Hacker News new | comments | show | ask | jobs | submit login

I don't understand how the gov't websites are so easy to hack, unless they have someone on the inside?

I'm guessing they are not just running old wordpress etc and getting owned by out of the box exploits.

So it must be custom exploits written for each site, so unless they have a copy of the server-side code to fuzz offline the admins are going to notice a lot of very weird traffic which will clue them that something is up.

you are massively overestimating the competence of various departments IT deployments. Stuff like the department of justice isnt the NSA/CIA, exploiting CMS misconfiguration and holes works for government sites just like it does anywhere else.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact