ah goddammit
atx_aquarian
joined 1 year ago
Keep in mind, though, so far, we only know it to be a user experience issue.
“Incomplete paper and online applications will not be accepted,” Evans said in the statement. (Parker’s cancellation request would have lacked a driver’s license number.) The Secretary of State’s Office did not respond to individual questions about what testing the portal underwent before launch, the system’s security procedures, what happened to Parker’s cancellation request....
It doesn't matter what the browser says if the end user tampered with the running page to make it say something. It matters if the application might have been processed. They're claiming it wouldn't have been processed since it was incomplete (lacking ID number). We'd need to know how this was handled on the back end to know how risky it really was. It could still have been bad, but this isn't, in itself, proof of an actual problem.
edit: Just to be clear, I'm not saying it shouldn't be investigated. It really should be, as the article claims, an all-hands-on-deck moment. I'm just saying that the article makes the case that it should be investigated to ascertain what would have happened to the incomplete application submission to assess the exposure, not that it definitely was a vulnerability at all.
“Incomplete paper and online applications will not be accepted,” Evans said in the statement. (Parker’s [demonstration] cancellation request would have lacked a driver’s license number.) The Secretary of State’s Office did not respond to individual questions about what testing the portal underwent before launch, the system’s security procedures, what happened to Parker’s cancellation request....
Yeah, that tells us we just don't know if this was a problem after all. Evans's statement basically claims it wasn't a vulnerability. If that's correct, then the worst thing might be if someone's browser tripped on the validation JS and allowed them down a blind alley execution path. If the claim is correct and if the page's JS never shits the bed, then in that case the only negative outcome would be someone dicking with the in-browser source could lead themselves down the blind alley, in which case who cares. The only terrible outcome seems like it would be if the claim is incorrect--i.e. if an incomplete application submission would be processed, thus allowing exploit.
Short of an internal audit, there's no smoking gun here.
This really is the only acceptable comment. Might as well close the thread.
We're just going to have to also legally classify pregnant people as car seats so they can drive to work.
warships
Ooh, what we got?
The naval group, consisting of a training ship, patrol frigate and refueling tanker,
Oh, *cough* ha, ok.
The arrival of the vessels comes mere weeks after another squadron of Russian warships, including a powerful nuclear-powered submarine, visited Havana as part of planned military exercises last month.
Oh, well, ok, I guess.
¿Porqué no los dos?
enthusiastic but sparse applause
Seriously? Some steganography going on in here?
Going off on a tangent, but are vacancies keeping rent high or are they a result of overpriced rent not responding to market pressure? It seems like vacancies should mean low demand at the current price, which, in my little econ 101 view of the world, should push the price down.
Thanks for staying vigilant about propaganda sources on here. The fediverse is a better place thanks to SatansMaggotyCumFart. (No /s, I'm serious.)
~~It blows my mind that centuries-old concepts "let's not jump to hasty conclusions" and "people should be free to protest the government but not break the law" just got called "flaming progressive".~~
edit: Sorry, now I see what you're saying, that those were some points that pull people from across the aisle.