The CIA director uses AOL email.

Toggle sidebar Toggle sidebar
rudder

rudder

Lifer
Nov 9, 2000
19,441
86
91
And it was hacked. Apparently there was some stuff that should not have been sent via AOL.

http://www.dailymail.co.uk/news/art...ate-AOL-email-posted-contact-list-online.html

I sure hope this is not true since we are already dealing with the most incompetent administration this nation has seen. This also will not bode will for Hillary.

What if the head of the CIA resigns because of the release of classified information contained in a hacked AOL account?

You can't make this stuff up.
 
Last edited:
C

cubby1223

Lifer
May 24, 2004
13,518
42
86
Yea, so, in my opinion over the next decade cybersecurity will be much more important to focus on than even, for example, military security. Not at all impressed with any of our choices for presidency.
 
Indus

Indus

Lifer
May 11, 2002
14,479
10,153
136
Who the fuck still uses AOL? Aren't they like so 20 years ago?

I didn't know they were still around.. thought they went the way of compuserve/ prodigy/ mindspring.
 
M

maddogchen

Diamond Member
Feb 17, 2004
8,903
2
76
They are still around and if you had an AOL account and you cancelled the service because you stopped doing dial up your email account might actually still be around
 
Newell Steamer

Newell Steamer

Diamond Member
Jan 27, 2014
6,894
8
0
The CIA director uses AOL email. And Verizon + AOL got phished.

http://www.wired.com/2015/10/hacker...ector-john-brennan-email-tells-how-he-did-it/

“[W]e told them we work for Verizon and we have a customer on scheduled callback,” he told WIRED. The caller told Verizon that he was unable to access Verizon’s customer database on his own because “our tools were down.”

After providing the Verizon employee with a fabricated employee Vcode—a unique code the he says Verizon assigns employees—they got the information they were seeking. This included Brennan’s account number, his four-digit PIN, the backup mobile number on the account, Brennan’s AOL email address and the last four digits on his bank card.

“[A]fter getting that info, we called AOL and said we were locked out of our AOL account,” he said. “They asked security questions like the last 4 on [the bank] card and we got that from Verizon so we told them that and they reset the password.” AOL also asked for the name and phone number associated with the account, all of which the hackers had obtained from Verizon.
Click to expand...

So...

Verizon get's phished. AOL get phished into giving the hackers access. Access to some dumb old man's e-mail - therefore; let's rip into Hillary Clinton.

e-mail: The Right's NEW Abortion.

Let me guess, it's not hacking if you pushed send?

Nonetheless, using AOL to 'store' extremely sensitive information is just dumb and proof of total incompetence - he should get fired. Very embarrassing.
 
G

Gonad the Barbarian

Lifer
Oct 16, 1999
10,490
4
0
Indus said:
Who the fuck still uses AOL? Aren't they like so 20 years ago?

I didn't know they were still around.. thought they went the way of compuserve/ prodigy/ mindspring.
Click to expand...

Nearly every fucking person I know that started using AOL at the dawn of the internet still uses it as their primary/only one. And several of those still insist on using that ancient AOL desktop program to access it. I'm totally unsurprised Brennan would fall into the first category if not the second as well. He, shall we say, fits the profile.
 
B

Brian Stirling

Diamond Member
Feb 7, 2010
3,964
2
0
My brother still uses AOL, but he's in his late 60's and pretty much could give two shits about technology other than cars and motorcycles.

I find it hard to believe that we are still reacting with surprise that there's people out there looking to hack us. How the fuck can someone, anyone, working for the CIA for Christ's sake not understand this fact.

It's high time the government cracks down big time on the use of poorly protected systems for communication. One of the lessons we might have learned from the Hillary email deal might be to 100% eliminate government employees with high security clearance using roll-your-own or open consumer systems. That a snot nosed kid from the USA was so easily able to get into an account of the DIA director is bad enough, but what about the more determined and capable threats from China, from Russia, from ISIS?

I said it before and I'll say it again. If you work for the government and have a high security clearance than ALL your communications MUST be managed by our best secure systems and that includes all private communications. Each employee would have a government email and a private email and the government one would be visible to anyone that had legitimate reason for access. The private email, though housed and maintained by government agencies, would require the same warrants that would be required of any private individual. If, however, classified info is ever found on the private account then that person would be guilty of mishandling information with penalties based on the nature of the info.

The bottom line is no government employee with access to high security info, whether hired or elected, would be permitted to use a private email account under punishment of law. All such comm must be housed and maintained by our best security systems.


Brian
 
Preyhunter

Preyhunter

Golden Member
Nov 9, 1999
1,774
12
81
Brian Stirling said:
My brother still uses AOL, but he's in his late 60's and pretty much could give two shits about technology other than cars and motorcycles.

I find it hard to believe that we are still reacting with surprise that there's people out there looking to hack us. How the fuck can someone, anyone, working for the CIA for Christ's sake not understand this fact.

It's high time the government cracks down big time on the use of poorly protected systems for communication. One of the lessons we might have learned from the Hillary email deal might be to 100% eliminate government employees with high security clearance using roll-your-own or open consumer systems. That a snot nosed kid from the USA was so easily able to get into an account of the DIA director is bad enough, but what about the more determined and capable threats from China, from Russia, from ISIS?

I said it before and I'll say it again. If you work for the government and have a high security clearance than ALL your communications MUST be managed by our best secure systems and that includes all private communications. Each employee would have a government email and a private email and the government one would be visible to anyone that had legitimate reason for access. The private email, though housed and maintained by government agencies, would require the same warrants that would be required of any private individual. If, however, classified info is ever found on the private account then that person would be guilty of mishandling information with penalties based on the nature of the info.

The bottom line is no government employee with access to high security info, whether hired or elected, would be permitted to use a private email account under punishment of law. All such comm must be housed and maintained by our best security systems.


Brian
Click to expand...

What are these "best security systems"? I'm not defending some idiot lady that claims it's too confusing to use more than one email address and still thinks she's fit to run this country, nor am I saying that our government agencies are the best at handling sensitive information such as this (how many govt agencies have been hacked in the last 4-6 years?). AOL, as an organization, has likely been hacked less than the Fed, not counting the users using "password" as their password. AOL is still shit. Again, it comes down to this...who is competent and trustworthy enough to handle sensitive Fed email communications?
 
B

Brian Stirling

Diamond Member
Feb 7, 2010
3,964
2
0
Preyhunter said:
What are these "best security systems"? I'm not defending some idiot lady that claims it's too confusing to use more than one email address and still thinks she's fit to run this country, nor am I saying that our government agencies are the best at handling sensitive information such as this (how many govt agencies have been hacked in the last 4-6 years?). AOL, as an organization, has likely been hacked less than the Fed, not counting the users using "password" as their password. AOL is still shit. Again, it comes down to this...who is competent and trustworthy enough to handle sensitive Fed email communications?
Click to expand...


That's an excellent question and sadly our government hasn't seemed interested in figuring that out just yet. Of course, we have encrypted communications in the military and one would have to believe the communications between the State Department and our embassies would also be highly secure but pretty clearly there is insufficient effort in the broader aspects of security and we'd better fix that and quick.

I have to believe the NSA knows how to do this but it's not clear the various agencies are following there guidance. The only certain thing I know is that hacking of governments is only just beginning and that state sponsored hacking is likely the next flash-point that could trigger a shooting war.

We're talking the CIA for fuck sake!


Brian
 
Preyhunter

Preyhunter

Golden Member
Nov 9, 1999
1,774
12
81
The NSA MAY have the know-how to do this, but...they are a Fed agency AND their trustworthiness is totally shot. The sensible American doesn't trust this domestic spying organization.

I say "MAY" earlier because I truly believe China owns our asses in IT knowledge. No matter what the NSA may come up with in a protection scheme, China's state-sponsored hacking collective will find a way through it. They have been reverse engineering our technology for so long it has likely become second nature to them.
 
spacejamz

spacejamz

Lifer
Mar 31, 2003
10,922
1,572
126
On Conan last night, his joke was that the password was probably still 'Password'....
 
B

Brian Stirling

Diamond Member
Feb 7, 2010
3,964
2
0
Preyhunter said:
The NSA MAY have the know-how to do this, but...they are a Fed agency AND their trustworthiness is totally shot. The sensible American doesn't trust this domestic spying organization.

I say "MAY" earlier because I truly believe China owns our asses in IT knowledge. No matter what the NSA may come up with in a protection scheme, China's state-sponsored hacking collective will find a way through it. They have been reverse engineering our technology for so long it has likely become second nature to them.
Click to expand...

I doubt China is more capable than we are and the very collective you mentioned was detected because they did there hacking 8AM-5PM. I have little doubt that the NSA, which employs the largest collection of top mathematicians on the planet is outclassed by the Chinese.

The problem appears to me to be that very few of the government agencies are using the best practices and enforcing them. That has to change!


Brian
 
dainthomas

dainthomas

Lifer
Dec 7, 2004
14,826
3,776
136
pcgeek11 said:
No different from Hillary using her private server.
Click to expand...

Except for being way way way way way less secure.

This is right up there with Palin using Yahoo email to avoid disclosure rules and getting "hacked" because her password was her dog's name or something.
 
K

Knowing

Golden Member
Mar 18, 2014
1,522
13
46
Preyhunter said:
The NSA MAY have the know-how to do this, but...they are a Fed agency AND their trustworthiness is totally shot. The sensible American doesn't trust this domestic spying organization.

I say "MAY" earlier because I truly believe China owns our asses in IT knowledge. No matter what the NSA may come up with in a protection scheme, China's state-sponsored hacking collective will find a way through it. They have been reverse engineering our technology for so long it has likely become second nature to them.
Click to expand...

The opposite is closer to true.

Hack it like it's 1999

Getting nostalgic with Huawei stack-based overflows...


http://risky.biz/RB250


https://www.schneier.com/blog/archives/2014/03/nsa_hacks_huawe.html

The advantage that the Chinese have is the implausible deniability of their state endorsed (if not sponsored) hackers and the great firewall that was used to man-in-the-middle github.

I can't remember the outlet that was reporting it, but it was a vendor talking about attempts to exploit the network coming from China. Over the course of a week or two the complexity of the attacks escalated, peaking with the use of 0-day which didn't work because [vendor plug]. After the 0-day didn't work they packed up the operation and they haven't seen anymore activity. Now, I suppose it's possible that they sought out a James Bond hacker and they got owned so good they don't even know it but I doubt it.
 
rudder

rudder

Lifer
Nov 9, 2000
19,441
86
91
Preyhunter said:
The NSA MAY have the know-how to do this, but...they are a Fed agency AND their trustworthiness is totally shot. The sensible American doesn't trust this domestic spying organization.

I say "MAY" earlier because I truly believe China owns our asses in IT knowledge. No matter what the NSA may come up with in a protection scheme, China's state-sponsored hacking collective will find a way through it. They have been reverse engineering our technology for so long it has likely become second nature to them.
Click to expand...

What do you mean reverse engineering? Companies like Cisco have been using Chinese manufacturing for networking devices. They gave the Chinese all the tech they need. I would not trust a networking device made in China.
 
Jaskalas

Jaskalas

Lifer
Jun 23, 2004
35,011
9,113
136
This is a logical outcome when our "top men" are old and senile.
Obama wasn't a bad age for becoming President. He just needed to pick his peers to work for him.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom