This means they lack a CI environment. It likely means they lack proper code review and VCS practices.
-
-
Replying to @EmilyGorcenski
So compromising a dev, underpaid compared to their web-space peers, stuck on John Galt Blvd (literally), would be feasible.
1 reply 8 retweets 26 likes -
Replying to @EmilyGorcenski
It would be trivially easy and cheap to pay off a dev to ship a vulnerability in the code.
2 replies 7 retweets 28 likes -
Replying to @EmilyGorcenski
I don't actually believe the machines themselves got hacked to the point of modifying totals. But if I wanted to do it and I was Russia...
2 replies 4 retweets 19 likes -
Replying to @EmilyGorcenski
You bet your ass I would have profiled every engineer working at ES&S
2 replies 3 retweets 27 likes -
Replying to @EmilyGorcenski
Someone might have gambling debts. Someone might be cheating on their spouse. Someone might have a sick kid and shitty health insurance.
1 reply 4 retweets 22 likes -
Replying to @EmilyGorcenski
This is old spycraft. You don't need zero-days to compromise an employee. This is how it's been done for all time.
2 replies 9 retweets 39 likes -
Replying to @EmilyGorcenski
What it boils down to is this: vote-tallying code pathways aren't tested. This is bad. Regardless of the cyber.
1 reply 10 retweets 35 likes -
Replying to @EmilyGorcenski
This is ES&S. Yes, it's actually on John Galt Boulevard in Omaha, Nebraska. (capitalism is a parody) Not exactly Silicon Valley high life.pic.twitter.com/aCE8wvojrI
2 replies 5 retweets 21 likes -
Replying to @EmilyGorcenski
FBI security briefings are full of stories of people that worked at places just like this selling info for a few thousand bucks.
1 reply 5 retweets 21 likes
Trust me, I know. I had to sit through the comically terrible movies.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.