Send a Tweet
Most Popular Choices
Share on Facebook 14 Share on Twitter Printer Friendly Page More Sharing
OpEdNews Op Eds    H3'ed 3/13/09

Norm Coleman and Identity Theft Gate: Is Your Online Donation to Norm Coleman Safe?

By       (Page 1 of 2 pages)   No comments
Follow Me on Twitter     Message Eric Nelson
Become a Fan
  (4 fans)

After reading all the ignorant comments recently attacking Adria Richards, an IT consultant that was one of the first to blog about the egregious security failures of the Norm Coleman website, I couldn't take it anymore. Shooting the messenger seems to be the modus operandi of many Republicans.

The story has its first origins back in late January when the Coleman campaign claimed very publicly to the media that their website crashed because so many people were coming to their site in support of their election contest and wanting to see if their votes were not being counted. This claim by the Coleman campaign was later proven false by a number of IT professionals and the real reason the site went down was that it was either done on purpose by Coleman's own IT people or accidentally because of an internal misconfiguration.

As an IT professional herself Adria Richards was curious about this story and followed up on it to see if indeed the Coleman campaign had purposely crashed their own website. She stumbled upon something else. She found that Coleman's campaign website was fraught with security problems and blogged about it in late January. Because Adria never actually downloaded any of exposed files she never realized just how sensitive the information found within these files were. A number of other people tried to raise the issue back in January as well. There was no real response from the Coleman campaign about these issues that were brought before them in a very public manner. They of course knew at the time just how sensitive the information was in the exposed files.

Now fast forward six weeks later to Wednesday March 11th. The website, which was developed as a whistle-blowing site for untraceable mass document leaking and analysis, posts a page again exposing the egregious security flaws and displays example personal information that was found within an exposed Norm Coleman donor database. As the Wikileaks blog states, "Coleman supporters only know about the issue because of our work. Had it been up to Senator Coleman, they would never have known." There are numerous laws both federal and state that dictate the proper handling of personal credit card information and any security breaches that reveal personally sensitive information. According to Minnesota Law H.F. 1758 what the Coleman campaign did is illegal because they were required to destroy the digital existence of their donor's credit card numbers within 48 hrs of first capture and not permanently store them in a digital form.

In response to what Wikileaks posted, Norm Coleman's campaign spokesman Cullen Sheenan released an email statement to its donors suggesting that the posting by was politically motivated and further suggested that people within or associated with illegally hacked the Norm Coleman website to obtain the information within the database.

Cullen Sheehan even hinted that the leak might be a work of political sabotage saying, "We don't know if last evening's e-mail is a political dirty trick or what the objective is of the person who sent the e-mail."

But Adria Richards had already revealed weeks prior that the database was just sitting there in an unprotected and rather public way. You just had to stumble into the right part of the internet to find it.

"It's not hacking," she said to the Minnesota Independent yesterday. "I didn't use any hacking tools. A browser was my tool."

"That's not hacking," Richards said. "If you can download Firefox from — if you download a picture from your grandma, you’re downloading a file. Is that hacking? Five-year-olds can download files."

A poster on Adria's website astutely made the following analogy. If a Bank decides to put all your money under a tarp in a public park instead of the bank vault and a passer-by finds the money under the tarp and alerts the media, do you blame the passer-by or do you blame the Bank for their complete incompetence and negligence? As a potential depositor in a bank I would thank the passer-by for letting me know, by way of the media, that this bank can't be trusted to keep my money safe.

Just because the passer-by stumbled upon this cash hidden under the tarp (and by the way doesn't take any) does not justify detractors in trying to claim that the passer-by was trying to steal the Bank's money.

With enough people stumbling around a park someone would eventually find the money.

Cullen continued the "shoot the messenger" mantra and suggested that federal authorities had been brought in to see if there was a security breach. Further they had previously claimed that the Secret Service had determined that no sensitive information had been leaked from the Norm Coleman website. As we know now either that statement is false or the Secret Service is incompetent when it comes to investigating potential cyber-crime.

The real security breach was in allowing Norm Coleman to represent the citizens of Minnesota for the past six years.

As a fellow IT consultant, I deal with security issues almost daily. I see hackers scanning websites, by way of server logs, EVERY day looking for potential openings and exploits. These hackers are using untraceable zombie computer networks from all over the world. Chinese hackers, Romanian hackers and yes many pre-teen hackers from the United Sates. Leaving gigantic security holes in your website exposed for weeks and not taking the appropriate action is inexcusable and an even more egregious offense is to not bother to inform all the donors that their information and credit card numbers were compromised.

All of the security breaches found in Norm Coleman’s website could be easily found automatically with internet scanners very similar to what Google uses to index the entire internet. I can almost guarantee you that there are Chinese and Eastern European hackers that have had this information well before Adria Richards stumbled upon it. And if you think these professional hackers are going to call up Norm’s office and let him know I have some oceanfront property in Iowa to sell you.

Next Page  1  |  2

(Note: You can view every article as one long page if you sign up as an Advocate Member, or higher).

Rate It | View Ratings

Eric Nelson Social Media Pages: Facebook page url on login Profile not filled in       Twitter page url on login Profile not filled in       Linkedin page url on login Profile not filled in       Instagram page url on login Profile not filled in

Eric Nelson is freelance writer, an editor at OpEdNews, and a spiritual progressive from Minnesota who has become more politically active. The reasons for this should be obvious to most; rising poverty, a broken health care system, and a growing (more...)
Go To Commenting
The views expressed herein are the sole responsibility of the author and do not necessarily reflect those of this website or its editors.
Follow Me on Twitter     Writers Guidelines

Contact AuthorContact Author Contact EditorContact Editor Author PageView Authors' Articles
Support OpEdNews

OpEdNews depends upon can't survive without your help.

If you value this article and the work of OpEdNews, please either Donate or Purchase a premium membership.

If you've enjoyed this, sign up for our daily or weekly newsletter to get lots of great progressive content.
Daily Weekly     OpEd News Newsletter
   (Opens new browser window)

Most Popular Articles by this Author:     (View All Most Popular Articles by this Author)

How Wisconsin GOP and Kathy Nickolaus Could Have Stolen the Supreme Court Election if They had Wanted to

Probable Case of Swine Flu in Minnesota Occurs in District Represented by Michele Bachmann

Evidence of Republican Election Fraud in the Al Franken, Norm Coleman Senate Race?

Flax Seed: A Natural Alternative to Statins?

Whats Wrong with Waukesha Wisconsin? More Anomalies in Prosser and Kloppenburg Race

Alan Greenspan calls the McCain Economic Plan a Disaster for the Country

To View Comments or Join the Conversation:

Tell A Friend