Slashdot Mirror
2016 Presidential Candidate Security Investigation (infosecinstitute.com)
New submitter Fryan writes: InfoSec Institute has assessed the security posture of 16 of the presidential candidates' websites. This is an indicator of the level of security awareness the candidate and the campaign staff has. The recent breaches and security lapses of high profile individuals highlight the absolute need for everyone to take security awareness seriously. The hacking of the Director of the CIA's (John Brennan) personal email account, and the storage of classified emails on a personal email server with Hillary Clinton, show how damaging a lack of basic good security hygiene can be.
In this survey (of only the best known presidential candidates, not the scads of others), the authors give both their highest grade (an A) and lowest (a D) for candidates still in the race to two Republicans, Ben Carson and Jim Gilmore, respectively; surprising for a tech-focused campaign, Lawrence Lessig (who has ended his candidacy since the survey began) ranked even lower, with a D-.
Speaking of presidential candidates, the fourth Republican debate, hosted by Fox Business, will kick off about an hour after this post goes live (9:00 PM Eastern, 0200 GMT). Feel free to discuss it alongside the security report.
Speaking of presidential candidates, the fourth Republican debate, hosted by Fox Business, will kick off about an hour after this post goes live (9:00 PM Eastern, 0200 GMT). Feel free to discuss it alongside the security report.
The link is right next to the title, like is has been for all Slashdot articles for a while.
InfoSec Institute has assessed the security posture of 16 of the presidential candidates' websites. This is an indicator of the level of security awareness the candidate and the campaign staff has.
This assertion is false. First, the candidate has other things to be concerned about. His IT staff, who will probably not follow him to the political office if he's elected given the nature of government bureaucracy, handle it. Second, a web site is a glorified poster and graffiti wall. It's there for John Q Public. Media organizations are provided with itineraries and possibly with the contents of speeches and other material directly, they do not have to go to the candidate's website. Third, any maliciousness done to the candidate only serves to strengthen the candidate, as those who were already in-favor of the candidate will not lessen their opinions based on a website hack, and those who were undecided may sympathize with the candidate after such an attack. Fourth, given the propensity for semianonymous abuse of comments sections, the candidate's staff already have to peruse comments to moderate/censor, so long-term abuse that could paint a candidate as something that they don't want to be is unlikely.
If you want to know how a candidate handles security, follow how they handle money, and how quickly they return contributions that come from undesirable sources, or how they handle public appearances and interaction with specific persons. At this early stage that's probably more of a tell than any website.
Do not look into laser with remaining eye.
Why not evaluate the candidate shitty policies on information security? Like Carly who can't grasp math and is in favor of back doors into software and encryption.
What a stupid "investigation"
Even their page doesn't have SSL by default, when you go to the HTTPS site, it uses outdated encryption even with a modern browser.
http://i.imgur.com/de0eBK8.png
He's right. Politicians get paid too much
“He’s not deformed, he’s just drunk!”
Donald Trump just said, "Wages are too high."
Discuss.
Whose wages are too high?
I'm sure he doesn't think his own wage is too high.
If it weren't for deadlines, nothing would be late.
I really don't see what this says about the candidates, other than which ones hired better webmasters. If a candidate has a shitty, unsecured website, that doesn't really say they don't understand or care about security, it just shows they didn't pick a webmaster who does. And how knowledgeable on IT security do we expect the POTUS to be? We don't usually blame the CEO of a company when their website is hacked.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
I thought Rand Paul was a Republican. I guess you wouldn't know it by his polling numbers, though.
You are welcome on my lawn.
>> if you don't expose usernames, how do readers track to whom each comment in the comment section belongs? And if you don't expose a login page, how do posters track which of their comments have been replied to, and how do users manage their subscriptions to various newsletters?
NONE of the presidential campaigns were using any any self-registration or comment features of WordPress. (You'll see "registration" as a column in my WordPress report.) All of the users on all of the systems seemed to be admins, editors or their assistants, and none of the sites seemed to make any effort to distinguish one author from another. With that in mind, there really is no good reason for these sites to expose the list of usernames available on the system, nor is there a particularly good reason to permit the entire Internet to try their hand brute forcing sign-ons again a list of known usernames.
Given that the Donald wants to force Christian law the entire USA [...]
This is what I *hate* about political debate in this country. It's all sock-puppetry by people making unbased predictions about the other candidates. In previous elections, it started about 6 weeks before the election. At 2 weeks before, it reached fever pitch.
Everyone and their dog argues back and forth "if *the other guy* get elected, they'll eat your babies and cancel Christmas!!!"
Don't tell me what they *want*, and don't tell me what they'll *do*. Tell me what they *did*. Tell me what they *said*.
Base your rhetoric on concrete information - what people have *done* and *said* - and maybe I'll listen. Saying that the democrats will raise taxes, that the republicans will kill social security, is simple guesswork by "some dude on the net".
Trump said "wages too high", that's true - but what were the previous 3 words in that sentence?
The totality of what he said, all six words and the following words to the end of the sentence, are worthy of discussion. The excised 3-words are not - that's just a childish emotional appeal.
OH NO!!! Trump wants to reduce our wages!!!
We're not the mainstream media, we're better than that. Let's have an honest and real discussion instead of childish pot-shots.
Carly Fiorina just said we need "Uber, but for health care".
In theory, the Democrats are generally more compassionate so I feel a certain social obligation to vote for them. But, on the personal issues that matter to me, the centrists Democrats have made a lot of unforced errors.
As a biomedical research scientist who values individual freedom, Obama's stifling of (direct-to-consumer) personal genomics - e.g. what the FDA did to 23andMe - is going to make it very hard for me to vote for any of the "centrist" Democrats.
There are other countries in the world where speech is seen as more dangerous than action - where porn is outlawed but prostitution is legal. But I think the USA really got it right with it's first amendment. When it comes to actions, particularly actions that can hurt or kill someone (even just selling someone a bad burrito), then government regulation is appropriate. But when it comes to pure speech - even for commercial purposes - then the government should do everything it can to stay out of the way. When medical diagnostic procedures are invasive and can cause harm just by themselves then regulation is appropriate. But for diagnostic procedures that involve low risk activities like spitting in a tube, there really needs to be a distinction between diagnosis and treatment. One of the reasons I voted for Obama was that he was billed as a scholar of constitutional law - who would presumably believe in freedom of speech - which makes his decision to shut down 23andMe particularly disappointing.
And it's not just DTC personal genomics. One of the reasons that health care in the USA is so bad is because of certain key artificial monopolies imposed by the US government. In particular, the AMA works closely with the US government to create a severe shortage of medical doctors. Of course, this drives up wages for medical doctors. But patients have to pay much more for much less. And then the USA also imposes bizarre and dysfunctional artificial monopolies on medical drug production in the form of its horribly broken patent system.
Supposedly Obama deserves all kinds of credit for reforming healthcare in the USA, but all he really did was layer on additional bureaucracy in the form of mandatory health insurance while failing to address the underlying market failures (e.g. dysfunctional artificial government imposed monopolies).
So, while government funding for basic biomedical research has been the worst in many decades, Obama is also layering on all kinds of additional bureaucracy to stifle private sector innovation. I mean, good luck getting insurance reimbursement for 23andMe.
Would the Republicans be better? Probably not. But the centrist Democrats sure ain't heroes either.
Rand Paul but nobody is going to vote for him because they're obsessed with pop culture relics telling them otherwise. Weeeeeelp!
http://gamehacking.org/vb/threads/12747-nensondubois-codes http://twitter.com/nensondubois_
As a biomedical research scientist who values individual freedom, Obama's stifling of (direct-to-consumer) personal genomics - e.g. what the FDA did to 23andMe - is going to make it very hard for me to vote for any of the "centrist" Democrats.
As a person concerned with privacy, I cannot imagine why anyone would use 23andMe.
One of the reasons I voted for Obama was that he was billed as a scholar of constitutional law - who would presumably believe in freedom of speech
Don't presume.
Supposedly Obama deserves all kinds of credit for reforming healthcare in the USA, but all he really did was layer on additional bureaucracy
That's what government does.
Would the Republicans be better? Probably not. But the centrist Democrats sure ain't heroes either.
Correct. They're mostly a bunch of assholes. People with the courage to actually be far-left (or even far-right) are typically drummed out of government in a hot second.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
"real americans" being people willing to earn starvation wages, and be subservient to the economy, instead using our power through our government of the people to make the economy serve us? yeah, fuck you
The guy who said the election was rigged won the presidency with the second-most votes.
There are also downsides. But most people drive around in their cars with a big "license" plate on the back that has a unique identifier in large easily readable letters.
Identification is not the problem. Nice straw man though.
In a world where 20,000 children a day die of poverty,
red herring
it will be a long time before the governments of the world develop the resources and competence to misuse genetic information in a severe way.
It already has ramifications for health care.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"