It's like asking someone to prove they've never eaten any kittens.

That shouldn't be a problem, should it?

... to which I replied.

Yes, I've seen data stolen with that simple keystroke. That's how you save unsaveable data.

And they had FOUR USERS accessing the data.

The correct quote is

make any material difference?

And you are incorrect about the audit. The vendor has completed theirs.

Their "audit" is anything but, and audits are typically done by outside parties.

So it is obvious that this is just his assertion.

"'we are confident X', he said" is different from saying "the audit revealed X".

But if we can't agree on that then perhaps it is best to end this conversation.

different birth states, and are 17 years apart in age.

According to Wikipedia, which doesn't indicate any connection.

"Turns out that Nathaniel Pearlman, the CEO of NGP-VAN, the company that is responsible for the data leak that got Sander's campaign banned by the DNC from seeing Democratic party voter roles, was the chief technology officer of the Clinton 2008 campaign."


https://en.wikipedia.org/wiki/Nathaniel_Pearlman

And so what?

If you leave a door unlocked that doesn't give a thief a right to go through it. No one is disputing that Uretsky improperly accessed the data. He has been interviewed and acknowledges having done it. On purpose. To
"create a record" to show that he could improperly access the data.

he is probably still "working" for her now..so anything the IT company says is questionable

whole thing is much ado about nothing,except that bernies campaign has lost a good IT guy, lost access to important info

personally i think the entire debase should be made public, i would love to see the notes by my name

and the Sanders campaign has fired him for it.

It doesn't matter one iota what the vendor says now -- it's all been confirmed by the guy who did it.

Who is not, by the way, named Wasserman either.

Did DWS fire him? And, he worked for Clinton in 08.

Tactics to get rid of Bernie, that is what this smacks of.

It may derail him, but Hillary will lose all of their support when the general election comes. So the comments here, reflecting Bernie is toast and rightfully so are wrong. His campaign is not the one who DID anything. There info was in the open to for Hillary's camp. The fact they are not complaining is telling.

I don't know where you're getting that.

But Bernie's National Data Director most certainly did something wrong. That's why he got fired. Hhe's admitted that he purposely went into the system in order to, as he put it, "create a record" showing that he could improperly access the system.

That's what Uretsky himself said.

Blame him.
He did the dirty deed.

you're going to need to see what can be done with those doors to find out how much danger you are in.

The Sanders campaign reported these security issues months ago. How long should the Sanders campaign have let the holes remain before finding out just how bad the breaches are?

Never ever ever. That would be a fire-able offense and -- what do you know -- he got fired.

We break into computer systems all the time when vendors will not patch their security holes, in order to find out what can be done with those flaws.

In fact, there's an entire IT industry in penetration testing.

If I was the Sanders guy, I'd have called the equivalent Clinton and O'Malley people and schedule such a test with everyone present to avoid the political problems. With the vendor failing to do their job, an assessment has to be made.

"We break into computer systems all the time when vendors will not patch their security holes, in order to find out what can be done with those flaws."

And I still say you wouldn't be breaking into a COMPETITOR's system for any legit reason -- though you certainly might be doing so in order to see "what can be done with those flaws."

To test these flaws, you have to use an account that should not have access. In most situations, you can create your own "unauthorized" account. In this situation, that isn't possible.

Again, he should have had his equivalent from the Clinton campaign involved for the assessment to avoid the political issues he caused, but the assessment needed to be done since the vendor had failed to close the holes for months.

knowing full well what he was doing.

An assessment needed to be done. By the vendor or neutral outsider. Not by Mr. Uretsky.

And you are calling for the vendor to assess it, while also claiming to be well informed about IT.

Yeah. Entirely believable.

campaign said was that there had been multiple occasions of these breaches and that they had reported this months ago. But as you know, glitches and bugs are not uncommon, unfortunately.

That doesn't mean the Sanders guy can just go in and "create a record" of whatever he wants.

To now say "It was only minutes!!" is damage control by a vendor that has refused to fix their software.

Playing it poorly, yes, but they're playing it nonetheless.

... and internal audits and ongoing continuous data access auditing is much more "typical" (to use your word) than the type of external (typically bookkeeping) audits about which you appear to be referring.


https://en.wikipedia.org/wiki/Audit_trail

Using the same info that has already been created from the systems currently in place. I would welcome additional scrutiny, in addition to the analysis we're currently seeing.

Good luck bernie.

Most trustworthy status deserves to be revoked.
OMalley & Clinton run on their DEM policy plans.
Sanders??
Hmm.