Russian Voters’ Data on Sale After Blockchain Poll

Tipstar

sr. member

Activity: 1848

Merit: 298

Buzz App - Spin wheel, farm rewards

Quote from: davis196 on August 06, 2020, 07:00:15 AM

Electronic voting is pretty risky,it doesn't matter if it's conducted in Russia or the US.
It doesn't matter if it's based on the blockchain technology or some centralized technology.
Such voting systems can get hacked and manipulated.
Unfortunately the good old paper ballots are the still the safest way to vote(if the voting administration is out of the direct control of the government so the elections are fair).

The technology is still in the early phase and they just hurried it up to show something new to it's voters, afterall many things are going to be same it was for some time. A government built technology is often of low cost and quality and probably didn't wen through any penetration testing. But as they learn form the mistakes and keeps patching the holes, electronic voting system based on blockchain would be a norm within two decades.

Rengga Jati

hero member

Activity: 2072

Merit: 656

PredX - AI-Powered Prediction Market

Quote from: bitcoinst on August 04, 2020, 02:21:58 PM

Hackers are reportedly selling the personal data of over a million Russians who voted electronically, using blockchain technology, during the recent constitutional amendment process.

This is what always we are worrying about due to the data were stolen. It is also what makes me personally worry about sending the document for the KYC process or another thing that needs the document for proving ourselves. However, sometimes, we cannot ignore the KYC process. We know that the companies will always ensure the security systems of the data, they will be safely stored on the system, moreover blockchain technology. But,t his is not the first time that hackers can hack the system and steal the data easily. More badly is that they sell our data for untrusted and irresponsible purposes.

So, what should we do right now? As possible as we can, we may ignore or avoid submitting data for any kind of requirements. But can it be?
Or we cannot ignore it 100% but we can avoid it as maximal as possible.

Cryptoreflector_666

member

Activity: 728

Merit: 24

Quote from: bitcoinst on August 04, 2020, 02:21:58 PM

Hackers are reportedly selling the personal data of over a million Russians who voted electronically, using blockchain technology, during the recent constitutional amendment process.

Over 1.1 million data points were stolen and put on sale for $1.50 each on the online forums, the Russian newspaper Kommersant wrote. The data, consisting exclusively of passport numbers, has little value on its own, the anonymous sellers admitted to Kommersant. But such data can be used for phishing attacks when combined with information from other leaked databases.

Moscow’s Department of Information Technologies, which is responsible for the design of the voting system, denied the report in an email to CoinDesk.

“The department is regularly monitoring the internet for publications of such data, including the darknet. The database mentioned in the publication has nothing to do with the list of voters who registered to vote online,” the department’s press office wrote, adding that the information on the Moscow city hall’s servers was properly protected and “there had been no leaks since the beginning of 2020.”

Remarkable is the fact that the database was available for purchase in early July, but the Moscow government denied this. However, as a result, the database appeared in the public domain.

https://www.coindesk.com/russian-voters-data-on-sale-after-blockchain-vote-to-keep-putin-in-power-report

Of course, the government will completely deny everything, since this is their job. No one admits that they really had a hole in the system. Perhaps this information is a throw-in, in order to distract attention and reduce the vigilance of hackers. Perhaps they have already left or security services have been following them for a long time. I wouldn't be so sure of the authenticity.

bitsurfer2014

hero member

Activity: 924

Merit: 520

Quote from: seoincorporation on August 07, 2020, 02:11:15 PM

Quote from: bitsurfer2014 on August 07, 2020, 12:35:01 AM

If I'm not mistaken, there was no direct hacking involved in that particular incident rather some crafty people were able to connect certain data to passport numbers of registered voters because of the flaws in the design of the system itself.

And this is the problem, the blockchain technology is here to make our lives easy, but if people who don't understand it at all try to use it, then it will have tons of vulnerabilities... they should hire experts to develop the voting system, and not leave it the normal programmers.

I assume it was developed hastily and maybe they haven't done or disregarded any extensive testing. I hope this incident will serve a lesson to all who wish to utilize the benefits of blockchain technology that they should make it more robust and secure as possible in order to avoid any future issues.

Quote from: seoincorporation on August 07, 2020, 02:11:15 PM

I even think this project should be done by vitalik buterin, that would be the right way.

It would be nice if they have hired people with extensive experience in that field in the likes of VB but even so, it would still take significant amount of time to develop such project to become efficient and effective. Imho.

seoincorporation

legendary

Activity: 3290

Merit: 3092

Quote from: bitsurfer2014 on August 07, 2020, 12:35:01 AM

Quote from: hermawan9416 on August 06, 2020, 10:11:48 AM

How could they let this happen? How exactly did this happen? Were they hacked?

If I'm not mistaken, there was no direct hacking involved in that particular incident rather some crafty people were able to connect certain data to passport numbers of registered voters because of the flaws in the design of the system itself.

And this is the problem, the blockchain technology is here to make our lives easy, but if people who don't understand it at all try to use it, then it will have tons of vulnerabilities... they should hire experts to develop the voting system, and not leave it the normal programmers.

I even think this project should be done by vitalik buterin, that would be the right way.

carlisle1

hero member

Activity: 2744

Merit: 541

Campaign Management?"Hhampuz" is the Man

Quote from: MCobian on August 07, 2020, 12:11:30 PM

If because of the incident online vote based on blockchain technology was successfully hacked and decided to return to the old ways.

Because it's something that the government needs to handle carefully, if this design of the
design got hacked they need to work on it and start collecting information how things take place,
they need to use the old voting system while doing it.

Quote

So the advancement of technology will take a long time to develop, in fact we must not give up on using online voting.

It takes time but you are correct there's should be no stopping now but to keeps on improving it to make it more safe from the hacks.

Quote

It is a technological breakthrough that must be done, but many improvements must be made so that security can be improved.

More on securities that's needs to focus to avoid more hacking like to happen in the future.

Quote

I am sure that if improvements continue to be made, we will find ways to improve the security system so that online voting is not easily hacked.

It will lessen the chance of being hack knowing that hackers are not stopping to find ways and also keeps on improving to continue penetrating on their target accounts.

pixie85

hero member

Activity: 2170

Merit: 528

There were many cases where people were selling fake data leaks.

There were some fake ones from bitcointalk as well and those who bought them reportedly said that it was mostly fake or scrambled.

I'm pretty sure these people are trying to find someone dumb who will pay $1.5 for a stupid string of numbers. If it even is a real number of someobody's passport it doesn't mean anything. The number by itself is useless and there are much easier ways to get it.

Ucy

sr. member

Activity: 2632

Merit: 403

Bisq is a Bitcoin Fiat Dex. Use responsibly

So the problem is the alledged stolen private data of voters?
Well, I don't think important data like that should be handled in centralized manner. I guess the large hack means they are handled in centralized manner. And there is possibility it could be used by the hacker or the buyers for future election fraud.
Everyone should control their private data like we are expected to control our private keys. The private data should be very secured and close to impossible to hack in large numbers.
So you could blame centralization for this if the news is indeed true.

MCobian

full member

Activity: 1190

Merit: 117

If because of the incident online vote based on blockchain technology was successfully hacked and decided to return to the old ways.
So the advancement of technology will take a long time to develop, in fact we must not give up on using online voting. It is a technological
breakthrough that must be done, but many improvements must be made so that security can be improved. I am sure that if improvements
continue to be made, we will find ways to improve the security system so that online voting is not easily hacked.

wack slacker

full member

Activity: 966

Merit: 102

There are more and more technologies to design blockchain, but since then there have been more hacks to steal data and steal money from computer networks. Those are the mistakes stemming from the design of blockchain structure. We need to make quick adjustments before the worst happens. The hack is also a lesson for authorities to reconsider the application of information technology to voting.

bitsurfer2014

hero member

Activity: 924

Merit: 520

Quote from: hermawan9416 on August 06, 2020, 10:11:48 AM

How could they let this happen? How exactly did this happen? Were they hacked?

If I'm not mistaken, there was no direct hacking involved in that particular incident rather some crafty people were able to connect certain data to passport numbers of registered voters because of the flaws in the design of the system itself.

crwth

copper member

Activity: 2870

Merit: 1279

Try Gunbot for a month go to -> https://gunbot.ph

It’s the people who are evil and using their powers and capacity to take advantage of what they could have and do what they can give in exchange for money. Hackers could have easily taken their time and exploit their carelessness and then the hackers are rich now.

What I’m worried about are the affected people. Is there someone here who voted as well? It’s pretty serious when this happens.

hermawan9416

jr. member

Activity: 82

Merit: 1

How could they let this happen? How exactly did this happen? Were they hacked?

davis196

hero member

Activity: 3094

Merit: 929

Electronic voting is pretty risky,it doesn't matter if it's conducted in Russia or the US.
It doesn't matter if it's based on the blockchain technology or some centralized technology.
Such voting systems can get hacked and manipulated.
Unfortunately the good old paper ballots are the still the safest way to vote(if the voting administration is out of the direct control of the government so the elections are fair).

AjithBtc

sr. member

Activity: 1666

Merit: 276

Vave.com - Crypto Casino

Quote from: Debonaire217 on August 05, 2020, 10:05:46 AM

Quote from: tbct_mt2 on August 05, 2020, 08:18:08 AM

Hack can happen on blockchain or non blockchain data centers. But if any government say they build up a blockchain-based and backed by governments for privacy of their citizens, forget it. They are governments and their ultimate goals are follow up their citizens and sharing data to all of their institutions from many levels. It is centralized and data is readily to be shared.

Hack is the same but what I care is the trustworthy of governments on protect privacy of their citizens.

"There's no system that is safe", blockchain or not, if there is a social engineering happening, no matter how strong the system, it can still be breached. With regard to the issue, they didn't mention how the hack happened.

If we are building the best system to secure data, I don't think blockchan will be the best fitted for it. Most of the time, blockhain is transparent, but it has a good capability for strong and reputable system not prone from modifications.

The underlying technology is strong enough to secure data, for the same it doesn't mean it can't be hacked. Already we've seen so many sources that claimed themselves to be secure and rewards for the user who hack it. Same as that of someone reveals reward, anything will be breached by the hackers around the world. So, the Russian voters data sale isn't a big thing considering so many other vulnerable hacks.

Lorence.xD

sr. member

Activity: 1624

Merit: 315

Leading Crypto Sports Betting & Casino Platform

Quote from: yazher on August 05, 2020, 10:13:07 AM

Seriously, guys, this publication is good enough for the others who might fall victim to identity theft since they won't be confused if the authority knocks on their doors for no reason. They will just simply tell those police that it was not them who did the criminal act. They can use this article to clean their names instantly. so it was not bad news at all. I just wonder if you are get accused and thrown into prison, will you be able to save yourself with those statements in that Country?

You can't persuade authorities even if you say that you are not that, why do you think we have legal proceedings. I wish what you said was true so there will be no innocent getting the clink but no, we are in a bureaucratic world where paperwork is the king. Regarding this data harvest, this is pretty scary because there are people willing to buy this data and people can't do anything about it because they do not know that they got their data harvested and even if they know it they have a lot to work up to atleast take it down.

yazher

hero member

Activity: 2184

Merit: 585

You own the pen

Seriously, guys, this publication is good enough for the others who might fall victim to identity theft since they won't be confused if the authority knocks on their doors for no reason. They will just simply tell those police that it was not them who did the criminal act. They can use this article to clean their names instantly. so it was not bad news at all. I just wonder if you are get accused and thrown into prison, will you be able to save yourself with those statements in that Country?

Debonaire217

sr. member

Activity: 644

Merit: 364

In Code We Trust

Quote from: tbct_mt2 on August 05, 2020, 08:18:08 AM

Hack can happen on blockchain or non blockchain data centers. But if any government say they build up a blockchain-based and backed by governments for privacy of their citizens, forget it. They are governments and their ultimate goals are follow up their citizens and sharing data to all of their institutions from many levels. It is centralized and data is readily to be shared.

Hack is the same but what I care is the trustworthy of governments on protect privacy of their citizens.

"There's no system that is safe", blockchain or not, if there is a social engineering happening, no matter how strong the system, it can still be breached. With regard to the issue, they didn't mention how the hack happened.

If we are building the best system to secure data, I don't think blockchan will be the best fitted for it. Most of the time, blockhain is transparent, but it has a good capability for strong and reputable system not prone from modifications.

DdmrDdmr

legendary

Activity: 2338

Merit: 10802

There are lies, damned lies and statistics. MTwain

Quote from: bitcoinst on August 04, 2020, 02:21:58 PM

<…> Remarkable is the fact that the database was available for purchase in early July, but the Moscow government denied this. However, as a result, the database appeared in the public domain. <…>

It may well be that the origin of the 1,1M passport IDs was originated in a governmental .zip file (degvoter.zip), clumsily aimed at:

Quote

<…> to ensure that only those residents who had registered to vote online but hadn’t managed to cast their ballots during the online voting period (June 25 and June 30), would be able to cast paper ballots at their local polling stations on the final day of voting — July 1.

See: https://meduza.io/en/feature/2020/07/09/weak-protection-and-free-access

So, after reading though the above article, it seems that they created a SQL Lite DB with information on voters to allow for off-line voting, thus creating a side database, outside the blockchain used in the voting poll themselves. Creating a seemingly safe protocol, and then carelessly dumping the information onto an external DB that you zip an distribute for manual checks, seems pretty careless and hack prone ...

tbct_mt2

hero member

Activity: 2366

Merit: 838

Hack can happen on blockchain or non blockchain data centers. But if any government say they build up a blockchain-based and backed by governments for privacy of their citizens, forget it. They are governments and their ultimate goals are follow up their citizens and sharing data to all of their institutions from many levels. It is centralized and data is readily to be shared.

Hack is the same but what I care is the trustworthy of governments on protect privacy of their citizens.

Topic: Russian Voters’ Data on Sale After Blockchain Poll (Read 323 times)