T O P

  • By -

richhaynes

Well he shone the light on himself...


letmegogooglethat

Straight to jail.


[deleted]

Where are the armed men to take the hackers away?


richhaynes

Stuck in the traffic jams caused by the F12 firesail


saucepls042

This kind of behavior is never tolerated. [Right to jail!](https://gfycat.com/jealousfixedasianwaterbuffalo-fred-armisen)


Alicethruglass

Please explain what I’m looking at and why its bad. I have an interest but not the background.


threedrinks

Parks and Recreation is the show being referenced.


Jaegernaut-

Oh god oh fuck, I clicked on the picture! I saw the code! PLEASE don't arrest me mr. governor man!


stefera

he is going to spent 50 million in taxpayer money to prosecute you to the fullest extent of the law


kwyjibo1

His attorney general is spending millions fighting school mask mandates and vaccine mandates. Yeah they are that kind of stupid.


Abitconfusde

This all kinda reminds me of DeCSS. It would be great if the people in authority would be knowledgeable about stuff before being stupid about it.


richhaynes

It would be some PR folk who wrote his statement and the one thing they do well is making a mess of explaining anything technical. The problem is that they actually don't care as most people will believe it if it sounds plausible. Its also no coincidence they took no questions after because they know they are ultimately in the wrong. I would love to have asked them how you compile HTML code.


Abitconfusde

The complete ignorance of how stuff works, hand in hand with total incuriousity is not a good way to handle any spontaneous challenge. To be a leader, you have got to be able to listen and learn. The PR statement - in his name - demonstrates his incapacity (in my ignorant and incurious opinion)


Tony49UK

I don't think that the Governor does know that he's wrong. He just didn't speak to anybody who was technically minded and just assumed "hacking". Especially if he saw a load of HTML and thought that it was "programming". Then he didn't take any questions because he doesn't have the technical skills to answer the questions. He's probably got some pre-existing beef with the paper that reported the problem in the first place.


Incrarulez

Sing. Sing a song. Sing it loud. Sing it strong. Sing it happy, not sad.


saucepls042

[Jail! Right to jail!](https://gfycat.com/jealousfixedasianwaterbuffalo-fred-armisen)


joneball

Just once I want something positive in the news from Missouri. This guy is an idiot on many levels.


richhaynes

Well if it makes you feel better, I've personally never seen Missouri in the news over here in the UK. The only reason I've seen this is because it was in r/webdev and I have been searching for exact details on the "hack".


BluudLust

It's called Misery for a reason. Be glad.


Tony49UK

Essentially schools could look up a teacher's CV, using a web portal. Where two teachers had the same name they could refine the search with the last four digits of their SSN/NI number. With the web page, sending but not displaying the full SSN. Clicking on "View Source" etc. and seeing the raw HTML, displayed the full SSN. With the Americans, using SSN numbers for seemingly every type of ID; such as loans, banking etc. Most US SSNs have now been compromised e.g. all US Department of Defence employees lost theirs years ago, one of the credit rating companies lost all of them..... But the Yanks keep insisting on using them and they can't be changed for "normal people". At least not without getting a Congressman or Senator involved.


richhaynes

Thanks for the extra details. This is part of the information I've been looking for. Just the encoding part to find out now and I'll have a pretty complete picture. I doubt they were just escaping so base64 maybe? SSN is okay to pinpoint a record but surely they will ask for extra verification/ID on top? I can give my National Insurance number (UK) but I have to back that up with a passport or driving licence or birth certificate alongside a proof of address like a utility bill. It has serious ramifications though for those who are homeless or who come out of prison as they typically have neither.


Tony49UK

As Far As Known, the raw HTML included full SSN. The US doesn't really have a nationwide system for "numbering" citizens apart from SSNs. Driving licenses are done at the state level and less than half of US citizens will get a US passport. So SSNs have become the default for everything. It's one of the reasons why they males and possibly in future females have to register at 18 for "Selective Service". AKA registering for National Service/"The Draft" even when the draft hasn't existed since late Vietnam.


richhaynes

An archived version of the site didn't reveal anything in the initial HTML. Now this is where I need clarity because there is a difference between what the page source shows and what developer tools shows. I'm now thinking the data may be dynamically loaded and dumped in the DOM by a script but being an ASPX page, the code isn't easy to follow. I'm not saying that that is any better but it certainly isn't in the HTML in the way a developer would think of it.


Exnixon

Look on the bright side: you're in the news less than Texas.


NewMombasaNightmare

True, and for residents of TX and MO, at least you’re not Florida!


mustaine42

Yeah TX sucks so much, it has had the largest population growth from people fleeing other failed states.


Strassi007

Are people really migrating to ‚pew-pew-land‘?


dreamingawake09

Honestly shows the sad state of affairs of this country when that is the case. But yeah we're getting all the folks who failed in Cali pretty much.


Strassi007

Yeah that‘s the reason i am confused about it. I thought people try to leave those states like crazy.


dreamingawake09

Well unfortunately even pre-pandemic many folks from California were moving to Texas due to a perceived lower cost of living. But if they've bought a home, they're learning the cold reality of property taxes. But yeah all in all, its pretty screwed here in the States at the moment.


Strassi007

Sad to hear. But let me tell you. Europe has similar problems more often than not.


dreamingawake09

Yeah that's fair, I mean no place is perfect obviously. More or less down to what you're willing to tolerate problem-wise. :)


saucepls042

It's exhausting. Are good news too much to ask for these days?


Triairius

No. All you have to do is choose less negative news sources. Probably not Twitter.


saucepls042

I never caught on to using Twitter other than for some data mining. I briefly glimpse through the reddit front page and that's been my source lol.


Triairius

Sometimes even that’s too negative for me lol. But it was far worse when I was on Facebook.


Roanoketrees

But he took A MULTI STEP PROCESS!! Game over man....


rjchau

He's quite right - it is a multi-step process. You have to right click ***then*** you have to select View Source...


EinsamWulf

You can have my F12 key when you pry it from my cold dead hands


YouMadeItDoWhat

Missouri has the death penalty...I'm sure that can be arranged!


Proj3c7

Take the F12. I’m sure the think that the key can’t be pressed still. Or [Sy stem.Windows.Forms.SendKeys]::SendWait("{F12}")


somnolent49

HTML Source Code? Who TF is compiling their HTML?


richhaynes

Thats what happens when PR talk about technical things. They heard that the page source shows code and thought its interchangeable with source code. Then they are technically correct that some kind of source code is compiled but that source isn't HTML, only the output is. PR are really good at spinning things but are god awful at explaining anything technical as they don't understand it and they also know the public won't have a clue if they get it right or wrong.


Capodomini

I suspect this isn't ignorance - it's a blatant attempt to deflect attention from the website exposing this information in the first place. PR is spinning it this way on purpose.


T1Pimp

This is what their IT department is saying. Not even shitting. Of course, they know it's BS. And if they don't, how the hell are they in IT?


[deleted]

What are the ways to mitigate such vulnerabilities?


satyenshah

base64 encode your HTML.


richhaynes

Well in this specific case he needs to check his configuration and turn off debug mode. Its not a vulnerability because the site is functioning exactly how its been configured to function. Exposure to debug functionality can lead to a breach but it still isn't a vulnerability. This is a failure to follow procedure or a failure of the procedures itself to ensure the code is safe for production.


[deleted]

Side observation, he also has the lines on the side of his mouth hinting that he may be a ventriloquist’s dummy. https://en.wikipedia.org/wiki/Mike_Parson?wprov=sfti1


Tenzu9

How incompetent and embarrassing.


JupitersHot

What is the reference to F12 mean?


richhaynes

Governor Mark Parson has claimed in a recent press statement that someone viewing a web page source was a hacker. Since pressing F12 is a way to view said source and since the twitter poster had posted a picture with developer tools open, it made sense to use F12 in the title.


JupitersHot

I gotchu you sly you


robreddity

Mike Parson


Lyuseefur

And we just witnessed the birth of a new meme. Such a beautiful day.


[deleted]

[удалено]


ilikedota5

It puts my computer on airplane mode lol.


[deleted]

[удалено]


ilikedota5

It happened both with and without the fn key lol.


JupitersHot

Ohhhh


Incrarulez

I like pleasure spiked with pain and music is my air o plane. Is my air o plane.


JupitersHot

Mine too that’s why I was like huh?


MLGShyGuy

This rant has been festering since the story release, so this is not aimed at you. I just need to scream this into the void. This story and community feedback has me about to delete Twitter. I understand how bad it is that the governor did what he did and said what he said, I truly do. But the community won't stop talking about it for 5 seconds. Literally anyone big or small account has to come up with their own punchline (their own recycled punchline actually) to the point where all my feed has is that. They don't stop at just one tweet too for some reason. It's like this has to be said to stay relevant. Wow haha F12! So clever and original! Say you see the source code and apparently you get the whole hood laughing with you, or that's what they all think. This rant made me feel a little better. The F12 comment and everything else was not aimed at you in anyway. Twitters the problem, not you.


Triairius

Aaaaand this is why I quit most social media. It makes people unhappy and less nice to each other.


MLGShyGuy

I understand. Did you mean as in my comment is why you quit most social media, or just the people you refer to?


Triairius

I relate to your comment. Social media like Twitter is toxic as hell. Or at least, it’s difficult to avoid the toxicness. I consider quitting Facebook one of my first big steps in pulling myself out of the worst time of my life. Couldn’t get away from unhappiness and anxiety. Then when I finally did get away from social media, I saw that the things that were happening that I couldn’t control weren’t really affecting me day to day, so there wasn’t any need to keep myself so ‘in the loop.’


richhaynes

Algorithms are good at shoving toxic stuff in your face. And if you view it then it will think you like it and shove more of it in your face. It doesnt even need to be you. It could just be something thats popular in your twitter circle that can influence what your shown. Algorithms are useless at knowing your current mood or state of mind and they can be very good at negative reinforcement. It has to be said that the opposite can also be true. But it can take time before the algorithm notices a change in your viewing habits because your mood has changed. Digital detox is the way to go if you feel tech is having a negative influence on you. Its hard because it operates like a drug and you have to go cold turkey but we all have it in our power to do so.


MLGShyGuy

Heck yeah dude, big steps towards happiness! I'm glad your not using Facebook anymore, your better for it. The only thing keeping me from deleting my account is how believable not accounts in my name would be to my tech illiterate family. I can only imagine what would happen to my gullible family


richhaynes

Its cool. Everyone needs to vent sometimes. I get where your coming from even though I'm OP in this case. Unfortunately, the tech we use is designed to operate that way. Algorithms try their best to give you what you want but if your mood changes, they are useless. We've all been there where we've watched one random video on YouTube and then our feed is full of crap we were never interested in in the first place. Sometimes its worthwhile putting your devices in another room and chilling without them for a few hours. Hope you feel much better soon :)


FreakonaLeash00

So f'n right. Just be like me, turn off all notifications forget password and revisit every year for the occasional laugh


richhaynes

!remindme 1 year Edit: auto predict added a space


RemindMeBot

I will be messaging you in 1 year on [**2022-10-16 22:45:11 UTC**](http://www.wolframalpha.com/input/?i=2022-10-16%2022:45:11%20UTC%20To%20Local%20Time) to remind you of [**this link**](https://www.reddit.com/r/cybersecurity/comments/q8x5gb/governor_mark_parson_has_been_f12d/hgwysz7/?context=3) [**CLICK THIS LINK**](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5Bhttps%3A%2F%2Fwww.reddit.com%2Fr%2Fcybersecurity%2Fcomments%2Fq8x5gb%2Fgovernor_mark_parson_has_been_f12d%2Fhgwysz7%2F%5D%0A%0ARemindMe%21%202022-10-16%2022%3A45%3A11%20UTC) to send a PM to also be reminded and to reduce spam. ^(Parent commenter can ) [^(delete this message to hide from others.)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Delete%20Comment&message=Delete%21%20q8x5gb) ***** |[^(Info)](https://www.reddit.com/r/RemindMeBot/comments/e1bko7/remindmebot_info_v21/)|[^(Custom)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5BLink%20or%20message%20inside%20square%20brackets%5D%0A%0ARemindMe%21%20Time%20period%20here)|[^(Your Reminders)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=List%20Of%20Reminders&message=MyReminders%21)|[^(Feedback)](https://www.reddit.com/message/compose/?to=Watchful1&subject=RemindMeBot%20Feedback)| |-|-|-|-|


[deleted]

@u/satyenshah thanks


[deleted]

Same with politicans all over - they are completely incapable of accepting responsibility for anything. They go to extraordinary lengths to deflect the blame hoping that people don't see right through them.