Donald Trump says hackers sit in their bedrooms, weighing 400lb

Making hacker stereotypes great again, with a twist of the cyber.

Graham Cluley
Graham Cluley
@[email protected]
Donald Trump, The Cyber and 400lb hackers | Graham Cluley

Donald Trump at his hotly-anticipated presidential debate with Hillary Clinton not only mentions “the cyber” again, but he also manages to characterise hackers as overweight and stuck in their bedrooms:

As far as the cyber, I agree to parts of what Secretary Clinton said. We should be better than anybody else, and perhaps we’re not. I don’t think anybody knows it was Russia that broke into the DNC. She’s saying Russia, Russia, Russia, but I don’t — maybe it was. I mean, it could be Russia, but it could also be China. It could also be lots of other people. It also could be somebody sitting on their bed that weighs 400 pounds, OK?

Wow. Quite a generalisation there.

Sign up to our free newsletter.
Security news, advice, and tips.

Hey look, I’m overweight. I don’t weigh 400 pounds (maybe this is an indication that I am punching beneath my weight on the hacking skills front), but I could definitely do with turning the treadmill up a notch.

But I don’t think it’s a good idea for Donald Trump to start making gross generalisations about hackers. After all, Trump’s own chain of hotels have had their fair share of breaches where guests’ payment card information has been stolen.

Hackers come in all shapes and sizes. Some are tall, some are short, some are overweight, some are underweight, some like pizza, some like cola, some like My Little Pony, some are black, some are white, some may even be Mexican (are you going to build a great firewall, Donald, to keep them out?).

Some are gay, some are straight, some may choose to consider themselves LGBTQ. Some may just ask you to mind your own sodding business about what they’re getting up to in their bedroom.

Do you really want to goad hackers Donald?

Watch my video to hear from Trump, and see my views on the subject. If you enjoy the video please consider subscribing to my YouTube channel and I’ll make some more.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

16 comments on “Donald Trump says hackers sit in their bedrooms, weighing 400lb”

  1. Steven Streight
  2. SallyAnne

    To be fair, he didn't say all hackers were 400lb; he said it could've been someone weighing 400lb. He also said it could've been lots of other people. Maybe the Chinese or Russians. Just a tad picky, don't you think? Maybe he could've mentioned a few other possibilities so that people didn't think he thought all hackers were 400lb bedsitters. I didn't think that. Neither did Steve. Still, it was a good seque into your treadmill bit. :)

    1. coyote · in reply to SallyAnne

      Except that Trump uses 'I was joking' too much essentially as a way he can push aside criticism of what he said. But even if he didn't say ALL were does he really need to suggest obesity? Disparage them? That seems to be his speciality (well one of his specialities).

      I suppose it's good he didn't suggest it was also a woman but it's still unnecessary.

  3. James

    Neither of these two know anything about this field so I'm not mad at all.

  4. Richard

    I wonder if some stick thin virus writer will create something evil following this comment just like when Gigabyte created a virus following your gross sweeping generalisation that virus writers are spotty teenage nerds who couldn't pull!

    1. Graham CluleyGraham Cluley · in reply to Richard


      If I recall correctly, Gigabyte's beef with me was that she thought I had said that girls couldn't write viruses. And she called me out in some of her malware in order to prove her point that females were quite capable.

      In fact what I had been saying was that girls generally *didn't* write viruses because they far too sensible and had much better things to do with their time. Big difference between couldn't and didn't.

      Of course, it was all a long time ago. And yes, I did often say that the average virus writer was an adolescent sitting in their back bedroom, not getting enough vitamin D in their diet, and possibly desperate to create an imaginary online persona for themselves.

      Times have changed since… a lot. Malware started being written for money – making it attractive to organised criminals of all genders, whether they loved pizza or not.

      Thanks for the reminder about Gigabyte. She's on Twitter y'know, and appears to have mended her ways. :)

      1. coyote · in reply to Graham Cluley

        Is she really ? I'm very intrigued because years ago she tried to get in touch with me (after we lost contact – yes I knew her quite well and you could say we were friends) but by the time I got her message she was long gone (when she messaged me it was quite a while after her arrest). And yes last I knew she did change her ways; her arrest did her good (I was gone by the time she was arrested so I heard about it later – perhaps from herself, as below).

        I can't really remember those days very well in detail but I do remember things like that said by you – and I remember also the constant rowing (whether perceived or how much) between you, others (e.g. Sarah Gordon) and 'us' (I never wrote malicious code[1] but I did spend a lot of time with them; for the record I never got into the discussions on e.g. usenet, either). And yes: I seem to remember also that you said girls typically did not write viruses but then she also took simple statements as a challenge – and she felt she had something to prove too (as it happens someone else was nasty to her initially and I defended her; maybe that's part of it ? Maybe it's also why she got into it but I don't know). I can think of another example where she felt threatened by another female who happened to have no interest in writing viruses but only assembly (also C) and so much so that Gigabyte resorted to silly DoS attacks – until someone else (who I won't name either) fixed that.

        [1] The one that really comes to mind: when some would come and try to get help with CIH there was someone (who I will not name) who would tell them to set their computer clock to April 26 and reboot. Whenever I was able to I would quickly message them and tell them to NOT do that and tell them why too. I'm certain many did fall for it, though, because they would go offline pretty quick after being told 'how to fix it'. It wasn't even a sick joke; it was just plain nastiness. Some of them were indeed disturbed and it would show in various ways (including code or behaviour as I just described).

  5. Michael Ponzani

    Ha, Ha, very good. Your videos are done well, decent lighting, books behind you to establish authority and knowledge, hand gestures when appropriate, no visual or audible distractions, and it doesn't cost much to impart the information. If you were Italian (especially Sicilian) or Hasidic Orthodox Jew your hands would be all over the place! Very unusual for a Brit or a German to wave their hands around. Other Northern Europeans are the same way. It has to do with plagues, though in the colder countries conserving energy probably plays a part. Which is why Huskies don't bark so much.

  6. Michael Ponzani

    PS: the the still store pics and video inserts are done well, too, esp the Skulland Bones on the ransom wear article.

  7. Derek

    I'd prefer that you kept this non-political. Thanks

    1. Graham CluleyGraham Cluley · in reply to Derek

      If you watch the video, you'll find I'm quite critical of Hillary Clinton's attitude to computer security too. :)

    2. no one · in reply to Derek
    3. coyote · in reply to Derek

      Just because someone mentions a politician (though I know many will say he isn't a politician but they're ignoring – or refusing to think? – the fact he's running for public office) and what was said in a political debate (more proof?) does not mean it's political.

      It's quite a wide spectrum if you don't jump to simple, flawed associations as you do. Mind you I didn't watch the video (but then again it seems you didn't either) but frankly that's irrelevant to my point.

  8. Bob

    Someone tell trump to stop watching south park

  9. Sissy55

    With the security of our online accounts, etc, being the true issue, who cares what he said or generalized about hackers? He could've said anything and I watched the debate and came to the conclusion that it was "off the cuff", not planned and really, though I'm not in great shape and wouldn't know the first thing about hacking, what does it matter? The important thing is the issue we've to deal with which is our information being stolen by hackers and we don't seem to be able to get a handle on it to stop it.

    1. coyote · in reply to Sissy55

      Because generalisations are problematic. It also tends to feed into stigmatisation more generally and that is harmful to those involved. What's the harm here? Well hackers *also* keep you safe so there is a problem (and frankly the context in his point is irrelevant because it is general hence generalisation i.e. not specific). There is a reason some of us have a problem with the misappropriation of the word 'hacker' but what can be done for the general population? Not much; what's done is done (even though it's also hypocrisy of those who tainted it now doing the same thing they so despised). But generalisations in general are harmful (and tend to miss the points).

      You want another example? What about this one? Americans are in general stupid and arrogant. That's a common one and its truth (and note how those qualities are traits of humans in general!) here is irrelevant. Don't like it? Well that's entirely the point.

      Incidentally, it will never be 'handled' because it's a cat and mouse game. Even though anti-virus developers would like there to be no need it does in fact give the programmers (and tech support and all other departments) a job. Risks mould over time and technology (as mankind) evolves (hence malware these days being very different from the 80s and 90s). I do admit I find your potential faith in this ever being fully resolved amusing… especially since it involves governments (including extremely inept ones).

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.