R'lyeh Consulting, LLP-Republican Party: Ur DOIN IT WRONG

[Netwörkheäd]

Republican Party: Ur DOIN IT WRONG

Well done, Rince Priebus. The chairman of the Republican National Committee (RNC) said, “Maybe our folks are better at securing our e-mail and our cloud and our data than the DNC. I don’t know what the answer to that is, Andrea, but at this point, we haven’t been hacked… but, I can assure if someone […]

Well done, Rince Priebus. The chairman of the Republican National Committee (RNC) said, “Maybe our folks are better at securing our e-mail and our cloud and our data than the DNC. I don’t know what the answer to that is, Andrea, but at this point, we haven’t been hacked… but, I can assure if someone hacked my e-mails, they wouldn’t find me calculating against particular candidates and it’s not something that I would do.”

He could have saved some effort by simply saying, “We are pleased to announce a hackathon, starting now, directed against the RNC servers. While I doubt I have anything embarrassing on them, please feel free to share whatever you find with public sources of shared information including, but not limited to WikiLeaks, Pastebin, and an open Dropbox folder.” Or, for the even shorter translation that would produce the same invitation as in the above two comments: “ALL UR h4x R WEAKSAUSE!!!!@!~~~!!~~~!!!!111!!!eleven!!!”

Organizations need to have some defined style codes and talking points when representatives are speaking about security issues. Foremost among such codes and points should be an admonition to not tempt fate by declaring invulnerability to attacks or by saying there’s nothing worth finding on one’s network. Now, the people already attacking the RNC network are about to be joined by other, previously unmotivated individuals who now, out of a sense of curiosity or self-righteousness, are going to see if the RNC’s servers are indeed better secured and/or have nothing of value on them. Such information would then be shared, most likely on one of the Internets or maybe even a website, because Internets and websites are things hackers will use in their cyber.

I wrote that last sentence in jest, but it pains me to think that there are people in the RNC as well as the DNC, and a number of other organizations, that would have taken notes on that sentence if I presented it to them in a PowerPoint. I would then be asked follow up questions to clarify what is meant by “Internets”, “websites”, and “cyber.” Internet security is so much more than just looking both ways before crossing the street. It also involves not standing defiantly in the intersection while yelling “COME AT ME, BRO!” to approaching drivers.

Come to think of it, that would make another really cool slide. If you’re in the RNC or DNC, call me. I got a slide deck that will open your eyes!

Source: Republican Party: Ur DOIN IT WRONG

From http://aohell.com/

[deanwebb]

Seriously, there needs to be a guide for non-technical people about how not to start an impromptu hackathon.

[icecream-guy]

Seriously, there needs to be a guide for non-technical people about how not to start an impromptu hackathon.

Sounds like a good video for you

[deanwebb]