Penetration at All Levels: The Trump Organization Was Hacked Four Years Ago

David Corn and AJ Vicens at Mother Jones have the details.

Four years ago, the Trump Organization experienced a major cyber breach that could have allowed the perpetrator (or perpetrators) to mount malware attacks from the company’s web domains and may have enabled the intruders to gain access to the company’s computer network. Up until this week, this penetration had gone undetected by President Donald Trump’s company, according to several internet security researchers.

In 2013, a hacker (or hackers) apparently obtained access to the Trump Organization’s domain registration account and created at least 250 website subdomains that cybersecurity experts refer to as “shadow” subdomains. Each one of these shadow Trump subdomains pointed to a Russian IP address, meaning that they were hosted at these Russian addresses. (Every website domain is associated with one or more IP addresses. These addresses allow the internet to find the server that hosts the website. Authentic Trump Organization domains point to IP addresses that are hosted in the United States or countries where the company operates.) The creation of these shadow subdomains within the Trump Organization network was visible in the publicly available records of the company’s domains.

Here is a list of a Trump Organization shadow subdomains.

The existence of these shadow subdomains suggests a possible security compromise within Trump’s business network that created the potential for unknown actorsusing these Trump Organization subdomains—to launch attacks that could trick computer users anywhere into handing over sensitive information and unknowingly allow the attackers access to their computers and network. In fact, the IP addresses associated with the fake subdomains are linked to an IP address for at least one domain previously used by hackers to deploy malware known as an “exploit kit,” which can allow an attacker to gain a computer user’s passwords and logins or to take over another computer and gain access to the files within it.
Much more at the link. And I’m sure much more reporting and analysis to come over the next several days.

96 replies
  1. 1
    SFAW says:

    More fake news. And Hillary’s server breach was worse. And she stole their e-mails, said e-mails clearly linking Hillary to Vince Foster’s murder and the disappearance of Judge Crater.

  2. 2
    smintheus says:

    Why isn’t the FBI investigating Hillary?

  3. 3
    momus says:

    Will Agent Orange try to use this as a “Get Out of Jail Free” card?

    Not ME Not ME Russians!

  4. 4
    replicnt6 says:

    I actually don’t think this is very interesting. Someone used their GoDaddy account to register a bunch of probably phishing sites. It doesn’t appear to be any kind of actual penetration of the Trump Org. None of the domains registered have a suffix. From the information in the article, it would appear that hackers just bought a bunch of domains on the Trump Org’s dime.

    That said, in principle, given the GoDaddy credentials, you could change the root DNS’s for, but we have no evidence that that was done. And if that was your aim, you wouldn’t buy a shit-ton of stupid domains to draw attention to yourself.

  5. 5
    Anne Laurie says:

    Thanks, Adam! On my random tweet-stream travels, I’d just run across links to some stuff from a “MikeFarb” (@mikefarb1) and meant to ask you if this was A Thing, or just another diversion…

  6. 6
    StringOnAStick says:

    So, the idea that Putin has something on trump, most likely financial, just gained a whole lot more credibility.

  7. 7

    @replicnt6: Looks like they set up a bunch of subdomains that they could use to trick people into thinking they were going to a Trump-managed subdomain, and then used them to send people malware.

    Which is, I mean, eh? I guess.

    ETA: Agree with this unnamed cybersecurity expert in the article:

    “At the least,” he remarks, “it shows the Trump Organization has been badly run.”

  8. 8
    David 🎅🎄Merry Christmas🎄🎅 Koch says:

    You know how when someone on Twitter posts something that gets them in trouble, the immediate false excuse is that they were hacked.

    It could be the same here. Drumpf is trying to hide his long relationship as a money launder for russia and communications with these servers.

    I mean, what a coincidence that he discovers that he was hacked the very week indictments are handed out.

  9. 9
    Adam L Silverman says:

    @replicnt6: From the end of the MoJo article:

    The security expert who first shared the list of subdomains with Mother Jones notes that it is true that shadow subdomains “do not currently host active websites and that there is no reason to believe that there is currently any malware active on these domains.” But, he remarks, the Trump Organization’s registrar account “was likely compromised since someone created these hundreds of records and if it wasn’t an authorized Trump Org person, that only leaves unauthorized persons.”

    Shown the Trump Organization’s statement, Lord replied,

    There’s two possible situations as I see it. Either they set up their own domain records to point at servers hosted in St. Petersburg, Russia…or someone else did. In either case, the question is why. For an organization on the cusp of a number of investigations about suspicious links to Russia, I’d hoped they would’ve given more public thought to the possibility that their domain ownership was at some point hijacked possibly through no fault of their own before denying everything.

    The Trump Organization did not respond to follow-up questions.

    The security expert who first alerted Mother Jones to the Trump-related shadow subdomains noted that as soon as the Trump Organization responded for this story, records related to the subdomains began disappearing.

  10. 10
    Villago Delenda Est says:


    That’s the Trump Organization.

  11. 11
    jonas says:

    Maybe they shouldn’t have used a private server.

  12. 12
    Adam L Silverman says:

    @Anne Laurie: It seems to be a thing as far as I can tell. Is this the hacking the vote guy? If that’s the case he’s built a large amount of, at least, circumstantial evidence around a nexus of voter suppression and potential vote rigging. At least that was the case the last time I reviewed his stuff a couple of months ago.

  13. 13

    @Adam L Silverman: The article makes it sound a lot worse than it is.

  14. 14
    Adam L Silverman says:

    @Anne Laurie: Here’s farb’s first tweet in the thread on the topic:

    I’m still waiting for Swift on Security and The Jester to weigh in, but that may not be till tomorrow.

  15. 15
    Adam L Silverman says:

    @Major Major Major Major: Fine, next time you write the post!//

  16. 16
    replicnt6 says:

    @Major Major Major Major: These are not subdomains of, so, for the casual user, there would be no more association to with the Trump Org than any other domain that any rando on the internet registered.

  17. 17

    @Adam L Silverman: I actually interviewed for a web developer position with MoJo one time, years ago. But I was too green.

  18. 18
    sukabi says:

    Annnnnd, how do we know it was a “hack” and not a ‘business arrangement’ between consenting parties?

  19. 19
    Mike in NC says:

    Watched part 2 of “Putin’s Revenge” tonight. All my wife could say was “very scary”. Putin spent millions and employed an army of thousands of bots and trolls to target idiot Americans, especially Bernie bros. The Obama administration went public with Russian election hacking but traitor McConnell refused to lift a finger to support That One.

  20. 20
    Adam L Silverman says:

    @Major Major Major Major: I’m sorry you didn’t get the job?

  21. 21

    @replicnt6: I wouldn’t pooh-pooh it that much. For example, some of the subdomains are for For all I know they use that internally, or for email. Even if it’s just a non-public-facing website they use internally, there’s still room to use the illicit subdomain to steal passwords, deliver malware or whatever. It doesn’t say the level of access they had but since there wasn’t any DNS fuckery I doubt they set up their own subdomain email addresses, but that’s another possible vector.

    It’s not nothing, but it’s not really ZOMG RUSSIAN HACKERS HAVE TRUMP’S PASSWORDS (although they probably do) (it’s bond007)

    ETA: To be clear, “some rando” who doesn’t know that these are Trump Org-affiliated domains would indeed be unswayed by the fake subdomains, but they are Trump Org domains, just minor/unused/private ones, as the org acknowledges in their denial.

  22. 22
    Mnemosyne says:

    @Mike in NC:

    That’s okay, I’ve already seen people claiming that the Russians totally did pro-Hillary ads, too, and the only reason we haven’t seen them yet is that the MSM doesn’t want you to know the TROOF!

  23. 23
    randy khan says:

    At a minimum, this is very funny. But once again it also demonstrates that, if it weren’t for incompetence, the Trump team wouldn’t have any kind of competence.

  24. 24
    Jim, Foolish Literalist says:

    @Major Major Major Major: I bet it’s TRUMP!. Maybe MRTRUPM!

  25. 25
    Adam L Silverman says:

    If our tech heads are concerned this is much ado about nothing I’m happy to pull the post and we can go back to obsessing over the World Series and GITMO.

  26. 26

    @Adam L Silverman: I would not have brought the level of expertise they expected, so it would not have been a good fit.

    ETA @Adam L Silverman: Certainly don’t do that for my sake.

  27. 27
    mad citizen says:

    Someday we’ll look back on this and it will all seem funny

  28. 28
    Adam L Silverman says:

    @Major Major Major Major: Okay, I wasn’t sure if I needed to feel bad for you over this. As it was the dream job and your life would’ve been amazing had you gotten it and you’ve simply been a shell of yourself since the rejection. That’s why I checked.

  29. 29

    @Adam L Silverman: No that was after the LinkedIn non-rejection. They didn’t even write back! WTF

  30. 30
    Adam L Silverman says:

    @Major Major Major Major: We here at Balloon Juice aim for accuracy in our click bait. If you tech folks don’t believe we’ve achieved the appropriate level of accuracy to click bate in the ratio we can and will editorially adjust things.

  31. 31

    I think this story is much less important than the lingering clouds of doubt that remain about Hillary Clinton's use of a private email server.

    (On a serious note, I think this is a funny story and indicates the Trump Org’s overall incompetence. It’s probably nowhere near the most important revelation to come out this week and I doubt it’ll be all that important in the long run; at the same time, though, it’s not nothing, and it also sounds like this is just the first of many shoes to drop regarding this story. This probably isn’t going to be the smoking gun that gets Trumpovich impeached, but if nothing else it’ll be great fodder for late night.)

  32. 32
  33. 33
    Barbara says:

    @Major Major Major Major: I guess LinkedIn is more concerned about spam levels of communications with people like me than they are with actual communications with prospective employees.

  34. 34
    divF says:

    @Adam L Silverman:
    OT: Adam, I didn’t see your Tam Lin post until this morning (early bedtime). Now I understand why you were so snippy. But, Great Minds, etc.

    I did enjoy it when I finally saw it, though.

  35. 35
    replicnt6 says:

    @Major Major Major Major: My point was that if was available, any rando could have registered on their own GoDaddy or other registrar. There’s no need to get access to an organizations registrar account to register lookalike domains. That’s part of why phishing is such a thing.

  36. 36
    Adam L Silverman says:

    @Major Major Major Major: I hate when no one ever notifies you.

  37. 37
    Omnes Omnibus says:

    I miss the days when my main challenge was jumping out of a perfectly good airplane.

  38. 38

    IIRC, the Intelligence Agencies report on hacking from last January said that Trump’s servers were hacked along with the Democratic servers. But somehow Julian Assange never got those emails out.

  39. 39
    divF says:

    @Major Major Major Major: I’m waiting here with bated clicks.

  40. 40
    Adam L Silverman says:

    @divF: I was just trying to tease you, not be snippy. I apologize if the snippy to sarcasm ratio was off.

  41. 41
    Adam L Silverman says:

    @Cheryl Rofer: The report was the RNC servers, as well as those of several candidates and GOP/conservative organizations were hacked. But with the exception of a few mundane documents from Lindsay Graham’s campaign, nothing much was ever released.

  42. 42
    lgerard says:

    The list of sites trump himself registered is pretty funny….and prescient,

  43. 43

    @replicnt6: Right, but the article says they aren’t lookalike domains, they’re just obscure/unused/etc.,

    Like many companies, the Trump Organization has registered a long list of domain names, many of which it has never put to use. Some examples:,,,, and

    It was obviously an account with the registrar that trumpco wasn’t going to lengths to protect. For whatever reason the hackers went out of their way to get actual trumpco domains and set up ‘fake’ subdomains. Probably just luck.

  44. 44

    @lgerard: I like myself.

  45. 45
    divF says:

    @Adam L Silverman: Not a problem. Where I come from, snippy is part of a good tease. I was just puzzled as to how close I had gotten – didn’t realize it was a bulls-eye. Except that your Celtic faerie rap went several steps beyond. With your range, I’m beginning to think that you channel Pynchon’s Fergus Mixolydian, the Irish Armenian Jew.

  46. 46
    tobie says:

    @lgerard: He registered these?,

    Seriously? That’s great.

  47. 47

    @tobie: Yeah, the idea is you don’t want anybody else to have them!

  48. 48
    jl says:

    Open thread? OK, the GROMP rich person’s and corporate tax slash plan might be in trouble.
    From what I read yesterday, the delay is due to fact that none of the powerful interests who want the tax cuts is willing to sacrifice anything at all in order to get the tax cut revenue. Everybody wants everything and to give up nothing. So, no agreement on closing loopholes or anything that comes near tax reform in order to fit in the budget resolution, since any agreement would be leaving some cash on the table that could go down a rich person’s or corporations gullet.

    Might be a case of ‘Pigs get fed, hogs get slaughtered’.

    So, thy might come back to the gigantic health care budget cuts that were in the Obamacare repeal attempt. Below is a twitter stream on it. Repeal of health care reform, gutting Medicaid and Medicare is the be-all and end-all, it will never ever go away, because that is the only place all the GOPers can agree to find the money needed to pay for their tax slash plans.

    Andy Slavitt
    BREAKING: In DC today. Everyone is talking about how the tax bill tomorrow will be a hidden ACA repeal.

  49. 49

    @jl: Wasn’t that the original plan with the ACA repeal?

  50. 50
    Omnes Omnibus says:

    @jl: Please explain how that gets through Congress.

  51. 51
    JGabriel says:

    Mother Jones via Adam Silverman @ Top:

    The vast majority of the shadow subdomains remained active until this week, indicating that the Trump Organization had taken no steps to disable them. This suggests that the company for the past four years was unaware of the breach. …

    … Or that the Trump Organization was okay with the breach.

    Or that it wasn’t a breach at all and was done in concert with Putin’s government, possibly for a fee, or possibly because Putin’s agents already had dirt on Trump 4 years ago and blackmailed him into letting them use his corporation’s networks.

    Or … or … or …

    Congress, the FBI, the NSA, the CIA, and, no doubt other gov’t agencies should all open investigations into it.

    Americans need to know if Trump is incompetent, crooked, a Russian patsy, or, most likely, all of the above.

    In fact, I think all Americans should start referring to Trump as: Patsy.

  52. 52

    @🐾BillinGlendaleCA: Looks like this plan just gets rid of the mandate, under the logic that it’s a tax, even though it’s not, except it is, because John Roberts made a complete hash of all interstate commerce law forever.

  53. 53
    Adam L Silverman says:

    @divF: I lived in Scotland for three years and pretty much went somewhere between deep immersion and gone native. Also, I’m a big mythology buff. Especially where the mythos overlaps with religion and other transmitted societal information.

  54. 54
    jl says:

    @🐾BillinGlendaleCA:It explains the obsession. They knew as the deadlines are bearing down on them, that no one would agree to sacrifice even a penny in order to get the tax slash loot. We didn’t know that until now.

    @Omnes Omnibus: That’s above my pay grade on this blog.

    The degree of childishness, and magical thinking, and sad deluded fantasy is astonishing. I am looking for the story on the delay in unveiling the tax plan I saw yesterday. It think it said that there was not one, not even one, major tax expenditure savings that touched a wealthy interest that could be found. No one was willing sacrifice anything. Really astonishing.

    The GOP,, the GOP donors, and Trump, really are all exactly the same. Not a bit of difference between them. And Ryan seems to be nothing at all inside his own caucus. He can’t find a way to get them to agree to anything, even though the loot is just lying there for them to steal. Because all of them cannot get most of it, and somebody just might have to give up anything at all. Really amazing.

    If it is as bad as it seems, then it might be good luck for us. They are all such spoiled toddlers, and so crazed with greed, they simply cannot function in getting anything done, even pulling off a mutli-trillion dollar heist. Let’s hope so.

  55. 55
    Adam L Silverman says:

    @jl: They are just very, very bad at their jobs.

  56. 56
    GregB says: is still available…..

  57. 57


    there was not one, not even one, major tax expenditure savings that touched a wealthy interest that could be found. No one was willing sacrifice anything. Really astonishing.

    Maybe not that astonishing.

  58. 58
    randy khan says:


    It’s actually pretty common to register domains that might be used against you, although it’s still funny.

  59. 59
    jl says:

    @Adam L Silverman: Could make a good reality show out of it. There would be interventions. They like the military.
    How about ‘Bad Lads, Ultra-Extreme: US Congress!’? Break them down, teach them value of team work.

  60. 60
    randy khan says:


    If everyone’s talking about how it will be a hidden ACA repeal, then it’s not hidden. That probably would not turn out well for the Republicans.

  61. 61
    Turgidson says:

    @jl: is

    Everybody wants everything and to give up nothing.

    Well of course. The GOP has been winning elections in large part by telling its voters and donors that this was the only acceptable outcome to any policy negotiation since at least 2009, and really since they decided to weaponize the tragedy of 9/11 to call anyone who disagreed with them traitors. Of fucking COURSE the stakeholders thing they should get everything and give up nothing. Anything else means the terrrrrist libtards win.

  62. 62
    Adam L Silverman says:

    @jl: Did you get in the pixie stix from last night’s Halloween candy haul?

  63. 63
    jl says:

    @Adam L Silverman: I contributed some MacBeth weird sisters trouble trouble boil and bubble to your post.

  64. 64
    Adam L Silverman says:

    @jl: Thanks!

  65. 65
    jl says:

    @randy khan: Seems like opposition has been oddly quiet. Would not be good if they managed to wreck health reform through their tax slash. Maybe people are waiting to see what is in the actual text.

    if there is additional delay, that might mean they know they are in real trouble. As soon as there is any reliable text or even bullet points, I hope that there is a pile on to stop it. Collins, Murkowski and McCain have to buried in emails, letters and calls.

  66. 66
    NotMax says:

    Trump Not Master of His Domain.

    /pre-emption of The Onion


  67. 67
    jl says:

    I think it was called Bad Lads. Let’s go look on youtube. Ryan and Louie would do well, I’m sure.

    Bad Lads Army: Private Woodend & His Beasting

  68. 68

    @jl: @Adam L Silverman: It’s not merely that, I don’t think. Their ideology actually explicitly disdains expertise, and it’s been the case going back to Gingrich at least. It’s my understanding that at that point they basically started getting rid of the staffers that actually helped them write legislation, and the passage of time has whittled away the number of GOP legislators who actually know anything about policy to almost zero (this is why Paul Ryan, who possesses an obvious, fundamental misunderstanding of why people buy health insurance, is held up as a GOP policy wonk and the conscience of the party. He is nowhere close to being either, but because they are so devoid of people with principles or an understanding of policy, he is the closest thing they can find). As a result, these people literally can’t write a fucking bill. It’s not an accident that they are bad at this – it was actually the direct result of the ideology that swept them into power. This irony is one of the few aspects of this year’s politics that I’ve genuinely been able to enjoy.

  69. 69
    azlib says:

    If a hacker got a hold of the DNS admin account, there is all kinds of mischief which can be done. For example you can easily intercept all email or redirect web traffic to other sites. This is a serious security breach if left undetected for any period of time.

  70. 70
    Mike J says:

    Ep 8 of Stranger Things

    Shit just got real.

    And if somebody has your DNS, they own you. Top to bottom.

  71. 71
    MobiusKlein says:

    @Major Major Major Major: if you found that your bank had 250 subdomains registered to hack servers in Kiev, would you trust it with your life savings?
    No, you wouldn’t.

  72. 72
    Adam L Silverman says:

    @(((CassandraLeo))): You remember correct. Moreover, most of the GOP folks on the House side, as in 75% of them, have been elected since 2010. So no experience doing anything under regular order. And a significant chunk of them came out of state legislatures, specifically ones that have been gerrymandered for GOP majorities. In these previous, state level elected positions they had ALEC or the Chamber of Commerce or Americans for Prosperity or some other lobbying shop basically hand them prefab legislation. As I wrote last night: the GOP has a very deep bench, a very deep bench of very shallow people stacked on top of each other on the bench.

  73. 73
    Adam L Silverman says:


  74. 74

    @Adam L Silverman: Another very good point. Their bench could charitably be described as being a mile wide and an inch deep.

    Who knew that basing one's entire political party on knee-jerk opposition to a president rather than actual political principles could have unforeseen negative repercussions?

  75. 75
    JGabriel says:


    @lgerard: He registered these?,

    Seriously? That’s great.

    More likely, someone in the Trump Org’s IT department was tasked with thinking of domain names critics and opponents might use, and to register them first – in order to keep said critics and opponents from using them.

    It’s not uncommon. I tried to get the domain name, only to discover Verizon already owned it.

  76. 76
  77. 77

    @MobiusKlein: And yet the article still makes it sound worse than it is. Did “unknown hackers breach the Trump Organization”? …well, we don’t know, but through this vector, they could have.

    ETA: It’s like finding another set of lockpicks in the lockpick box of a known lockpicker.

  78. 78
    jl says:


    We could while away the hours, snorting all the powder,
    Drinking all that we could swill
    And our wallets would be swollen, while
    Our toilets would be golden,
    If we could only write a bill.

  79. 79

    @jl: A+. Will there also be verses on their heartlessness and spinelessness?

  80. 80
    marcopolo says:

    @jl: The thing is though that the whole point of getting rid of the ACA was to free up the money for the later tax cuts but still keep the issue of gutting poor and middle class (who do not get it from their employer) people’s health care separate from the issue of “we are gonna give some sweet tax relief to the corporations and Richie Riches of the world. Instead it would have been “we got rid of that evil Obamacare and, oh, look, it wound up freeing a whole bunch of money up.” If they now have to explicitly tie the two actions together the optics are pretty awful.

    Still hoping I am right in thinking the odds are against them passing their tax plan. They still really haven’t figured out how to fund it: get rid of the state and local tax deduction (loses R votes in NY, CA, IL, PA, and a few other places); drastically reduce the amount of $ people can save into retirement accounts pretax (pisses off a lot of folks who vote since the people who actually earn enough to save more than a couple thou a year in an IRA are the folks who freaking vote); Border Adjustment Tax–already DOA; getting rid of the mortgage deduction for buying houses (similar to the retirement savings issue). Last I had heard the Rs had come to the realization that they weren’t going to be able to get rid of the 39% top tax rate for earning over a million a year–which would mean not really giving much back to the uber wealthy. Not sure having a tax plan that reduces corporate taxes (and once again the Rs last I heard now are changing this to make it a temporary reduction since doing it more than ten years violates the fiscal neutrality rule), getting rid of the estate tax, and changing rules for taxing pass through (i.e. business income) really produces the amount of bang the Rs need to get for all the political capital it takes to put it together.

  81. 81
    jl says:

    @(((CassandraLeo))): I’ll write another verse every day that the GOP has to delay unveiling their great tax slash plan. I’ll keep my fingers crossed and hope I get a chance to post the next one tomorrow.

  82. 82
    JGabriel says:

    @Adam L Silverman:

    If our tech heads are concerned this is much ado about nothing I’m happy to pull the post and we can go back to obsessing over the World Series and GITMO.

    Don’t pull it, Adam. I’m a tech head, and I don’t think it’s nothing, or even minor. Assume that whoever got the userid & password to access the Trump Org’s GoDaddy account, got it through successfully phishing someone at the Trump Org. Then ask: What else did they get?

  83. 83
    lgerard says:


    It’s not uncommon. I tried to get the domain name, only to discover Verizon already owned it.

    i am sure a story goes with that

  84. 84
    jl says:

    @marcopolo: Inability to get anybody to give up anything in terms of tax expenditure savings means no ‘tax reform’ no ‘closed loopholes’. Makes the problem created by failure of repeal/replace much more acute. So, they have to go to savage cuts to expenditures needed for PPACA, Medicaid and Medicare to make up for it.

    Trump’s idea to name it the ‘Cut Cut Cut Cut Taxes’ plan has real truth to it now, but the PR will look bad if they can’t find any rich shit to take any hit at all on existing tax expenditures. Even the corporate media talking heads will ask ‘Uh…. there isn’t any ‘reform’ here at all… is there?’. And that will make for interesting TV.

    Edit: well there is some loophole closing and tax reforming, all of it as of now is hits to working and middle class, or upper middle class and near rich (who are likely one part of the Trump base… The ‘oopsies’ just seem to multiply. Like magic brooms or tribbles.

  85. 85

    @lgerard: It’s like reputation management 101 at this point.

  86. 86
    lgerard says:

    @Major Major Major Major:

    I prefer to think of him as visionary

  87. 87
    JGabriel says:


    i am sure a story goes with that

    Only that I’ve been trying to get FIOS for 8. Fucking. Years. at this point. Verizon has a contract with NYC to wire everyone with fiber, and they’ve basically taken the money and perks of the contract without actually laying the fiber. And I’m in midtown Manhattan, not some obscure corner of the city.

    So I’m still on a ridiculously low-bandwidth DSL line. And the only other option for high-speed bandwidth here is by dealing with the even worse customer service of Time-Warner/Spectrum.

    Fuck Verizon. Fuckity fuck fuck fuck fucking Verizon. I’m pretty sure that their CEO is a child-molesting minion of Satan.

  88. 88
  89. 89
    Marcopolo says:

    @jl: It’s almost like they started a$$ backwards in doing the legislation. Can I just say I am really glad there apparently wasn’t a R legislator in the House or Senate back in January saying the best way to start off with a win was to do an infrastructure bill. If they’d done that right they’d probably have gotten a win, might have gotten some D buyin, might have gotten some momentum and who knows where we’d be now.

  90. 90
    JGabriel says:


    Trump’s idea to name it the ‘Cut Cut Cut Cut Taxes’ plan

    I think Trump should call it the Cut Cut Cut Plan. Then Trump can refer to it as the CCCP, in honor of his KGB benefactor/master.

  91. 91
    MobiusKlein says:

    @Major Major Major Major: The domain hijacking by itself is not enough to prove there was a total security breach. But if the same thing happened at my workplace, it could an equifax level breach, as far as potential user data loss
    No exaggeration.
    We take that sort of threat seriously, and the notion we should downplay the risk when the potus gets hacked is crazy.
    It could nothing, or tip of the iceberg. Too soon to know.

  92. 92

    @MobiusKlein: sure, it’s bad, and the fact that it wasn’t addressed, even after all these years, speaks to their abysmal security practices. I just don’t like sensationalized tech (or science) journalism, and this article is all over the place, instead of discussing simple (and more serious!) breach potentials like you and @JGabriel have identified.

    I guess I was responding to the article’s focus on ‘zomg “shadow subdomains” to the mos eisley cantina’, which is very silly.

    ETA: If this happened at my office somebody would almost certainly be fired and there would probably have to be lawyers involved because of the kind of data we deal with. I’m aware of the risk here. Maybe I’m just too easily burned after seeing what bad tech journalism did to Hillary Clinton.

  93. 93
    sharl says:

    OT, the Nevada trial of Cliven Bundy and his crew is starting up; right now it appears to be wrapping up the juror selection phase.
    JJ MacNab put together a twitter list of people covering or commenting on it from inside the courtroom. It’s a short list (four people), including three area reporters and that rightwing legal whackjob Larry Klayman. So if you wanna have a separate browser tab open to follow this home-grown madness, there ya go.

    One prospective juror – perhaps dismissed by now (I didn’t scroll far enough to get the latest) – believes in a connection between the heroic Bundy stand-offs and the Uranium One nontroversy, proving one again that Hillary is everywhere, riling things up and threatening God-fearing, gun-loving Patriots™.

    Another juror questioned after he wrote that he believed the OR refuge takeover & Bunkerville confrontation 'started b/c of Uranium One.'— Maxine Bernstein (@maxoregonian) November 1, 2017


  94. 94
    Odie Hugh Manatee says:

    @JGabriel: If you have Spectrum Business in your area, check it out for your home. I got sick of their residential years ago and switched to their business side and have been happy ever since. Well, except for two months in to my new account when Charter’s residential had to take one more shot at me and disconnect my CBN (Charter Business Network) service. Spectrum Business came out within two hours and hooked it right back up, pointing out to me that the new line was even tagged “DO NOT DISCONNECT – CBN”…lol. The two other times I needed service it was fast and same day. I’ve been using them for over four years now and have no regrets or complaints.

  95. 95
    bystander says:

    Darn…I only read the post title and assumed the lost Melania porn DVD had turned up.

  96. 96
    Lee says:

    Don’t pull it as it is important just not ‘hair on fire’ important (yet).

    That being said…

    I’m not entirely convinced the Trump Org was hacked.

    People are assuming that he was not already completely compromised by the Russians at this point all this happened.

    Who is to say he (or his lackies) were not instructed to let the Russian ‘tech people’ work on his infrastructure and they set all this up. Just because nothing is communicating NOW to these subdomain does not mean that was always the case (remember the story during the campaign of the traffic between Trump tower & Russia?). They could have been using (or planned to use) the entire Trump Org’s infrastructure as giant proxy getting information in or out of Russia.

    Yeah I know that is a bit ‘tinfoil hat’ but with all the shit already going on, nothing would surprise me.

Comments are closed.