Let’s suppose I got the Republican CD advocating the marriage amendment in the mail. And let’s assume — and remember this is a hypothetical here — I had enough intelligence to decompile the program and figure out what data is being captured and sent. Could I do it?
Yes. Someone did.
No.”, “Time”, “Source”, “Destination”, “Protocol”, “Info”
“1″, “17:11:52.780492305″, “***.1**.***.*2*”, “*0.2.*.81″, “TCP”, “1106 > http [SYN] Seq=0 Ack=0 Win=64240 Len=0 MSS=1460″
“2″, “17:11:52.794481754″, “**.*.*.**”, “***.***.1*5.***”, “TCP”, “http > 1106 [SYN, ACK] Seq=0 Ack=1 Win=64240 Len=0 MSS=1460″
(Update 9:08 p.m.: This is not the available data. This is the internal stream as we ran the program. We’re not going to show any of the data we actually found and in the image below, you’re not going to get any useful data. We’ll show the actual contents of the packets if the subcontractor denies the existence of the information. We’re not interested in exposing the subcontractor to a malicious attack while this information is still available. This is a privacy issue, not about how to compromise the site with the information. )
Now that’s pretty basic stuff: what your IP is, what your CPU is, what your operating system is. But is it possible for me to find out how you vote in elections? What your position on abortion is? Or even how long it takes you to answer those questions? ? Can I get your private phone number, your address, your name, your spouse’s name, your IP?
Yes. Someone did.
Using the stream indicated above, people way smarter than me were able to figure out the destination for the data being accumulated, and then poked around and found the site. And the data was not secured at the site.
I checked to see if two entries I made via the CD — one for Tim Pawlenty and one for Joe Blow — showed up in the database. Yep. This must be the place.
The screenshot above is a sample of several we took. Another has the answers along with the code of the submittor, the identity of whom can be ascertained easily with the data above.
What’s worse, the information is on an unsecured Web site. I’m not going to tell you what site we found it on (until it’s been secured), just to let you know that the data is there. And it can be found by anyone who can decompile the program on the CD.
We could — if we were malicious (and we’re not ) — change the questions that are “on the CD” because they’re really not on the CD. The program connects to a database and provides the questions.
Imagine if thousands of CDs arrived in homes with the question “do you like Siegried and Roy?”
We could steal the data. In fact, the mailing list of more than
259,000 25,000 names is also on the site, and is easily downloaded into a spreadsheet. Cool. Twenty-five-thousand names and addresses. Free.
This is a significant security flaw. And it’s coming to a mailbox near you in a few days.
It also leaves a cookie behind on your computer, although we haven’t figured out what that does yet. (Update: The cookie is likely nothing – just a way to autofill some information if you decide to go back later and resubmit your answers.)
This is why it matters when someone raises concerns about data. This is why it matters if someone asks you if you’re collecting it. This is why it matters if someone asks you what you’ll do it with it. This is why it matters if someone asks if you’re protecting it. Privacy concerns are bipartisan.
But didn’t anyone ask these questions already?