this post was submitted on 10 Feb 2024
750 points (99.1% liked)

Technology

59323 readers
4666 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] rdyoung@lemmy.world 3 points 9 months ago (4 children)

I had not heard of that one. Was it the "internet is full of tubes" guy?

[–] CosmicTurtle@lemmy.world 24 points 9 months ago

No, it was a few years back when a researcher found that there was a plain text file of county employee social security numbers just sitting inside the JavaScript of a government website.

There are too many Google results from the upcoming election for me to sort through but suffice it to say, the guy was a class A idiot.

[–] seang96@spgrn.com 16 points 9 months ago (2 children)

I don't think so, but it was in response to some smart people developing their government website with the database stored basically in the HTML of the website if I remember correctly. A good Samaritan reported it and was basically charged with hacking the state.

[–] pixelmeow@lemmy.world 4 points 9 months ago

The problem with this is that reading the generated HTML behind a page that has been served to your browser does not prove that data was stored in an HTML source file. The data is inserted into the page while it’s being served to the browser. That’s what the JavaScript does after it requests the data from the backend code, which gets the data from the database (or whatever storage is being used) and sends it back to the JavaScript, which puts it in the page.

Saving data in source HTML files would mean every possible combination of data anyone might request must be saved in its own separate file, which is definitely not how web development is done. Laws should not be made by people who don’t know what they’re talking about.

[–] LinkOpensChest_wav@lemmy.dbzer0.com 1 points 9 months ago (1 children)

A good Samaritan reported it and was basically charged with hacking the state

Wait, really? What would I search to read more about this? Do you remember which state?

[–] sukhmel@programming.dev 5 points 9 months ago (1 children)

I remember hearing about this, so I tried searching for someone "being charged after reporting personal data exposed on a website"

Turns out, it's Missouri, 2019, or another article on the same topic

Holy shit, that governor really made an ass of himself. He just kept doubling down lol

Thanks for the links!

[–] sukhmel@programming.dev 8 points 9 months ago

Happened around 2021-10-15:

Missouri Gov. Mike Parson said that his administration is pursuing the prosecution of a local newspaper reporter who alerted the government to website security flaws.

It's in the following sources, at least: TechCrunch, NPR, NY Times

[–] Aatube@kbin.social 0 points 9 months ago* (last edited 9 months ago)

What's wrong with that "a series of tubes" speech? It seems pretty accurate to bandwidth

Edit: Searched it up. The part that was wrong was him blaming email delays on bandwidth.