[kictanet] [Skunkworks] www.kenyaipos.co.ke & Data Privacy

John Walubengo jwalu at yahoo.com
Fri Jun 6 12:40:29 EAT 2008 

Oh my!  I finally see it...I actually got to ran through a few randomly selected records/applicants and their allocated Safaricom shares!  Agreed, the site should be shut down asap - at least b4 we get to confirm how much M*B*T**** owns!

Now i see why u call yourselves skunks...

walu.

> -----Original Message-----
> From: skunkworks-bounces at my.co.ke
> [mailto:skunkworks-bounces at my.co.ke]
> On Behalf Of Joseph Okech
> Sent: Friday, June 06, 2008 11:01 AM
> To: skunkworks at my.co.ke; jwalu at yahoo.com
> Subject: Re: [Skunkworks] www.kenyaipos.co.ke & Data
> Privacy
> 
> Walu,
> 
> The website should only give you this information when it
> is entered on
> a form, not changing the url - so a developer should always
> ensure that
> when you change the url, your request is denied - very
> simple php
> security issue.
> 
> ./Ok3ch
> 
> On Friday 06 June 2008 10:52:51 am John Walubengo wrote:
> > plse educate me.  i dont seem to see the hullaballoo
> nor the alleged  Client Share Applications (ama u guys hacked in?)
> from what i gather on the website, it expects u to
> enter your CDS  account number and your ID for the above to be
> shown...which to me is the standard approach to accessing data online - i.e. get at least two fields to make up your login credentials.
> >
> > It happens when you buy goods online, It is happening
> with regard to your electricity bills (KP&L), it is happening
> with the Min of Education and their Examination results, and it is
> going to be  happening with many more services as they get
> online...
> >
> > or is there something I am missing?
> >
> > walu.
> >
> > --- On Fri, 6/6/08, Kyai Mullei
> <mullei at gmail.com> wrote:
> > > From: Kyai Mullei <mullei at gmail.com>
> > > Subject: Re: [Skunkworks] www.kenyaipos.co.ke
> & Data Privacy
> > > To: skunkworks at my.co.ke
> > > Date: Friday, June 6, 2008, 11:10 AM Perhaps
> alert citi?
> > >
> > > On Fri, Jun 6, 2008 at 10:02 AM, Andrew Wafula
> > >
> > > <awafula at gmail.com> wrote:
> > > > My this is bad.
> > > >
> > > > I can see almost anyone's application
> from that
> > >
> > > site. There is ZERO data
> > >
> > > > privacy. Anyone can get your info. This is
> terrible
> > >
> > > and unacceptable.
> > >
> > > > The site should be shut down! Who knows who
> already
> > >
> > > has out
> > >
> > > > information!!!!!!!!!!!!!!!
> > > >
> > > >
> > > > Regards,
> > > >
> > > > A
> > > >
> > > > On Fri, Jun 6, 2008 at 9:37 AM, Richard
> Bosire
> > >
> > > <richard.bosire at gmail.com>
> > >
> > > > wrote:
> > > >> should i be seeing this
> > >
> > >
> https://www.kenyaipos.co.ke/eipo/investors_search/_print.php?app=xxx
> > > xxxx
> > >
> > > >>
> _______________________________________________
> > > >> skunkworks mailing list
> > > >> skunkworks at my.co.ke
> > > >>
> http://ole.kenic.or.ke/mailman/listinfo/skunkworks
> > > >> Blog http://skunkworks-ke.blogspot.com
> Beta Blog 
> > > >> http://blog.my.co.ke
> > > >
> > > > --
> > > > Andrew Wafula Wapakala
> > > > Web: www.wertsoft.com
> > > > MSN: a_wafula at hotmail.com
> > > > jaxtr:http://www.jaxtr.com/thewert
> > > > MySpace: http://www.myspace.com/awafula
> > > > Blog: http://thewert.blogspot.com/
> > >
> > > 
> >
> >=====================================================================
> > >====
> > >=
> > >
> > > > If you have made mistakes...there is always
> another
> > >
> > > chance for you... you
> > >
> > > > may have a fresh start any moment you
> choose, for this
> > >
> > > thing we call
> > >
> > > > 'failure' is not the falling down,
> but the
> > >
> > > staying down. - Mary Pickford
> > >
> > > >
> _______________________________________________
> > > > skunkworks mailing list
> > > > skunkworks at my.co.ke
> > > >
> http://ole.kenic.or.ke/mailman/listinfo/skunkworks
> > > > Blog http://skunkworks-ke.blogspot.com  Beta
> Blog 
> > > >http://blog.my.co.ke 
> > >
> >_______________________________________________
> > >
> > > skunkworks mailing list
> > > skunkworks at my.co.ke
> > >
> http://ole.kenic.or.ke/mailman/listinfo/skunkworks
> > > Blog http://skunkworks-ke.blogspot.com Beta Blog 
> > > http://blog.my.co.ke
> >
> > _______________________________________________
> > skunkworks mailing list
> > skunkworks at my.co.ke
> > http://ole.kenic.or.ke/mailman/listinfo/skunkworks
> > Blog http://skunkworks-ke.blogspot.com Beta Blog
> http://blog.my.co.ke
> 
> 
> 
> 
> _______________________________________________
> skunkworks mailing list
> skunkworks at my.co.ke
> http://ole.kenic.or.ke/mailman/listinfo/skunkworks
> Blog http://skunkworks-ke.blogspot.com
> Beta Blog http://blog.my.co.ke
> 
> 
> 
> 
> _______________________________________________
> skunkworks mailing list
> skunkworks at my.co.ke
> http://ole.kenic.or.ke/mailman/listinfo/skunkworks
> Blog http://skunkworks-ke.blogspot.com
> Beta Blog http://blog.my.co.ke

More information about the KICTANet mailing list