[SYS] Vérification du code d'habilitation : EXECUTIVE-EXPLOIT ... [VALIDE]
[SYS] Déchiffrement de l'archive de documents ... [OK]
[SYS] Niveau d'habilitation 10 — ACCÈS RESTREINT
[SYS] Session enregistrée. Surveillance active. Ne pas copier ni distribuer.
[SYS] Affichage du document ...
CLASSIFIÉ — LEVEL 10 HABILITATION REQUISE
THE EXECUTIVE EXPLOIT -- PRESIDENTIAL OPSEC DEVIATION
Protectee non-compliance with standard presidential mobile-communications protocol, January 2017 onward. Subject device: Samsung Galaxy S3 (last Samsung firmware November 2015). Public CVEs in the Android tree by January 2017: 482. Critical per NIST: 67. Remotely exploitable via cellular signaling: non-trivial subset.
NSA Technical Security Division built an out-of-band monitoring layer around the device rather than enforce compliance, an approach that
Twitter Project P, February 2017: segmented authentication envelope around realDonaldTrump account. Dedicated authentication tier. Two-person-control gate on credential reset. Manufacturer-shipped firmware configuration on two known IMEIs.
July 15, 2020 incident: four Twitter employees phished via social engineering. Administrative panel (Agent Tools) compromised. 130 account takeovers executed. The realDonaldTrump account was not among them. Reason: two-person-control gate.
Recommendation: formalize as security case study. A single procedural control, implemented three years prior, separated the platform from a national-security event. The perimeter held. But only because the attackers did not know it was there.
// SOUMISSION DE RAPPORT DE TÉMOIN
Si vous détenez des informations relatives à ce document, soumettez votre témoignage ci-dessous. Toutes les soumissions sont surveillées.
DÉSIGNATION DE L'AGENT
RAPPORT D'INCIDENT / THÉORIE