Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 1 declined, 0 accepted (1 total, 0.00% accepted)

DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Security

Submission + - PA Online Voter Registration Data Left Unsecure (digg.com)

mtg169 writes: Anyone in Pennsylvania who has used the SURE Portal System to update their voter registration information or register to vote currently is at risk. A script (PrintVoterApplication.aspx) used to generate PDF files populated with user-submitted information is currently exploitable by simply changing the value of a request ID (ApplicationID), as there is no validation to ensure the ID being requested belongs to the user that is logged in, nor does it even check to see if a user is logged in, allowing anyone on the Internet full access. View linked story for additional exploit details.

I should also note that the SURE Portal Web site has a Privacy Policy including security and an information disclaimer, which basically states that they have implemented security practices, but that they are not responsible for any loss.

Slashdot Top Deals

Over the shoulder supervision is more a need of the manager than the programming task.

Working...