Pages:
Author

Topic: Russian Voters’ Data on Sale After Blockchain Poll (Read 359 times)

sr. member
Activity: 1932
Merit: 300
Vave.com - Crypto Casino
Electronic voting is pretty risky,it doesn't matter if it's conducted in Russia or the US.
It doesn't matter if it's based on the blockchain technology or some centralized technology.
Such voting systems can get hacked and manipulated.
Unfortunately the good old paper ballots are the still the safest way to vote(if the voting administration is out of the direct control of the government so the elections are fair).


The technology is still in the early phase and they just hurried it up to show something new to it's voters, afterall many things are going to be same it was for some time. A government built technology is often of low cost and quality and probably didn't wen through any penetration testing. But as they learn form the mistakes and keeps patching the holes, electronic voting system based on blockchain would be a norm within two decades.
hero member
Activity: 2156
Merit: 670
Hire Bitcointalk Camp. Manager @ r7promotions.com
Hackers are reportedly selling the personal data of over a million Russians who voted electronically, using blockchain technology, during the recent constitutional amendment process.
This is what always we are worrying about due to the data were stolen. It is also what makes me personally worry about sending the document for the KYC process or another thing that needs the document for proving ourselves. However, sometimes, we cannot ignore the KYC process. We know that the companies will always ensure the security systems of the data, they will be safely stored on the system, moreover blockchain technology. But,t his is not the first time that hackers can hack the system and steal the data easily. More badly is that they sell our data for untrusted and irresponsible purposes.

So, what should we do right now? As possible as we can, we may ignore or avoid submitting data for any kind of requirements. But can it be?
Or we cannot ignore it 100% but we can avoid it as maximal as possible.
member
Activity: 728
Merit: 24
Hackers are reportedly selling the personal data of over a million Russians who voted electronically, using blockchain technology, during the recent constitutional amendment process.

Over 1.1 million data points were stolen and put on sale for $1.50 each on the online forums, the Russian newspaper Kommersant wrote. The data, consisting exclusively of passport numbers, has little value on its own, the anonymous sellers admitted to Kommersant. But such data can be used for phishing attacks when combined with information from other leaked databases.

Moscow’s Department of Information Technologies, which is responsible for the design of the voting system, denied the report in an email to CoinDesk.

“The department is regularly monitoring the internet for publications of such data, including the darknet. The database mentioned in the publication has nothing to do with the list of voters who registered to vote online,” the department’s press office wrote, adding that the information on the Moscow city hall’s servers was properly protected and “there had been no leaks since the beginning of 2020.”



Remarkable is the fact that the database was available for purchase in early July, but the Moscow government denied this. However, as a result, the database appeared in the public domain.

https://www.coindesk.com/russian-voters-data-on-sale-after-blockchain-vote-to-keep-putin-in-power-report
Of course, the government will completely deny everything, since this is their job. No one admits that they really had a hole in the system. Perhaps this information is a throw-in, in order to distract attention and reduce the vigilance of hackers. Perhaps they have already left or security services have been following them for a long time. I wouldn't be so sure of the authenticity.
hero member
Activity: 924
Merit: 520
If I'm not mistaken, there was no direct hacking involved in that particular incident rather some crafty people were able to connect certain data to  passport numbers of registered voters because of the flaws in the design of the system itself.

And this is the problem, the blockchain technology is here to make our lives easy, but if people who don't understand it at all try to use it, then it will have tons of vulnerabilities... they should hire experts to develop the voting system, and not leave it the normal programmers.

I assume it was developed hastily and maybe they haven't done or disregarded any extensive testing. I hope this incident will serve a lesson to all who wish to utilize the benefits of blockchain technology that they should make it more robust and secure as possible in order to avoid any future issues.


I even think this project should be done by vitalik buterin, that would be the right way.

It would be nice if they have hired people with extensive experience in that field in the likes of VB but even so, it would still take significant amount of time to develop such project to become efficient and effective. Imho.
legendary
Activity: 3346
Merit: 3130
How could they let this happen? How exactly did this happen? Were they hacked?

If I'm not mistaken, there was no direct hacking involved in that particular incident rather some crafty people were able to connect certain data to  passport numbers of registered voters because of the flaws in the design of the system itself.

And this is the problem, the blockchain technology is here to make our lives easy, but if people who don't understand it at all try to use it, then it will have tons of vulnerabilities... they should hire experts to develop the voting system, and not leave it the normal programmers.

I even think this project should be done by vitalik buterin, that would be the right way.
hero member
Activity: 2744
Merit: 541
Campaign Management?"Hhampuz" is the Man
If because of the incident online vote based on blockchain technology was successfully hacked and decided to return to the old ways.

Because it's something that the government needs to handle carefully, if this design of the
design got hacked they need to work on it and start collecting information how things take place,
they need to use the old voting system while doing it.

Quote
So the advancement of technology will take a long time to develop, in fact we must not give up on using online voting.

It takes time but you are correct there's should be no stopping now but to keeps on improving it to make it more safe from the hacks.

Quote
It is a technological breakthrough that must be done, but many improvements must be made so that security can be improved.

More on securities that's needs to focus to avoid more hacking like to happen in the future.

Quote
I am sure that if improvements continue to be made, we will find ways to improve the security system so that online voting is not easily hacked.

It will lessen the chance of being hack knowing that hackers are not stopping to find ways and also keeps on improving to continue penetrating on their target accounts.
hero member
Activity: 2184
Merit: 531
There were many cases where people were selling fake data leaks.

There were some fake ones from bitcointalk as well and those who bought them reportedly said that it was mostly fake or scrambled.

I'm pretty sure these people are trying to find someone dumb who will pay $1.5 for a stupid string of numbers. If it even is a real number of someobody's passport it doesn't mean anything. The number by itself is useless and there are much easier ways to get it.
Ucy
sr. member
Activity: 2674
Merit: 403
Compare rates on different exchanges & swap.
So the problem is the alledged stolen private data of voters?
Well, I don't think important data like that should be handled in centralized manner. I guess the large hack means they are handled in centralized manner. And there is possibility it could be used by the hacker or the buyers for future election fraud.
Everyone should control their private data like we are expected to control our private keys. The private data should be very secured and close to impossible to hack in large numbers.
So you could blame centralization for this if the news is indeed true.
full member
Activity: 1190
Merit: 117
If because of the incident online vote based on blockchain technology was successfully hacked and decided to return to the old ways.
So the advancement of technology will take a long time to develop, in fact we must not give up on using online voting. It is a technological
breakthrough that must be done, but many improvements must be made so that security can be improved. I am sure that if improvements
continue to be made, we will find ways to improve the security system so that online voting is not easily hacked.
full member
Activity: 966
Merit: 102
There are more and more technologies to design blockchain, but since then there have been more hacks to steal data and steal money from computer networks. Those are the mistakes stemming from the design of blockchain structure. We need to make quick adjustments before the worst happens. The hack is also a lesson for authorities to reconsider the application of information technology to voting.
hero member
Activity: 924
Merit: 520
How could they let this happen? How exactly did this happen? Were they hacked?

If I'm not mistaken, there was no direct hacking involved in that particular incident rather some crafty people were able to connect certain data to  passport numbers of registered voters because of the flaws in the design of the system itself.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
It’s the people who are evil and using their powers and capacity to take advantage of what they could have and do what they can give in exchange for money. Hackers could have easily taken their time and exploit their carelessness and then the hackers are rich now.

What I’m worried about are the affected people. Is there someone here who voted as well? It’s pretty serious when this happens.
jr. member
Activity: 82
Merit: 1
How could they let this happen? How exactly did this happen? Were they hacked?
hero member
Activity: 3192
Merit: 939
Electronic voting is pretty risky,it doesn't matter if it's conducted in Russia or the US.
It doesn't matter if it's based on the blockchain technology or some centralized technology.
Such voting systems can get hacked and manipulated.
Unfortunately the good old paper ballots are the still the safest way to vote(if the voting administration is out of the direct control of the government so the elections are fair).
sr. member
Activity: 1666
Merit: 276
Vave.com - Crypto Casino
Hack can happen on blockchain or non blockchain data centers. But if any government say they build up a blockchain-based and backed by governments for privacy of their citizens, forget it. They are governments and their ultimate goals are follow up their citizens and sharing data to all of their institutions from many levels. It is centralized and data is readily to be shared.

Hack is the same but what I care is the trustworthy of governments on protect privacy of their citizens.

"There's no system that is safe", blockchain or not, if there is a social engineering happening, no matter how strong the system, it can still be breached. With regard to the issue, they didn't mention how the hack happened.

If we are building the best system to secure data, I don't think blockchan will be the best fitted for it. Most of the time, blockhain is transparent, but it has a good capability for strong and reputable system not prone from modifications.
The underlying technology is strong enough to secure data, for the same it doesn't mean it can't be hacked. Already we've seen so many sources that claimed themselves to be secure and rewards for the user who hack it. Same as that of someone reveals reward, anything will be breached by the hackers around the world. So, the Russian voters data sale isn't a big thing considering so many other vulnerable hacks.
sr. member
Activity: 1624
Merit: 315
Leading Crypto Sports Betting & Casino Platform
Seriously, guys, this publication is good enough for the others who might fall victim to identity theft since they won't be confused if the authority knocks on their doors for no reason. They will just simply tell those police that it was not them who did the criminal act. They can use this article to clean their names instantly. so it was not bad news at all. I just wonder if you are get accused and thrown into prison, will you be able to save yourself with those statements in that Country?
You can't persuade authorities even if you say that you are not that, why do you think we have legal proceedings. I wish what you said was true so there will be no innocent getting the clink but no, we are in a bureaucratic world where paperwork is the king. Regarding this data harvest, this is pretty scary because there are people willing to buy this data and people can't do anything about it because they do not know that they got their data harvested and even if they know it they have a lot to work up to atleast take it down.
hero member
Activity: 2268
Merit: 588
You own the pen
Seriously, guys, this publication is good enough for the others who might fall victim to identity theft since they won't be confused if the authority knocks on their doors for no reason. They will just simply tell those police that it was not them who did the criminal act. They can use this article to clean their names instantly. so it was not bad news at all. I just wonder if you are get accused and thrown into prison, will you be able to save yourself with those statements in that Country?
sr. member
Activity: 644
Merit: 364
In Code We Trust
Hack can happen on blockchain or non blockchain data centers. But if any government say they build up a blockchain-based and backed by governments for privacy of their citizens, forget it. They are governments and their ultimate goals are follow up their citizens and sharing data to all of their institutions from many levels. It is centralized and data is readily to be shared.

Hack is the same but what I care is the trustworthy of governments on protect privacy of their citizens.

"There's no system that is safe", blockchain or not, if there is a social engineering happening, no matter how strong the system, it can still be breached. With regard to the issue, they didn't mention how the hack happened.

If we are building the best system to secure data, I don't think blockchan will be the best fitted for it. Most of the time, blockhain is transparent, but it has a good capability for strong and reputable system not prone from modifications.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
<…> Remarkable is the fact that the database was available for purchase in early July, but the Moscow government denied this. However, as a result, the database appeared in the public domain. <…>
It may well be that the origin of the 1,1M passport IDs was originated in a governmental .zip file (degvoter.zip), clumsily aimed at:
Quote
<…> to ensure that only those residents who had registered to vote online but hadn’t managed to cast their ballots during the online voting period (June 25 and June 30), would be able to cast paper ballots at their local polling stations on the final day of voting — July 1.
See: https://meduza.io/en/feature/2020/07/09/weak-protection-and-free-access

So, after reading though the above article, it seems that they created a SQL Lite DB with information on voters to allow for off-line voting, thus creating a side database, outside the blockchain used in the voting poll themselves. Creating a seemingly safe protocol, and then carelessly dumping the information onto an external DB that you zip an distribute for manual checks, seems pretty careless and hack prone ...
hero member
Activity: 2366
Merit: 838
Hack can happen on blockchain or non blockchain data centers. But if any government say they build up a blockchain-based and backed by governments for privacy of their citizens, forget it. They are governments and their ultimate goals are follow up their citizens and sharing data to all of their institutions from many levels. It is centralized and data is readily to be shared.

Hack is the same but what I care is the trustworthy of governments on protect privacy of their citizens.
Pages:
Jump to: