StaySafe COVID19 Tracker hacked, Admin access obtained with all user data

[nkt]

You are just good at bickering here instead of helping
What are you on about?
SL has no privacy laws so collecting data is regarded normal

Of course someone managed to hack which is unethical and instead of assisting authorities in the midst of a pandemic, morons here brag about being able to hack WTF be faithful to your country at least one day in your lifetime

Seriously?
Bitch, this is the way we can help for these kind of issues in Sri lanka. Otherwise sending a msg to gota like you will never do anything. What is unethical is collecting private confidential data and giving them an absolute bullshit security. If you don't know what you are talking about, please shut up or talk about something you know. btw tell gota to be faithful to the country too.

 

[EON]

Don't post things here that can compromise national security
Don't be a d*CK and play games with your country
Let me report these users to Cops
Enjoy!!!!

ubata pissu okkotama wada ban.
this is expected if you don't know how to harden a service which is open to public. in theory ICTA should be in courts for not being able to protect personal data. this is a data breach

 

[nkt]

ubata pissu okkotama wada ban.
this is expected if you don't know how to harden a service which is open to public. in theory ICTA should be in courts for not being able to protect personal data. this is a data breach

u hithan inne gotat msg ekak dammam balanaw kiyala bn ithin thaw mona katha karanna d bn u ekka. posh bayyek d kohed

 

[imhotep]

I didn't realise that the first two letters of ICTA actually stood for InCompetent till now......

 

[EON]

u hithan inne gotat msg ekak dammam balanaw kiyala bn ithin thaw mona katha karanna d bn u ekka. posh bayyek d kohed

pissek. sure ekata ekko mu ICTA.. nathnam muge yaluwek ICTA ..

mata ban ohoma wei kiyala mulinma hithuna.. helakuru eke QR scanner eken checkIn wenne kawda kiyala StaySafe ekata hoyaganna puluwan kiyaddima hithuna mokak hari jal bariyak karagani kiyala.

staysafe site eke witharak register unama helakuru un kohomada danne me checkin une ara account eke owner mai kiyala ..

I didn't realise that the first two letters of ICTA actually stood for InCompetent till now......

ara hujja kollek awilla president ge site eka hack karana rate mona data privacy da. thibba nam Dialog wage ewun ape details third party e marketing karayonta dei da

 

[Jack_Sparrow]

මම දන්න විදියට මචන් ICTA එකෙන් කරපු කලින් එකත් open source කරේ. ඕක විතරක් නෙවෙයි https://github.com/ICTASL ගොඩක් ඒව. සෝස් එක හයිඩ් වෙන එකෙන් නන් සෙකුරිටි වැඩි වෙන්නෙ නෑ හැබැයි.

code eka public tiyanawanam mehema security issue ekak tibbanam mulinma paththu wenawa.
Mata nam loweth sure security scan ekak nikamatawath run karala athi kiyala
kalin uba damma ekai thawa election app tikath opensource tibbe, ICTA eke opensource vs managemet waliyak giyane
thawa hena salli walata eliyen app ganna scene uth unane. dan management ekath wenas mama hitanne

hoyala balanna oni meka kawuda haduwe kiyala Code public github wage tiyanawanam nam kelinma github id pitin tiyanawane

 

[හෙළයෙක්]

code eka public tiyanawanam mehema security issue ekak tibbanam mulinma paththu wenawa.
Mata nam loweth sure security scan ekak nikamatawath run karala athi kiyala
kalin uba damma ekai thawa election app tikath opensource tibbe, ICTA eke opensource vs managemet waliyak giyane
thawa hena salli walata eliyen app ganna scene uth unane. dan management ekath wenas mama hitanne

hoyala balanna oni meka kawuda haduwe kiyala Code public github wage tiyanawanam nam kelinma github id pitin tiyanawane

ඔව් ඒ සන්ජීව වැඩ කරපු ප්‍රොජෙක්ට් නේද? මාත් බැලුව මුන්ගෙ github එකෙත් නෑ මේක ගැන සදහනක්.

 

[saraprobe]

ubata pissu okkotama wada ban.
this is expected if you don't know how to harden a service which is open to public. in theory ICTA should be in courts for not being able to protect personal data. this is a data breach

I get that
Even developed countries don't have a universal QR system where as SL does so instead of assisting the process you guys are bit**hing

 

[lahirufx+]

 

[හෙළයෙක්]

I get that
Even developed countries don't have a universal QR system where as SL does so instead of assisting the process you guys are bit**hing

උබ ලන්කාවෙ අයිටී ඉන්ඩස්ට්‍රි එක ගැන හිතන් ඉන්නෙ එහෙමද?

 

[හෙනයා]

code eka public tiyanawanam mehema security issue ekak tibbanam mulinma paththu wenawa.
Mata nam loweth sure security scan ekak nikamatawath run karala athi kiyala
kalin uba damma ekai thawa election app tikath opensource tibbe, ICTA eke opensource vs managemet waliyak giyane
thawa hena salli walata eliyen app ganna scene uth unane. dan management ekath wenas mama hitanne

hoyala balanna oni meka kawuda haduwe kiyala Code public github wage tiyanawanam nam kelinma github id pitin tiyanawane

meka helakuru eken propsed karala karapu ekak wage..

 

[nkt]

I get that
Even developed countries don't have a universal QR system where as SL does so instead of assisting the process you guys are bit**hing

The problem is not the QR code, it is the security of the private data. Do you understand? else please shut up and don't waste valuable internet bandwidth.

 

[Solo Rider]

Is StaySafe an open-source project? Why would anyone build this kind of app using open source code base?

 

[nkt]

Is StaySafe an open-source project? Why would anyone build this kind of app using open source code base?

being open source doesn't risks it's security if it is developed correctly.

 

[imhotep]

being open source doesn't risks it's security if it is developed correctly.

Yes... there are many codebases that have open source components. One security risk is that when these open source vulnerabilities are found these are made publicly available. This enables hackers to gain all the necessary information they need to carry out an attack - till the window time that a fix is found and you patch up your site. From the details of the exploit here the system itself is badly done - starting from the fact that not even a sanity check done on the NIC#.

 

[saraprobe]

The problem is not the QR code, it is the security of the private data. Do you understand? else please shut up and don't waste valuable internet bandwidth.

So pundits only know how to bi**CH here?

 

[Solo Rider]

being open source doesn't risks it's security if it is developed correctly.

Has any other country/organization used the same code base to proceed with their own?

 

[nkt]

So pundits only know how to bi**CH here?

If you don't know how to cook, can you give lectures about cooking? it's simple as that. Anyway why **? be a man

Has any other country/organization used the same code base to proceed with their own?

What do you mean by "used the same code base"? StaySafe app is not based on an open source project as far as I know. If it is based on a one this mess wouldn't happen

 

[dayt0na]

Allela daapan ban owa petrol puchchane nathuwa

 

[buddikagayan]

Bank ekata gihin Qr scan karama wada nane ban