Follow Slashdot stories on Twitter


Forgot your password?

Submission Summary: 0 pending, 1 declined, 0 accepted (1 total, 0.00% accepted)

Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - PA Online Voter Registration Data Left Unsecure (

mtg169 writes: Anyone in Pennsylvania who has used the SURE Portal System to update their voter registration information or register to vote currently is at risk. A script (PrintVoterApplication.aspx) used to generate PDF files populated with user-submitted information is currently exploitable by simply changing the value of a request ID (ApplicationID), as there is no validation to ensure the ID being requested belongs to the user that is logged in, nor does it even check to see if a user is logged in, allowing anyone on the Internet full access. View linked story for additional exploit details.

I should also note that the SURE Portal Web site has a Privacy Policy including security and an information disclaimer, which basically states that they have implemented security practices, but that they are not responsible for any loss.

Slashdot Top Deals

Do molecular biologists wear designer genes?