User topics

Article topics

Log in Sign up

Trump's cyber-guru Giuliani runs ancient 'easily hackable website'

US president-elect Donald Trump's freshly minted cyber-tsar Rudy Giuliani runs a website with a content management system years out of date and potentially utterly hackable. Former New York City mayor and Donald loyalist Giuliani was today unveiled by Trump's transition team as the future president's cybersecurity adviser – …

COMMENTS

Post your comment

House rules Send corrections

Add to 'My topics'

Page:

1
2
3
4
Next →

Friday 13th January 2017 02:47 GMT Palpy

Oh Guiliani Shmuliani! Trump --

-- "knows a lot about hacking". He said so himself. And he uses Twitter with his phone, so that makes him a computer security expert in his own right. Most likely he'll use his immense skills to bring Guccifer to his gnees, and expunge Fancy Bear from existence.

So Guiliani is just window-dressing. Ugly window-dressing, but still.

13 1 Reply
1. Friday 13th January 2017 08:21 GMT Anonymous Coward
  
  IMHO is already a sucess...
  
  ... Trump didn't put his youngest son as the cyber guru - yah know, young boys knows a lot of computers...
  
  8 1 Reply
  1. Friday 13th January 2017 21:05 GMT Anonymous Coward
    
    Re: IMHO is already a sucess...
    
    And this is still better security than Hillary and the DNC had.
    
    You don't have to outrun the bear, you just have to outrun somebody.
    
    0 7 Reply
    1. Friday 13th January 2017 22:01 GMT Anonymous Coward
      
      Re: IMHO is already a sucess...
      
      There's no evidence Hillary's email server was ever hacked, and didn't most or all of the DNC emails come courtesy of social engineering attacks used to get the passwords of people like Leon Podesta? They could have had the most secure server in the world, but if someone gives up their password or uses the same password there as they do elsewhere that gets hacked, all that security means nothing.
      
      Yes, hacks like the OPS database are serious and we need to tighten up our "cyber" security. But Guliani's server's security issues have nothing to do with most of the "hacks" that have been in the news the last few years. They had nothing to do with the state department cables, that was an insider. They had nothing to do with Snowden's NSA grab, that was an insider. They had nothing to do with Guccifer, he used social engineering. They had nothing to do with iCloud "celebgate", that was social engineering.
      
      You can tighten up the security of computer systems, you can make things more difficult for insiders to reduce the ability for an insider to download 'everything' and make a huge data dump. But you can't stop an insider from getting some stuff out, and you can't teach people to not fall victim to social engineering attacks. If you could, there would be no spam.
      
      State sponsored actors have access to a lot of exploits, but if you could patch them all it would hardly even slow them down. They'd just resort to social engineering, malware, and so forth to get in if they could no longer exploit weaknesses from the outside over the internet.
      
      4 0 Reply
      1. Monday 16th January 2017 19:17 GMT johnpi
        
        Re: IMHO is already a sucess...
        
        Just for the record...
        
        "There's no evidence Hillary's email server was ever hacked"
        
        http://foreignpolicy.com/2016/09/02/fbi-an-account-on-clintons-private-email-server-was-hacked/
        
        1 1 Reply
    2. Friday 13th January 2017 22:19 GMT Sandtitz
      
      Re: IMHO is already a sucess... @troland
      
      "And this is still better security than Hillary and the DNC had"
      
      No, you're just wrong or trolling.
      
      Giuliani Security & Safety is supposedly a "full service security consulting firm". AFAIK neither Hillary nor DNC provide such services.
      
      giulianisecurity.com (which doesn't even resolve as of now!) got an F from the SSL test whereas Hillary gets an A+ and DNC gets an A with the same test.
      
      I'm not going to port scan either site nor check the underlying server side software for defects.
      
      9 0 Reply
      1. Saturday 14th January 2017 01:11 GMT Anonymous Coward
        
        Re: IMHO is already a sucess... @troland
        
        > No, you're just wrong or trolling.
        
        Obviously, and I'm not wrong.
        
        tl;dr it sounds like a "gotta have a website" website. Of course the software isn't super-secure. If they have any opsec sense they assume that, and don't try to hide anything embarrassing there. So unless these politicians are as dumb and corrupt* as the losers, there's nothing to see here.
        
        * I hope not, but they are politicians...
        
        0 6 Reply
Friday 13th January 2017 03:37 GMT jaduncan

The real issue

Someone with that little clue is very easy to manipulate, and the FBI/CIA/NSA have a very definite list of what they want. He's already authoritarian, so I doubt this is going to go well with regard to civil and digital liberties.

36 2 Reply
1. Friday 13th January 2017 03:50 GMT veti
  
  Re: The real issue
  
  I fear you've put your finger on Rudy's real qualifications: loyalty to the Dear Leader, and an authoritarian streak as wide as the Hudson. He'll have no qualms about siccing the NSA/other TLAs on anyone who makes waves, and who seems disloyal to the regime.
  
  40 2 Reply
  1. Friday 13th January 2017 07:13 GMT Anonymous Coward
    
    Re: The real issue
    
    Have an upvote for mentioning 'the Dear Leader'.
    
    The USofA under the incoming Chief will be a place where everyone is wrong but the 'Dear Leader' who won't hessitate to tell you so via Twitter. After all, he said many times in 2016 that he's more intelligent than almost all of the dweebs who elected him.
    
    He'll brush any mention of the Russian dossier under the carpet. Anyone who talks about it will get sent to the North Shore of Alaska to work on a new Hotel and Golf Resort for Trump (joking).
    
    14 3 Reply
    1. Friday 13th January 2017 12:35 GMT Stoneshop
      
      Re: The real issue
      
      After all, he said many times in 2016 that he's more intelligent than almost all of the dweebs who elected him.
      
      Not that hard to achieve. If his voters have a median IQ of 95 with a maximum spread of 10, then an IQ of 106 will fully satisfy that condition.
      
      9 3 Reply
    2. Friday 13th January 2017 17:50 GMT Anonymous Coward
      
      Re: The real issue
      
      "The USofA under the incoming Chief will be a place where everyone is wrong but the 'Dear Leader' who won't hessitate to tell you so via Twitter. After all, he said many times in 2016 that he's more intelligent than almost all of the dweebs who elected him."
      
      And was he wrong?
      
      3 0 Reply
    3. Sunday 15th January 2017 00:14 GMT anonymous boring coward
      
      Re: The real issue
      
      "After all, he said many times in 2016 that he's more intelligent than almost all of the dweebs who elected him"
      
      That doesn't say much though, does it?
      
      1 0 Reply
  2. Friday 13th January 2017 08:53 GMT tr1ck5t3r
    
    Re: The real issue
    
    These spook agencies are playing a double game.
    
    If you knew you were being spied on 24/7 by the state in an overt manner, then the population would be up in arms.
    
    So as always, what the Corporates & Govt do is lie to you, to make you feel less angst ridden by the thought you are being spied on 24/7 for criminal and corporate monitoring purposes.
    
    You know when you tell "white" lies to your kids as they grow up, because you dont want to pop their bubble or believe they wouldnt understand it?
    
    Well guess what, the corporates & Govt do it to you as well, thats why parts of it operate in secrecy.
    
    So with this in mind, now you know why Giuliani doesnt give a stuff.
    
    How many bugs are just moving backdoors? Getting people to patch their systems is just part of the ploy for your make believe cyber security when really your systems can be accessed instantly with a moments notice.
    
    How many OS's exists?
    
    Its just only a select few know this exists, because its all part of the corporate govt charade you and billions of others around the world buy into every second of the day facilitated often by you, when you boss gets you to do something you shouldnt, often because their boss asked them to do something they shouldnt have sometimes because a big customer or supplier asked needed a favour.
    
    You know how it works, you've done it yourself if you really think about it!
    
    2 12 Reply
2. Friday 13th January 2017 11:59 GMT Anonymous Coward
  
  Re: The real issue
  
  Could have been a bait and switch. But I would be reluctant to give them the benefit of intelligence there.
  
  3 1 Reply
3. Friday 13th January 2017 13:44 GMT macjules
  
  Re: The real issue
  
  Definite case of misspelling I think. "cybersecurity adviser" should possibly be "cyber security adviser"?
  
  He's more machine now than man. Twisted and evil
  
  3 1 Reply
  1. Friday 13th January 2017 16:59 GMT Primus Secundus Tertius
    
    Re: The real issue
    
    @macjules
    
    "cybersecurity adiser" is OK by MS Office spellcheck, the grand arbiter in these matters.
    
    1 1 Reply
    1. Saturday 14th January 2017 17:44 GMT John Brown (no body)
      
      Re: The real issue
      
      "cybersecurity adiser" is OK by MS Office spellcheck, the grand arbiter in these matters.
      
      Maybe you missed the subtle change of meaning created when splitting the word.
      
      Is he a "cyber security" advisor or a cyber "security advisor"?
      
      2 1 Reply
Friday 13th January 2017 04:05 GMT Alistair

Ayudame! Go CyberGulie Go!

Watch as CyberGulie jumps on his CyberJet to fly down to the CyberBorder to inspect the BrandNew CyberWall being built by modern CyberAmerican warrior workers and paid for by CyberMexican CyberPesos!

/sarc

<the above in Dora the explorer voiceover>

Okay. The fun part here is that Prez.Tweeter.Trump actually at one time had something that was called a "reality TV" show. This presidency is going to be more hysterically entertaining than that disaster of prime time. The only reason it isn't *FUNNY* is that it *IS* real.

<Hysteria != Humour>

15 1 Reply
1. Saturday 14th January 2017 17:46 GMT John Brown (no body)
  
  Re: Ayudame! Go CyberGulie Go!
  
  "Prez.Tweeter.Trump"
  
  I'm not sure why, but the phrase Tweeter Trump brought to mid an image of Cooter the tow truck guy from The Dukes of Hazard (original series).
  
  2 0 Reply
Friday 13th January 2017 04:39 GMT Anonymous Coward

Big Brother Security to the rescue

Okay, it's not a good sign for Rudy's security business. But please, someone tell me when it became the government's job to enhance the nation's civilian cyber security? Isn't that best left in the hands of the private sector anyway? And if it is, then why all the trumped up outrage? Seems like some doth protest too much, about the wrong topic anyway.

5 39 Reply
1. Friday 13th January 2017 05:07 GMT O RLY
  
  Re: Big Brother Security to the rescue
  
  Quoting Big John: "But please, someone tell me when it became the government's job to enhance the nation's civilian cyber security?"
  
  I guess it depends on how broadly one interprets "provide for the common defence", which is one of the explicit goals in creating the framework for the US federal government. If that phrase from the Preamble to the Constitution includes nation's cyber security, then 1789.
  
  32 2 Reply
  1. Saturday 14th January 2017 01:46 GMT Anonymous Coward
    
    Re: Big Brother Security to the rescue @O RLY
    
    > I guess it depends on how broadly one interprets "provide for the common defence"
    
    C'mon bro. Cyberwar isn't real war. It's a weasel word invented to shift blame away from the real culprits.
    
    To the extent that our enemies can adversely impact the lives of citizens by hacking, it's solely the fault of companies and governments that made us vulnerable by foisting insecure, unnecessary IT crap upon us.
    
    2 1 Reply
2. Friday 13th January 2017 07:05 GMT smartypants
  
  Re: Big Brother Security to the rescue
  
  Big John,
  
  The soon-to-be leader of the most armed country in the world has hired yet another person who clearly knows nothing about his remit.
  
  That's the big deal. Do try to keep up.
  
  42 2 Reply
  1. Friday 13th January 2017 10:26 GMT Doctor Syntax
    
    Re: Big Brother Security to the rescue
    
    "another person who clearly knows nothing about his remit."
    
    Given those reports about his own website I think he's about to learn something PDQ, even if only how little he knows. The skiddies won't be able to resist. The downside is that once he's paid someone to sort it out he'll think he's an expert.
    
    8 2 Reply
3. Friday 13th January 2017 08:10 GMT Milton
  
  Re: Big Brother Security to the rescue
  
  If the government's job is to protect its citizens from foreign military adventurism - which it manifestly is - why would safeguarding your cybersecurity be any less its duty?
  
  14 1 Reply
4. Friday 13th January 2017 19:57 GMT Captain Badmouth
  
  Re: Big Brother Security to the rescue
  
  Big John is stuck for something positive to say here, as he should be.
  
  4 2 Reply
  1. Saturday 14th January 2017 00:24 GMT Anonymous Coward
    
    Re: Big Brother Security to the rescue
    
    So, everyone who responded to my question DOES think it's the government's job to get involved with private web security? And I'm the the one who doesn't get it?
    
    What a perfect example of government's heavy influence over the attitudes of the masses. Probably all that government-run early school training. Trust Big Daddy government, kiddies, it's for your own good!
    
    Seriously people, we do NOT want government running our personal cyber-security. Really. What goes on in Rudy's business is totally immaterial to that issue. Personally I don't think Trump should be hiring anyone who was mayor of New York. Rudy can't be much of a conservative if he wins elections in that leftist paradise.
    
    2 3 Reply
    1. Saturday 14th January 2017 03:55 GMT O RLY
      
      Re: Big Brother Security to the rescue
      
      "What a perfect example of government's heavy influence over the attitudes of the masses. Probably all that government-run early school training. Trust Big Daddy government, kiddies, it's for your own good!"
      
      Hardly. I'm a believer in limited government, but I think the US government should do the things it's tasked to do by the people through the Constitution. I don't want the government to have sole responsibility for my personal cyber-security any more than I intend for the government to provide all of my physical security. Just as while I don't want or need to see tanks protecting my cities directly, I know that if $ENEMY attacks my city or family, there are people and tools equipped to respond with appropriate fury. What I DO want is the knowledge that the people tasked with those duties have the skills and experience to do them. I have no doubt that General Mattis is well-suited to be an outstanding SecDef; his record as a warrior monk speaks for itself. I have significant doubt that Rudy is suited to the task of advising the President on protecting government networks and whatever else fits under "White House Cyber Security Advisor". His company's website is part of his advertisement of capabilities. If it's less secure than my blog, he shouldn't do the job that the President-elect has asked him to do.
      
      As to the question you asked initially, yes, I think the government has a duty to provide some modicum of cyber security. They definitely should protect their own networks. In fact, there's an agency whose putative purpose is just that already. (Or maybe there's No Such Agency.) They've been too busy spying on everyone to prevent someone from stealing all of the personnel records from the OPM, for example. Giuliani's CV is that of a good federal prosecutor, a mediocre mayor who was cast into the national spotlight because of 9/11, and then a few consulting gigs. None of that indicates he has the skills necessary to the task asked.
      
      4 0 Reply
5. Saturday 14th January 2017 01:36 GMT Anonymous Coward
  
  Re: Big Brother Security to the rescue
  
  35 downvotes for Big John? How can so many people be so wrong? Did Buzzfeed link to this comment section?
  
  Government enhancing cybersecurity is like a fox enhancing henhouse security. Well, an incompetent fox.
  
  Hackers are happy to find cybersecurity problems, and that's actually a good thing because it teaches people (albeit the hard way) to look after their own security.
  
  4 2 Reply
6. Sunday 15th January 2017 18:55 GMT Anonymous Coward
  
  Re: Big Brother Security to the rescue
  
  Big John, not sure what line of business you are in, but I'm in the Power Supply industry. The quick answer to your question is ... we're in an increasingly connected world, our companies want to squeeze as much profit as possible out of what they sell, cyber security is expensive and unless someone at the top level (i.e Government) kicks butt the necessary security to keep your country going won't happen. In other words .. leave it to the private sector and although something may happen, it will happen slowly until a big disaster strikes. It's only until the Ukraine hacks happened that many in the power industry sat up and started putting money into CyberSecurity.
  
  Your statement is almost akin to "It's up to the private sector to manage our nation's security so let's put Lockheed Martin in charge of the military"
  
  Your government imposes certain requirements on anyone supplying stuff to your energy industry. This is a good thing
  
  2 0 Reply
  1. Sunday 15th January 2017 22:10 GMT Anonymous Coward
    
    Re: Big Brother Security to the rescue
    
    I wasn't really talking about critical infrastructure, but okay.
    
    So your thinking is that everyone's web security is government's job, because the private sector can't be trusted to do it and will leave us at the mercy of the black hats? Isn't that always the argument whenever people want the government to fix a problem? "Can't trust the free market to do anything right, they're all monkeys."
    
    Yet generally it turns out it pretty crappy when government does big stuff. I could site many, many examples. Okay, there are examples of things government does well. I understand Arpanet came in pretty handy. But that wasn't an all-encompassing project like being envisioned here.
    
    0 2 Reply
Friday 13th January 2017 05:17 GMT Anonymous Coward

I know someone who is free right now

There are some folks who are probably looking for work right now. Previous experience: running a mail server for a VIP called HRC. Learnt about bleachbit from reddit. May speak a little Russian.

10 0 Reply
Friday 13th January 2017 06:27 GMT fwadman

Site is down this morning ... I guess someone over there is ready the el reg ..

5 0 Reply
1. Friday 13th January 2017 10:43 GMT Graham Anderson
  
  missing the www
  
  The posted link has no www - if you include it, the site is up http://www.giulianisecurity.com
  
  6 1 Reply
  1. This post has been deleted by its author
  2. Friday 13th January 2017 15:25 GMT Anonymous Coward
    
    Re: missing the www
    
    I like how it has an Espanol option. Presumably for Mexicans.
    
    At least we know who's going to pay to fix it ...
    
    5 0 Reply
Friday 13th January 2017 06:27 GMT Frumious Bandersnatch

jeez

It's like Time Magazine elected 4chan as pesron of the yare or something.

All military operations in urban terrain from here on? It's pronounced CYBA!

(the piano^Hclavier has been drinking ... not me)

2 0 Reply
1. Friday 13th January 2017 13:42 GMT Stevie
  
  Re: jeez
  
  That was Time Out. And they were suggesting that it be thrown in the river Yare. I agree.
  
  2 0 Reply
Friday 13th January 2017 06:45 GMT MNGrrrl

Yeah, no surprise

This is a guy who called his 10 year old son a computer genius. So if this guy doesn't work out, maybe he'll hire his kid. Trump doesn't care about intelligence... he calls everyone who is loyal to him a genius, just, really, just the best, the very best. And of course, anyone who isn't... is stupid, an idiot, etc.

I'm pretty sure when it comes to this guy's intelligence... the wheel is turning but the hampster is dead.

38 2 Reply
1. Friday 13th January 2017 08:59 GMT Rich 11
  
  Re: Yeah, no surprise
  
  the wheel is turning but the hampster is dead.
  
  The wheel is turning but the hamster escaped out of one ear and took up residence on top of his head.
  
  41 0 Reply
  1. Friday 13th January 2017 09:06 GMT Anonymous Coward
    
    Re: Yeah, no surprise
    
    Up-voted, Brilliant...
    
    But then Rich 11 came along... Uuuuge, brillianter! Up-votes for everyone!
    
    8 2 Reply
2. Friday 13th January 2017 20:02 GMT Captain Badmouth
  
  Re: Yeah, no surprise
  
  As regards his vocabulary and use of superlatives etc. read this :
  
  http://www.politico.com/magazine/story/2015/08/donald-trump-talks-like-a-third-grader-121340
  
  Mine's the one with the copy of Viz in the pocket.
  
  3 0 Reply
3. Sunday 15th January 2017 00:21 GMT anonymous boring coward
  
  Re: Yeah, no surprise
  
  "This is a guy who called his 10 year old son a computer genius."
  
  In fairness though, compared to his dad he very likely is a computer genius.
  
  And so is my son (almost 12), compared to Trump.
  
  3 0 Reply
  1. Sunday 15th January 2017 22:15 GMT Anonymous Coward
    
    Re: Yeah, no surprise
    
    Yeah, how dare Trump presume to be President when he knows next to nothing about computers! The nerve of some people!
    
    0 2 Reply
    1. Sunday 15th January 2017 23:50 GMT Jamie Jones
      
      Re: Yeah, no surprise
      
      Yeah, how dare Trump presume to be President when he knows next to nothing about computers! The nerve of some people!
      
      There is a big difference between not knowing something, and not knowing you don't know something.
      
      If I was President, and one of the things needing doing was to ensure the wellfare of the elder-fruit eating fruitbat on the East-Side, you can be sure it would be done well.
      
      I know nothing about fruitbats, but I'd find someone who seems to knows enough, who can then find an expert on the subject.
      
      If I totally screwed up my appointment to this important role, I'd expected to be ridiculed on my fruit-bat ignorance.
      
      2 0 Reply
Friday 13th January 2017 06:59 GMT smartypants

Which is the Trump hire that isn't "the worst choice as X"?

There must be one, if only because it's sometimes hard in a short period of time to identify that ideal worst choice!

(Having said that, looking at our own cabinet right now, we don't come across that well either. What happens when someone as talented as Boris meets one of these trumpidors. Do they just go into a room, check nobody's listening, then burst into laughter?)

9 1 Reply
1. Friday 13th January 2017 19:33 GMT GrapeBunch
  
  All should be considered as "bargaining position" nominees. The people he really wanted will be the people sitting at the cabinet table in, oh, March.
  
  Is it possible that Giuliani Security is running up-to-date secure software that identifies itself as old and insecure? After all, it could not help security if any Tom, Dmitri or Kim can find out the exact level of the software you're actually running. Asking not as an expert but as a babe-in-the-woods.
  
  1 0 Reply
  1. Sunday 15th January 2017 23:59 GMT Jamie Jones
    
    You are totally correct about the software having a fake identifier. . It could also be a server run by a l33t guru who just prefers that version, which is his own personal patched fork.
    
    I know that when I was running web software like phpbb and wordpress, none of the exploits that came out would work on my systems due to my own setups.
    
    There is much more to the security of a machine (both good and bad) than simply the id of some application.
    
    However, in this case, looking at the evidence presented - the poor SSL/TLS rating being the smoking gun - doesn't bode well.
    
    1 0 Reply
Friday 13th January 2017 07:01 GMT jake

You just can't make this stuff up :-)

The writers over at Beach Blanket Babylon must feel like they are on a paid vacation with all the free material Chump is providing.

12 2 Reply

Page:

1
2
3
4
Next →

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Other stories you might like

Shadow of Trump hangs over future EU-US tech collaboration

Orange candidate has been known to use protectionist policy against allies

AI + ML 8 Apr 2024 | 12

Trump, who tried kicking TikTok out of the US, says boo to latest ban effort

Comment Florida man would rather have app stay so as not to give gift to 'true enemy of the people' ... Zuckerberg

Personal Tech 9 Mar 2024 | 93

Trump 'tried to sell Truth Social to Musk' as SPAC deal stalled

Talk about an unholy social media alliance

Offbeat 12 Mar 2024 | 96

Trump supporters forge AI deepfakes to woo Black voters

Perps argue that if you vote based on one fake pic you get what you deserve

AI + ML 5 Mar 2024 | 40

Pentagon said to have pulled $2.5B Intel defense chips grant

Updated Plus: Trump reportedly gave chipmaker license to sell to Huawei back in the day...

Systems 13 Mar 2024 | 8

Florida man slams 'tyranny' of central bank digital currencies in re-election bid

Talking points echo those of Ramaswamy and DeSantis as they drop out of the race

Personal Tech 22 Jan 2024 | 157

Chat2024 stuffs US election hopefuls into generative AI so you can be an 'informed voter'

Comment Jean Baudrillard would've LOVED this

Offbeat 12 Sep 2023 | 10

Florida Man and associates indicted for conspiracy to steal data, software

Voting machines and their info allegedly accessed without authorization by keen golfer's gofers

Cyber-crime 15 Aug 2023 | 306

TikTok US traffic defaults to Oracle Cloud, Beijing can (allegedly) still have a look

Alibaba hinted the gig was worth millions each year

Legal 20 Jun 2022 | 9

US judge dismisses Republican efforts to block release of Salesforce emails

Probe into Capitol attack must wait for appeal before data can be accessed

SaaS 3 May 2022 | 62

The Register Biting the hand that feeds IT

About Us

Our Websites

Your Privacy

Situation Publishing

Copyright. All rights reserved © 1998–2024