|
It took a lot less than you'd think for myself and my fellow teens to steal the midterms. Fortunately the good hackers wouldn't bother
Yeah, a duplicate, but I'm sucking up to the boss here. Send all Leslies to his attention.
Plus, it has more details on the vulnerabilities, like:
"By inputting a command into the search bar to see all the website’s tables, I could then see all of its data, including vote tallies, candidate names and tables of basic website functions."
Thank you lowest bidder website developers!
|
|
|
|
|
The details are sparse, but it appears that they basically reconstructed a server with no security. That isn't to say there's sloppy work out there--Experian and many other come to mine--but I think the article is misleading.
|
|
|
|
|
Yea, DEFCON is a conference, and in this particular one they stood up a cyber range that kids were taught to use SQL injection on.
I've been to events like this before, and there are always built-in vulnerabilities: such as direct user input interpolation into SQL queries. These are meant to be teaching tools for people that are interested in hacking, not a model of the current system.
Disingenuous at best.
"Never attribute to malice that which can be explained by stupidity."
- Hanlon's Razor
|
|
|
|
|
How to stop people changing the url? Plz send codes, its urgent!
|
|
|
|
|
You will have a hard time convincing me that this is not a fabricated story. Or that the program that was hacked is actually used in production.
I have a really hard time believing that in 2018, programmers are still not protecting their programs and databases from SQL injection or making sure that the permissions to alter tables are not locked down.
Brent
|
|
|
|
|
I'll give you the first two points, but on programmers not protecting their programs and databases? Na-uh
See: Q&A, SO, and many of the sites listed on Have I Been Pwned[^]
TTFN - Kent
|
|
|
|
|
Do you go to Quick Answers[^] from time to time?
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Maybe Google’s motto all this time should have been “Don’t be creepy” instead of not being evil. "If you want to keep a secret, you must also hide it from yourself."
|
|
|
|
|
They're probably even keeping a "Kent mocked us" score.
Perhaps they should set up a dating service and put that data to good use. (Then we can pass a law that dictates you can only date people Google matched you with and go only to places Google decides and... Amazon fits in there somehow.)
|
|
|
|
|
grabs popcorn..
Caveat Emptor.
"Progress doesn't come from early risers – progress is made by lazy men looking for easier ways to do things." Lazarus Long
|
|
|
|
|
“I think we need quantum Spacewar!” All turns are played at once, and it doesn't come in a box
The box is for the cat.
|
|
|
|
|
When asked why they would create such powerful computers just to play games they said "Because people quantum."
|
|
|
|
|
Someone will simply rename Pong, "Quantum Powered Pong with AI and Blockchain" and make millions.
|
|
|
|
|
but can it run crysis?
Caveat Emptor.
"Progress doesn't come from early risers – progress is made by lazy men looking for easier ways to do things." Lazarus Long
|
|
|
|
|
Kent Sharkey wrote: is for the cat
The literal German translation of "... is for the cat" is "... ist für die Katz", and means: "... is totally useless". Was that meaning intended here?
Oh sanctissimi Wilhelmus, Theodorus, et Fredericus!
|
|
|
|
|
I don't think it was intended... just a lucky coincidence
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
I am definitely not that good. Excellent coincidence though!
TTFN - Kent
|
|
|
|
|
You'll win and lose at the same time.
|
|
|
|
|
The fact there will be no losers and winners will trigger very high suicide and homicide rates.
«... thank the gods that they have made you superior to those events which they have not placed within your own control, rendered you accountable for that only which is within you own control For what, then, have they made you responsible? For that which is alone in your own power—a right use of things as they appear.» Discourses of Epictetus Book I:12
|
|
|
|
|
Last week, Microsoft’s Digital Crimes Unit (DCU) successfully executed a court order to disrupt and transfer control of six internet domains created by a group widely associated with the Russian government and known as Strontium, or alternatively Fancy Bear or APT28. The Russians are cunning. The Russians are cunning!
Apologies (OK, not really) if you think this is Soapbox material. Possibly the biggest tech news of the day
|
|
|
|
|
They forgot one, updates.microsoft.com.
When you are dead, you won't even know that you are dead. It's a pain only felt by others.
Same thing when you are stupid.
modified 19-Nov-21 21:01pm.
|
|
|
|
|
Coca-cola couldn't even sell New Coke with their ad budget and we're supposed to be swayed by a bunch of cheesy ads and columns by Russians? Kellogg is on line 2 wondering what's the secret.
|
|
|
|
|
“Never underestimate...”
But in this case they were phishing sites, so worthy of attention.
TTFN - Kent
|
|
|
|
|
Fishing is boring.
(I do wonder how much of these sites are actually sponsored by the government or mostly exist due to a largely unregulated market [with the Russian government watching all the traffic "just in case".])
|
|
|
|
|
Kent Sharkey wrote: “Never underestimate...” human stupidity?
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|