Security researcher reveals Trump's email servers are out of date and insecure

By midian182 ยท 34 replies
Oct 19, 2016
Post New Reply
  1. Donald Trump often criticizes Hillary Clinton’s use of a private email server, but it appears she’s not the only presidential candidate guilty of poor email security practices. A researcher has revealed that the Trump Organization’s mail servers are badly configured and use software so out of date they no longer receive patches.

    British security architect Kevin Beaumont discovered that the email servers used by the Trump Organization – the parent company of the Republican’s hotels, golf courses, and other businesses – run an unpatched version of Windows Server 2003 with Internet Information Server 6.

    “Running outdated software and operating systems for your publicly facing email infrastructure is problematic, especially when you're a high-profile organization,” Beaumont told Motherboard in an email. “During an election where cybersecurity is such a big issue, I was a little amazed at what I saw.”

    Microsoft stopped supporting Windows Server 2003 when it reached end of life status in July 2015. The company's official website advises those still using the software to upgrade.

    Beaumont also discovered inadequate security measures in the servers. The service doesn’t use two-factor authentication, meaning it doesn't link to another device to receive an extra login code – an extra layer of security everyone should use, especially those running for President.

    The researcher also found the email access page of the Trump Organization. The page’s code reveals that it is using a 2015 build of Microsoft Exchange 2007 (SP3 RU16), which, as noted by Ars Technica, contains a number of known vulnerabilities.

    Beaumont has faced the wrath of Tweeting Trump supporters since he made the revelations. One even threatened to report him to the FBI, despite the fact that the information he gathered is publicly accessible and he did not attempt to log into the e-mail system.

    Responding to the news, the Trump Organization sent the following statement to Motherboard:

    The Trump Organization deploys best in class firewall and anti-vulnerability technology with constant 24/7 monitoring. Our infrastructure is vast and leverages multiple platforms which are consistently monitored and upgraded using current cyber security best practices.

    Permalink to story.

  2. Teko03

    Teko03 TS Evangelist Posts: 415   +186

    I despise Trump, but does this really matter...considering Trump wasn't serving as Secretary of State while using private e-mail servers? Or am I missing something here? Aside from the fact that Trump & his campaign always over-exaggerate how "tremendous" they are at doing basically anything.

    Trump's speech on "the cyber" revolved around how well his grandson knows computers...are we really surprised?
  3. davislane1

    davislane1 TS Grand Inquisitor Posts: 4,736   +3,757

    "The OS, by the way, is the one Clinton's private email server run and she got in trouble for."

    She got in trouble for breaking the law. Could have used any OS and still "got in trouble" for it.

    I'll take an exaggerator over a demonstrated extralegal serial deceiver all day.
    Hexic, hopgop1 and EClyde like this.
  4. davislane1

    davislane1 TS Grand Inquisitor Posts: 4,736   +3,757

    Honest question: Why hasn't Techspot been covering anything related to the Clinton server?


    One would think this a story-rich environment on technological incompetency.

    Edit: image is a screen cap of a recent Wikileak.
    SirChocula, hopgop1 and MoeJoe like this.
  5. Uncle Al

    Uncle Al TS Evangelist Posts: 3,334   +1,979

    The title of the article says it all ..... not unlike the person they represent.

    I'm still pushing for an amendment to the law that requires all national laws to add the option "none of the above" as the last line on the ballot. If that should be the majority of the votes, the existing leader would be bound over for a period of 18 months until a new election can be arranged and the previous candidates would be removed from the ballot, thus forcing new faces so a clear majority could be gained.

    Obviously the constitution does not currently allow for this, but then again, the framers of the constitution certainly could not envision a situation like we are facing today. Bottom line on this election, no matter who wins, we all loose.
  6. EClyde

    EClyde TS Evangelist Posts: 1,302   +429

    Lots of top secret stuff on there, eh? ha ha ha
    MoeJoe likes this.

    IAMTHESTIG TS Evangelist Posts: 1,256   +454

    So? Trump isn't responsible for handling classified information. He isn't breaking laws by providing shi**y security for his customers. What Hillary did is a massive security threat to the United States. If I had done anything remotely similar to her actions when I was working for the DoD I would have had my clearance revoked and then I would have been fired because I was no longer qualified for the job. Hillary should be disqualified for running for president. Stick Bernie back in and lets try again... never mind he is just a sell-out. Time to reboot the system.
    Zoner1501, SirChocula and MoeJoe like this.
  8. wiyosaya

    wiyosaya TS Evangelist Posts: 1,923   +756

    It is not really news to the techie that politicians are technologically incompetent. Nor is it news that Trump thinks that Hillary has major problems. Nor should it be news that Trump is just as incompetent as Hillary when it comes to tech matters even though he seems to think he is more technically competent.
  9. davislane1

    davislane1 TS Grand Inquisitor Posts: 4,736   +3,757

    Keep fantasizing. If you did half of what she did you wouldn't simply be fired. You'd be hauled before a judge and promptly thrown in prison.
    SirChocula, hopgop1 and Greg S like this.
  10. davislane1

    davislane1 TS Grand Inquisitor Posts: 4,736   +3,757

    Not my point. Read between the lines.
  11. wiyosaya

    wiyosaya TS Evangelist Posts: 1,923   +756

    Actually, Trump has been briefed with classified he IS privy to it. Apparently, he wants to let it out of the bag -
  12. wiyosaya

    wiyosaya TS Evangelist Posts: 1,923   +756

    I get your point. TechSpot is helping Hillary rig the election against Trump.
    SirChocula and hopgop1 like this.
  13. davislane1

    davislane1 TS Grand Inquisitor Posts: 4,736   +3,757

    No, not my point.
  14. MoeJoe

    MoeJoe TS Guru Posts: 711   +380

    Nice try Techspot.
    SirChocula and hopgop1 like this.
  15. MoeJoe

    MoeJoe TS Guru Posts: 711   +380

    L o L. Where's the Wiki-Trump-Leaks ?

    IAMTHESTIG TS Evangelist Posts: 1,256   +454

    Well, if someone finds that Trump is communicating classified information on his private servers/network then he is just as guilty as Hillary. But until then... it is an irrelevant observation. If I were the FBI I'd be heavily scrutinizing Trump's electronic communications not just from his mobile devices but from his private networks and servers. Question is, would Trump get the same pass that Hillary got?
  17. davislane1

    davislane1 TS Grand Inquisitor Posts: 4,736   +3,757

    You'd find life on Mars before that would happen.
    SirChocula and hopgop1 like this.
  18. Teko03

    Teko03 TS Evangelist Posts: 415   +186

    As some one who has worked with DoD IA/IT departments...people mishandle classified information literally on a daily basis --- and nothing comes off it. Just bring in the "cyber clean up" crew to mitigate the hundreds and thousands of incidents and move on to the next.
  19. Kibaruk

    Kibaruk TechSpot Paladin Posts: 3,286   +902

    It's tech related, it's information technology security related, it's relevant. If it's politics, or religious, or whatever is secondary.

    After reading the thread, you still don't get the point which is between funny and sad.
  20. mbrowne5061

    mbrowne5061 TS Evangelist Posts: 747   +357

    The compromise of 2016:

    >Hillary imprisoned
    >Donald's last name forcibly renamed to "drumpf" and then deported
    >Obama stays in the white house on a month-by-month basis until we figure our s*** out.
    wiyosaya likes this.
  21. Every time I read an article and say "huh" and I scroll up to see who wrote it, it's ALWAYS Rob Thubron; but I guess it's like Rob to try and muddy the waters so that everyone would become confused.

    If people think the issue with Hillary is that her OS was out of date, they have been grossly deceived.

    Allow me to simplify - She was using a non-secure server for classified work. AND LIED ABOUT IT (aka perjury). AND Deleted most of those e-mails.
    And even that is just the tip of the iceberg. There is a whole list of issued that steam from the fact that she used a private server.
    SirChocula likes this.
  22. Evernessince

    Evernessince TS Evangelist Posts: 2,099   +1,274

    Both conditions in your last sentence describe Trump. You could really describe any politician with those.
  23. Billy Vinson

    Billy Vinson TS Enthusiast Posts: 46   +32

    Lost some respect for TechSpot today. Hillary is a CRIMINAL and all of the media sources just point at Trump in attempts at keeping the Public fluoride-ridden, docile and un-informed. PERIOD. Keep your stories to the TECH world, I don't want to see political propaganda. May have to start getting my tech news somewhere else - ridiculous.
    SirChocula and MoeJoe like this.
  24. MoeJoe

    MoeJoe TS Guru Posts: 711   +380

    Crying gets d EMO brats nowhere.
    Just thought you should know ...
  25. p51d007

    p51d007 TS Evangelist Posts: 1,304   +648

    So? He's a PRIVATE citizen...unlike HILLARY CLINTON...who not only used a private server for
    confidential email, violated the law by deleting the email.
    I don't care for Trump, but he's not a politician, he's a PRIVATE citizen, not subject to the laws
    of a cabinet official.
    SirChocula and MoeJoe like this.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...