Any Half-Decent Hacker Could Break Into Mar-a-Lago. We Tested It.

from Gizmodo

6 tags
0 requests

Two weeks ago, on a sparkling spring morning, we went trawling along Florida’s coastal waterway. But not for fish.


0 votes
tagged related information
We could have hacked them in less than five minutes, but we refrained.

They are probably referring to WiFi networks that are encrypted with the obsolete WEP standard, which can be broken quite easily and is not considered adequately secure.


0 votes
tagged an exaggeration
We identified two open Wi-Fi networks that anyone could join without a password.

Many hotels, airports, and other public places have WiFi access points for their guests to use that can be joined without a network. The authors are trying to imply a grave security risk, which is a major exaggeration.


0 votes
tagged an exaggeration
Sophisticated attackers could take advantage of vulnerabilities in the Wi-Fi networks to take over devices like computers or smart phones and use them to record conversations involving anyone on the premises.

It takes significantly more than an open WiFi network to compromise a computer or smartphone to the point of using them to record conversations. The devices in question would need to have extremely serious security flaws on top of that which allow an attacker to install malicious software and take control of them.


0 votes
tagged a false statement
The cybersecurity issues we discovered could have allowed those diplomatic discussions—and other sensitive conversations at the properties—to be monitored by hackers.

The authors have not demonstrated any security flaws beyond the existence of open or weakly encrypted Wi-Fi networks. They have not demonstrated any flaws that could be used to monitor sensitive conversations.


0 votes
tagged a misleading statement
We drove through the grounds of the Bedminster golf course, and into the parking lot of the golf course in Sterling, Va. No one questioned us.

These are public areas, there is no reason to expect to be challenged while driving into the parking lot, especially at times when the President is not present there.


0 votes
tagged a misleading statement
The company also publishes online, without a password, many of the default settings and usernames for its software — essentially providing a roadmap for intruders.

Just because Clubessentual published a manual with default passwords doesn't mean that this property was using them. Without further proof, this is a misleading claim.