New security headache for Zec

The security of Zimbabwe Election Commission (Zec) website, where prospective voters can check whether their names appear correctly on the voters’ register, is under the spotlight, as the platform used has low security and is susceptible to hacking.

BY TAPIWA ZIVIRA

The site, http://www.zec.org.zw, is on what is known as a Hyper Text Transfer Protocol (http), which is used to transfer data from the server to the user’s browser using the internet.

As a result, the vulnerability of http to cyber attacks, later websites, especially those that carry personal information, now have what is known as a Secure Hyper Text Transfer Protocol (https).

According to instantssl.com; “https is the secure version of http the protocol …’s’ at the end of https stands for ‘secure’.

“It means all communications between your browser and the website are encrypted.”

Browsers like Google Chrome, Safari and Mozilla Firefox, the most preferred web browsers, now warn users of insecure websites.

The Verge, an ICT website, said: “https encryption protects the channel between your browser and the website you’re visiting, ensuring no one in the middle can tamper with the traffic or spy on what you’re doing.

“Without that encryption, someone with access to your router or internet service provider could intercept information sent to websites or inject malware into otherwise legitimate pages.”

The development comes as concerns have been raised over the security of voter registration information ahead of elections.

Opposition parties have raised the red flag over Zec’s failure to reveal where the servers keeping the information are located and the company contracted to manage the highly sensitive information, which, in the event it gets into the wrong hands could be manipulated.


Contacted for comment, Zec deputy chairperson, Emmanuel Magade said he was on a long phone call, and asked this reporter to call after 15 minutes.
Further attempts to contact him were fruitless, as his phone went unanswered.

The inspection of the provisional voters’ roll began on Saturday and prospective voters can check for their details using mobile phone USSD applications, the Zec website and going to inspection centres.

Loading...

10 Comments

  1. Simple thing, tangai mapinda mozotaura kuti there is no security. Https yes ine security but thats not the only method. ZEC is using different methods to make sure its data is secure. They are very much aware of those hackers.

    1. But why not use https right from the start. A big organisation like Zec cannot in this age launch a website using http even if there was no sensitive infor there but there is. This is very deliberate in my view.

      1. ZANU KRAP — MAKE THE VOTER GO TO SOMEWHERE ELSE TO VOTE
        IT IS ALL PART T0 TRY & ENSURE ZANU GETS IN — KRAP

        1. so in your perspective, how do you expect it to be done…

    2. What other methods? Without Https messages travels in clear text format until they get to wherever the web server resides. Between your web browser and that server, it can be easily read.

  2. I LIVE IN AUSTRALIA

  3. Comment…fuck zanu pf this is another way to rig but bushiri got me excited but handipindi church yake .gore rino rino iri mmm vamwe vanomama kudota aaah kuma aah ma…maaa.SIMBA kozvokugara kwako kuAUSTRALIA zvenei nesu aah iwe racist countries woti wapinda saddd very sad

  4. Zimbabweans don’t love zimbabwe, if you really love it,then let us get rid of looters,murderous,selfish servers and totally useless zanu pf.

  5. Whoever wrote this article is an ignorant journo and i revoke your rights to use computers.

  6. Tapiwa Zivira

    Van Lee Chigwada: I am the author of the story. Can you explain why you have concluded that I am ignorant?

Leave a Reply

Your email address will not be published.