[kictanet] KPMG Report Exposes Major Security Gaps in Register

Toilem Godwin toilemgodwin at gmail.com
Fri Jul 14 13:02:30 EAT 2017


Thanks @Ali for the share.

This is one big pile of problems.

78% of data transferred manually?

What surprises me more is "KPMG observed that there are two active default
administrator accounts whose default passwords have not been changed." I
think these are the security basics even no technical person knows.

In my opinion its either we are not ready at all or IEBC does not know
exactly what they are doing with this system.

@Barrack I think you are right IEBC needs to respond on what its actually
doing to resolve these issues.

On Fri, Jul 14, 2017 at 11:02 AM, awatila--- via kictanet <
kictanet at lists.kictanet.or.ke> wrote:

> in today's paper iebc talked of setting up a dr site to mitigate some of
> the identied risks
>
> On Jul 14, 2017 8:58 AM, Barry Macharia via kictanet <
> kictanet at lists.kictanet.or.ke> wrote:
>
> Okay now we have a problem
> IEBC technical team can you please respond to this
>
> regards
> Barry Macharia
>
> On 14 Jul 2017, at 07:20, Ali Hussein via kictanet <
> kictanet at lists.kictanet.or.ke> wrote:
>
> Listers
>
>
> Not sure whether this was posted earlier.
>
>
> At least 10 security loopholes that could be exploited to manipulate the
> August 8 General Election have been exposed in an audit report of the
> country’s voter register.
>
> The voter roll lacks mandatory security features and could therefore be
> easily hacked into and data of the 19.6 million registered voters deleted,
> added or amended, according to the audit report by KPMG.
>
>
> Read on:-
> http://theglobe.ng/news/2472
>
>
> *Ali Hussein*
> *Principal*
> *Hussein & Associates*
> +254 0713 601113
>
> Twitter: @AliHKassim
> Skype: abu-jomo
> LinkedIn: http://ke.linkedin.com/in/alihkassim
>
> "We are what we repeatedly do. Excellence, therefore, is not an act but a
> habit."  ~ Aristotle
>
>
> Sent from my iPad
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at https://lists.kictanet.or.ke/
> mailman/options/kictanet/barry.macharia%40me.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
>
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at https://lists.kictanet.or.ke/
> mailman/options/kictanet/toilemgodwin%40gmail.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
>


-- 
Kind Regards,
Toilem Poriot Godwin

*Be not afraid of greatness. Some are born great, some achieve greatness,
and some have greatness thrust upon ‘em — WILLIAM SHAKESPEARE*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170714/26fd9737/attachment.htm>


More information about the KICTANet mailing list