Slashdot Mirror

← Back to Stories (view on slashdot.org)

Any Half-Decent Hacker Could Break Into Mar-a-Lago (alternet.org)

Posted by BeauHD on from the private-investigators dept.

MrCreosote writes: Properties owned and run by the Trump Organization, including places where Trump spends much of his time and has hosted foreign leaders, are a network security nightmare. From a report via ProPublica (co-published with Gizmodo): "We parked a 17-foot motor boat in a lagoon about 800 feet from the back lawn of The Mar-a-Lago Club in Palm Beach and pointed a 2-foot wireless antenna that resembled a potato gun toward the club. Within a minute, we spotted three weakly encrypted Wi-Fi networks. We could have hacked them in less than five minutes, but we refrained. A few days later, we drove through the grounds of the Trump National Golf Club in Bedminster, New Jersey, with the same antenna and aimed it at the clubhouse. We identified two open Wi-Fi networks that anyone could join without a password. We resisted the temptation. We have also visited two of President Donald Trump's other family-run retreats, the Trump International Hotel in Washington, D.C., and a golf club in Sterling, Virginia. Our inspections found weak and open Wi-Fi networks, wireless printers without passwords, servers with outdated and vulnerable software, and unencrypted login pages to back-end databases containing sensitive information. The risks posed by the lax security, experts say, go well beyond simple digital snooping. Sophisticated attackers could take advantage of vulnerabilities in the Wi-Fi networks to take over devices like computers or smart phones and use them to record conversations involving anyone on the premises."

4 of 327 comments (clear)

  1. Re:Incoming law enforcement by DontBeAMoran · · Score: 4, Informative

    They did not connect to the unprotected networks (i.e. networks that are open, by design). They also did not connect to the weakly protected networks (which would have been illegal, but their point was that hackers and foreign governments could easily access them).

    --
    #DeleteFacebook
  2. Re:Wow. You da man. Accessing a public network! by GLMDesigns · · Score: 5, Informative

    Sorry this is a public resort. It's a golf club, public events are held there. And yes. Trump has a private residence there. I'm pretty sure there is more than one network there.

    This is analogous to Trump owning the Waldorf Hotel and having a suite there and someone hacking the hotel's public network. Big deal. Again, that's the equivalent of hacking a Starbucks.

    --
    If you're scared of your govt then you need to further restrict its powers
    Vote 3rd Party in 2016 and beyond
  3. Re:Crappy pentest is crappy by Lordpidey · · Score: 4, Informative

    1. Was this done with written permission from the network owner? If not, you opened yourself up to legal action by the network owner if they choose to pursue it.

    Listening to SSID broadcast is hardly illegal.

    --
    Some people encrypt by using rot-13 twice. I prefer the more secure method of using rot-1 a total of twenty six times.
  4. Re:Incoming law enforcement by Kierthos · · Score: 5, Informative

    Because he's an arrogant prick who thinks that he can do whatever he wants without consequences.

    --
    Mr. Hu is not a ninja.