Follow Slashdot stories on Twitter


Forgot your password?

Submission Summary: 0 pending, 1 declined, 0 accepted (1 total, 0.00% accepted)


Submission + - PA Online Voter Registration Data Left Unsecure (

mtg169 writes: Anyone in Pennsylvania who has used the SURE Portal System to update their voter registration information or register to vote currently is at risk. A script (PrintVoterApplication.aspx) used to generate PDF files populated with user-submitted information is currently exploitable by simply changing the value of a request ID (ApplicationID), as there is no validation to ensure the ID being requested belongs to the user that is logged in, nor does it even check to see if a user is logged in, allowing anyone on the Internet full access. View linked story for additional exploit details.

I should also note that the SURE Portal Web site has a Privacy Policy including security and an information disclaimer, which basically states that they have implemented security practices, but that they are not responsible for any loss.

Never say you know a man until you have divided an inheritance with him.