I'm no fan of this administration, at all, but this seems like a big fat nothingburger. They hacked a personal gmail account, not a government account, not government infra. Why is this not a failing of Google instead of the government? And surely the hackers would have eagerly released anything damning, but nothing damning seems to exist. What am i missing here?
Remember when this admin used a Signal group chat to coordinate an operation against Houthi forces in Yemen and left in some journalists. Do you think he cares care whether he sent an email with his gov email on a gov device or if he sent it with his personal email?
you don't think that it's relevant and concerning that the director of the FBI didn't take operational security seriously enough that his account got compromised? even if they didn't get anything incriminating (which maybe they did and are going to blackmail him later) that show a shocking lack of competency for someone in that kind of position.
we don't even know how it was compromised. was his password "password", or did the hackers exploit a gmail/google vulnerability?
i think the facts of the matter are that a gmail vulnerability is on the very low likelihood kind of event. they wouldn't burn their insanely valuable vulnerability on showing how much of a fratboy kash is. the most likely possibility is that he either clicked on something dumb and gave access through phishing(really bad) or had a really weak password without 2fa(also really bad).
are you suggesting the former is not a demonstration of a shocking lack of competency?
I'm suggesting we don't know how the account was hacked, which is true. could be due to incompetence or not. i don't know, nor do you
True, but don't you think the FBI director should be held to higher standards of security hygiene than average people? Because I'm interpreting your tone as "it could happen to anyone". At some point the doubt is gone and there's no more benefit to give...
Comments in this thread mostly reflect people’s own biases, that is a shallow projection based on the headline.
Did the director have his email on a vulnerable server? Yes. Yes he did.
He should have known better.
Operational security doesn’t apply to personal accounts, no? Otherwise, they wouldn’t be personal.
It's not a big deal, for the reasons you mentioned. But it's interesting to a lot of people, and therefore newsworthy.
it's definitely newsworthy, no doubt there. but i see so many people in this thread pointing to this as somehow a failing of the fbi, which it's not. i'm all for calling out this administration for its many many failings, but this is not one of them, and calling this a failure of the administration just hurts the credibility of everyone pointing out real issues with this administration.
People are concerned because every government official uses their personal email for work.
The director of the FBI should not be hacked in anyway ever for any reason.
If Gmail isn’t secure, he should be using something else.
How is this a failing of Google? They can't be blamed for users who fail to secure their own accounts.
True yeah. but uh anyway what about HILLARYS EMAILS we need to hear about those for the next 4 decades (no convictions despite "Lock Her Up" slogans for 5 years)
just think of what could someone do if they got into your personal email account?
yes, and...?
Major public figure who is currently in a position of power in the USA. That’s bad news because it reveals sensitive details which may lead to their further compromise. Imagine you’re compromised by a corrupt administration with pics of CSAM or something already, now imagine a foreign actor also having compromised you. It’s a sticky situation.
Yes, that's all true, all potential issues in theory. I'm still not seeing why this points to or supports the (valid) claim of incompetence in the FBI. That seems to be the angle most posters in this thread are taking, and it seems...misguided to me. Tilting at windmills. Let's call out the admin for their real failings, not nonsense like this. Getting your gmail account hacked does not reflect on you as a professional.
> "Getting your gmail account hacked does not reflect on you as a professional."
Doesn't it though? Especially when your profession involves the security of a nation and you can't even secure your own personal email account successfully?
> Getting your gmail account hacked does not reflect on you as a professional.
Why not? Most professionals at larger organizations have to do security training. These kinds of attacks are far less likely to succeed on anyone who follows the basic precautions taught in such training. E.g., if he had MFA enabled on his account - as he certainly should have had - they would not have been able to compromise it externally, i.e. it would have had to be much more than his email that was hacked.
I don’t get the propensity some people seem to have for defending this shameful collection of incompetent criminals, bullies, and clowns.
Leaking one’s credentials to sensitive personal repositories of information is a “real failing” lol, how could one think any differently? I would be mortified and immediately rectify the situation.
Shouldn't the FBI be protecting its own members -- especially its executives -- personal digital footprint, given the risk?
> Getting your gmail account hacked does not reflect on you as a professional
If you work in security: it *absolutely does*, because 99+% of the time you are the primary contributing factor, whether from password reuse or downloading malware or clicking bad links or opening random emails or being susceptible to social engineering, etc.
If you are the head of a security organization: obviously you should not expect to retain that job, as your poor reputation is now an albatross around the company's neck.
If you are the head of the FBI: lol. lmao. what the actual fuck. my money is on someone spearfished him with an email subject about a book deal and he'll just click fucking anything.