their credentials.

Two of the people we reached—informal presidential advisor Newt Gingrich and FBI director James Comey—replied to the emails they’d gotten, apparently taking the sender’s identity at face value. Comey, apparently believing that he was writing to his friend, Lawfare.com editor-in-chief Ben Wittes, wrote: “Don’t want to open without care. What is it?” And Gingrich, apparently under the impression he was responding to an email from his wife, Callista, wrote: “What is this?”

http://gizmodo.com/heres-how-easy-it...-on-1794963635

05-09-2017, 01:46 PM	#2496
photon The new goggles also do nothing. Join Date: Oct 2001 Location: Calgary Exp:	The Trump camp has talked a lot about cybersecurity—or “the cyber”—particularly to criticize Hillary Clinton for the risks posed by her private email server and to savor the damage done by hacks against the Democratic National Committee and Clinton campaign chairman John Podesta. Its own record, however, is less than sterling—in January, notably, after Trump named Rudolph Giuliani as a cybersecurity advisor, experts promptly discovered that the Giuliani Security corporate website was riddled with known vulnerabilities. So, three weeks ago, Gizmodo Media Group’s Special Projects Desk launched a security preparedness test directed at Giuliani and 14 other people associated with the Trump Administration. We sent them an email that mimicked an invitation to view a spreadsheet in Google Docs. The emails came from the address security.test@gizmodomedia.com, but the sender name each one displayed was that of someone who might plausibly email the recipient, such as a colleague, friend, or family member. The link in the document would take them to what looked like a Google sign-in page, asking them to submit their Google credentials. The url of the page included the word “test.” The page was not set up to actually record or retain the text of their passwords, just to register who had attempted to submit login information. Some of the Trump Administration people completely ignored our email, the right move. But it appears that more than half the recipients clicked the link: Eight different unique devices visited the site, one of them multiple times. There’s no way to tell for sure if the recipients themselves did all the clicking (as opposed to, say, an IT specialist they’d forwarded it to), but seven of the connections occurred within 10 minutes of the emails being sent. At least the recipients didn’t go farther. Our testing setup—which included disclaimers for careful readers at each step—did not induce anyone to go all the way and try to hand over their credentials. Two of the people we reached—informal presidential advisor Newt Gingrich and FBI director James Comey—replied to the emails they’d gotten, apparently taking the sender’s identity at face value. Comey, apparently believing that he was writing to his friend, Lawfare.com editor-in-chief Ben Wittes, wrote: “Don’t want to open without care. What is it?” And Gingrich, apparently under the impression he was responding to an email from his wife, Callista, wrote: “What is this?” http://gizmodo.com/heres-how-easy-it...-on-1794963635 __________________ Uncertainty is an uncomfortable position. But certainty is an absurd one.