carltondanks
kiwifarms.net
this seems kind of loose right now, i'm gonna wait and see if there's more proof before i say any dumb shit
It allows you to change web page code in the browser. The changes don't last through a refresh. However, it can be used to submit data on poorly designed pages. I've done so before on a page where it had a field disabled I needed to change. I enabled it via inspect, changed it, and clicked Submit and it took what I changed the field too."Inspect element"?
I’m not going to pet you, you sick fuck.I’m a soft kitty, please pet me.
You can't alter an existing vote. What you can do is cancel the prior vote (and then edit address data so another ballot won't be sent.)Fake news. I have a family member in Oregon. I totally didn't just log into that page using their info.
You can't submit a ballot through this page. The "Mark my ballot" is just a way to do a mock marking and then you can print out a summary. It's not the same thing as a real ballot. You can't change someone's vote.
But you'd have to do that on a large scale to have any effect and doing so would be difficult given that you have to verify. Right in that screenshot, and as I pointed out in previous posts, you need either, the persons DMV number, the last 4 of their social, or sending in one of those listed items. Some easier to obtain than others, but still.You can't alter an existing vote. What you can do is cancel the prior vote (and then edit address data so another ballot won't be sent.)
View attachment 1669743
A large team of people like... the DNC?But you'd have to do that on a large scale to have any effect and doing so would be difficult given that you have to verify. Right in that screenshot, and as I pointed out in previous posts, you need either, the persons DMV number, the last 4 of their social, or sending in one of those listed items. Some easier to obtain than others, but still.
Doing this on a few people, sure, but on a mass scale, you'd need a large team of people working on this. With less than a month to go, thousands of people suddenly doing this would likely attract some attention.
A poster on /pol/ claims he's brute forcing common names to the effect you describe.But you'd have to do that on a large scale to have any effect and doing so would be difficult given that you have to verify. Right in that screenshot, and as I pointed out in previous posts, you need either, the persons DMV number, the last 4 of their social, or sending in one of those listed items. Some easier to obtain than others, but still.
Doing this on a few people, sure, but on a mass scale, you'd need a large team of people working on this. With less than a month to go, thousands of people suddenly doing this would likely attract some attention.
"A poster of /pol/ claims"A poster on /pol/ claims he's brute forcing common names to the effect you describe.
View attachment 1669761
DOB matching is easy with facebook."A poster of /pol/ claims"
Are you even thinking about what you're saying?
So he's brute forcing common names AND DOB? Common names easy, but also finding matching DOB complicates that.
AND AGAIN, he would also have to be brute forcing their DMV number, last 4 of their social, or fabricating some other proof of identity.
You seriously believe some anon on pol, that is apparently in Russia or some similar language speaking country, is going to successfully do this and completely fuck up the Oregon system?
Have their been enough hacks of companies that would provide the name, DOB, and the SSN or last 4 digits of it? Like the Experian hack from a couple of years ago, maybe?But you'd have to do that on a large scale to have any effect and doing so would be difficult given that you have to verify. Right in that screenshot, and as I pointed out in previous posts, you need either, the persons DMV number, the last 4 of their social, or sending in one of those listed items. Some easier to obtain than others, but still.
Doing this on a few people, sure, but on a mass scale, you'd need a large team of people working on this. With less than a month to go, thousands of people suddenly doing this would likely attract some attention.
The data necessary to accomplish this, as you describe, fell into somebody's hands as of February this year."A poster of /pol/ claims"
Are you even thinking about what you're saying?
So he's brute forcing common names AND DOB? Common names easy, but also finding matching DOB complicates that.
AND AGAIN, he would also have to be brute forcing their DMV number, last 4 of their social, or fabricating some other proof of identity.
You seriously believe some anon on pol, that is apparently in Russia or some similar language speaking country, is going to successfully do this and completely fuck up the Oregon system?
Yeah.You seriously believe some anon on pol, that is apparently in Russia or some similar language speaking country, is going to successfully do this and completely fuck up the Oregon system?
They don't need that dump, DOB and Full name are easily accessible via a service like whitepages: https://www.whitepages.com/name/Edward-Tevis-Wheeler/Portland-OR/2sc2xyc and pair that with https://www.mylife.com/edward-wheeler/e930795123756 and you have a good rundown of Ted Wheeler as an example of a known Oregon resident we can use (in his case you could just pull DOB and name from Wikipedia). There are likely OSINT tools on github already that scrape these webpages for their publically facing information and combine them together into one blob of json for you to manipulate. It wouldn't be too difficult for even a middling script kiddie to cobble together a bot using said tools and write up a second bot that parses said using selenium to crash through and change shitloads of stuff. Not to mention there is huge dumps of this information out on the darkweb from the various leaks, the credit rating agency leaks had something around 150 million or so people in it and that actually included data such as social security numbers. This is just another shitshow in a long line of security screwups for American citizens because they lack a unifying secure asset to pin identity information to. Social Security is a particularly shit method we've cobbled together and that works via obsfucation because it has no security built in.The data necessary to accomplish this, as you describe, fell into somebody's hands as of February this year.