When it comes to Donald Trump, it’s getting harder by the day to be surprised.
His latest mishap comes from a cabinet appointment, former New York City mayor Rudy Giuliani. It’s Giuliani, now, that’s tasked with protecting our nation from the best and most sophisticated cyber criminals both foreign and domestic. And it’s Giuliani that today got schooled on the perils of not practicing what you preach.
CNBC reported that Dan Tentler, founder of Phobos Group was able to pull up “read me” files — while using a tethered mobile device, on an airplane — removed by even the most novice of website administrators. “This is really, really, really basic — it barely even qualifies as security,” Tentler said. “Those files give you all the information you need to do nefarious things. This is horrifying. This organization that bills itself as a security company has taken zero time to harden its own website.”
Or there’s this screenshot, showing Giuliani’s expired SSL certificate and failure to force users to a secure (https) connection.
— maxwell ogden (@denormalize) January 13, 2017
That’s right, our top cybersecurity advisor isn’t using an encrypted connection on his own website.
Need more? There’s more.
^^^ ref this. Giuliani, Trumps pick for 'overseeing cybersecurity' owns .www.giulianisecurity.com. Very comforting. Errythang gonna be fine. pic.twitter.com/6vXYPEmmTq
— JΞSŦΞR ✪ ΔCŦUΔL³³º¹ (@th3j35t3r) January 13, 2017
I’d encourage you to check this out yourself, but the site is currently down due to high traffic. *facepalm*
Again, though, it’s hard to be surprised. This is just the latest in a series of puzzling cabinet appointments that led us to where we are today. And where we are today is a nation that’s soon to be led by a cybersecurity advisor that doesn’t seem to understand cybersecurity.
Welcome to 2017, the show where the news is made up and the cabinet picks don’t matter.