Trump Appoints A Cyber Security Advisor Who Has A Horribly Insecure Website

President Elect Donald Trump has appointed Rudy Giuliani to be his cyber security advisor. Here’s the problem. If you go to his website which is, which is down as I type this for reasons unknown, it becomes clear to cyber security experts that it is a cyber security nightmare that anyone can easily pwn. Robert Graham of Errata Security detailed this in a blog post:

The results have been laughable, with out-of-date software, bad encryption, unnecessary services, and so on.

But here’s the deal: it’s not his website. He just contracted with some generic web designer to put up a simple page with just some basic content. It’s there only because people expect if you have a business, you also have a website.

That website designer in turn contracted some basic VPS hosting service from Verio. It’s a service Verio exited around March of 2016, judging by the archived page.

The Verio service promised “security-hardened server software” that they “continually update and patch”. According to the security scans, this is a lie, as the software is all woefully out-of-date. According OS fingerprint, the FreeBSD image it uses is 10 years old. The security is exactly what you’d expect from a legacy hosting company that’s shut down some old business.

To add to this, The Register got someone to look at the site. The results are not good if you’re Giuliani. This really don’t project him in the best light as a “cyber security advisor” as you’d think he’d get someone to make sure that he didn’t get pwned by hackers (if he hasn’t already seeing as the site is down).

Quite simply, the optics of this are not good.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: