[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <62FABDB38AEC0B488BA47DB3BC226F42022C6617@exchny41.ny.ssmb.com>
From: jan.m.clairmont at citigroup.com (Clairmont, Jan M)
Subject: Presidential Candidates' Websites Vulnerable
If any issue is more important than electronic voting I don't
know what it is. Congress has approved starting in the Spring
of 2005, the draft, all the way up to 49 years of age for
special skills.
So we here are now in the fire, both security wise and on the
firing line in Iraq and the rest of the world as this war
continues to rage. We can tritely condemn the candidates
use of OS but the voting machines that will be used are
hackable and probably not reliable in any sense of the word.
Since I have 3 sons of draftable age, I am very concerned about
them and the under 49 crowd who may soon be in harms way.
Having gone through Vietnam I do not look forward to the
future, whether you think war is right of wrong. So how can
we secure the integrity of the voting process and guarantee the
results? I thought that a paper trail, an internet vote integrity counter based on voters SS or a random number that is assigned and given in the voter's booth. Then you could log in to see how your vote was actually recorded, hopefully counted properly.
Anybody have any better ideas? We certainly can't trust the politicians or Diebold. Considering the results of the last
election the whole process seems questionable, like in Chicago
"vote early, vote often."
Wary and concerned.
Jan Clairmont
Firewall Administrator/Consultant
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Marek
Isalski
Sent: Thursday, July 01, 2004 5:13 AM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Presidential Candidates' Websites Vulnerable
For those who didn't catch it on The Inquirer already, it sounds like not even the would-be presidents of the US can afford decent security: http://www.theinquirer.net/?article=16939
"site shows signs of being vulnerable to SQL injection errors" and "packed with cross-site scripting errors"... Has Donnie been doing overtime? :)
Most amusing comment given the still raging Win/Linux debate on this list: "Kerry has open source credentials - he is using Apache running on Red Hat. Bush's OS of choice is none other than Vole's IIS 5.0 server."
Most worrying comment: both sites use visitor trackers (something I always feel is a sign that the site's owners feel that invasion of privacy is less important than commercial success). Maybe one day we'll just do away with elections and go by the Google PageRank of the candidates' websites?
Marek
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists