Wednesday, October 10, 2007

Australia: The Dangers of Technological Ineptitude - UPDATE

Liam Tung writes on ZDNet Australia:

Brett Soric, a local security and computer enthusiast, was reported to the Australian Federal Police after he created a script that exploited a common flaw in Labor and Liberal's official Web sites. Soric claimed he hasn't done anything wrong.

"So far I've been assuming that the police will understand what's happened before trying to find me," Soric, the so-called "hacker" told ZDNet Australia in an e-mail interview today.

ZDNet Australia on Tuesday reported that cross-site scripting (XSS) vulnerabilities found in the Web sites of both major political parties allowed the public, via a Web site created by Soric, to insert comments that appear to be generated by the Liberal and Labor parties.

More here.

Note: Let's hope the Australian police realize that the problem lies in the insecurity of the political websites which allow XSS abuses. - ferg

UPDATE: 21:50 PDT: The guy is "off the hook".

0 Comments:

Post a Comment

<< Home