https://thenextweb.com/politics/2017/01/26/trump-staffers-insecure-email-gmail/Trump and staff still use private email and bad security settings for Twitter
In midst of reports that the freshly inaugurated President Donald Trump is still using his old, insecure Android handset, it appears his phone isn’t the only security threat the country’s new commander-in-chief has ignored.
Yesterday, a hacker by the moniker ‘WauchulaGhost’ told CNN that the President, the Vice President and the First Lady were all vulnerable to attacks due to a basic security setting in Twitter that – for unknown reasons – they’ve neglected to activate.
The threat essentially revolves around a privacy setting on Twitter that requires users to provide a phone number or an email address when resetting a password. Failing to activate these safeguarding measures ultimately allows anyone to abuse the ‘Forgot Password’ feature to glean partial information associated with the accounts.
For example, when attempting to reset the password for either of the @POTUS, @VP and @FLOTUS accounts, Twitter will take you to a page that reads “[w]e found the following information associated with your account,” readily exposing partially redacted email addresses linked to the Twitter profile in question.
But here’s the problem: As WauchulaGhost explains, recovering the missing letters from such partial emails often marks the very first step hackers take when scheming to breach a target. The next step involves deploying various malicious tactics in hopes of baiting victims to disclose more credentials.
The resourceful hacker has since made this vulnerability more public, tweeting the fully recovered emails associated with the three accounts in question, accompanied by a message warning the president and his associates to immediately update their security settings.
Speaking with CNN, a Twitter representative said company policy forbids them from discussing individual accounts, but noted that the White House Communications Agency first-handedly manages security protocols for government accounts, which purportedly rely on custom protective measures that go beyond two-factor authentication – though enabling two-factor authentication significantly complicates things for hackers on its own.
The fact that the emails attached to @POTUS and @FLOTUS are connected to Gmail accounts makes them even more susceptible to attacks.
Since going public, Vice President Mike Pence and the First Lady have both updated the email addresses linked to their Twitter profiles, but Trump is yet to follow their example.
President Donald Trump's voters think he should be able to use private email server
Despite parroting the issue of Hillary Clinton's emails throughout the contentious 2016 election, more Donald Trump supporters believe the President has a right to use a private server than those that don’t.
According to a new poll by Public Policy Polling, 42 percent of Trump voters feel he should be allowed to utilize a private server while 39 percent believe the opposite.
During the presidential campaign, Trump tried to damage his Democratic rival’s reputation and credibility for not using a government email while she served as Secretary of State, going as far to suggest that she compromised national security through the use of a private server.
Trump earlier this week expressed a desire to move forward when asked about Clinton and her emails, even though he promised to launch a full investigation into the issue while he was campaigning.
“I just don’t know. I mean, I hope so. From my standpoint we want to move to the future, so I hope so,” he said. “I don’t know what the status of that is. I know it's a lot of very serious stuff, but I certainly hope so.”
A recent report by Newsweek claimed Clinton isn’t alone when it comes to using a private server. Several of Trump’s closest aides — including Kellyanne Conway, Jared Kushner, Sean Spicer and Steve Bannon — still have active accounts on a private Republican National Committee email system, according to the report.
What’s more, when Trump threatened to send federal troops to occupy Chicago Tuesday night, Twitter pointed out that the 70-year-old Republican appeared to still be using his own Android cellphone, which could result in massive security issues if left unsecured.
According to the New York Times, Trump has been using his phone mainly to post on Twitter, though it is not clear what security measures have been added to the device.
The White House on Thursday was also forced to beef up Trump’s social media security after it was revealed the @POTUS Twitter account was linked to a personal Gmail.
The Gmail account believed to belong to White House Director of Social Media Dan Scavino was swapped out and changed to what appears to be two government email addresses, The Hill reported.
So, Trump is doing exctly what he blamed Hillary for, what he promised to "lock her up" for, and still his voters are OK with this... :dunno:
I think this reinforce my argument that Hillary lost the election more than Trump won it. That any other GOP candidate would have won and that any other Dem candidate would have won : people don't care about private emails, they did not during the campaign and they still don't care. They just hate Hillary.
Comey did not cost Hillary the election. Neither did PizzaGate. Hillary lost it by herself, by being Hillary.
Back on Trump, the fact that people are OK with him doing exactly what he blames Hillar for doing reminds me of something he said during the campaign :