Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trump's Cyber Security Advisor Rudy Giuliani Runs Ancient, Utterly Hackable Website (theregister.co.uk)

Posted by BeauHD on from the irony-and-its-best dept.

mask.of.sanity writes from a report via The Register: U.S. president-elect Donald Trump's freshly minted cyber tsar Rudy Giuliani runs a website so insecure that its content management system is five years out of date, unpatched and is utterly hackable. Giulianisecurity.com, the website for Giuliani's eponymous infosec consultancy firm, runs Joomla! version 3.0, released in 2012, and since found to carry 15 separate vulnerabilities. More bugs and poor secure controls abound. The Register report adds: "Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server. This seemingly insecure system also has a surprising number of network ports open -- from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. It also runs a rather old version of FreeBSD. 'You can probably break into Giuliani's server,' said Robert Graham of Errata Security. 'I know this because other FreeBSD servers in the same data center have already been broken into, tagged by hackers, or are now serving viruses. 'But that doesn't matter. There's nothing on Giuliani's server worth hacking.'"

7 of 280 comments (clear)

  1. They need better cyber by DogDude · · Score: 5, Funny

    "So we had to get very, very tough on cyber and cyber warfare. It is a huge problem. I have a son—he’s 10 years old. He has computers. He is so good with these computers. It’s unbelievable. The security aspect of cyber is very, very tough. And maybe, it's hardly doable. But I will say, we are not doing the job we should be doing. But that’s true throughout our whole governmental society. We have so many things that we have to do better, Lester. And certainly cyber is one of them."

    --
    I don't respond to AC's.
  2. Re:Not really a big deal. by Anonymous Coward · · Score: 4, Funny

    Sorry that can't be true, Trump was elected to drain the swamp and no one could ever mislead the American people so this can't happen anymore.

    You're obviously just spreading fake news. Next you'll be saying Trump paid some Russian hookers to piss on each other in front of him in Moscow.

  3. Re:Website is already down but... by Archangel+Michael · · Score: 2, Funny

    I bet he can wipe a server ... like with a cloth.

    --
    Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
  4. Re:This should be the only comment by Anonymous Coward · · Score: 3, Funny

    Oh yes there is. You people might think this conversation is done, you might try to wiggle your way out of it, but it's not going to happen. There's a VITAL issue that needs to be addressed, and, frankly, I'm tired of people dancing around the real issues.

    Now... I understand that the guy is running FreeBSD. I mean, what the crap? He should be running OpenBSD for Pete's sake.

    FreeBSD is just, like, wrong.

  5. Re:Website is already down but... by Archangel+Michael · · Score: 4, Funny

    Yes, you can actually get a "cloth or something"

    http://www.bleachbit.org/cloth...

    --
    Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
  6. Re: Not really a big deal. by PopeRatzo · · Score: 3, Funny

    They understand nuclear physics, unlike Rick Perry who doesn't even remember the name of the department he was recently appointed to lead:

    But he was a fourth runner-up on Dancing With The Stars, so I'm pretty sure that qualifies him to be in Trump's cabinet.

    --
    You are welcome on my lawn.
  7. Re: Not really a big deal. by FFOMelchior · · Score: 3, Funny

    ^ I have no idea whether to vote that funny or insightful...... :/