Here’s the first thing that I was about to email to you guys and thought… Wait I can blog this!
It’s techy. How a pilot project for online overseas voters got owned.
The (white hat) hackers knew that the pdf file that users uploaded were encrypted via a command line tool. They were able to compromise the system by changing the extension of their ballot submission from .pdf , to specific system commands. When the system tried to run the encryption program at the command line, it instead ran the commands the hackers embedded in the file name (via the extension).