Brian Kemp Said Georgians’ Personal Information Was Secure, While His Office Was Scrambling To Address Vulnerabilities
Reported today by ProPublica:
…A representative for Kemp, the state’s Republican candidate for governor, denied vulnerabilities existed in the state’s voter-lookup site and said the problems alleged could not be reproduced. But in the evening hours of Sunday, as the political storm raged, ProPublica found state officials quietly rewriting the website’s computer code.
ProPublica’s review of the state’s voter system followed a detailed recipe created by the tipster, who was described as having IT experience and alerted Democrats to the possible security problems. Using the name of a valid Georgia voter who gave ProPublica permission to access his voter file, reporters attempted to trace the security lapses that were identified.
ProPublica found the website was returning information in such a way that it revealed hidden locations on the file system. Computer security experts had said that revelation could give an intruder access to a range of information, including personal data about other voters and sensitive operating system details.
ProPublica’s attempt to take the next step — to poke around the concealed files and the innards of the operating system — was blocked by software fixes made that evening. According to the tipster’s recipe, it was also possible to view a voter’s driver’s license, partial Social Security number and address…
October 1, 2023
September 29, 2023
September 27, 2023