Dear Mr. President, you need to fire your CISO.

Dear Mr. President, you need to fire your CISO (Chief Information Security Officer). The www.whitehouse.gov domain has no DMARC enforcement, which means people could send email claiming to be from the White House and it wouldn't be flagged and stopped. DMARC stands for Domain-based Message Authentication, Reporting and Conformance, and it is the first level of defense against…The Bad Guys. Where does www.whitehouse.com DMARC enforcement stand:

The DMARC record defined on whitehouse.gov specifies that reports be sent to a receiver at 'mail.pci.gov' - but that receiver is not configured to accept reports from this domain. Information about the status of messages purporting to be from addresses on this domain and its subdomains will not be sent to this receiver. Which means that The Bad Guys can spoof email from DonaldJTrump@whitehouse.gov and nobody would be the wiser.

Don't worry, I'm not trying to sell you anything. But if someone tries to take out both you and your Vice President, then guess who becomes POTUS? Yeah, you get the picture. Batten down the hatches. In case you haven't been keeping up with current events, a whole lot of people are out to get you.

Sincerely,

Mad Max

Comments

Popular Posts