LGF

more options

  

Advertisement

  

Link address:
Link title:
Description: 
Remaining:

Obama's Amateurish Web Designers Still Leaving Directories Open

Mon, Jun 9, 2008 at 9:41:05 am PDT

Amazingly, even after it was pointed out to them, there are still quite a few wide open directories at the Barack Obama campaign web site; here’s one: Index of /images/afam.

I’m astounded that even after they became aware of numerous open directories and closed them, they didn’t check the entire site to make sure there were no more. But there you have it.

(Hat tip: Clemente.)

UPDATE at 6/9/08 9:51:46 am:

To clarify what this means, allowing directories to be viewed online is, in itself, a major security problem. Not because someone could tamper with the contents (you can’t) but because it reveals an enormous amount of information to potential hackers. This is Web Security 101; and the fact that the Obama designers are so sloppy on such a basic point indicates that there are probably other security problems at the site.

275 comments

  • Comments are open and unmoderated, and do not necessarily reflect the views of Little Green Footballs.
  • Obscene, abusive, silly, or annoying remarks may be deleted, but the fact that particular comments remain on the site in no way constitutes an endorsement of their views by Little Green Footballs.
  • Posts that contain phone numbers, street addresses, email addresses or other personal information will also be deleted, as will posts that consist only of a variation on the word, "First!"
  • Comments that advocate violence will be cause for immediate banning with no appeal.
  • REMEMBER: posting comments at LGF is a privilege, not a right. Abuse that privilege, and your account will be blocked.

Hide comments | Jump to bottom

1 coquimbojoe  6/09/08 9:41:42 am reply quote

More fun for us!

2 BGOH  6/09/08 9:42:13 am reply quote

Is this the "Change!" Obama has been talking about?

3 loppyd  6/09/08 9:42:24 am reply quote

What does this mean exactly?

Saying I am tech challenged would be an understatement.

5 Globular Cluster  6/09/08 9:43:02 am reply quote

Why are you telling them?

6 Sharmuta  6/09/08 9:43:12 am reply quote

They can't keep up- behold the power of the Lizaroid Minions!

7 loppyd  6/09/08 9:43:36 am reply quote

OT, but it does relate to Obamarama:

'Willie Horton' ad creator takes on Obama


On a website he calls ExposeObama.com, Floyd G. Brown, the producer of the "Willie Horton" ad that helped defeat Michael Dukakis in 1988, is preparing an encore.
8 Charles  6/09/08 9:43:39 am reply quote

re: #3 loppyd

What does this mean exactly?

Saying I am tech challenged would be an understatement.

You should absolutely never be able to see a directory listing on a production web site -- and especially not on one as sensitive as the web site of a presidential candidate.

This is amateurish beyond belief.

9 jcm  6/09/08 9:43:41 am reply quote

re: #4 coquimbojoe

A fair question.

Some one could have loads of fun with open image directories.....

10 lawhawk  6/09/08 9:44:06 am reply quote

Charles,

For those of us who aren't technically inclined, maybe you could let us know whether, in your professional judgment, these open directories could possibly let someone plant such information on the Obama website, or they simply provide a glimpse into what's stored there.

It's my limited understand that you could potentially use that information to exploit weaknesses in security, but it depends on how they've granted permissions to post.

11 VegasRick  6/09/08 9:44:10 am reply quote

re: #3 loppyd

What does this mean exactly?

Saying I am tech challenged would be an understatement.

In technical terms, obambi's webmaster is a poopy pants bozo.

12 loppyd  6/09/08 9:44:30 am reply quote

re: #8 Charles

You should absolutely never be able to see a directory listing on a production web site -- and especially not on one as sensitive as the web site of a presidential candidate.

This is amateurish beyond belief.

Thanks.

Can people mess with it?

13 zmdavid  6/09/08 9:44:34 am reply quote

[Link: www.barackobama.com...]

Black Planet?

14 jcm  6/09/08 9:44:44 am reply quote

re: #10 lawhawk

Charles,

For those of us who aren't technically inclined, maybe you could let us know whether, in your professional judgment, these open directories could possibly let someone plant such information on the Obama website, or they simply provide a glimpse into what's stored there.

It's my limited understand that you could potentially use that information to exploit weaknesses in security, but it depends on how they've granted permissions to post.

Both....
Huge security flaw.

15 JammieWearingFool  6/09/08 9:45:07 am reply quote

All your directories are belong to us!

/amateurs

16 bosforus  6/09/08 9:45:20 am reply quote

If his website security is this shabby I can't wait to see how he plans on securing our country. Oh wait, he's not planning on it.

17 Ojoe  6/09/08 9:45:26 am reply quote

Flat tire,
Seat post too short,
Pedals with instep,
Smokes.

18 SpartanWoman  6/09/08 9:45:35 am reply quote

re: #14 jcm

Both....
Huge security flaw.

Obama, the man, is a huge security flaw!

19 coquimbojoe  6/09/08 9:45:35 am reply quote

re: #9 jcm

Some one could should have loads of fun with open image directories.....

20 Charles  6/09/08 9:45:47 am reply quote

re: #10 lawhawk

Charles,

For those of us who aren't technically inclined, maybe you could let us know whether, in your professional judgment, these open directories could possibly let someone plant such information on the Obama website, or they simply provide a glimpse into what's stored there.

It's my limited understand that you could potentially use that information to exploit weaknesses in security, but it depends on how they've granted permissions to post.

Allowing directories to be viewed online is, in itself, a major security problem. Not because someone could tamper with the contents (you can't) but because it reveals an enormous amount of information to potential hackers.

21 blue_like_jazz  6/09/08 9:45:48 am reply quote

thank you for the explanations for the technoidiots amongst us

//i'm the captain of them

22 Shropshire_Slasher  6/09/08 9:46:07 am reply quote

With those directories open, could somebody install info, like gay cowboy porn or worse (aint goin there)

23 BGOH  6/09/08 9:46:17 am reply quote

re: #14 jcm

I hope no one does start tampering with his site. That would simply give them plausible deniability for all of the other crap that was legitimately posted on it.

24 loppyd  6/09/08 9:46:42 am reply quote
25 Athos  6/09/08 9:46:52 am reply quote

I wonder if they will handle national security secrets with the same care and attention to detail?

26 blue_like_jazz  6/09/08 9:46:59 am reply quote

re: #23 BGOH

maybe that's
WHY
they're open?

27 Ojoe  6/09/08 9:47:12 am reply quote

re: #25 Athos

$64

28 Charles  6/09/08 9:47:14 am reply quote

You can't tamper with those directories -- that's not the problem. The problem is that revealing this kind of stuff is always bad news, and is a completely amateur mistake.

29 BGOH  6/09/08 9:47:22 am reply quote

re: #21 blue_like_jazz

thank you for the explanations for the technoidiots amongst us

//i'm the captain of them

If you're a captain, I'm a general. I'm lucky I can reload new comments! lol

30 loppyd  6/09/08 9:47:46 am reply quote

So someone who wanted to hack could see where things are stored, etc?

31 Charles  6/09/08 9:47:55 am reply quote

And the real point is that if they're so careless on such a basic level, there are almost certainly other, larger security problems.

32 LeftJustAintRight  6/09/08 9:48:03 am reply quote

re: #8 Charles

You should absolutely never be able to see a directory listing on a production web site -- and especially not on one as sensitive as the web site of a presidential candidate.

This is amateurish beyond belief.

This will never happen when Charles is running the Obama White House Blog

33 BGOH  6/09/08 9:48:11 am reply quote

re: #26 blue_like_jazz

maybe that's
WHY
they're open?

From my technically illiterate perspective: hmmmm....

34 Dianna  6/09/08 9:48:29 am reply quote

re: #17 Ojoe

Flat tire,
Seat post too short,
Pedals with instep,
Smokes.

The only one I don't hold against him is the last.

35 JammieWearingFool  6/09/08 9:48:33 am reply quote

re: #20 Charles

Allowing directories to be viewed online is, in itself, a major security problem. Not because someone could tamper with the contents (you can't) but because it reveals an enormous amount of information to potential hackers.


The Clintonistas weren't savvy enough to exploit this?

Whatever, the Obamatons will just use their own incompetence as an excuse and say all these pages were plants.

36 lawhawk  6/09/08 9:48:35 am reply quote

re: #20 Charles

That's what I figured. Thanks.

And for the record, has anyone tried this on the Clinton or McCain websites?

37 republic  6/09/08 9:48:39 am reply quote

Team Obama is leaving these directories open, so in the rare, rare instance that any in the mainstream media would dare question Obama's character, Team Obama will simply say the website was hacked, and that will be that.

38 jones  6/09/08 9:48:41 am reply quote

Have you ever tried to save the world? Well? Keeping you ignorant dolts in line is work enough. I can't be bothered by details.

/Messiah off

39 jcm  6/09/08 9:48:46 am reply quote

re: #23 BGOH

I hope no one does start tampering with his site. That would simply give them plausible deniability for all of the other crap that was legitimately posted on it.

True, in that case is it intentional? Give BHO plausible denialbility. Blame the web staff.

40 Athos  6/09/08 9:48:52 am reply quote

re: #28 Charles

Its just indicative of the amateurish nature of the entire Obama campaign. They are not ready for prime time.

41 right wing zephyr  6/09/08 9:48:59 am reply quote

Now when BHO gets elected I'm expecting Charles gets a hat tip or maybe a some sort of parliamentary posting.

This can hardly go thankless.

42 itellu3times  6/09/08 9:49:03 am reply quote

Not to raise another issue, but I wonder just who is running the site, maybe it's all outsourced?

43 rawmuse  6/09/08 9:49:05 am reply quote

re: #31 Charles

And the real point is that if they're so careless on such a basic level, there are almost certainly other, larger security problems.

Let's put them in charge of National Security!

44 Sabnen  6/09/08 9:49:06 am reply quote

I'm sure BushCo. has been exploiting these weaknesses all along and Obamanation just didn't realize it.
/

45 talon_262  6/09/08 9:49:24 am reply quote

Just something OT, Charles, but what is the status of Mobile LGF?

46 pat  6/09/08 9:49:24 am reply quote

T thought they had this super-duper French Commie as their webmaster. Some sort of tech genius, when he is not street fighting?

47 blue_like_jazz  6/09/08 9:49:25 am reply quote

re: #40 Athos

a million updings

48 JammieWearingFool  6/09/08 9:49:27 am reply quote

re: #24 loppyd

Jammie!

49 Shropshire_Slasher  6/09/08 9:49:42 am reply quote

#17
Das a good one!

50 Charles  6/09/08 9:49:47 am reply quote

I checked the McCain site and didn't find any directories open - but I didn't do an exhaustive search.

51 loppyd  6/09/08 9:49:49 am reply quote

OT:

Sen. Kennedy returns home to Hyannis


Sen. Edward M. Kennedy returned home to Hyannis Port just before noon today, a week after Duke University doctors operated on a brain tumor that had caused the state’s senior senator to have seizures.

“It’s good to be home, good to be here,” Kennedy told reporters outside the family compound.

52 tapeworm  6/09/08 9:49:51 am reply quote

The New, Improved Black Panther Party is still there.

53 Sharmuta  6/09/08 9:50:05 am reply quote

re: #25 Athos

I wonder if they will handle national security secrets with the same care and attention to detail?

All I can think about is, is this how they would handle the football?

54 doppelganglander  6/09/08 9:50:06 am reply quote

There's nothing wrong with Obama's site. You're just using middle-class web security standards.

55 republic  6/09/08 9:50:25 am reply quote

re: #31 Charles

And the real point is that if they're so careless on such a basic level, there are almost certainly other, larger security problems.

Imagine Obama in the White House, with these leftist kooks running everything pertaining to security for this country.

There isn't a horror story yet created, that would compare to a Hussein Obama presidency.

56 loppyd  6/09/08 9:50:30 am reply quote

re: #48 JammieWearingFool

Heard that earlier. Best to go out on top. On top of Tom Brady, that is.

:D

How many rings will he be retiring with again?

57 obageegee  6/09/08 9:50:44 am reply quote

Just remember Google caches everything for eternity, so of you want to see what it looked like yesterday check out google history.

58 Kosh's Shadow  6/09/08 9:50:53 am reply quote

re: #9 jcm

Some one could have loads of fun with open image directories.....

You mean if we replaced the images with swastikas no one would notice - until we pointed it out?
That would definitely be wrong.

59 CIA Reject  6/09/08 9:51:05 am reply quote

re: #14 jcm

Both....
Huge security flaw.

Which may be by design so they can use the "We were hacked!- the evil Republicans must have planted that" excuse when some really offensive stuff gets found.

Then again it is infinitely more probable that it is because BO's IT people are a bunch of incompetent drooling idiots.

60 kywrite  6/09/08 9:51:08 am reply quote

It's a newbie mistake. It makes one wonder exactly what kind of staff Obama is hiring up there, with the tens of millions of dollars of exactly $2300 donations he's been getting.

It also makes one wonder exactly how secure any credit-card donations to his site are, whether his web people are smart enough to purge temp data, and why his web people use so many freebie scripts and buttons instead of doing custom stuff.

They-are-amateurs, entrusted with something of immense importance and sensitivity: his online image. Is he going to hire amateurs with tin badges to protect our borders, too?

61 loppyd  6/09/08 9:51:14 am reply quote

re: #57 obageegee

Just remember Google caches everything for eternity, so of you want to see what it looked like yesterday check out google history.

I loathe Google.

62 Racer X  6/09/08 9:51:20 am reply quote

re: #31 Charles

And the real point is that if they're so careless on such a basic level, there are almost certainly other, larger security problems.

What do you mean our launch codes are missing?!?

63 Kragar (Proud to be Kafir)  6/09/08 9:51:38 am reply quote

Obama's web admins are just providing an example of what Obama's National Security plan would look like.

64 Bloodnok  6/09/08 9:51:59 am reply quote

re: #53 Sharmuta

All I can think about is, is this how they would handle the football?

About as proficiently as John Kerry in the infamous "hike" photo.

65 Kosh's Shadow  6/09/08 9:52:32 am reply quote

re: #31 Charles

And the real point is that if they're so careless on such a basic level, there are almost certainly other, larger security problems.

Are the as big as the security problems the US would have if Obama became President?

Maybe he disarmed his web site.

67 Athos  6/09/08 9:53:14 am reply quote

re: #53 Sharmuta

Assuming they would even keep the football around. Unilateral disarmament would mean packing the football away.

68 Sharmuta  6/09/08 9:53:14 am reply quote

re: #57 obageegee

Just remember Google caches everything for eternity, so of you want to see what it looked like yesterday check out google history.

Nope- they blocked google.

69 loppyd  6/09/08 9:53:29 am reply quote

Obama Takes Fire Over Adviser’s Relationship to Home Lender

A prominent adviser to Barack Obama drew criticism from the Republican party Monday over a loan deal with Countrywide Financial Corp., a company at the center of the subprime lending debacle.

James Johnson is on Obama’s vice presidential search team, but The Wall Street Journal reported Saturday he also received more than $7 million in loans, at least two loans of which were at below-market rates: a 5.25 percent loan for $1.3 million and a 3.875 percent for $971,000. The Journal reported that this special treatment came from a relationship with the company’s CEO, Angelo Mozilo.

70 vagabond trader  6/09/08 9:53:34 am reply quote

re: #58 Kosh's Shadow

It would be kind of amusing to use rev Wright and Pleger heads.

71 Fat Jolly Penguin  6/09/08 9:53:43 am reply quote

Given all this crap, I'm beginning to wonder if they're actually completely inept or if they just don't care. (Both?)

72 LeftJustAintRight  6/09/08 9:53:53 am reply quote

re: #62 Racer X

What do you mean our launch codes are missing?!?


You forgot that Hussein Obama is not going to have nukes

73 JammieWearingFool  6/09/08 9:53:59 am reply quote

re: #56 loppyd

How many rings will he be retiring with again?


he'll have one, but it's really nice. You'll note by the design the NYG have as many as the Patriots, including one you'll never hear the end of.

74 ArmyWife  6/09/08 9:54:11 am reply quote

re: #32 LeftJustAintRight


Egads - what a thought!

75 obageegee  6/09/08 9:54:12 am reply quote

#61 loppyd

Yep Google is evil, wait till their o/s comes out! But it's great if you want to find things out.

76 WrathofG-d  6/09/08 9:54:24 am reply quote

OT:

IF step one is: Hamas says it is ready to reconcile with the Fatah/PLO/Abu Mazen/Mahmoud Abbas.

what is step two: Rice to meet with "Palestinians" going to look like in the future?


"you are either with us...."?

77 sattv4u2  6/09/08 9:54:35 am reply quote

re: #71 Fat Jolly Penguin

Given all this crap, I'm beginning to wonder if they're actually completely inept or if they just don't care. (Both?)

neither. They see nothing at all wrong with those posts/ feelings/ ideas/ sentiments

78 Sharmuta  6/09/08 9:54:41 am reply quote

re: #67 Athos

Assuming they would even keep the football around. Unilateral disarmament would mean packing the football away.

Ugh! I forgot about that. However- that will take some time, and in the meantime, how will they care for our secrets and technology?

79 Bryantay  6/09/08 9:54:45 am reply quote

And an entire list of directories:

http://www.barackobama.com/images/feature/08/

80 Fat Jolly Penguin  6/09/08 9:54:53 am reply quote

re: #77 sattv4u2

neither. They see nothing at all wrong with those posts/ feelings/ ideas/ sentiments

I meant the open directories.

81 LeftJustAintRight  6/09/08 9:54:53 am reply quote

I heard Charles mentioned on Rush today
Kudos Charles

82 Iron Fist  6/09/08 9:55:01 am reply quote

re: #60 kywrite,

What are these "borders" of which you speak?

[/Obama]

83 pat  6/09/08 9:55:21 am reply quote

Dinner Jacket: May I touch the football?
Obama :Sure. Let me show you how it works. Anyone here know how to open this thing?

84 vagabond trader  6/09/08 9:55:41 am reply quote

Muwahahahah, Rush is in rare form today.

85 Bryantay  6/09/08 9:56:08 am reply quote

Common... This is too easy!

http://origin.barackobama.com/images/feature/

86 sattv4u2  6/09/08 9:56:19 am reply quote

re: #80 Fat Jolly Penguin

I meant the open directories.

Me tto. That's why they are "open". They don't beleive that there is anything wrong, and therefore nothing to hide from

87 Sharmuta  6/09/08 9:56:39 am reply quote

I cannot repeat this enough-

If this is how he runs a website, how is he going to be able to run the country?

88 jcm  6/09/08 9:56:49 am reply quote

re: #58 Kosh's Shadow

You mean if we replaced the images with swastikas no one would notice - until we pointed it out?
That would definitely be wrong.

Can't do it directly, but viewable directories can be exploited.

89 jcm  6/09/08 9:57:17 am reply quote

re: #87 Sharmuta

I cannot repeat this enough-

If this is how he runs a website, how is he going to be able to run the country?

Dinnerjacket for dinner at the White House is how.

90 Kosh's Shadow  6/09/08 9:57:19 am reply quote

re: #78 Sharmuta

Ugh! I forgot about that. However- that will take some time, and in the meantime, how will they care for our secrets and technology?

Don't worry. He'll entrust our nuclear weapons codes to Ayers and Dohrn.

91 unreconstructed rebel  6/09/08 9:57:26 am reply quote

re: #87 Sharmuta

Same way as Jimmy Carter did.

92 bluestatefollies  6/09/08 9:57:27 am reply quote

I'm sure the DailyKos folks are hammering out a post right now that blames Obama's lack of web security for all of the anti-semetic crap that "was" on his site

93 Fat Jolly Penguin  6/09/08 9:57:42 am reply quote

re: #86 sattv4u2

Me tto. That's why they are "open". They don't beleive that there is anything wrong, and therefore nothing to hide from

Oh. Very true.

94 kywrite  6/09/08 9:58:23 am reply quote

re: #82 Iron Fist

,

What are these "borders" of which you speak?

[/Obama]

/smacks forehead

Right, sorry. What was I thinking?

(may have to break down & go for Rush stream -- here in Hawaii, our broadcast is delayed!)

95 jcm  6/09/08 9:58:26 am reply quote

re: #91 unreconstructed rebel

Same way as Jimmy Carter did.

'Cept the Mad Mullahs will have a bomb during the next term.

96 Athos  6/09/08 9:58:32 am reply quote

re: #78 Sharmuta

My fear - that in the effort to be 'open' and 'accomodating' they will share information as a carrot to bring rogue regimes to the table.

Remember, didn't Carter suggest that the US should provide Iran with nuclear fuel in order to ensure that Iran would follow the rules and only use nuclear power for civilian purposes.

97 madisonsfriend  6/09/08 9:58:42 am reply quote

I wasn't on LGF much(at all?) this weekend. Now all this stuff about the Jewish lobby is old- WE don't have just a lobby anymore- we have a complete building now.

98 vagabond trader  6/09/08 9:59:10 am reply quote

re: #92 bluestatefollies

or pointin out that those evil Israeli's are adept at things technical.

99 gop_patriot  6/09/08 9:59:19 am reply quote

re: #86 sattv4u2

Me tto. That's why they are "open". They don't beleive that there is anything wrong, and therefore nothing to hide from

And yet, things just keep on disappearing...

100 BGOH  6/09/08 9:59:23 am reply quote

re: #57 obageegee

Just remember Google caches everything for eternity, so of you want to see what it looked like yesterday check out google history.

Didn't I read on LGF yesterday that the Obama campaign has requested that all cache be removed from it's site at Google? I could have sworn I did...

101 wolfie  6/09/08 9:59:40 am reply quote

re: #21 blue_like_jazz

thank you for the explanations for the technoidiots amongst us

//i'm the captain of them

Are not!
Me am!

102 talon_262  6/09/08 9:59:55 am reply quote

re: #57 obageegee

Just remember Google caches everything for eternity, so of you want to see what it looked like yesterday check out google history.

Unfortunately not, because Obama's people requested that Google, The Internet Archive, and Coral not index Obama's site for posterity anymore:

LGF: Obama Campaign Throws Antisemitic Blog Down the Memory Hole

103 livefreeor die  6/09/08 10:00:07 am reply quote

re: #24 loppyd

Jammie!

Not all of your Giants are belonging to you, though.....

I'm glad to see that Strahan is going out on such a high note. He always seemed like a good guy and leader.

Also, as Skins fans, the hubby and I are happy to see him going period.

104 wolfie  6/09/08 10:00:17 am reply quote

re: #42 itellu3times

Not to raise another issue, but I wonder just who is running the site, maybe it's all outsourced?

Gaza geeks?

105 Athos  6/09/08 10:00:19 am reply quote

re: #91 unreconstructed rebel

Same way as Jimmy Carter did.

That's why Carter is really tossing his full support behind Barry. Barry is the best single opportunity that Carter has to get his legacy cleansed and to no longer be the worst 20th century President and worst ex-President.

Obama is the only one who has the potential to crater to such a point that even Carter looks good.

106 unreconstructed rebel  6/09/08 10:00:24 am reply quote

re: #95 jcm

One of Jimmy's presidential directives was to stand-down if the Russians strucl first. & you can count on Bananaman doing pretty much the same. (Sigh)

107 Iron Fist  6/09/08 10:00:41 am reply quote

re: #86 sattv4u2,

Free range directories?

Fly free, little directory! Fly Free!

(This is your security on Moonbats)

108 Boot Hill  6/09/08 10:00:43 am reply quote

it also can show stuff in the directory that isn't being used, but still exists, like test web pages, unused images, etc. Just not the kind of security a presidential candidate should have on his website.

Does this mean we can expect the same level of security regarding his presidency should he get elected?

109 madisonsfriend  6/09/08 10:00:54 am reply quote

re: #76 WrathofG-d

OT:

IF step one is:

110 WrathofG-d  6/09/08 10:01:07 am reply quote

Photo 2 of 12: "The Death of Decorum"
(or just maybe I'm tragically unhip)

111 victor_yugo  6/09/08 10:01:09 am reply quote

re: #97 madisonsfriend

Now all this stuff about the Jewish lobby is old- WE don't have just a lobby anymore- we have a complete building now.

"I have seen the promised land... about a mile and a half back..."

112 cookielady  6/09/08 10:01:11 am reply quote

re: #51 loppyd

I'm glad for him and for his family. I hope he does well.

P.S. Can't bear the man politically or morally, but that is neither here nor there regarding his health and life.

113 nikis-knight  6/09/08 10:01:16 am reply quote

Obama should have stuck with his original plan and invited everyone in America to be his myspace friend.

114 vagabond trader  6/09/08 10:01:44 am reply quote

Would love to be a fly on the wall when Michelle gets wind of the website meltdown. Methinks she'll not be pleased.

115 Racer X  6/09/08 10:01:54 am reply quote