https://www.propublica.org/article/defcon-teen-did-not-hack-a-state-election
The whole thing was a sham. I know darktangent is on this list. Something to think about for next year ... -dave On Thu, Aug 23, 2018, 2:12 PM Chris Eng <c...@veracode.com> wrote: > What even is the point of setting up “replica websites” that are only > replicas in the sense that they ostensibly perform the same function as the > real sites, but otherwise do not share common code/technology and are > essentially known sacrificial sites with security bugs intentionally placed > in them? > > > > We know how much of the media operates. Did this coverage surprise > anybody? Especially with quotes like this: > > > > “These websites are so easy to hack we couldn’t give them to adult hackers > — they’d be laughed off the stage,” said Jake Braun, a former White House > liaison for the Department of Homeland Security. > > > > Is he talking about the replicas and got quoted out of context? Or is he > playing up the insecurity of the actual sites – without evidence – for a > good sound bite? I know my guess. > > > > Again why put these “replica websites” in the village to begin with when > the reporting is inevitably going to be alarmist and needs to be walked > back? > > > > Last year we saw similar headlines about voting machines, wherein “hacked” > turned out to mean someone ran a Nessus scan and they weren’t fully patched. > > > > > > > > *From:* Dailydave <dailydave-boun...@lists.immunityinc.com> *On Behalf Of > *Kevin T. Neely > *Sent:* Thursday, August 16, 2018 12:48 PM > *To:* dave.ai...@gmail.com > *Cc:* dailydave@lists.immunityinc.com > *Subject:* Re: [Dailydave] Voting Village at Defcon > > > > Sure, it's SQLi, but I'm not sure why you'd minimize her effort. > According to the village's Twitter account, she changed the vote tallys > from a replica of the site. https://twitter.com/VotingVillageDC It > would be nice if the media reported on the recommendations that come from > the findings, but we all know that's not how the media operates. > > > > K > > > > On Mon, Aug 13, 2018 at 12:34 PM Dave Aitel <dave.ai...@gmail.com> wrote: > > > https://www.usatoday.com/story/tech/nation-now/2018/08/13/11-year-old-hacks-replica-florida-election-site-changes-results/975121002/ > > > > So I don't know a ton about the details of voting machines, but I'm pretty > sure what happened at the DEFCON voting village is not being represented at > all accurately in the media, and I'm curious why nobody in the community is > pushing back on it, specifically I think we have a duty not to be used as a > bludgeon in various uncouth political wars. > > > > I don't think an 11yo hacked into anything close to a replica of the > Florida Election site. I think they followed a script to hit up a sample > vulnerable web page with SQLi. > > > > Does anyone have more information on what exactly went down? > > -dave > > > > > > > > _______________________________________________ > Dailydave mailing list > Dailydave@lists.immunityinc.com > https://lists.immunityinc.com/mailman/listinfo/dailydave > > > > -- > > In Vino Veritas >
_______________________________________________ Dailydave mailing list Dailydave@lists.immunityinc.com https://lists.immunityinc.com/mailman/listinfo/dailydave