Featured Post

Elon Musk’s Influence on the 2024 Presidential Election and Its Potential Outcomes

  In the upcoming 2024 U.S. presidential election, the influence of tech moguls like Elon Musk is a point of significant interest. Musk, with his vast following, has demonstrated an ability to sway public opinion through his business decisions, public statements, and presence on social media platforms like X (formerly Twitter). The effect Musk’s actions may have on the election—and candidates such as Donald Trump—is worth examining as he becomes a key player in the larger landscape of digital influence. Elon Musk and Digital Influence in Politics A Shift in Public Influence Musk’s reach extends beyond business; he is now a major influencer in political spheres. By acquiring X, Musk gained direct access to one of the most influential social media platforms in the world, where he regularly engages with a diverse audience. His unpredictable political stances and commentary resonate with millions, and his platform decisions have the potential to shape public opinion. Musk’s Public Poli...
0

Programmer Discovers Unprotected Access to State’s Jobless Claims Portal’s Admin Mode

Programmer


Long-time Slashdot reader bbsguru 2 shares a story from the alternative newsweekly the Arkansas Times. "A computer programmer applying for unemployment on Arkansas’s Pandemic Unemployment Assistance program discovered a vulnerability in the system that exposed the Social Security numbers, bank account and routing numbers and other sensitive information of some 30,000 applicants.

“Anyone with basic computer knowledge could have accessed personal information for malicious purposes.” Alarmed, the computer programmer called the Arkansas Division of Workforce Services Friday morning and was told by an operator that there was no one available who could talk to him. He then tried someone at the Arkansas State Police Criminal Investigation Division, who told the programmer he would find the person he needed to talk with to fix the situation. The programmer later called the Arkansas Times for advice on whom to call. The Times alerted the Division of Workforce Services to the issue at 4:30 p.m. Soon after a message appeared on the website that said, “The site is currently under maintenance…”

In exploring the website, the computer programmer determined that by simply removing part of the site’s URL, he could access the administrative portal of the site, where he had the option of editing the personal information of applicants, including bank account numbers. From the admin portal, he viewed the page’s source code and saw that the site was using an API (application programming interface) to connect with a database. That API was also left unencrypted, and he could access all of the applicants’ raw data, included Social Security numbers and banking information…

The computer programmer said he thought he could have programmed a script that would gather all of the information from the API in under an hour.

Comments

Post a Comment