Wednesday, October 28, 2009

Campaign Finance Loophole

As Forbes explains in a piece called "A Presidential Hacking Hoax," the linking structures in certain kinds of websites facilitate so-called SQL injection, and now a hacker is claiming to have used the still-active campaign website at to access Roosevelt University, which had databases with unencrypted passwords that could have made the incursion far worse for the campus's public reputation.

An anonymous blogger is claiming to have gained full access to the databases behind the president's campaign site,, through a simple SQL injection attack. The White House says it doesn't have a comment on the matter and the Democratic National Committee denies the blogger's claim.

Forbes analyzed the hack and it appears that the blogger used to gain access to the databases behind, a liberal arts college outside Chicago.

As the magazine points out, there is an irony that the hacker chose not to explore: "What's interesting to note is that it appears that any outside Web site can be browsed using the secure proxy, including the Republican National Committee."

Labels: ,


Post a Comment

<< Home