Rudy Giuliani's Paranoid Nonsense Tweet Is A Good Reminder That We Need Actual Cybersecurity Experts In Government
from the what-the-actual-fuck dept
Rudy Giuliani may have built up a reputation for himself as “America’s Mayor” but the latest chapters in his life seem to be a mad dash to undo whatever shred of goodwill or credibility he might have left. Politics watchers will know that he’s been acting as the President’s lawyer, in which (as far as I can tell) his main job is to go on TV news programs and reveal stuff no lawyer should reveal. But, we shouldn’t forget Giuliani’s previous jobs. His earlier firm, Giuliani Partners, had a subsidiary called Giuliani Security that at least at one time claimed to do “cybersecurity.” Of course, when the press explored what that actually meant, it was fairly limited.
“If you hired them on a cyber engagement, they are going to tell you what your legal obligations are and how to manage the legal risk related to cyber,” a cybersecurity executive in New York who has experience with Giuliani Security and Safety and requested to remain anonymous told Motherboard. “Basically, not to prevent a Target [breach], but how to prevent a Target CEO being fired.”
Still, a lot of heads spun around when Giuliani himself was named as Trump’s cybersecurity advisor, because, as basically everyone recognized, he does not appear to know anything about cybersecurity.
Yesterday, Giuliani made clear just how incredibly ignorant he is of the basic functioning of the internet. As I type this these tweets are still up, but I’ll post a screenshot on the assumption that someday, someone with actual knowledge will get to Giuliani and convince him to take these tweets down:
There’s a lot going on here, so if you haven’t been following all of this, it may take a bit to unpack. The first tweet references Mueller’s recent filings against Paul Manafort, Trump’s former campaign boss, for lying (again) to the Special Counsel’s Office. Giuliani is making a weird unfounded claim that Mueller is specifically timing his indictments to times when the President is about to leave town for international gatherings. Considering the number of indictments that Mueller drops — most of which don’t happen when Trump is about to travel to meet foreign world leaders — this already feels like ridiculous conspiracy mongering.
Within that tweet, Giuliani appears to make a few typos — specifically forgetting to put a space after the period of a couple of sentences. The first time this happened, the sentence ended with “G-20.” The next sentence begins “In”. However, because (1) the lack of a period mushes these together as “G-20.In” and (2) because “.in” is the top level domain for India, Twitter interpreted that as a link to the website g-20.in. Some bright, enterprising person then registered such a website and posted an anti-Trump message to it, specifically this:
Whoever set up that site has since added a news update concerning Mueller’s recent sentencing recommendations for Trump’s former National Security Advisor Michael Flynn, who was among the first brought down by Mueller.
Lots of people were mocking supposed “cybersecurity expert” Giuliani for accidentally posting such a link and opening himself up to such a thing. But last night Giuliani decided to take the nonsense to extreme levels of nonsense, accusing “cardcarrying anti-Trumpers” at Twitter of allowing “someone to invade” his tweet to insert that link. His “evidence” for this was the fact that the second time in that same tweet where he made the same “no space after a period” typo — creating “Helsinki.Either” — it did not turn into a link. And… as basically anyone who has even the most rudimentary understanding of the internet (clearly not including cybersecurity expert Rudy Giuliani), the reason there is no link for that is because “.either” is not (yet) a top level domain, and thus Twitter’s systems don’t see it as a link and don’t automatically link it.
The rest of the internet has been having lots of fun with this, mocking Giuliani, and I’m amazed that the tweet has stayed up for as long as it has. Twitter was even forced to issue a statement denying any foul play:
A spokesperson told Fortune that the company?s ?service worked as designed.? The spokesperson added that whenever someone tweets a Web address, a clickable link is automatically created.
?Any suggestion that we artificially injected something into the user?s account is false,? the spokesperson said.
And while it may be fun to mock such utter incompetence put on display for the world, this really does highlight a serious problem. The lack of knowledgeable people about real online security issues in the government — especially when computer security issues are so vital to almost everything these days — is a real problem. We can laugh about “cybersecurity advisor” and “expert” Rudy Giuliani not understanding how top level domains and links work, but then we should be terrified to think that… who the hell is actually advising the administration on very serious issues regarding internet security, at a time when tons of entities, from lowly criminals to aggressive nationstates, are using the network to mount various attacks.
And, yes, there are actually a number of other people in the government who do truly understand this stuff. But over and over again it appears that the people appointed to the highest levels concerning these things have no clue. And that’s a big deal, because computer security issues aren’t something you just pick up with a crash course. They’re complex and challenging and require a pretty deep level of knowledge to actually understand both the threats and the possible remedies. And, when the administration’s top cybersecurity adviser freaks out because he doesn’t know what a top level domain is… that should worry us all.
Filed Under: cybersecurity, expertise, rudy giuliani, top level domains
Comments on “Rudy Giuliani's Paranoid Nonsense Tweet Is A Good Reminder That We Need Actual Cybersecurity Experts In Government”
Typical nonsense from the Trump administration. I’m no Democrat either but seeing a pro-Trump bumper sticker on a car is fair warning, proven out time and again, that they’ll probably do something stupid before I can get away from them.
My fear each day is that we’ll finally see Brawndo go on sale everywhere.
Re: Re:
It’s what plants crave!
Re: Re: Re:
It’s got electrolytes.
Re: Re:
The person with the pro-trump bumper sticker is like the BMW driver.
Both think they deserve special treatment. Both will force that special treatment when they realize you don’t give a damn about their importance.
SMOD end this now…
I assume you mean "undo"?
Ugh, Giuliana comes across as a total Twit here!
Re: Re:
Giuliani even.
(from the why-oh-why-do-we-still-not-have-an-edit-comment-button dept)
Re: Re: Re:
Nono, it works with the misspelling.
Re: Re: Re: Re:
Giuliano was a pretty good mayor.
Re: Re: Re:2 Re:
There’s a lot of dispute about that.
You know why Giuliani was running around all over the place on 9/11 instead of sitting in a command center? It’s because he decided to ignore security experts and put NYC’s anti-terror center headquarters in the Twin Towers, to be within easy walking distance of his office! Nevermind the previous terror attacks against it years before 9/11!
So yeah, the guy who ‘calmed’ people down on TV made 9/11 even worse for NYC.
Giuliani also got virtually no votes from the African American community for a reason, just do some googling on why they don’t like him. Jon Oliver made a segment a year or two ago about why Giuliani has always been like his present insane and offensive self.
Re: Re: Re:3 Re:
What’s that got to do with Giuliano?
Re: Re: Re:
For the same reason we can’t have nice things… all the assholes who would try to find a way to abuse it.
Re: Re: Re: Re:
How?
Put in place the same basic system they have on StackOverflow (quick corrective edits within the first 5 minutes are “free,” and after that you get a note on the post that it’s been edited, and a link to the edit history) and the potential for abuse by trolls virtually disappears.
Re: Re: Re:2 Re:
Nah, I reckon they’ll find some way to do some damage. At the very least, they’ll be trying the Giuliani defence and claim that edits were made to make them look bad when called out on their own failures.
Also, the requirements of a site like Stack Overflow (mostly business talk where it may be vital to correct typos in code you just supplied) is different to a site like this (mostly personal opinion where typos usually don’t have any real impact)
It’s annoying sometimes, but I prefer the system we have now where if you failed at previewing you correct yourself without altering the original text.
The level of out right HATE between the various groups it is most surprising when either side DOES NOT DO something vindictive.
Re: Re:
Well it’s surprising when either side doesn’t get blamed for doing something vindictive anyway.
False?
Giuliani’s comments weren’t just false – they border on defamatory to blame Twitter for his problems.
Re: False?
I don’t think they do.
Re: Re: False?
I think they do.
Your move.
Re: Re: Re: False?
Well not really, because Hitchens’s Razor, but okay, sure, I’ll expand.
First of all, I’m not aware of any US jurisdiction where defamation law includes defaming a company. A company can defame a person, but can a person defame a company? I can’t find any examples offhand, but if I’m wrong, feel free to share.
Second, even assuming it were possible to defame a company, one would assume Twitter would be held to the same standard as a public figure for purposes of defamation. That means the actual malice standard would apply. I don’t think Giuliani’s remarks meet the actual malice standard; he’s just an idiot who doesn’t understand computers.
Beyond that, it’s very hard to get convicted of defamation for a tweet; online forums in general, and Twitter in particular, are known to their audiences as likely sources of bluster and hyperbole — as is Giuliani himself.
In summary: Giuliani’s remark was very dumb and computer-illiterate. But I don’t see how it’s defamatory. The correct response is mockery, not a lawsuit.
Re: Re: Re:2 False?
The person you first responded to only said
I would agree that it borders on defamatory. I wouldn’t agree that it is defamatory. Nor did either of us suggest a lawsuit.
Re: Re: Re:3 False?
Sure, in the same way that the United States borders on Luxembourg.
Re: Re: Re:4 False?
Well if Giuliani had accused me of editing his Twit to include an anti-trump message for malicious reasons, yeah, that would be saying that I did something I didn’t do.
As Shuffle pointed out i did not intend that to read “Twitter should sue for defamation.” Just that it crossed the line from opinion to making a false accusation.
I’ll try to keep my hyperbole in line now that Thad is raising actual, fact-based, commentary on my posts. (Seriously, much better discourse than he who shall not be named telling me I posed 108 times.)
Re: Re: Re:5 False?
Yes, but (1) you’re a person, not a company, (2) you’re not a public figure and so the actual malice standard wouldn’t apply, and (3) even then you’d still have an uphill battle getting a defamation verdict because both the speaker and the forum are known for bluster and hyperbole.
Maybe, but a false accusation isn’t necessarily defamatory (or illegal in other ways). I didn’t mean to accuse you of saying Twitter should sue, but my point was that I think Giuliani’s comment was just dumb, not actually illegal (or even close to it).
IANAL, but I do see references to defamation thrown around a lot in Internet comments sections and they’re usually off-base. And "no, here’s what defamation actually is" is a good subject for Techdirt, given that OGH is still fighting a lawsuit based on false claims of defamation.
Re: Re: Re:2 False?
“he’s just an idiot who doesn’t understand computers”
…who has been appointed by your president to help advise on how to secure your country’s computers. I know you know this, but it’s worth repeating for anyone wondering why this particular idiot is newsworthy.
As for the rest, I don’t think a legal standard was being suggested but he is pretty much stating that someone at the company deliberately altered his account to say something he did not approve of posting. In other words, he’s accusing the company of deliberate criminal activity. Defamation or not, that is a pretty strong accusation.
Re: False?
To give him just a little bit of credit, it was Twitter deciding to turn text into a link. Server-side auto-linking made sense when people were tweeting via SMS, but is an anachronism now that there are real Twitter clients. The clients should create the links and let people turn them into text before sending, if they want. There are sometimes reasons to refer sites without linking them.
“over and over again it appears that the people appointed to the highest levels concerning these things have no clue”
Well, it’s not just tech or cyber security, it’s pretty clear Trump generally prefers people who don’t understand their jobs, so they don’t contradict him, will blindly follow really stupid instructions and make good scapegoats when things go badly.
Paranoia Bigly Destroyer
Giuliani smokes weed.
Re: Paranoia Bigly Destroyer
He’s got the paranoia, but he’s not very mellow.
Twitter's statement
Perhaps Twitter’s statement could get a little modification at the end:
“This incident shows how difficult it is to make software idiot-proof, especially when facing idiocy of this magnitude.”
Trump should move on from LegalZoom to Craig’s list to find his lawyers…..or those willing to be.
"America's Mayor"
“America’s Mayor” Rudy Giuliani is just another version of “America’s Cop” Bernard Kerik. Both of them achieved fame and fortune by cashing in on a tragedy, being the people in charge in the worst possible place at the worst possible time, NYC on Sept 11, 2001. How these incompetents were able to turn such wretched failure into resounding success may go down in history as one of the biggest mysteries of the modern age.
For anyone who might wonder about his intellectual capacity, don’t forget that Giuliani was the genius who picked the World Trade Center to be the location to house New York City’s Emergency Operations Center, despite having been targeted in a failed truck-bomb attack a few years earlier (huge oops).
Here’s another one, with a better payload:
https://twitter.com/RudyGiuliani/status/1041168209074941952
Counting the exclamation mark, there are 3 occurrences of that in one tweet. If a single occurrence, I’d believe it to be a typo, but by the third, it’s just a regular error… combined with a lack of proofreading.
I had some trouble parsing his followup message. What’s a “thing-period”? Oh, he used a hyphen instead of an em-dash, twice, and forgot the comma after “period”. These linguistic rules haven’t changed since he was born in 1944. Rudy, here are some punctuation marks you can borrow for next time: — , — (please return them by Tuesday)
This site is anti-American
Wow headline news. Must be a slow news day at Techdirt. What’s next, an article slamming someone in the administration for improper use of an Oxford comma? Ridiculous!
Re: This MAGhole is anti-American
Rut-roh looks like someone got triggered pretty hard. You might need to go back to your safe space kiddo.
Re: This site is anti-American
Sure, if the person using an Oxford comma incorrectly is the Presidential Advisor on grammar, runs a grammar consulting firm, and goes on a laughable, false, conspiratorial rant about how Microsoft Word grammar check is out to get him.
Re: Re: This site is anti-American
and grammar somehow becomes critical to national security.
Re: This site is anti-American
How is pointing out the fact that Rudy Giuliani is a moron anti-American?
Re: Re: Submission to authority: A proud US tradition
Didn’t you get the memo? Questioning authority, and especially pointing out when someone in authority does something stupid and/or bad is highly anti-american.
Re: Re: Re:
Because right-wingers demand unquestioning support to whoever is in charge and to suggest any flaw is tantamount to treason.
Unless it’s a Democrat in charge, then everything’s fair game.
Re: Re:
“Wow headline news”
According to most sources out there, sure. In fact, I don’t see any reliable source I know of that hasn’t covered this in some way.
I know it must be exhausting to constantly hear about the abject stupidity involved with the Trump administration, but the correct response to that is not “stop writing about it!”.
“What’s next, an article slamming someone in the administration for improper use of an Oxford comma?”
If that was done by somebody specifically placed in charge of such things by the sitting president? Sure, why wouldn’t they?
Re: This site is anti-American
Wow headline news.
I’d say so. Presidential-appointed "cyber-expert" is a clueless moron who can’t even get a tweet right without fucking it up?
Then he doubles down and blames Twitter because he’s an idiot? A man from the "party of personal responsibility?"
Big news indeed, especially considering Trump is someone who "hires the best people."
Re: Re: re:
“Presidential-appointed “cyber-expert” is a clueless moron who can’t even get a tweet right without fucking it up?”
The messing up of the tweet is fine – we’re all human and ultimately all he did was miss out a space.
As with many things Trump related, however, it’s not the action itself that’s the problem, but the reaction. If he’d have shrugged it off with a “ha ha you got me” kind of reaction, few would have noticed. He could have corrected the original and carried on with his day without too many people really noticing. Nobody’s rights or safety were placed at risk by the incident
Instead, he chose the “childish asshole who can’t admit to a mistake and has to pretend there’s a conspiracy whenever he encounters something that reflects badly on him” approach. Which, as with his boss, just embarrasses everyone involved while highlighting incompetence. He exposed how little he understands about the fundamental aspects of the things he’s apparently advising upon. That ignorance, especially arrogant ignorance, places people at risk.
The best thing about all this? He still hasn’t edited or removed the damn tweet he’s so offended by.
Re: Re: Re: re:
The best thing about all this? He still hasn’t edited or removed the damn tweet he’s so offended by.
Assuming he’s not deliberately keeping it up so he has an excuse to stay ‘outraged’ with the level of technical skills he’s displayed it’s entirely possible that he’s not taken it down because he simply doesn’t know how.
Re: Re: Re:2 re:
Which, sadly is even scarier, since it means that either he has a lot of people around him are similarly clueless, or people who know how bad this is but don’t care or don’t dare to tell him. That kind of thing presumably carries over to the things that aren’t being publicly mocked.
Whichever way you paint it, this is an indication of a horrible situation. Standard for people close to Trump, but horrible for the sane world.
don't use twitter then
Use whatever all those awesome Trump supporters made.
Or, you know, show a little gratitude and STFU.
What this episode showed, I find, is another damning nail in the coffin of all those copyright fanboys who continue to insist there is absolutely no risk or downside to criminalizing, or adding legal liability to a user who creates a hyperlink.
Under the belief systems of copyright advocates Guiliani should be charged with treason, despite him not creating the hyperlink intentionally, nor the website it linked to.
Not that Guiliani would actually be punished, but this is a striking example of why punishing based on allegations of links is a downright brain-dead idea. Par for the course of copyright advocates.
re: Democracy Died Here
Well, as we see right here at Techdirt, in this very comment thread-many who work behind the scenes as mods/etc. actively target speakers, and speech, with harassment.
And as I recently learned, many mods and their Infragard tech allies are very active on platforms “deplatforming” words, and speakers that they dont like;and even targeting and hacking the IPs of commenters, and worse-often in real time.
Even in the Giuliani thing, we see a behind the scene social exploit-from India, where hackers and exploters routinely wage black-ops on targeted persons networks, and computers.
So-regardless of how you interpret Giuliani, the fact is that Facebook, Twitter, etc. are frequently moled from the inside with political hackers who do, in fact, cause problems.
At Twitter, these insiders call themselves “the birds,” and most of them are Progressive Democrats. And, their hacks are indeed criminal actions.
But then there’s the agencies themselves, and, as Snowden noted ‘I, sitting at my desk could watch everything you do’ on a device, via mirrored connections; and we know that left and right elements in the IC can indeed alter content as you write it.
Not paranoid at all.
So, your analysis comes off as kinda gratuitously disingenuous, and partisan/political.
Here is just one of many links to hackers for hire in India:
https://hirehackingservice.com/hacker-india-hacking-services-india/
Re: re: Blue balls pooped his conspiracy panties
“Not paranoid at all.”
The fact that you felt the need to say that means deep down even your dumb ass knows you are.
Also Rudy’s “hacker” is a marketer from Arizona.
Re: Re: re: Blue balls pooped his conspiracy panties
Interesting fantasy you have about panties, feces, and my testicles.
Wow, dieversity is so intellectually exciting.
Meanwhile, read up on the NSA/Israel Equation Group, and electronic implants.
https://arstechnica.com/information-technology/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/
Re: Re: Re: re:your tongue my cheeks
Hey If shitty panties get you off, more power to ya.
Remember when you promised to leave forever?
I think it’s about past time you put on your big boy panties and manned up to your promise.
Re: Re: Re:2 re:your tongue my cheeks(after urface my ballz)
Oh, I hate going tit for tat with trans-gender people like you.
Im sure you can guess why.
Ok, I will tell you: because I like real tits, ok? And your just a bloated silicon bag.
And maybe,have that drag queen ossession of yours with scat checked out.
Re: re:
“we see a behind the scene social exploit-from India”
So, the fact that an American registered a domain name with a company in India means that that the exploit originated in India?
The fact that someone registered a URL is an exploit?
Someone from the general public with no relationship to Twitter other than being a user is behind the scenes?
That’s why I love it when you post, it’s a fun game trying to locate all the stupidity in mere fragments of the sentences you write.
“So, your analysis comes off as kinda gratuitously disingenuous, and partisan/political.”
I’m fairly sure that they’d be just as mocking of somebody so obviously clueless about the specific job they were hired for, no matter which party they belonged to. The fact that only one party seems to be doing such things does not indicate bias when it’s reported.
Re: Re: re:your tongue my cheeks(after urface my ballz)
You again? Hows your hidey-hole in Gibraltar working for you these days? I heard Mi5 likes the work you are doing on Spanish/Morrocan/north AFRICAN servers, lol.
Yeah, I mis-spoke, so lynch me;and you, as usual, missed the entire point, and defaulted to running with flusteryy ad hom.
And why?
Because you are the exact web-exploiting vermin/cockroach/free speech and association sabateur that I discuss above.
In case you forgot to read the comments that you are allegedly critiquing, in the thin disguise of your well documented passive aggression (which likely has genetic roots) , the comment above discusses a SOCIAL ENGINEERING EXPLOIT, not wutever you are on about.
And, in defense of De Mayor, who I have always viewed as a PoS, and the poison at the root of democracy, I can tell you with certainty, that politicians AND LAWYERS speak to the (not-so-free)press in frequently deliberately reductionist, or obscure terms in a sort of para-language full of semiotic contrivances that speak to their base.
And also, that activate the speech police, and get free press, exactly as Trump has done.
So, try to maintain focus nutsack, and keep the vtopuc on SOCIAL ENGINEERING EXPLOITS.
Re: Re: Re: re:your tongue my cheeks(after urface my ballz)
In case you forgot to read the comments that you are allegedly critiquing, in the thin disguise of your well documented passive aggression (which likely has genetic roots) , the comment above discusses a SOCIAL ENGINEERING EXPLOIT, not wutever you are on about.
Sure it is. Someone else must’ve made such an adept "cyber-security expert" tweet that way. And then, once it was made public what a fuck up he was, same someone also made same "expert" leave it up there.
A point was missed alright – first step is recognizing that is was you.
Second step is to stop continuing to make a fool out of yourself.
Re: Re: Re: Re:
“I heard Mi5 likes the work you are doing on Spanish/Morrocan/north AFRICAN servers, lol.”
Huh, is that what AWS use in their European data centres now? Although, only a xenophobic moron like yourself would either conflate Spanish and Moroccan culture or have a problem with Africa itself.
“Yeah, I mis-spoke”
No, as always, the fundamental core aspects of your arguments were false. I just like mocking the relentlessly ignorant in the hope some others may be educated to the factual information.
“So, try to maintain focus nutsack, and keep the vtopuc on SOCIAL ENGINEERING EXPLOITS.”
Yeah, I will do when one actually comes up. Let me know when you have something other than a person typing a URL without meaning to, and people using legal publicly available services to mock them.
Let me guess, you also brayed about the evidence of Russian interference being false, because they dared not bow to your Cheeto coloured god?
Re: Re: Re: re:your tongue my cheeks(after urface my ballz)
Keep using capital letters, they make you appear mature.
Have some sympathy for poor Rudy, he only learnt how to make fire about month ago.
“he’s just an idiot who doesn’t understand computers.”
Thad said it best.
We Need Actual Cybersecurity Experts In Government
Government. Very stupid. You go first.