1. Home
  2. Categories
  3. Side Bar WTF
  4. Trump Phishing

Trump Phishing

  • boomzilla
    ♿ (Parody)

    From the Department of BAD IDEAS:

    Sean Gallagher  /  May 12, 2017  /  Policy

    Gizmodo went phishing with the Trump team—will they catch a charge?

    Gizmodo went phishing with the Trump team—will they catch a charge?

    “Security test” sent to 15 officials, advisors, others skirts the edges of CFAA.

    tl;dr Gizmodo reports that no one appears to have entered login credentials, but now Gizmodo might have gotten itself into hot water.

    One of the justifications Gizmodo gave for the legality of the test was that a "careful reader" could have known that it was a phish. "'Disclaimers for careful readers' is not how consent works," Rosenblatt said. "Walking up to someone and saying, 'phishingtargetsayswhat' is not a valid way to gain consent."
    ...
    Gizmodo also defended the test in the article by equating it to the sorts of tests done by security professionals. "The existence of boxing doesn't make it legal to punch anyone you see," Rosenblatt said. "Red-teaming without consent is like walking down the street punching people in the chest to warn them to keep their guard up. Maybe you're making a good point that will help people, but you've still 100% broken the law and can't be upset when the cops come looking for you."

    20 Fox 1 Reply
  • BrisingrAerowing

    :wtf: Gizmodo?

    3
  • Polygeekery
    Grade A Premium Asshole

    So they did this, and then published an admission on their site admitting to the crime? The fuck?

    They are shit anyway. Let them go the way of Gawker.

    6 C blek 2 Replies
  • C

    @Polygeekery If they're resorting to this kind of behavior, they're already going the way of Gawker. This is shock-jock attention whoring. "Look, I'm so edgy because I may have broken the law by hacking the President! Now read my article about it."

    5
  • blek
    BINNED

    @Polygeekery said in Trump Phishing:

    Let them go the way of Gawker.

    Weren't they actually part of Gawker?

    Anyway, the... entitlement, I guess, is insane. The whole affair screams "Mommy spent my entire childhood telling me how I was her special boy so I can do whatever I want!"

    4 NedFodder 1 Reply
  • NedFodder

    @blek said in Trump Phishing:

    Weren't they actually part of Gawker?

    Yes, Gizmodo was part of Gawker's blog network. After the Hulk Hogan lawsuit, Gawker (the blog) was shut down, and Gawker (the company) was renamed Gizmodo Media Group. IIRC no one from Gawker (the blog) was let go, most now write for one of the other blogs in the network (mostly Gizmodo).

    5 dkf 1 Reply
  • dkf
    Discourse touched me in a no-no place

    @NedFodder said in Trump Phishing:

    Yes, Gizmodo was part of Gawker's blog network. After the Hulk Hogan lawsuit, Gawker (the blog) was shut down, and Gawker (the company) was renamed Gizmodo Media Group. IIRC no one from Gawker (the blog) was let go, most now write for one of the other blogs in the network (mostly Gizmodo).

    How many scum must a court send down, 🎵
    before we call them a court? 🎶

    3
  • Fox
    Winner of the 2016 Presidential Election Banned

    @boomzilla said in Trump Phishing:

    From the Department of BAD IDEAS:

    Sean Gallagher  /  May 12, 2017  /  Policy

    Gizmodo went phishing with the Trump team—will they catch a charge?

    Gizmodo went phishing with the Trump team—will they catch a charge?

    “Security test” sent to 15 officials, advisors, others skirts the edges of CFAA.

    tl;dr Gizmodo reports that no one appears to have entered login credentials, but now Gizmodo might have gotten itself into hot water.

    One of the justifications Gizmodo gave for the legality of the test was that a "careful reader" could have known that it was a phish. "'Disclaimers for careful readers' is not how consent works," Rosenblatt said. "Walking up to someone and saying, 'phishingtargetsayswhat' is not a valid way to gain consent."
    ...
    Gizmodo also defended the test in the article by equating it to the sorts of tests done by security professionals. "The existence of boxing doesn't make it legal to punch anyone you see," Rosenblatt said. "Red-teaming without consent is like walking down the street punching people in the chest to warn them to keep their guard up. Maybe you're making a good point that will help people, but you've still 100% broken the law and can't be upset when the cops come looking for you."

    Maybe Gizmodo just thought that there was some sort of bug bounty program for phishing Trump's croniesassociates.

    Okay, but seriously, who thought this was a good idea? Phishing is not something that most (any?) bug bounty programs offer rewards for, and pretty much the only time you won't get slammed with criminal charges for trying it is when you've been specifically hired by that company to do a penetration test.

    10
  • NedFodder

    They must like playing with fire:

    Jeff Larson, Surya Mattu, and Julia Angwin  /  May 17, 2017

    Any Half-Decent Hacker Could Break Into Mar-a-Lago. We Tested It.

    Any Half-Decent Hacker Could Break Into Mar-a-Lago. We Tested It.

    Two weeks ago, on a sparkling spring morning, we went trawling along Florida’s coastal waterway. But not for fish.

    5
phishingtargetsayswhat 1
Log in to reply