“Secure” Cloudflare-protected Trump website defaced by hacker claiming to be from Iraq
Razer
g2s at riseup.net
Mon Feb 20 17:34:17 PST 2017
https://arstechnica.com/security/2017/02/secure-trump-website-defaced-by-hacker-claiming-to-be-from-iraq
Meanwhile, Trump's multiple security faux-pas triggers call for House
investigation
Representative Ted Lieu, a congressman from Los Angeles County,
California, led fourteen other House Democrats on Friday in urging the
House Government Oversight Committee to investigate "troubling reports"
of President Donald Trump's apparently poor security practices and the
potential danger to national security posed by them—including his
continued use of an unsecured Android device to post to Twitter,
discussion of sensitive information (including nuclear strategy) in the
restaurant at his Mar-A-Lago resort, and leaving classified material
unlocked while visitors were in the Oval Office.
In a letter to Oversight Committee chairman Jason Chaffetz and ranking
Democratic member Elijah Cummings, the fifteen representatives wrote:
> Referring to the complex problem of cybersecurity, President Trump
recently said in an interview, "I’m not sure you have the kind of
security that you need." We fully agree—which is why we are writing to
request that the House Oversight and Government Reform Committee hold a
hearing into troubling reports that the President is jeopardizing
national security by egregiously failing to implement commonsense
security measures across the board, from using an insecure,
consumer-grade Android smartphone to discussing nuclear strategy openly
in a dining room at his Mar-a-Lago Club in Florida. Cybersecurity
experts universally agree that an ordinary Android smartphone, which the
President is reportedly using despite repeated warnings from the Secret
Service, can be easily hacked.
Lieu and the other signatories of the letter expressed concern that
Trump's Android device, "most likely the Samsung Galaxy S3," is
particularly vulnerable to attack, and that someone could alter the
information the President viewed on it—which could "have a huge impact
on his beliefs and actions."
They also feared that someone could gain control of his Twitter account,
"causing disastrous consequences for global stability," or use it as a
listening device to pick up sensitive conversations.
Also cited by the letter were photos from a recent White House visit by
Intel CEO Brian Krzanich that showed a key still in the lock of a bag
for classified material on Trump's desk. The photo was called out by
Senator Martin Heinrich of New Mexico in this Twitter post:
Additionally, Lieu and the other representatives expressed concern over
the continued use of outside e-mail accounts hosted by the Republican
National Committee, and compliance with federal records law. "Reports
indicate that a political e-mail system used by senior White House staff
was hacked in December by a Russian intelligence agency, yet again
raising the prospect of the White House being monitored or influenced by
unfriendly powers," Lieu and the others wrote. Federal law requires that
all e-mails for official business on an outside e-mail system be
forwarded or copied into a government e-mail system within 20 days.
The letter calls for the Oversight Committee to look into whether the
President is using an unsecured device, whether Trump and the White
House staff have been properly briefed and trained on both information
security and operational security, and if "the President and the Office
of the President [can] ensure that there are no missing e-mails,
communications, and technological exchanges—in other words, can they
confirm they are not actively being monitored?"
With links:
https://arstechnica.com/tech-policy/2017/02/trumps-apparent-string-of-security-faux-pas-trigger-call-for-house-investigation/
More information about the cypherpunks
mailing list