Thursday, February 20, 2014

Widespread Vulnerability Found in Dozens of Government 'Open Data' Websites; Weekly Standard, 2/20/14

Jeryl Bier, Weekly Standard; Widespread Vulnerability Found in Dozens of Government 'Open Data' Websites:
"Nevertheless, while the pages are not official HHS information, neither are they technically cases of hacking. Rather, the creators have exploited a weakness in the "open data" system used by dozens of government websites. The platform was developed by a company called Socrata. The system allows users to create profiles and then manipulate data tables that various governments (federal, state, local) host on their websites. The results can be shared with others for statistical analysis, research, and other purposes, as some users have done. However, in cases like the ones above, a profile page itself can be used to promote a product or information in a way that gives viewers the impression that the host government entity approves or even endorses. A legitimate looking link could even be included in an email to direct recipients to what they may easily perceive as government-provided information."

No comments: