News / National
ZEC website susceptible to hacking
22 May 2018 at 09:05hrs | Views
The security of Zimbabwe Election Commission (Zec) website, where prospective voters can check whether their names appear correctly on the voters' register, is under the spotlight, as the platform used has low security and is susceptible to hacking.
The site, http://www.zec.org.zw, is on what is known as a Hyper Text Transfer Protocol (http), which is used to transfer data from the server to the user's browser using the internet.
As a result, the vulnerability of http to cyber attacks, later websites, especially those that carry personal information, now have what is known as a Secure Hyper Text Transfer Protocol (https).
According to instantssl.com; "https is the secure version of http the protocol …'s' at the end of https stands for 'secure'.
"It means all communications between your browser and the website are encrypted."
Browsers like Google Chrome, Safari and Mozilla Firefox, the most preferred web browsers, now warn users of insecure websites.
The Verge, an ICT website, said: "https encryption protects the channel between your browser and the website you're visiting, ensuring no one in the middle can tamper with the traffic or spy on what you're doing.
"Without that encryption, someone with access to your router or internet service provider could intercept information sent to websites or inject malware into otherwise legitimate pages."
The development comes as concerns have been raised over the security of voter registration information ahead of elections.
Opposition parties have raised the red flag over Zec's failure to reveal where the servers keeping the information are located and the company contracted to manage the highly sensitive information, which, in the event it gets into the wrong hands could be manipulated.
Contacted for comment, Zec deputy chairperson, Emmanuel Magade said he was on a long phone call, and asked this reporter to call after 15 minutes.
Further attempts to contact him were fruitless, as his phone went unanswered.
The inspection of the provisional voters' roll began on Saturday and prospective voters can check for their details using mobile phone USSD applications, the Zec website and going to inspection centres.
The site, http://www.zec.org.zw, is on what is known as a Hyper Text Transfer Protocol (http), which is used to transfer data from the server to the user's browser using the internet.
As a result, the vulnerability of http to cyber attacks, later websites, especially those that carry personal information, now have what is known as a Secure Hyper Text Transfer Protocol (https).
According to instantssl.com; "https is the secure version of http the protocol …'s' at the end of https stands for 'secure'.
"It means all communications between your browser and the website are encrypted."
Browsers like Google Chrome, Safari and Mozilla Firefox, the most preferred web browsers, now warn users of insecure websites.
"Without that encryption, someone with access to your router or internet service provider could intercept information sent to websites or inject malware into otherwise legitimate pages."
The development comes as concerns have been raised over the security of voter registration information ahead of elections.
Opposition parties have raised the red flag over Zec's failure to reveal where the servers keeping the information are located and the company contracted to manage the highly sensitive information, which, in the event it gets into the wrong hands could be manipulated.
Contacted for comment, Zec deputy chairperson, Emmanuel Magade said he was on a long phone call, and asked this reporter to call after 15 minutes.
Further attempts to contact him were fruitless, as his phone went unanswered.
The inspection of the provisional voters' roll began on Saturday and prospective voters can check for their details using mobile phone USSD applications, the Zec website and going to inspection centres.
Source - newsday