Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 1 declined, 0 accepted (1 total, 0.00% accepted)

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - PA Online Voter Registration Data Left Unsecure->

Submitted by mtg169
mtg169 (1257810) writes "Anyone in Pennsylvania who has used the SURE Portal System to update their voter registration information or register to vote currently is at risk. A script (PrintVoterApplication.aspx) used to generate PDF files populated with user-submitted information is currently exploitable by simply changing the value of a request ID (ApplicationID), as there is no validation to ensure the ID being requested belongs to the user that is logged in, nor does it even check to see if a user is logged in, allowing anyone on the Internet full access. View linked story for additional exploit details.

I should also note that the SURE Portal Web site has a Privacy Policy including security and an information disclaimer, which basically states that they have implemented security practices, but that they are not responsible for any loss."

Link to Original Source

If you don't have time to do it right, where are you going to find the time to do it over?

Working...