Read the link, not sure if more could be done but proud [if it is true!] that we still have techies doing 'what a techie got to do' On Tue, Mar 19, 2013 at 12:12 PM, Bogi Benga <bogibenda@gmail.com> wrote:
http://www.wanjiku.co.ke/2013/03/was-the-iebc-network-compromise-an-insiders...
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Allan M 0722-266-146
On 19 March 2013 12:12, Bogi Benga <bogibenda@gmail.com> wrote:
http://www.wanjiku.co.ke/2013/03/was-the-iebc-network-compromise-an-insiders...
Well ... an equivalent analogy : an anonymous bank robber breaks into a bank at night. And then gives anonymous evidence the next morning claiming no one else robbed the bank because he/she was there monitoring the bank from the inside !
Some elements of the story sound true - while some elements are a bit hard to take in ... EG: 1) How did he use the *.PST to find the "RTS" and Server Info ? (which am assuming means "Return to Sender") Does one not need the active Outlook account password to open/view the PST ? In which case, if one is already logged into the computer, then one does not need to open the PST but just view emails in Outlook. 2) Why blog about it in public, when the court case is hot ? If he/she was the only Security-Tester, then definitely/ IEBC knows him/her by name Is it not breach of contract to make this info public, especially in these times ? BR/ SN
Errmmm, responses follow: On Thu, Mar 21, 2013 at 10:34 AM, ndungu stephen <ndungustephen@gmail.com>wrote:
Some elements of the story sound true - while some elements are a bit hard to take in ...
EG:
1) How did he use the *.PST to find the "RTS" and Server Info ? (which am assuming means "Return to Sender")
you do not seem to be familiar with the IEBC tech, RTS is short for the Results Transmission System - the integrated technology that was to relay provisional results from all polling stations to Bomas
Does one not need the active Outlook account password to open/view the PST ?
In which case, if one is already logged into the computer, then one does not need to open the PST but just view emails in Outlook.
You also do not seem too familiar with InfoSec - reading a PST file is
child's play
2) Why blog about it in public, when the court case is hot ? If he/she was the only Security-Tester, then definitely/ IEBC knows him/her by name
You equally seem not to be able to follow time well, this blog came out 2 weeks before the court petition
Is it not breach of contract to make this info public, especially in these times ?
BR/ SN
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Hi Brian; Thanks for the replies. However, the last question of timeline "2 weeks before" - I am sure the guy should have had a confidentiality contract. Anywho, lets wait and see.
Quite an interesting read, however, left wondering what really hit the fan ama there's a part2 2the story? On Wed, Mar 20, 2013 at 8:52 PM, ndungu stephen <ndungustephen@gmail.com>wrote:
Hi Brian;
Thanks for the replies.
However, the last question of timeline "2 weeks before" - I am sure the guy should have had a confidentiality contract.
Anywho, lets wait and see.
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Guys, If you want to understand more (but definitely not all) of what happened from a purely tech standpoint. Please look at the following: http://www.140friday.com http://iebctechkenya.tumblr.com/ All the details can probably only come out of a proper forensic audit. Best regards, Brian On Thu, Mar 21, 2013 at 11:52 AM, ndungu stephen <ndungustephen@gmail.com>wrote:
Hi Brian;
Thanks for the replies.
However, the last question of timeline "2 weeks before" - I am sure the guy should have had a confidentiality contract.
Anywho, lets wait and see.
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
participants (6)
-
Allan M -
ashok+skunkworks@parliaments.info -
Bogi Benga -
Brian Munyao Longwe -
Nd'wex Common -
ndungu stephen