Trump Phishing



  • From the Department of BAD IDEAS:

    tl;dr Gizmodo reports that no one appears to have entered login credentials, but now Gizmodo might have gotten itself into hot water.

    One of the justifications Gizmodo gave for the legality of the test was that a "careful reader" could have known that it was a phish. "'Disclaimers for careful readers' is not how consent works," Rosenblatt said. "Walking up to someone and saying, 'phishingtargetsayswhat' is not a valid way to gain consent."
    ...
    Gizmodo also defended the test in the article by equating it to the sorts of tests done by security professionals. "The existence of boxing doesn't make it legal to punch anyone you see," Rosenblatt said. "Red-teaming without consent is like walking down the street punching people in the chest to warn them to keep their guard up. Maybe you're making a good point that will help people, but you've still 100% broken the law and can't be upset when the cops come looking for you."



  • :wtf: Gizmodo?


  • Grade A Premium Asshole

    So they did this, and then published an admission on their site admitting to the crime? The fuck?

    They are shit anyway. Let them go the way of Gawker.



  • @Polygeekery If they're resorting to this kind of behavior, they're already going the way of Gawker. This is shock-jock attention whoring. "Look, I'm so edgy because I may have broken the law by hacking the President! Now read my article about it."


  • Grade A Premium Asshole

    @Polygeekery said in Trump Phishing:

    Let them go the way of Gawker.

    Weren't they actually part of Gawker?

    Anyway, the... entitlement, I guess, is insane. The whole affair screams "Mommy spent my entire childhood telling me how I was her special boy so I can do whatever I want!"



  • @blek said in Trump Phishing:

    Weren't they actually part of Gawker?

    Yes, Gizmodo was part of Gawker's blog network. After the Hulk Hogan lawsuit, Gawker (the blog) was shut down, and Gawker (the company) was renamed Gizmodo Media Group. IIRC no one from Gawker (the blog) was let go, most now write for one of the other blogs in the network (mostly Gizmodo).


  • Discourse touched me in a no-no place

    @NedFodder said in Trump Phishing:

    Yes, Gizmodo was part of Gawker's blog network. After the Hulk Hogan lawsuit, Gawker (the blog) was shut down, and Gawker (the company) was renamed Gizmodo Media Group. IIRC no one from Gawker (the blog) was let go, most now write for one of the other blogs in the network (mostly Gizmodo).

    How many scum must a court send down, :musical_note:
    before we call them a court? :notes:


  • Winner of the 2016 Presidential Election

    @boomzilla said in Trump Phishing:

    From the Department of BAD IDEAS:

    tl;dr Gizmodo reports that no one appears to have entered login credentials, but now Gizmodo might have gotten itself into hot water.

    One of the justifications Gizmodo gave for the legality of the test was that a "careful reader" could have known that it was a phish. "'Disclaimers for careful readers' is not how consent works," Rosenblatt said. "Walking up to someone and saying, 'phishingtargetsayswhat' is not a valid way to gain consent."
    ...
    Gizmodo also defended the test in the article by equating it to the sorts of tests done by security professionals. "The existence of boxing doesn't make it legal to punch anyone you see," Rosenblatt said. "Red-teaming without consent is like walking down the street punching people in the chest to warn them to keep their guard up. Maybe you're making a good point that will help people, but you've still 100% broken the law and can't be upset when the cops come looking for you."

    Maybe Gizmodo just thought that there was some sort of bug bounty program for phishing Trump's croniesassociates.

    Okay, but seriously, who thought this was a good idea? Phishing is not something that most (any?) bug bounty programs offer rewards for, and pretty much the only time you won't get slammed with criminal charges for trying it is when you've been specifically hired by that company to do a penetration test.



  • They must like playing with fire:


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.