Global Secure Systems - Bush and Kerry sites 'not secure'

Home

Affiliated Sites and Services

• Team Mermaid
• GSS Ireland

• 2010
• 2009 Archive
• 2008 Archive
• 2007 Archive
• 2006 Archive
• 2005 Archive
• 2004 Archive
• 2003 Archive
• 2002 Archive

• January
• February
• March
• April
• May
• June
• July
• August
• September
• October
• November
• December

About RSS feeds

Bush and Kerry sites 'not secure'

President George Bush and Democratic challenger John Kerry have come under attack from a US net privacy advocate and adviser over website security.

Both sites have left themselves open to online "vandalism" because of errors in their scripting codes, Richard Smith says on his site. The errors mean that anyone who knows how to could alter site images or text. The virtual sleuth also points to hidden web bugs, bits of code, which could infringe the privacy of visitors. These are very small, often invisible, graphics placed on a website, or an e-mail, which allow user movements to be tracked. Third party Mr Smith says Bush's site uses a third party company to track user habits on the campaign site through web bugs. Although both sites have good privacy policies, an explanation of why the Bush site makes use of a third party to do this is not made very clear in the statement, claims Mr Smith. Web bugs work in a similar way to cookies - small text files placed on users' computers to identify returning visitors - but they are more covert in the way they gather information about users on-site. Both sites encourage the use of banner ads for visitors' sites Both the websites also give supporters the opportunity to place banner adverts on their own websites, to back the candidates' campaigns. This is fairly common, and is like a virtual sticker seen on supporters' car and house windows. But the banner ads used on the sites have more complicated implications. "Both banner ad schemes allow the campaigns to track visitors to web pages where the banner ads appear," explains Mr Smith. "In addition, the Bush JavaScript scheme allows the Bush web server to run any script code inside of other people's web pages. "This scheme doesn't strike me as a very good idea from a security standpoint," he says. Late last year, web users were given more privacy protection through the European Union (EU) Privacy and Electronic Communications Regulation, part of the EU Directive on Privacy and Electronic Communications. It set out rules on how information about web users is gathered and used, but the US has been less stringent.

Permalink Bookmark Digg this story

  |  About RSS feeds