In a press release earlier this month, the Pennsylvania Department of State is adding additional security to their voting systems as part of a test, but not what you might expect. The program will use statistical analysis to review election results as a part of a “risk-limiting” audit . While normal election audits take significant time and money, a risk-limiting audit provides … [Read more...]

Pew Research recently asked adults in the US some basic digital knowledge questions as a part of a research study. Out of 10 questions asked, only 20% scored 70% or higher with correct answers. There are some concerns about the questions Pew used though. While the survey asks some good questions, one of the questions doesn’t relate to digital knowledge. It asks to identify a … [Read more...]

Last week, researcher Tavis Ormandy from Google Project Zero found and published a vulnerability in The LastPass browser extension. The vulnerability affects the Chrome and Opera extensions and could allow a malicious server to capture LastPass credentials. Neither LastPass nor Project Zero released details on how this exploit works but by reviewing the notes from Project Zero … [Read more...]

In an area of law that worries many white hat hackers, the Computer Fraud and Abuse Act (CFAA) makes testing websites and vulnerabilities somewhat risky. In 1986 the CFAA amended the Comprehensive Crime Control Act of 1984, to cover unauthorized access to a computer. Now , it seems that anyone can scrape public data from a website without violating the CFAA. Previously, … [Read more...]