Security expert arrested after allegedly failing to report flaws in election website

florida man arrested for allegedly failing to report flaws in elections website levin vanguard
A Florida cybersecurity researcher has been arrested after he allegedly found security vulnerabilities in a local elections website that left usernames and passwords at risk and failed to report the flaws ethically.

David Levin, who is the chief technology officer of pen-testing firm Vanguard Cybersecurity, was testing the Lee County elections website for SQL injection vulnerabilities in December. He was reportedly using Havij, a free SQL testing software.

Levin claimed that the website was largely unencrypted and he could, if he wished, have stolen personal data that it had stored, including usernames and passwords, according to reports. Levin went on to publish a video online in January with local politician Dan Sinclair, who will be running for supervisor of elections in the county, where they revealed the vulnerabilities.

Police subsequently issued a warrant for his arrest on three counts of third-degree felony property crimes. He turned himself in and was later released on $15,000 bail.

The point of contention in Levin’s work is not that he found vulnerabilities but rather that he was able to harvest this at-risk data using a third-party tool. He then used some of this data to log in to the website as part of his testing, according to reports. Secondly, he only notified the election authorities after the video was published.

Troy Hunt, another security researcher, wrote that the lack of security put in place by Lee County was “egregious” but Levin should have stopped when he realized what he had discovered and immediately contacted the authorities.

“Dave obviously found a serious risk, but rather than just stopping there and reporting it, he pointed a tool at it that sucked out a volume of data,” said Hunt.

Levin has since taken commented on his actions. “I let hubris get the best of me,” he tweeted.

The incident has taken on a political element, too, with Sinclair accusing Sharon Harrington, the current supervisor of elections and his opponent in the election for that office, of using the arrest to smear him.

“Dave didn’t do anything wrong,” he said in defense of the researcher. “This is political corruption.”

Sinclair told local media that he did not ask Levin to hack any sites for him and that Levin had approached him about his discovery.

Computing

Data breach compromises 773 million records, 21 million passwords

A security researcher was alerted to a collection of breached data that included more than 773 million compromised records. After digging deeper, the breach was revealed to contain more than 21 million passwords.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Movies & TV

The best movies on Amazon Prime right now (January 2019)

Prime Video provides subscribers with access to a host of fantastic films, but sorting through the catalog can be an undertaking. Luckily, we've done the work for you. Here are the best movies on Amazon Prime Video right now.
Movies & TV

Stay inside this winter with the best shows on Hulu, including 'Killing Eve'

It's often overwhelming to navigate Hulu's robust library of TV shows. To help, we put together a list of the best shows on Hulu, whether you're into frenetic cartoons, intelligent dramas, or anything in between.
Computing

Zipping files on a Chromebook? Follow these four easy steps

Chromebooks support file compression, though they work a little differently than on Windows or Mac. Here's the step-by-step process to zipping files on a Chromebook, and then unzipping them again for extraction.
Computing

How good are you at spotting phishing scams? Take this quiz to find out

Are you able to discern between a legitimate email and one that's a scam designed to phish for your personal information? Google created an online quiz with tips to help you better understand phishing so you don't become a victim.
Computing

Patent application reveals what’s to come after AMD’s Graphics Core Next

A published patent application from AMD has revealed a new type of graphics processor core which could make a big difference to the capabilities of its GPUs if it finds its way into them in the future.
Computing

Yes, you can use Android apps on your Chromebook. Here's how

You can now get Android apps on your Chromebook! Google has enabled the Google Play Store app support on its Chrome OS and Chromebook hardware, so to get you started, here's our guide on how to get Android apps on a Chromebook.
Computing

Microsoft targets Chrome OS with $189 Windows 10 laptops for education

Microsoft announced seven new low-cost Windows 10 laptops, all priced under $300 to take on Chromebooks and iPads in the education market, along with a new Microsoft Allora stylus for students using the Surface Go tablet.
Computing

Lenovo patent hints at a future tablet with a folding screen

Folding devices are a new trend, and according to a recent patent, Lenovo is considering a foldable 2-in-1 with a hinge mechanism that would allow consumers to bend back the screen on the device. 
Computing

Wifi Porter is a high-tech block of wood that lets you share your broadband

Tired of manually connecting your guests to your home Wi-Fi network? The latest invention from the folks at Ten One Design, the WifiPorter, allow individuals to connect to your Wi-Fi with the tap of their phone, or by scanning an available…
Computing

Midrange Nvidia GTX 1660 Ti graphics card may be 20 percent faster than GTX 1060

In the freshest development in graphics card rumors, alleged benchmarks are showing that the GTX 1660 Ti graphics card could be as much as 20 percent faster when compared to the older GTX 1060. 
Computing

Work and play anywhere with these portable, large-screen monitors

Via a recent and successful Kickstarter campaign by Unick, a new line of portable, large-screen monitors has been announced. The Gemini Taihe line of monitors offers two models: the Gemini FHD and the Gemini UHD.
Product Review

The Digital Storm Aventum X is an unstoppable gaming PC. Trust us, we tried

Packed with dual-Nvidia RTX 2080 Ti graphics card and a 9th-generation Intel Core i9 processor, the Aventum X is an infinitely upgradeable gaming PC that’s capable of far more performance than you’ll ever need.