Voting-Machine Vendor Put Remote-Access Software on Systems Sold to U.S.
72 replies, posted
https://www.thedailybeast.com/voting-machine-vendor-put-remote-access-software-on-systems-sold-to-us
Same story also being reported by Vice.
For those not keeping score, we have confirmation now that:
Russia has been attempting (and was successful on a number of occasions) to hack into our electrical grid and national infrastructure to install tools which would allow them to cause chaos by overloading/turning off power plants and substations.
Russia attempted to and successfully penetrated our voting registration databases nationwide.
Russia stole analytical data from the DNC, which would allow them to predict exactly where the Democrats would focus their strategies and see which states were expected to go in what directions down to the individual voter. They were also given data by Cambridge Analytica which provided the same down-to-the-individual-voter map of the United States - but which was compiled predominately by the Republican Party.
Maryland's voting registration database was maintained by a company owned by a Russian oligarch which did not report to them their somewhat quiet acquisition just months before the election.
Russian military intelligence hacked in to voting machine vendors specifically with spear-phishing attacks. Despite this, reports at the time claimed that there was no evidence that they'd done anything with the access they managed. This new piece of reporting demonstrates why they felt they didn't need to alter anything.
Voter registrations both during the primary and during the general election were being reported by tons of people as being disrupted, with many showing up to find they'd been deregistered and with the registration clerks and DB maintainers being unable to explain why they were deregistered in a lot of cases.
The voting-machine vendor above was the supplier of around 60% of the machines Americans used to vote in the 2016 election.
This same vendor supplied the machines in Georgia who, when demanded to turn over their voting machines to check them for discrepancies, deleted their local data, deleted their backup data, and defied that they had the right to do so. For those unaware, Reality Winner was jailed for sending out that report detailing how Russian hackers hacked a voting equipment vendor (in Florida) and were trying to breach local systems in addition -- she lived and worked in Georgia.
And now:
Many of the voting machines being used (specifically Diebold machines) had Remote-Access tools placed on them which would've allowed anyone to access these machines if they were able to exploit the system.
The source code for these systems was leaked online in 2006, RAT non-withstanding. States were told to update their systems but were under no obligation to do so and oversight in this regard is very limited.
The RAT in question is 'PCANYWHERE'. There are novice hacker tools such as Metasploit which specifically scan for the vulnerabilities PCANYWHERE would leave the system open to and would allow the hacker in question to hijack said system; meaning even novice hackers could hack into these internet-connected machines. In addition, there are dozens of PCANYWHERE exploits.
When asked earlier this year, ES&S Systems (Diebold) denied that any RATs were installed on their machines, stating ‘None of the employees who reviewed this response, including long-tenured employees, has any knowledge that our voting systems have ever been sold with remote-access software.’
In summary, it's time to steel yourself because it very likely may be that Russia not only manipulated voter rolls but also changed votes. There are a number of statisticians who decried that the election results didn't make sense to them, that it didn't fit a logical pattern and felt 'forced' that we'd have a 77,000 vote discrepancy in key areas over 3,000,000 votes total.
Write to your Senator. Tell them that you need them to support an initiative to ensure that the voting machines nationwide are thoroughly inspected by the US Government and that these exploits are removed and their internet connections be disabled - or failing that, demand that they tell your State Congress that they must move to paper ballot to ensure the integrity of the upcoming midterm election.
Is paper ballot but electronically read okay?
Should be.
At the very least this should result in some fucking heavy consequences for Diebold - especially for either lying about it or having such poor internal communications and interest in verifying claims that they were unaware of the RATs that were being installed to their systems. Note the lack of a recall.
Yeah, I helped run an election in my locality (CA inland) and the voting machines are just bad for a whole host of reasons, mostly because they're decades old at this point and are out of production so the county isn't even willing to issue multiple voting machines to a MULTIPLE PRECINCT voting location, which resulted in chaos last primaries when our AccuVote® malfunctioned and I had a crowd of people yelling at me convinced that it was some kind of California DNC conspiracy.
The hilarious thing is that there were so many failures around the county this time that the Election Coordinator made the executive decision to just void all AccuVote readings in the field and have the ballots re-read using properly maintained Accuvote machines at the main office.
I sure do wish we had paper ballots about now - and I work in the tech industry.
this is why our geriatric government fucking sucks, paper ballots can be made idiot proof, it should not be this fucking hard to build a secure voting machine.
We should immediately adopt Germany's election model: 100% paper ballots, counted publicly by human eyes. Completely remove electronics from the equation.
Our country is led by idiots, malicious idiots, or people in the pocket of malicious people.
Is it really that time again?
https://www.youtube.com/watch?v=w3_0x6oaDmI
Don’t forget the lazy people. How many breaches would we avoid if we did our security updates?
Guess that falls into idiots though.
Paper Ballots are what we should ALWAYS be using. Electronic ballots and electronic voting is a curse.
That's mitigated by the people who don't want to work inside secure systems as well. Trump himself uses his own personal cellphone and gives out his private number. That's in violation of just about every security recommendation a President's liable to ever get regarding their communication devices. Hillary refused to use state dept e-mails. States are refusing to update their election machines. The people making the election machines are charged with making sure they're secure -- and then install security breaching tools.
The problem isn't just laziness - it's a feeling that the law and rules are irrelevant if you don't get caught.
But then you throw human error into the mix.
There has to be an easy way to use electronic voting that is secure, even if only the machines are just electronic tallies and the results have to be read and reported manually by election officials.
Electronically count and human count.
Any errors by the human will be caught by the machine and any tampering with the machine would be caught by the human.
Thank you. This should keep being posted in every thread like this until goverments stop using electronic voting (so keep posting it forever basically).
Unfortunately I don't think we have policymakers regularly browsing Facepunch.
I know we had a guy try to get Obama to register back in 2012 ish but all he got was forcefully removed from the Q&A.
The second benefit of paper ballots is the ability to do practically unlimited repeat counts.
Perhaps each ballot box could be counted twice by independent groups and compared for accuracy.
I don't understand what you're trying to say. I'm saying that video will always be relevant because as many posters here need to be informed as possible.
Ah. I'm just a bit weary of leaders in every field ever who like to be "all high tech and shiet", from education board members to election board members. Out here in a town called Modesto I think ballots used to be cast through punch-cards with what were essentially levers that operated hole punchers tied to a mechanism that basically operated like reverse radio buttons. The punches were very reliable and it was guaranteed that you wouldn't vote for the wrong candidate and everyone agreed that it was the best system, but because they wanted to be "high tech" they switched to what I assume was also AccuVote and the rest is history.
People these days are just too eager to throw computer circuits at everything they can think of, thinking that it will inevitably improve them, I mean look we have IOT toasters now and Smart TVs that can potentially be hacked to film a sex tape of you and your spouse without you knowing.
As much as I would like to go back to purely physical ballots I just don't think that it will happen, even if we inform people because the prevailing attitude right now is just overwhelming technological optimism.
There's so many variables I don't think it's worth it. At the end of the day, a paper ballot is something you write on. You leave your mark, a person reads it, they know what you marked. Any attempt to alter or manipulate your mark will be noticeable. A computer is a black box that the voter makes a request/command to, in terms of seeing the history of the vote across a medium.. that doesn't really exist. Everything that happens between the button being pressed and the vote tallies being printed out is up to the computer, so if it's compromised in any way, its game over. Even the most secure box will eventually be exploited somehow, so what are we waiting for?
I felt like the response to the revelations that Russians had infiltrated aspects of our voting infrastructure was way too quick and hush-hush. It felt like big news, yet it blew over in what, a week if that? It's not surprising to find that now more details are emerging. It's an interesting reminder that (for the most part), these details aren't modified or rewritten after they come out, but they may be incomplete. Before this story broke, the talking point was "so what if they had a propaganda campaign! They didn't change the votes so get over it!". Well.. What happens if they changed the votes? What's the next goalpost?
ah yes
"what is a facepunch"
Obama was probably ready to give him a preemptive smackdown
It isn’t even a ‘German’ model; I’m pretty sure that almost all western countries, with the notable exception of the United States, vote with paper ballots, and the votes are counted by humans.
I guess you never heard of "Hanging Chads".
https://en.wikipedia.org/wiki/2000_United_States_presidential_election_recount_in_Florida
I have. It's a different state though with a different system. In the many decades the machine I described was in service they never seemed to have a problem. And honestly, would you rather have hanging chads and smudged ink or a computer system that could be exploited?
Nope, I don't want a computer system, I want paper ballots that are recorded electronically and can be checked by hand and digital list for accuracy.
In theory yes, but I don't think that's often necessary if you just have them counted publicly. (Over here, you can basically just go there and witness it, afaik.)
Of course with machine counting, public counting becomes basically impossible.
While the House GOP refuses to renew election security funding. At what point does it mean something.
There are really good, currently used techniques to counter all of the points he made and then some. The problem is not that E-voting is a bad idea, its that its badly implemented, as if someone made the decision 'no, we cant make it too safe, we need to be able to hack these elections'
The point is that the gains you get from E-voting are dwarfed by how easy it is to mess up and how tamper-proof paper voting is. Voting is so fucking important why take the risk at all when there's an easy, robust solution that's been used for hundreds of years?
Because the logistics problems of paper voting are used to argue away moving towards a more direct democracy, the reason why jerrymandering in the US is still a thing for example is twofold, one is because direct democracy is considered fickle, the other is that its logistically impractical.
The system set in place to provide a buffer against the fickleness of the people AND the logistical nightmare of direct democracy on paper is also the reason why Hillary lost.
Sorry, you need to Log In to post a reply to this thread.