top | item 9896996

(no title)

flebron | 10 years ago

Unfortunately they did. You can see the request for review here[1], and the actual review here[2]. I know the guy who actually did it (Righetti), he sent an email to the department a few days ago. The quality of that review was absolutely terrible.

[1] https://www.eleccionesciudad.gob.ar/uploads/resoluciones/ade...

[2] https://www.eleccionesciudad.gob.ar/uploads/OAT%20n%203-15-0...

discuss

Fargren|10 years ago

I know the professor who did the review. He sent a mail explaining what actually happened, as opposed to what is shown by the mayor's website. The actual report will not be finished until August, so whatever you are seeing is not the complete report. What you are seeing is a preliminary result concerning a specific part of the system.

Unfortunately, even after the actual report si finished, the university will not have permission to make it public. So we may never see the real results.

flebron|10 years ago

The report is signed by him, so it's safe to say that report is an accurate recollection of what happened according to him.

Having a report on the security of a system be issued months _after_ it is used is completely stupid. This is not simply his fault, it's the entire arrangement which is stupid.

The report shows that Righetti had access to the source code. Unless you are trying to say that he did not have access to the files in which _actual_ security vulnerabilities were found, or that the source code he was given was _different_ from the source code which was leaked, which contained egregious vulnerabilities.

Keep in mind he pockets hundreds of thousands of dollars in this arrangement. That's the part that adds insult to injury. Further, he does not teach information security or anything similar at university (he teaches networking), when there _are_ people teaching such things at UBA (FCEyN), who would have been better suited for the task.

unknown|10 years ago

[deleted]