Vulnerability to malicious supabase? - Githubissues

siv-org / siv

Secure Internet Voting protocol

https://siv.org

Other

12 stars 8 forks source link

Vulnerability to malicious supabase? #218

Open dglittle opened 2 months ago

dglittle commented 2 months ago

Other tools (supabase, ...) may have similar [compromising] powers in this environment [...] The goal is not to cast aspersions on the vendor, but to point out that the system is fundamentally trusting them in a way that might not be safe in the case of nation-state level adversaries.

Originally posted by @mspecter in https://github.com/siv-org/siv/issues/195

arianabuilds commented 2 months ago

Entry Summary for HACK SIV @ DEF CON 2024

Thanks again for participating! This submission earned $22.68 from SIV and $18.14 from the Public Vote, for a total of $40.82.

Here's what we noted in our evaluation:

What's interesting about this submission

Could screw up email deliverability analytics

What takes away from it

Doesn't currently touch any other election data, besides email deliverability data mentioned above.

Issue to track getting paid: https://github.com/siv-org/hack.siv.org/issues/11