General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsGov. Parsons (MO) Wants to Prosecute Journalist Who Clicked 'View Source' on Government Site
Link to tweet
Joseph Cox
@josephfcox
New: journalist clicks 'view source' on a public government webpage, finds government site is exposing SSNs. Waits until the issue is fixed before publishing their story. Governor now wants to prosecute the journalist as 'hacker'
Governor Wants to Prosecute Journalist Who Clicked View Source on Government Site
A St. Louis Post-Dispatch journalist found 100,000 Social Security numbers exposed in a government website, and reported the flaw to the government.
vice.com
11:03 AM · Oct 14, 2021
https://www.vice.com/en/article/jg8ynp/governor-wants-to-prosecute-journalist-who-clicked-view-source-on-government-site
Missouri Governor Mike Parson wants to prosecute a journalist who warned the state that a government website left school teachers and administrators' Social Security numbers exposed.
Parson called St Louis. Post-Dispatch reporter Josh Renaud a hacker and vowed to seek criminal prosecution at a press conference on Thursday. Renaud's "crime?" Clicking "view source" on a publicly available webpage.
The state does not take this matter lightly, Parson said, according to the Missouri Independent. This administration is standing up against any and all perpetrators who attempt to steal personal information and harm Missourians.
Parson said he referred the case to the Cole County Prosecutor and asked the Missouri State Highway Patrol to investigate as well.
On Wednesday, the St. Louis Post-Dispatch reported that a flaw in the state's Department of Elementary and Secondary Education left exposed the SSNs of the department employees, including teachers, administrators, and counselors. Renaud reported that the SSNs were visible simply by viewing the HTML source code of the vulnerable pages, something that anyone can do with two clicks on any modern browser.
*snip*
Historic NY
(37,449 posts)Peoples personal information.
Celerity
(43,383 posts)rickyhall
(4,889 posts)Sherman A1
(38,958 posts)Parsons who is a political hack.
TheRealNorth
(9,481 posts)Their law license should be revoked.
imaginary girl
(861 posts)I've done some web building, and it seems more likely to me that these numbers were intentionally exposed (like to someone who knew where to look) than included accidentally. So Parsons is likely trying to turn the heat off himself or the company they contracted with ... imo ...
Rocknation
(44,576 posts)Last edited Wed Oct 27, 2021, 05:12 PM - Edit history (2)
How does that become an "attempt to steal" -- the mere fact that he WAS a journalist?
That's even dumber than when Minnesota's Norm Coleman blamed hackers for exposing his donors' payment data on back in 2009. That act of technological evil-doing was actually the result of his campaign's IT team not including an index page in the online directory!
Your root-level folders in particular should all contain an index page consisting of a physical link and an automatic redirect script to your home page. Doing that alone eliminates your being hacked by at least eighty per cent!
Rocknation
muriel_volestrangler
(101,318 posts)and that you're going to prosecute the first person who says otherwise.
Why the fuck wasn't there someone in the governor's entourage who could stop him making such an ass of himself in public? It's like saying that the small print of a user agreement is secret. Most people don't read it, but it's still public information.
Apparently there were 9-digit numbers identifying each educator, so, and this is the hack, they thought "these are Social Security Numbers".Malicious or what, eh?