Information Security News mailing list archives
Labour's website may be open to hackers
From: William Knowles <wk () C4I ORG>
Date: Mon, 11 Sep 2000 02:07:00 -0500
http://www.independent.co.uk/news/Digital/Update/2000-09/labour100900.shtml By Clayton Hirst 10 September 2000 The Labour Party's website is in serious danger of being hacked into, and sensitive information could be stolen from it, an internet accreditation company will claim this week. Clicksure will on Thursday publish an audit of the site identifying 12 major flaws which could lead to a damaging breach. Most worrying is that the site collects credit card details and personal information in an "insecure environment". Phil Hendey, Clicksure's director of marketing, said: "Any site which collects credit card and personal information should be done securely. Labour's site is open to abuse and the information could be hacked." Mr Hendey warned that its shortfalls make Labour's site as vulnerable to hacking as PowerGen's site, which was breached last month. The news will worry thousands of Labour supporters who have joined the party and made donations online. Last month the Department for Trade & Industry launched TrustUK, a government-backed hallmark for internet sites. Clicksure criticised the hallmark when it was launched, but Mr Hendey said that if Labour's site met these minimum standards it would be a "vast improvement". He said: "Given that Labour supports TrustUK and claims to be promoting internet use in the UK, you would have thought that it would have got its own shop window in order." Clicksure is also critical of Labour's site for not displaying terms and conditions for the use of the site, having no commitment to privacy and for not stating whether personal information is being collected. However, it's not just Labour's website which Clicksure has criticised. It has identified nine problems with both the Conservative and the Liberal Democrat sites. However, both sites offer a secure environment to submit credit card details. Clicksure's audit also examined Al Gore's site. In stark contrast to the UK sites, Clicksure gives a glowing report of the US presidential candidate's internet offering. Mr Hendey said that Gore2000.com fell down on just one point and otherwise it matches all Clicksure's exacting standards. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Labour's website may be open to hackers William Knowles (Sep 12)