It couldn't have happened to a bigger weasel.

This really could be the death knell to his hopeless campaign to get Franken's victory overturned, though. Think anyone's going to donate to such a badly run mess of an effort?

Heh. This Minnesota senate fiasco is such a trainwreck. Thank you, Minnesotans, I've enjoyed every second. :D

"So easy, even I found it"

Senator Al Franken.

Got a nice ring to it.

It's a perfect recipe for humor.

1. Give internet access to Republicans.
2. ???
3. Profit!

Victoria Jackson working now as Coleman's IT wizard?

Firefox is a Liberal haxxor tool? wowsers.

Norm Coleman is an idiot? I had no idea...

Pootums: Firefox is a Liberal haxxor tool? wowsers.

Conservative use Netscape.

Bucky Katt: Pootums: Firefox is a Liberal haxxor tool? wowsers.

Conservative use Netscape.

Us reds prefer seamonkey.

jake_lex: This really could be the death knell to his hopeless campaign to get Franken's victory overturned, though. Think anyone's going to donate to such a badly run mess of an effort?

I wouldn't say this is the death knell for Coleman, but rather, I would summarize this case as "lucky tie vs. the actual vote tally of 3 million people".

Coleman's donors throwing more money at the case has only brought to light more votes for Franken, who is set to pick up close to 300 more votes after this court case is over, bringing the margin of victory to over 500. Coleman on the other hand only managed to produce less than 10 legitamate ballots out of the 1350 that he brought to the courts, all the rest were not filled out correctly, or disqualified for some other valid reason.

This whole thing is just political theater, and delay tactics by the Coleman campaign. Cry me a farking river republicans, and give out your credit card #'s so I can go buy organic arugala at the co-op.

Pootums: Firefox is a Liberal haxxor tool? wowsers.

Read the article linked in the main one called "Liberal hackers at it again". Anyone who tries to explain that Coleman's website team is responsible for this leak is a "lefty hacker" writing "anti-Coleman screeds".

No wonder America is voting these helpless failures out of office by the busload.

Oops. I said previously that Franken would pick up 300 more votes, but actually he's going to have a 300 vote lead, not 500.

What Would Whoopty Do: This whole thing is just political theater, and delay tactics by the Coleman campaign.

Bingo. The GOP knows Coleman is going to lose. They just want to keep this going as long as they can so they can keep Franken from becoming Senate Seat #59 for as long as possible. Because once Franken is seated, all the Dems have to do is butter up Olympia Snowe and the rest of the GOP can, in the words of Tina Fey and/or Degeneration X, suck it.

Apparently this donor data had credit card details including the three digit CVV code that you're not allowed to retain at all. If you were going to do this delibrately to blame it on 'liberal hackers' you wouldn't include this code - it only makes you liable to pay the credit card companies.

I think the 'liberal hackers' angle is just trying to make lemonade from lemons, not something that was thought up from the start.

I also understand that he knew about this info getting out in January and by not notifying the donors until March he might not have lived up to his legal obligations.

What a fantastic IT professional!

She finds a very VERY stupid website setup that patently allows people's information to be exposed. Does she warn them? No.

She tells everyone on the internet.

She's about as professional as Norm Coleman's web admin.

It would be nice to see one of coleman's supporters download the names from wikileaks and send each person an e-mail telling how this "IT professional" found their information and instead of helping to safeguard it, she took steps to make sure it was leaked on the internet.

I don't care about Coleman, and the race in Mn seems like Turd v.s. Douche. But I do find this self proclaimed IT professional to be anything but.

hahawinnipeg: I don't care about Coleman, and the race in Mn seems like Turd v.s. Douche.

I hear lot of people echo your sentiment, but I need to ask: What did Al Franken ever do that would be considered "douche" like to you? I'm just not seeing it. Norm Coleman is a right-wing republican, that's enough to define him as a turd, but I've rarely met anyone who can tell me WHY they dislike Franken.

jake_lex: This really could be the death knell to his hopeless campaign to get Franken's victory overturned, though. Think anyone's going to donate to such a badly run mess of an effort?

I am confident that most everyone who donated the first time would donate again (and again and again). All they need to hear is it was a liberal plot and their wallets will open quicker than a ShamWow sops up spills.

I'm still upset at this story.

How can she brag about finding a list of folders and sorting through them until she finds a database folder then alerting everyone EXCEPT the campaign.

She could have alerted the campaign and still showed the screen caps... embarassement achieved (and rightly so... very low web standards of security gang!). But instead she helped all these names get out by making it public.

Just because someone has bad security, doesn't mean you tell everyone.

This is so profoundly unprofessional. Plus now she has 1000's of people whose information could have been kept private, but she helped it out into the light. I'm sure they're not happy either. She's probably going to get sued. Her IT credibility is diminished.

For all the lefties, I know.... Wharrgarbl!

saintstryfe

From watching MN t.v. while there. Between the attack ads from each party, it generally gave me the impression that both were not the best of the bunch for MN.

hahawinnipeg: I'm still upset at this story.

How can she brag about finding a list of folders and sorting through them until she finds a database folder then alerting everyone EXCEPT the campaign.

She could have alerted the campaign and still showed the screen caps... embarassement achieved (and rightly so... very low web standards of security gang!). But instead she helped all these names get out by making it public.

Just because someone has bad security, doesn't mean you tell everyone.

This is so profoundly unprofessional. Plus now she has 1000's of people whose information could have been kept private, but she helped it out into the light. I'm sure they're not happy either. She's probably going to get sued. Her IT credibility is diminished.

For all the lefties, I know.... Wharrgarbl!

Watch the video again. She's not the one who dumped the database online. She merely replicated the 'hack' of someone else and posted evidence online that it wasn't a hack at all. The damage was already done.

I don't know a whole heck of a lot about this Senate race (other than the fact that it isn't over ... yet), but holy hannah, this guy's IT people are totally incompetent. Look at the website "crash" that preceded this "hacking". The website was running a backend database with NO PASSWORD. Holy crap, how stupid ARE you people. IT? Pfft.

Hacker? Heck I would have gone through that directory myself, and I don't give a darn about all the politics involved. My MOM could have done that. And she is 73 and computer literate, but no hacker.

I feel sorry for the people who donated and had their cards exposed like that.

James F. Campbell: Senator Al Franken.

Got a nice ring to it.

Senator Al Franken

not quite big and bold enough

Lumpmoose: hahawinnipeg: I'm still upset at this story.

How can she brag about finding a list of folders and sorting through them until she finds a database folder then alerting everyone EXCEPT the campaign.

She could have alerted the campaign and still showed the screen caps... embarassement achieved (and rightly so... very low web standards of security gang!). But instead she helped all these names get out by making it public.

Just because someone has bad security, doesn't mean you tell everyone.

This is so profoundly unprofessional. Plus now she has 1000's of people whose information could have been kept private, but she helped it out into the light. I'm sure they're not happy either. She's probably going to get sued. Her IT credibility is diminished.

For all the lefties, I know.... Wharrgarbl!

Watch the video again. She's not the one who dumped the database online. She merely replicated the 'hack' of someone else and posted evidence online that it wasn't a hack at all. The damage was already done.

Hmmmm, I watched it again myself. Although she didn't download the database herself, it isn't clear whether the real hacker used her information or not. So, who knows.

Obvious this is fake.

There is no such thing as a black female computer geek, especially one that is good looking.

hahawinnipeg: What a fantastic IT professional!

She finds a very VERY stupid website setup that patently allows people's information to be exposed. Does she warn them? No.

She tells everyone on the internet.

She's about as professional as Norm Coleman's web admin.

It would be nice to see one of coleman's supporters download the names from wikileaks and send each person an e-mail telling how this "IT professional" found their information and instead of helping to safeguard it, she took steps to make sure it was leaked on the internet.

I don't care about Coleman, and the race in Mn seems like Turd v.s. Douche. But I do find this self proclaimed IT professional to be anything but.

I watched the video and I thought the same thing. She should have taken screenshots enough to prove the breach was as big as it was and then gone straight to notifying the administrator of the website or the coleman campaign or whatever.

I mean look, I'm a tard if I leave my door unlucked, but if a security guard is on their day off and pass by the house and decide that instead of contacting me or doing something useful they decide to put signs at a major intersection nearby: "Unlocked house at XXXX XXXXX court" then seriously fark them.

/thinks coleman is a douche.

Oh, and to extend the analogy, it really doesn't matter if someone had already rifled through my shiat before the guy found out my door was open/unlocked, or whether they found it after he posted the signs, its a douchy move either way imo.

The best part is that the fake "website crash" that the Coleman campaign fabricated is what drew attention to the piss poor security setup on the server.

If they hadn't tried to scam the public, no one would've noticed what was going on.

Smackledorfer: Oh, and to extend the analogy, it really doesn't matter if someone had already rifled through my shiat before the guy found out my door was open/unlocked, or whether they found it after he posted the signs, its a douchy move either way imo.

To really extend the analogy, the owner of the house would've been telling the press that his house had burned down in an effort to procure sympathy from the public.

And it was people checking out that fabricated story that led them to discover that not only was the house perfectly fine... the door was unlocked with the personal information of people *they shouldn't have* sitting out in the open.

Lumpmoose: Although she didn't download the database herself, it isn't clear whether the real hacker used her information or not. So, who knows.

You were right the first time. The damage was done long before this lady entered the picture. The video of her explaining how the "hack" was done was posted earlier this week. Coleman's list has been out circulating the 'net and on Wikileaks for far longer.

Here's the Wikileaks entry about it:

The Big Bad Database of Senator Norm Coleman (pops)

Seems as though Norm was keeping people's credit card information for way longer than he was legally allowed to, on top of his IT team posting that info on a very public website.

Aexia: Smackledorfer: Oh, and to extend the analogy, it really doesn't matter if someone had already rifled through my shiat before the guy found out my door was open/unlocked, or whether they found it after he posted the signs, its a douchy move either way imo.

To really extend the analogy, the owner of the house would've been telling the press that his house had burned down in an effort to procure sympathy from the public.

And it was people checking out that fabricated story that led them to discover that not only was the house perfectly fine... the door was unlocked with the personal information of people *they shouldn't have* sitting out in the open.

Didn't she say that she had heard that the site was down, and not that she had heard that evil hackers took the site down everyone come sympathize?

Or did I zone out during that fact?

Regardless of how much of a douche coleman is, if you come across a situation that could use a hand, and instead of helping or even just ignoring it and going about your business, you point the security breach out to everyone you know, then you are a royal turd yourself. Maybe that is asking too much of other people.

Coleman is a total idiot but seriously who gives a shiat about this?

Smackledorfer: Aexia: Smackledorfer: Oh, and to extend the analogy, it really doesn't matter if someone had already rifled through my shiat before the guy found out my door was open/unlocked, or whether they found it after he posted the signs, its a douchy move either way imo.

To really extend the analogy, the owner of the house would've been telling the press that his house had burned down in an effort to procure sympathy from the public.

And it was people checking out that fabricated story that led them to discover that not only was the house perfectly fine... the door was unlocked with the personal information of people *they shouldn't have* sitting out in the open.

Didn't she say that she had heard that the site was down, and not that she had heard that evil hackers took the site down everyone come sympathize?

Or did I zone out during that fact?

Regardless of how much of a douche coleman is, if you come across a situation that could use a hand, and instead of helping or even just ignoring it and going about your business, you point the security breach out to everyone you know, then you are a royal turd yourself. Maybe that is asking too much of other people.

That's exactly how 90% of software security holes have been fixed over the past 25 years. People tend to ignore it otherwise.

Smackledorfer: Regardless of how much of a douche coleman is, if you come across a situation that could use a hand, and instead of helping or even just ignoring it and going about your business, you point the security breach out to everyone you know, then you are a royal turd yourself. Maybe that is asking too much of other people.

She explains

Let's face it - the only time stuff like this gets fixed is if you shine a huge light on it.

Smackledorfer: Didn't she say that she had heard that the site was down, and not that she had heard that evil hackers took the site down everyone come sympathize?

From a Coleman campaign press release:
"Minnesotans and folks across the country are fed up with Al Franken's efforts to disenfranchise thousands of Minnesota voters, and the overwhelming response we received to making this information public is proof positive of that fact," said Campaign Manager Cullen Sheehan. "The Franken campaign's ongoing effort to quash votes is clearly not sitting well with Minnesotans, and we intend to continue fighting for each and every one of these voters who deserve to have their valid vote counted."

And because they lied, people discovered the Coleman campaign was

1. illegally storing personal information (this was intentional)
2. posting it for anyone to download (this was stupidity)

hahawinnipeg: Her IT credibility is diminished.

Hardly. In the software security job market, you can't buy publicity like this.

Aexia: Smackledorfer: Didn't she say that she had heard that the site was down, and not that she had heard that evil hackers took the site down everyone come sympathize?

From a Coleman campaign press release:
"Minnesotans and folks across the country are fed up with Al Franken's efforts to disenfranchise thousands of Minnesota voters, and the overwhelming response we received to making this information public is proof positive of that fact," said Campaign Manager Cullen Sheehan. "The Franken campaign's ongoing effort to quash votes is clearly not sitting well with Minnesotans, and we intend to continue fighting for each and every one of these voters who deserve to have their valid vote counted."

And because they lied, people discovered the Coleman campaign was

1. illegally storing personal information (this was intentional)
2. posting it for anyone to download (this was stupidity)

Maybe I'm unbelievably stupid today, but how does that quote provide evidence that "To really extend the analogy, the owner of the house would've been telling the press that his house had burned down in an effort to procure sympathy from the public."

And again, I agree coleman is douchey, and his political rhetoric is whargarble.

here's a wikileaks letter snippet:
TO WIKILEAKS / TO WHOM IT MAY CONCERN / TO INTERESTED MEDIA:

The attached files comprise a snapshot of the website database of
the Norm Coleman campaign as of January 28, 2009. The database was
exposed by the incompetence of Coleman's website personnel, making
the information public for a period of time.

Wiki leaks says this whole thing starts on 1/28/2009 which was when she found it. Did she send the letter and link? Did anyone ask? When she found this, who did she tell? The Minnesota Independent? Just her blog? or Wikileaks? All?

Sounds like she didn't alert the people who could have stopped this personal information from hitting the net.

My points on the whole matter are not Coleman v.s. Franken, but on professional v.s. unprofessional behavior. She says she found this security foul up and she did what she did. She had a choice, and I think it was the unprofessional one.

God help us all if we start making professional judgements based on our personal politics.

saintstryfe: I've rarely met anyone who can tell me WHY they dislike Franken.

Because a lot of people out there are too stupid to know the difference between Al Franken and some of the characters he played in his comedy sketches. And then there are the ditto heads.

This chick is a snake. She obviously found an excuse to embarrass Norm Coleman and ran with it. Ok, thats find, but at least admit its a shiatbag thing to do rather than spit off Youtube videos left and right proclaiming to be all high and mighty. Attention whore and a snake. I hope someone sues the shiat out of her.

hahawinnipeg: I'm still upset at this story.

How can she brag about finding a list of folders and sorting through them until she finds a database folder then alerting everyone EXCEPT the campaign.

She could have alerted the campaign and still showed the screen caps... embarassement achieved (and rightly so... very low web standards of security gang!). But instead she helped all these names get out by making it public.

The bolded part is why you're an idiot. The whole point behind leaking donor information is to drag their carcasses into the light.

DARN THOSE LIBS! This is even worse than when those hackers from the Ned Lamont campaign crashed the Joe Lieberman campaign website!

chu2dogg: This chick is a snake. She obviously found an excuse to embarrass Norm Coleman and ran with it. Ok, thats find, but at least admit its a shiatbag thing to do rather than spit off Youtube videos left and right proclaiming to be all high and mighty. Attention whore and a snake. I hope someone sues the shiat out of her.

Have you read the Wikileaks article? This is the big bad h4x0r link:

http://colemanforsenate.com/db/database.tar.gz

I've heard of security through obscurity, but that's ridiculous. I wouldn't be surprised if it was Google searchable within hours. There's no evidence the real hacker used her information or that the database wasn't stored somewhere else open and online before January 28. IANAL, but I think she's clear. And she uncovered illegal campaign practices that would have been lightly covered up or outright ignored if she had only contacted the campaign.

chu2dogg: This chick is a snake. She obviously found an excuse to embarrass Norm Coleman and ran with it. Ok, thats find, but at least admit its a shiatbag thing to do rather than spit off Youtube videos left and right proclaiming to be all high and mighty. Attention whore and a snake. I hope someone sues the shiat out of her.

For what?

Lumpmoose: And she uncovered illegal campaign practices that would have been lightly covered up or outright ignored if she had only contacted the campaign.
I didn't realize there are only two options: 1. Help cover it up, 2. Increase the number of people with access to all of the information.

Another incompetent GOP boob. This is news? Wake me when any of them show the ability to organize a piss-up in a brewery, let alone a campaign.

...The bolded part is why you're an idiot. The whole point behind leaking donor information is to drag their carcasses into the light.

Awesome. Shall we chase them through the streets with Pitchforks?

Their personal CC info doesn't belong on the net, Richards seems to have helped in this as much as the shoddy IT crew behind the website.

So now she's the great unveiler of all the carcasses who support Coleman. Prize: 2 weeks of noteriety, some lawsuits from the less technical people on the Coleman list (of which there are many), a lack of business credibility, and a free trip to Rachel Maddow's carpet.

I still stick by my thoughts: unprofessional.

p.s. and you're an idiot, not me. booger breath! :P

Smackledorfer: Lumpmoose: And she uncovered illegal campaign practices that would have been lightly covered up or outright ignored if she had only contacted the campaign.
I didn't realize there are only two options: 1. Help cover it up, 2. Increase the number of people with access to all of the information.

I agree that since so much private information is involved, it's a horrible situation, an unmitigated clusterfark. My only point is that the Coleman for Senate campaign is 100% responsible and should be the target of any and all lawsuits, civil and criminal. Every presiding judge should understand that there was no hacking nor cracking involved, no social engineering, no brute force attacks, and no inside job. It was only a single, world-readable, painfully obvious weblink. It shouldn't hurt their recount contest chances, but the campaign itself should burn for this. The security analyst should get job offers.