Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec: Cruz and Kasich Campaign Apps May Expose Sensitive Data (go.com)

Posted by BeauHD on from the permission-granted dept.

An anonymous reader writes: Apps released by the campaigns of Republican presidential contenders Ted Cruz and John Kasich have the potential for hackers to access users' personal information. According to an independent analysis by Symantec, the "Cruz Crew" app could allow third parties to capture a phone's unique identifying number and other personal information while the Kasich 2016 app could expose users' location data and information about other apps installed on the phones. First it was Veracode that reported potential vulnerabilities with the apps, now it's Symantec. Apparently the Cruz campaign updated its app to resolve the issues after the Veracode report was released. Kasich spokesman Rob Nichols said the security experts didn't know what they were talking about. Both campaigns have yet to respond to the latest Symantec analysis. Neither security firm found any issues in the app released by the campaign of Democrat Bernie Sanders. Republican Donald Trump and Democrat Hillary Clinton do not have campaign apps.

3 of 32 comments (clear)

  1. Re:Campaign app? by ShanghaiBill · · Score: 3, Insightful

    whatsamatter? email, all of a sudden, stopped working?

    sheesh!

    Email is not a good tool for event management. Messages are not synchronized, and people read and reply out of order. The process starts to fall apart when you go beyond about six people.

  2. well that's what they get by supernova87a · · Score: 2, Insightful

    For employing faith-based coding and security practices!

  3. Re:Campaign app? by sabbede · · Score: 3, Insightful
    Is that what these apps are for? Seems to me you'd want special purpose-built and private apps for campaign volunteers to help with all that, and a separate, mostly useless app for supporters. I'd think the latter would be little more than a frontend for media feeds.

    I wonder if there's a company making a basic, non-partisan, campaign volunteer app that can be used (and branded) for any campaign that signs up. Instead of each campaign writing it's own, write one great one and sell it to everyone. Charge the campaign a per-user fee, so it's affordable for any size campaign, and an extra fee for branding because big campaigns will want it and be able to pay extra.

    Is that how it works now, or has the market not recognized the opportunity?