So It Turns Out The Trump Org’s Email Servers Are Extremely Insecure

Republican presidential candidate Donald Trump impersonator Todd Wertalik, of St. Petersburg, Fla., is shown on a computer screen as he works the crowd before a speech by Trump Friday, Feb. 12, 2016, in Tampa, Fla. (... Republican presidential candidate Donald Trump impersonator Todd Wertalik, of St. Petersburg, Fla., is shown on a computer screen as he works the crowd before a speech by Trump Friday, Feb. 12, 2016, in Tampa, Fla. (AP Photo/Chris O'Meara) MORE LESS
Start your day with TPM.
Sign up for the Morning Memo newsletter

Various Trump businesses’ email servers use 13-year-old software whose manufacturer no longer issues security updates for them.

Put simply, that means Donald Trump has left lots of would-be private information accessible to nearly anyone with a basic understanding of computers.

“Running outdated software and operating systems for your publicly facing email infrastructure is problematic, especially when you’re a high profile organisation,” security architect Kevin Beaumont, who first noticed the problem and posted about it on Twitter, told Motherboard on Monday.

For a candidate so focused on the cyber-security practices of his opponent, Hillary Clinton, Trump’s glaring web vulnerabilities are surprising.

Microsoft no longer issues security updates for the operating system the Trump Organization’s email servers use—first released in 2003—and in 2015 the company ended tech support services for the operating system. An official webpage for the software urges its users: “Migration is worth it!”

“If you are still running Windows Server 2003 in your datacenter, you need to take steps now to plan and execute a migration strategy to protect your infrastructure,” the site says.

The operating system came bundled with IIS 6.0, a webserver software that similarly has not been supported since 2015, and that Beaumont told Motherboard is “particularly dangerous” to run without security updates.

In September, a security researcher for the MacKeeper software company also found a vulnerability in Trump’s campaign website which left intern resumes and other information open to view on the internet.

Responding to Motherboard’s story, a Trump Organization spokesperson said: “The Trump Organization deploys best in class firewall and anti-vulnerability technology with constant 24/7 monitoring. Our infrastructure is vast and leverages multiple platforms which are consistently monitored and upgraded using current cyber security best practices.”

Latest Livewire
150
Show Comments

Notable Replies

  1. So who’s holding?

  2. Avatar for trnc trnc says:

    Responding to Motherboard’s story, a Trump Organization spokesperson
    said: “The Trump Organization deploys best in class firewall and
    anti-vulnerability technology with constant 24/7 monitoring. Our
    infrastructure is vast and leverages multiple platforms which are
    consistently monitored and upgraded using current cyber security best
    practices.”

    Would that spokesperson’s name be John Barron?

  3. Responding to Motherboard’s story, a Trump Organization spokesperson said: “The Trump Organization deploys best in class firewall and PUTIN technology with constant 24/7 monitoring. Our PUTIN is vast and leverages multiple PUTINS which are consistently monitored and upgraded using current PUTIN security best PUTINS.”

    HAHAHAHA

  4. "Lock him up! Lock him up! "

  5. Migration? Upgrades?

    That shit costs money, and we can’t use the Trump Foundation to pay for it anymore.

Continue the discussion at forums.talkingpointsmemo.com

144 more replies

Participants

Avatar for valgalky23 Avatar for codegen86 Avatar for buckeyeborn Avatar for ian Avatar for austin_dave Avatar for jw1 Avatar for imkmu3 Avatar for leftflank Avatar for clemmers Avatar for squirreltown Avatar for tomdibble Avatar for inversion Avatar for rev Avatar for sanni Avatar for ottnott Avatar for hora_del_cafe Avatar for greycardinal Avatar for darrtown Avatar for tena Avatar for spencersmom Avatar for pmaroneyb Avatar for ljb860 Avatar for dannydorko Avatar for centralasiaexpat

Continue Discussion
Masthead Masthead
Founder & Editor-in-Chief:
Executive Editor:
Managing Editor:
Deputy Editor:
Editor at Large:
General Counsel:
Publisher:
Head of Product:
Director of Technology:
Associate Publisher:
Front End Developer:
Senior Designer: