Security researcher reveals Trump's email servers are out of date and insecure

midian182

Posts: 5,759   +46
Staff member

Donald Trump often criticizes Hillary Clinton’s use of a private email server, but it appears she’s not the only presidential candidate guilty of poor email security practices. A researcher has revealed that the Trump Organization’s mail servers are badly configured and use software so out of date they no longer receive patches.

British security architect Kevin Beaumont discovered that the email servers used by the Trump Organization – the parent company of the Republican’s hotels, golf courses, and other businesses – run an unpatched version of Windows Server 2003 with Internet Information Server 6.

“Running outdated software and operating systems for your publicly facing email infrastructure is problematic, especially when you're a high-profile organization,” Beaumont told Motherboard in an email. “During an election where cybersecurity is such a big issue, I was a little amazed at what I saw.”

Microsoft stopped supporting Windows Server 2003 when it reached end of life status in July 2015. The company's official website advises those still using the software to upgrade.

Beaumont also discovered inadequate security measures in the servers. The service doesn’t use two-factor authentication, meaning it doesn't link to another device to receive an extra login code – an extra layer of security everyone should use, especially those running for President.

The researcher also found the email access page of the Trump Organization. The page’s code reveals that it is using a 2015 build of Microsoft Exchange 2007 (SP3 RU16), which, as noted by Ars Technica, contains a number of known vulnerabilities.

Beaumont has faced the wrath of Tweeting Trump supporters since he made the revelations. One even threatened to report him to the FBI, despite the fact that the information he gathered is publicly accessible and he did not attempt to log into the e-mail system.

Responding to the news, the Trump Organization sent the following statement to Motherboard:

The Trump Organization deploys best in class firewall and anti-vulnerability technology with constant 24/7 monitoring. Our infrastructure is vast and leverages multiple platforms which are consistently monitored and upgraded using current cyber security best practices.

Permalink to story.

 

Teko03

Posts: 611   +323
I despise Trump, but does this really matter...considering Trump wasn't serving as Secretary of State while using private e-mail servers? Or am I missing something here? Aside from the fact that Trump & his campaign always over-exaggerate how "tremendous" they are at doing basically anything.

Trump's speech on "the cyber" revolved around how well his grandson knows computers...are we really surprised?
 
D

davislane1

"The OS, by the way, is the one Clinton's private email server run and she got in trouble for."

She got in trouble for breaking the law. Could have used any OS and still "got in trouble" for it.

I despise Trump, but does this really matter...considering Trump wasn't serving as Secretary of State while using private e-mail servers? Or am I missing something here? Aside from the fact that Trump & his campaign always over-exaggerate how "tremendous" they are at doing basically anything.
I'll take an exaggerator over a demonstrated extralegal serial deceiver all day.
 
D

davislane1

Honest question: Why hasn't Techspot been covering anything related to the Clinton server?



One would think this a story-rich environment on technological incompetency.

Edit: image is a screen cap of a recent Wikileak.
 

Uncle Al

Posts: 7,077   +5,437
The title of the article says it all ..... not unlike the person they represent.

I'm still pushing for an amendment to the law that requires all national laws to add the option "none of the above" as the last line on the ballot. If that should be the majority of the votes, the existing leader would be bound over for a period of 18 months until a new election can be arranged and the previous candidates would be removed from the ballot, thus forcing new faces so a clear majority could be gained.

Obviously the constitution does not currently allow for this, but then again, the framers of the constitution certainly could not envision a situation like we are facing today. Bottom line on this election, no matter who wins, we all loose.
 

IAMTHESTIG

Posts: 1,868   +900
So? Trump isn't responsible for handling classified information. He isn't breaking laws by providing shi**y security for his customers. What Hillary did is a massive security threat to the United States. If I had done anything remotely similar to her actions when I was working for the DoD I would have had my clearance revoked and then I would have been fired because I was no longer qualified for the job. Hillary should be disqualified for running for president. Stick Bernie back in and lets try again... never mind he is just a sell-out. Time to reboot the system.
 

wiyosaya

Posts: 5,242   +3,335
Honest question: Why hasn't Techspot been covering anything related to the Clinton server?



One would think this a story-rich environment on technological incompetency.

Edit: image is a screen cap of a recent Wikileak.
It is not really news to the techie that politicians are technologically incompetent. Nor is it news that Trump thinks that Hillary has major problems. Nor should it be news that Trump is just as incompetent as Hillary when it comes to tech matters even though he seems to think he is more technically competent.
 
D

davislane1

So? Trump isn't responsible for handling classified information. He isn't breaking laws by providing shi**y security for his customers. What Hillary did is a massive security threat to the United States. If I had done anything remotely similar to her actions when I was working for the DoD I would have had my clearance revoked and then I would have been fired because I was no longer qualified for the job. Hillary should be disqualified for running for president. Stick Bernie back in and lets try again... never mind he is just a sell-out. Time to reboot the system.
Keep fantasizing. If you did half of what she did you wouldn't simply be fired. You'd be hauled before a judge and promptly thrown in prison.
 

wiyosaya

Posts: 5,242   +3,335
So? Trump isn't responsible for handling classified information. He isn't breaking laws by providing shi**y security for his customers. What Hillary did is a massive security threat to the United States. If I had done anything remotely similar to her actions when I was working for the DoD I would have had my clearance revoked and then I would have been fired because I was no longer qualified for the job. Hillary should be disqualified for running for president. Stick Bernie back in and lets try again... never mind he is just a sell-out. Time to reboot the system.
Actually, Trump has been briefed with classified information...so he IS privy to it. Apparently, he wants to let it out of the bag - http://abcnews.go.com/Politics/trump-hints-learned-classified-briefing/story?id=41938079
 

MoeJoe

Posts: 837   +441
So? Trump isn't responsible for handling classified information. He isn't breaking laws by providing shi**y security for his customers. What Hillary did is a massive security threat to the United States. If I had done anything remotely similar to her actions when I was working for the DoD I would have had my clearance revoked and then I would have been fired because I was no longer qualified for the job. Hillary should be disqualified for running for president. Stick Bernie back in and lets try again... never mind he is just a sell-out. Time to reboot the system.
Actually, Trump has been briefed with classified information...so he IS privy to it. Apparently, he wants to let it out of the bag - http://abcnews.go.com/Politics/trump-hints-learned-classified-briefing/story?id=41938079
So? Trump isn't responsible for handling classified information. He isn't breaking laws by providing shi**y security for his customers. What Hillary did is a massive security threat to the United States. If I had done anything remotely similar to her actions when I was working for the DoD I would have had my clearance revoked and then I would have been fired because I was no longer qualified for the job. Hillary should be disqualified for running for president. Stick Bernie back in and lets try again... never mind he is just a sell-out. Time to reboot the system.
Actually, Trump has been briefed with classified information...so he IS privy to it. Apparently, he wants to let it out of the bag - http://abcnews.go.com/Politics/trump-hints-learned-classified-briefing/story?id=41938079
L o L. Where's the Wiki-Trump-Leaks ?
 

IAMTHESTIG

Posts: 1,868   +900
Actually, Trump has been briefed with classified information...so he IS privy to it. Apparently, he wants to let it out of the bag - http://abcnews.go.com/Politics/trump-hints-learned-classified-briefing/story?id=41938079
Well, if someone finds that Trump is communicating classified information on his private servers/network then he is just as guilty as Hillary. But until then... it is an irrelevant observation. If I were the FBI I'd be heavily scrutinizing Trump's electronic communications not just from his mobile devices but from his private networks and servers. Question is, would Trump get the same pass that Hillary got?
 

Teko03

Posts: 611   +323
Keep fantasizing. If you did half of what she did you wouldn't simply be fired. You'd be hauled before a judge and promptly thrown in prison.
As some one who has worked with DoD IA/IT departments...people mishandle classified information literally on a daily basis --- and nothing comes off it. Just bring in the "cyber clean up" crew to mitigate the hundreds and thousands of incidents and move on to the next.
 

Kibaruk

Posts: 3,836   +1,183
Honest question: Why hasn't Techspot been covering anything related to the Clinton server?



One would think this a story-rich environment on technological incompetency.

Edit: image is a screen cap of a recent Wikileak.
It is not really news to the techie that politicians are technologically incompetent. Nor is it news that Trump thinks that Hillary has major problems. Nor should it be news that Trump is just as incompetent as Hillary when it comes to tech matters even though he seems to think he is more technically competent.
It's tech related, it's information technology security related, it's relevant. If it's politics, or religious, or whatever is secondary.

After reading the thread, you still don't get the point which is between funny and sad.
 

mbrowne5061

Posts: 1,480   +820
The compromise of 2016:

>Hillary imprisoned
>Donald's last name forcibly renamed to "drumpf" and then deported
>Obama stays in the white house on a month-by-month basis until we figure our s*** out.
 
  • Like
Reactions: wiyosaya
R

RustyTech

Every time I read an article and say "huh" and I scroll up to see who wrote it, it's ALWAYS Rob Thubron; but I guess it's like Rob to try and muddy the waters so that everyone would become confused.

If people think the issue with Hillary is that her OS was out of date, they have been grossly deceived.

Allow me to simplify - She was using a non-secure server for classified work. AND LIED ABOUT IT (aka perjury). AND Deleted most of those e-mails.
And even that is just the tip of the iceberg. There is a whole list of issued that steam from the fact that she used a private server.
 
  • Like
Reactions: SirChocula

Evernessince

Posts: 5,081   +5,316
"The OS, by the way, is the one Clinton's private email server run and she got in trouble for."

She got in trouble for breaking the law. Could have used any OS and still "got in trouble" for it.

I despise Trump, but does this really matter...considering Trump wasn't serving as Secretary of State while using private e-mail servers? Or am I missing something here? Aside from the fact that Trump & his campaign always over-exaggerate how "tremendous" they are at doing basically anything.
I'll take an exaggerator over a demonstrated extralegal serial deceiver all day.
Both conditions in your last sentence describe Trump. You could really describe any politician with those.
 

Billy Vinson

Posts: 54   +31
Lost some respect for TechSpot today. Hillary is a CRIMINAL and all of the media sources just point at Trump in attempts at keeping the Public fluoride-ridden, docile and un-informed. PERIOD. Keep your stories to the TECH world, I don't want to see political propaganda. May have to start getting my tech news somewhere else - ridiculous.
 

p51d007

Posts: 2,417   +1,685
So? He's a PRIVATE citizen...unlike HILLARY CLINTON...who not only used a private server for
confidential email, violated the law by deleting the email.
I don't care for Trump, but he's not a politician, he's a PRIVATE citizen, not subject to the laws
of a cabinet official.