Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Submission + - Exposed: Indian visa application data accessible t

jenwren1010 writes: "http://www.daniweb.com/blogs/entry1466.html A DaniWeb investigation uncovers huge gaping hole in website security of company that provides official visa application services for Indian citizens wishing to enter the US and UK. By simply changing part of the URL it has been possible to access the complete personal data of anyone who has made an application, including passport numbers, names, address, employer, parental information, travel plans and so on. Worse, the company were first informed of the vulnerability, by a concerned Indian citizen, over a year ago and did nothing. Considering these people work on behalf of the government, and the terrorist implications of being able to access all that visa application data are obvious, it is incredible that such Mickey Mouse security was allowed to go unchecked for so long."

"I have more information in one place than anybody in the world." -- Jerry Pournelle, an absurd notion, apparently about the BIX BBS

Working...