SoylentNews is people
SoylentNews
from the don't-even-think-about-editing-the-URL dept.
Confused governor says looking at webpage's HTML is criminal hacking:
Gov. Mike Parson is sick and tired of all these sophisticated, no-good hackers and he's not going to take it any more. It's too bad the Missouri Republican has no idea what he's talking about.
During a Thursday press conference, the confused elected official lashed out at a journalist who reported a vulnerability in an official Department of Elementary and Secondary Education website. The reporter, notably, waited until officials fixed the error before publishing the story. The flaw? The website apparently included teachers' Social Security numbers in the HTML.
"Though no private information was clearly visible nor searchable on any of the web pages, the newspaper found that teachers' Social Security numbers were contained in the HTML source code of the pages involved," reported the St. Louis Post Dispatch.
Parson, who apparently has never heard of "view source," obliquely threatened the Post reporter with prosecution.
"The state is committing to bring to justice anyone who hacked our system and anyone who aided or encouraged them to do so — in accordance with what Missouri law allows AND requires," wrote Parson.
[... - plenty snipped - ...] Parson, in other words, has no idea what he's talking about.
canopic jug augments that with the following other sources:
Governor Mike Parson wishes that ctrl-u or f12 will become illegal. This was actually a breach of personal information, including SSANs, for over 100,000 people.
https://text.npr.org/1046124278
https://www.salon.com/2021/10/14/missouri-governor-threatens-criminal-prosecution-of-reporter-found-security-flaw-in-state-site_partner/
https://itwire.com/security/missouri-goes-after-man-who-looked-at-source-code-on-state-site.html
https://www.rollingstone.com/politics/politics-news/missouri-governor-teacher-data-hacking-1242493/
https://coldstreams.com/2021/10/14/no-it-isnt-missouri-governor-says-viewing-html-source-code-containing-private-data-the-state-published-on-every-page-is-a-crime/
https://abc17news.com/news/missouri/2021/10/14/gov-parson-threatens-legal-action-against-reporter-who-exposed-flaw-on-state-education-departments-website/
https://heavy.com/news/gov-mike-parson-html-source-code-decoded-ssn/
(Score: 3, Insightful) by isostatic on Monday October 18 2021, @09:44AM (6 children)
I have a lot of old (and not so old) ilos. Webpages still use java -- full blown horrendous applets, not just javaws (which is half-blown horrendous)
(Score: 2, Funny) by nitehawk214 on Monday October 18 2021, @01:57PM (2 children)
I would argue that those are not webpages. Just browser bastardization.
Emphasis on the bastard.
"Don't you ever miss the days when you used to be nostalgic?" -Loiosh
(Score: 2) by Freeman on Monday October 18 2021, @02:14PM (1 child)
Hey, we need applications in the cloud, dude!
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2) by isostatic on Tuesday October 19 2021, @09:28AM
Ironically cloud based people never touch hardware, or ilos. It's old farts like me that deal with our own equipment.
(Score: 3, Insightful) by DannyB on Monday October 18 2021, @04:25PM (2 children)
There are four bad browser binary extensions that never should have been allowed to happen. Security nightmares all:
If you need a proprietary binary extension to make the browser do what is needed, then the browser standards needed to be extended. And eventually, they were. Making the above items a historical blight that can now be safely forgotten.
If you think a fertilized egg is a child but an immigrant child is not, please don't pretend your concerns are religious
(Score: 2, Interesting) by Anonymous Coward on Monday October 18 2021, @09:41PM
I see you're fine with WASM then? Be careful what you wish for.
Maybe the answer isn't to 'extend' the browser standard and maybe we should take a step back and ask ourselves: "is this really a thing it should do"... The answer, more often than not, is "no, it shouldn't do that"
(Score: 2, Insightful) by Anonymous Coward on Tuesday October 19 2021, @11:56AM
The fact that we try so hard to forget Applets, ActiveX, Flash and Silverlight is why we are now replicating the exact same issue with Javascript: the seamless, transparent execution of random applications by reading what should be mostly inert interlinked documents.
So yes. Do forget the horrors of browser plugins. Then let's all wonder why Javascript is a disaster of biblical proportions today.