New reports show that as Trump was busy banging a bass drum of rage over how he thinks that maybe Hillary’s email server might have been hacked, his official website was leaking worse than a screen door on a submarine.
Chris Vickery wrote on his company blog Wednesday that until he notified the Trump campaign, the DonaldJTrump.com website had misconfigured security settings on its cloud account that allowed anyone to freely access files stored on the website.
“If you want to be Commander in Chief of the mightiest nation on planet Earth, you can’t have a leaky website. You just can’t,” he wrote.
The nature of the error allowed anyone with a basic knowledge of the directory structure on the site, or could guess at it, to find and download files. Trump’s tech people used common folder names like “resumes” and easy to guess file names like “resume_1.pdf” for the directories and files on the site.
All in all, Vickery found 24 resumes of would-be interns. That isn’t to say that was ALL that was there to be found. Vickery simply did not continue prodding and probing the website and chose to alert someone at the Trump campaign instead before it looked like he was intentionally infiltrating it for malicious purposes. It doesn’t say that Vickery was the first to find it, either. Sophisticated hackers would have had access to God knows what for months, even years perhaps, with such an obvious backdoor going unclosed.
“Ultimately this was an entirely avoidable mistake on the part of Trump’s tech staff. We’ll probably never know how bad the exposure really was or what other files I could have found. I have zero confidence that the campaign will be honest about that in whatever response they put out publicly (that’s if they do actually acknowledge the situation),”
The administrator of the data breach news site databreaches.net contacted the Trump campaign to assist them in fixing the error. Even though this was done, the campaign refused to make any acknowledgement of the error on their website. This is probably because Trump websites are the best websites, and they have Yuuuuge security. Think of it as a big beautiful wall in cyberspace where you can only get through LEGALLY.
This is an important issue, despite the knuckleheadedness of Trump and his lackluster IT staff. As president, Trump would need to also keep in mind the cybersecurity of our nation and not just spend all day dreaming about building physical walls between the U.S. and Mexico. This guy can’t even manage to keep his own website secure from a rather basic method of intrusion. How would he ever protect a nation?
Featured image via Twitter