I thought it was funny to read about a security issue on the citizencorps.gov website that reveals the names of all the narcs.
---------------------------------------------------------------------------- Recently, the federal government started a program to recruit utility workers, postal employees, truck drivers and such into an informant program; http://www.citizencorps.gov/tips.html When you choose to join, it takes you to; https://www.citizencorps.gov/citizen/jsp/volunteerform.jsp?programName=5 After looking at the source code of this url, it became apparent that sanity checking of user input is done on the client. Testing confirmed that this is exploitable. In other words, it's easy to retrieve a list of their volunteer informants. Apparently they plan to address issues like this the easy way, by locking up people that exploit it for life. This is a FEMA site, which would qualify for a life sentence under the "Cyber Security Enhancement Act of 2002". ---------------------------------------------------------------------------- > US planning to recruit one in 24 Americans as citizen spies > By Ritt Goldstein > July 15 2002 > > The Bush Administration aims to recruit millions of United > States citizens > as domestic informants in a program likely to alarm civil > liberties groups. etc.... --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
