<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office"> <head> <meta name="viewport" content="width=device-width,initial-scale=1"> <!--[if gte mso 9]>
    <xml>
      <o:OfficeDocumentSettings>
        <o:AllowPNG/>
        <o:PixelsPerInch>96</o:PixelsPerInch>
     </o:OfficeDocumentSettings>
    </xml>
    <![endif]--> <style type="text/css">* a:hover{cursor:pointer;}</style> <style>body {-webkit-animation:bugfix infinite 1s;}@-webkit-keyframes bugfix {from {position:relative;}to {position:relative;}}</style> </head> <body style="word-wrap:normal;word-break:break-word"> <style>a {word-wrap:normal;word-break:break-word;}.background-contain {background-size:contain;}@media only screen and (max-width:600px) {.container {-webkit-text-size-adjust:none !important;}.container,.palm-one-whole {width:100% !important;min-width:100% !important;}.palm-one-half {width:50% !important;min-width:50% !important;box-sizing:border-box;}blockquote .container,blockquote .container div,blockquote .container table {width:auto !important;min-width:0 !important;position:relative !important;}img {max-width:100%;}.border-outer,.border-middle,.border-inner,.inner,[title="separator"] {width:100% !important;}.innercell {padding:8px !important;}.palm-block {display:block !important;}td.palm-one-whole {display:inline-block !important;padding:0;}td.palm-one-whole:first-child:not(:only-child) {margin-bottom:16px;}td.hostname {padding-top:3px !important;}}@media only screen and (min-width:601px) {.preview-card {max-width:600px !important;}}@media only screen and (min-device-width :320px) and (max-device-width :568px),only screen and (min-device-width :768px) and (max-device-width :1024px),only screen and (max-device-width:640px),only screen and (max-device-width:667px),only screen and (max-width:480px){.container {width:100% !important;min-width:100% !important;}.p,.small,li,font[size="2"],font[size="3"] {font-size:1em !important;}}@media only screen and (min-device-width :320px) and (max-device-width :568px),only screen and (min-device-width :768px) and (max-device-width :1024px),only screen and (min-device-width :1224px)  {.message-wrapper {padding-top:6px;}.apple-only[style] {display:block !important;max-height:none !important;line-height:normal !important;overflow:visible !important;height:auto !important;width:100% !important;position:relative !important;}.no-apple {display:none !important;}form {font-size:inherit;}input[type="text"] {height:43px;padding-left:4px !important;}button:hover {cursor:pointer;}}@media only screen and (min-device-width :1224px)  {.apple-mail-form {display:block !important;background-color:white !important;}}* [office365] .outlook-com-hidden {display:none !important;}* [office365] .outlook-com-button {display:block;}* [office365] .outlook-com-only {display:block !important;max-height:none !important;line-height:normal !important;overflow:visible !important;height:auto !important;width:100% !important;position:relative !important;}.ExternalClass {width:100%;}.ExternalClass .outlook-com-button {display:block;}.ExternalClass button {height:auto;}.ExternalClass .outlook-com-hidden {display:none !important;}.ExternalClass .outlook-com-only {display:block !important;max-height:none !important;line-height:normal !important;overflow:visible !important;height:auto !important;width:100% !important;position:relative !important;}.ExternalClass .ecxlabels {display:none !important;}.ExternalClass .ecxlabels {display:none !important;}.ExternalClass .ecxarrow {display:none !important;}.ExternalClass cite >div + div {padding:0 0 4px 0;}.ExternalClass .h1 {padding-bottom:5px;}.ExternalClass .h2 {padding-bottom:5px;}.ExternalClass .h3 {padding-bottom:5px;}.ExternalClass [lang="brand-pinterest"] {width:280px !important;}</style> <!--[if (gte mso 9)|(IE)]>
    
    <style>
      a, body {
        font-family: 'Calibri', Arial, sans-serif;
      }
    
      img {
        border: none !important;
        -ms-interpolation-mode:bicubic;
      }
    
      td {
        mso-line-height-rule:exactly !important;
      }
    
      .mso-card-inner table {
        border-collapse: collapse !important;
        mso-table-lspace:0pt;
        mso-table-rspace:0pt;
        vertical-align: top;
      }
    
      .outlook-com-only {
        display: none !important;
        font-size: 0 !important;
      }
    
      #mso-one-whole {
        width: 100% !important;
      }
    
    
    
        .border-outer,
        .border-middle,
        .border-inner {
          border: none !important;
        }
    
        .border-middle,
        .border-inner {
          width: 100% !important;
        }
    
        .mso-border-outer,
        .mso-border-middle,
        .mso-border-inner {
          padding: 1px;
        }
    
        .mso-border-outer { background-color: rgb(245, 255, 255); }
        .mso-border-middle { background-color: rgb(223, 246, 255); }
        .mso-border-inner { background-color: rgb(153, 176, 225); }
    
    </style>
    
    <![endif]--> <table class="container" lang="container" dir="ltr" border="0" cellpadding="0" cellspacing="0" valign="top" style="width:100%"> <tr> <td valign="top" class="message-wrapper" style="color:#222;font-family:arial,sans-serif"> <!--[if mso]><table  border="0" cellpadding="0" cellspacing="0" valign="top" style="border-collapse:separate;"><tr><td valign="top"><![endif]--> <div dir="ltr"><div>Excerpts:</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Rahjerdi said that the app contains default React Native metadata and that it comes off as a "very very off the shelf skeleton project plus add your own code kind of thing. Honestly, the biggest thing is—I don’t want to throw it under the bus—but the app was clearly done by someone following a tutorial. It’s similar to projects I do with my mentees who are learning how to code," Rahjerdi said. "They started with a starter package and they just added things on top of it. I get deja vu from my classes because the code looks like someone Googled things like 'how to add authentication to React Native App' and followed the instructions," Rahjerdi said.<br></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> </blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">A team of researchers at Stanford University, including former Facebook chief security officer Alex Stamos and students Jack Cable, Pierce Lowary, and Alex Zaheer, said that while analyzing the app, they found potentially concerning code within it, including hard-coded API keys. Motherboard decompiled the app and verified the presence of an API key. Stamos' concern was that a hacker could potentially change or reset data on the servers. Stamos added that he was not comfortable probing the company's backend without its permission. Shadow insisted that the app was configured correctly.</blockquote><div><br></div><div> <!--[if mso]>
<table class="mso-card-v3" width="578" cellpadding="0" cellspacing="0" style="border:1px solid #f5ffff">
  <tr>
    <td style="border:1px solid #d5ecff; background-color:#99b0e1; padding:1px;">
<![endif]--> <table id="" class="card-v3" cellpadding="0" cellspacing="0" style="border:1px solid #f5ffff;border-radius:4px;width:100%;max-width:578px;mso-border-alt:none;font-style:normal;font-weight:normal;font-variant:normal;line-height:normal"> <tbody><tr style="border:1px solid #d5ecff;mso-border-alt:none;display:inline-block;border-radius:3px;width:100%"> <td style="display:block;width:100%;box-sizing:border-box;padding:8px;border-radius:2px;border:1px solid #99b0e1;font-size:0;vertical-align:top;background-color:white;mso-border-alt:none;position:relative"> <table width="100%" border="0" cellpadding="0" cellspacing="0" valign="top" style="border-collapse:separate;text-align:left"> <tbody><tr class=""> <td class="palm-one-whole" rowspan="2" valign="top" style="width:134px"> <table width="100%" class="inner" border="0" cellpadding="0" cellspacing="0" valign="top" style="border-collapse:separate"> <tbody><tr> <td valign="top" style="padding:"> <a href="https://links99.mixmaxusercontent.com/5e196044087550002eab97f3/l/RKeHi70KtyeN2JRYg?messageId=CNZQ5xKAuEa09tJPI&rn=gIUxkI&re=IyZy9mLoNWZ052bpRXYyVmYpxmLzR3cpxGQ0xmI&sc=false" target="_blank" style="display:block"><img src="https://res.cloudinary.com/mixmax/image/fetch/w_800,h_600,c_fill,q_90,fl_progressive,g_faces:center/https%3A%2F%2Fvideo-images.vice.com%2Farticles%2F5e3b20f7c9983f009ce6b792%2Flede%2F1580933515625-IMG_7485-2.jpeg%3Fcrop%3D1xw%3A0.4214xh%3B0xw%2C0.2599xh%26resize%3D1200%3A*" class="palm-one-whole" width="120" style="display:block;width:120px;vertical-align:top" alt="Preview image"></a> </td> </tr> </tbody></table> </td> <td class="palm-one-whole" rowspan="" valign="top" style="font-size:13px;width:px"> <table width="100%" class="inner" border="0" cellpadding="0" cellspacing="0" valign="top" style="border-collapse:separate;font-size:13px"> <tbody><tr> <td valign="top" style="padding:"> <table cellpadding="0" cellspacing="0" valign="top" style="border-collapse:collapse"> <tbody><tr> <td colspan="2" valign="top" style="min-width:100%;padding-bottom:2px;font-size:16px;line-height:22px;font-weight:600;font-family:'Avenir Next','Segoe UI','Calibri',Arial,sans-serif"> <a href="https://links910.mixmaxusercontent.com/5e196044087550002eab97f3/l/oKWlT4vnNWCzNPuoL?messageId=CNZQ5xKAuEa09tJPI&rn=gIUxkI&re=IyZy9mLoNWZ052bpRXYyVmYpxmLzR3cpxGQ0xmI&sc=false" target="_blank" style="text-decoration:none;display:block;color:#333;border:none"> An ‘Off-the-Shelf, Skeleton Project’: Experts Analyze the App That Broke Iowa </a> </td> </tr> <tr> <td colspan="2" valign="top" style="min-width:100%;padding-bottom:4px;font-size:13px;line-height:17px;font-family:'Segoe UI','Helvetica Neue',Helvetica,'Calibri',Arial,sans-serif"> <a href="https://links910.mixmaxusercontent.com/5e196044087550002eab97f3/l/dRVqGp2tefPuworV3?messageId=CNZQ5xKAuEa09tJPI&rn=gIUxkI&re=IyZy9mLoNWZ052bpRXYyVmYpxmLzR3cpxGQ0xmI&sc=false" target="_blank" style="text-decoration:none;display:block;color:#333;border:none"> Multiple experts analyzed Shadow Inc.’s Iowa caucus app. They found all kinds of problems. </a> </td> </tr> </tbody></table> </td> </tr> </tbody></table> </td> </tr><tr> <td valign="bottom"> <table width="100%" border="0" cellpadding="0" cellspacing="0" valign="top" style="border-collapse:separate"> <tbody><tr> <td valign="bottom" style="line-height:11px;font-family:'Avenir Next','Segoe UI','Calibri',Arial,sans-serif" class="hostname"> <a style="color:#aab;display:block;font-size:11px;margin:0;letter-spacing:1px;padding-left:1px;text-decoration:none;text-transform:uppercase" href="https://links910.mixmaxusercontent.com/5e196044087550002eab97f3/l/orOjZspFb3y4DYPOF?messageId=CNZQ5xKAuEa09tJPI&rn=gIUxkI&re=IyZy9mLoNWZ052bpRXYyVmYpxmLzR3cpxGQ0xmI&sc=false" target="_blank">vice.com</a> </td> <td align="right" valign="bottom"> <a href="https://mixmax.com/r/5e196044087550002eab97f3?ref=Website preview" style="display:block;vertical-align:top;font-size:0" target="_blank"> <img src="https://emailapps.mixmax.com/img/badge_mixmax.png" align="top" height="20" style="display:block" alt="Mixmax" border="0"> </a> </td> </tr> </tbody></table> </td> </tr> </tbody></table> </td> </tr> </tbody></table> <!--[if mso]>
    </td>
  </tr>
</table>
<![endif]--> <br></div><div><br></div></div><img align="left" width="0" height="0" style="border:0;width:0px;height:0px" src="https://track.mixmax.com/api/track/v2/CNZQ5xKAuEa09tJPI/i02bj5CbpFWbnB0c55WYw12bjlnI/IyZy9mLoNWZ052bpRXYyVmYpxmLzR3cpxGQ0xmI/gIUxkI?sc=false" alt=""> <!--[if mso]></td></tr></table><![endif]--> </td> </tr> </table> </body> </html>