When the North Carolina State Board of Elections asked the voting machine companies whose products were used in state elections who owned those companies, both Election Systems & Software and Hart Intercivic claimed that the answers to the question were proprietary, confidential trade secrets that would devalue their companies if they were divulged.
Continue reading “Voting machine companies: the names of our parent companies are trade secrets”
Tag: voting machines
Florida Governor says the FBI told him how the Russians hacked Florida voting machines, but swore him to secrecy
Florida Governor Ron DeSantis says that after the Mueller Report was published, the FBI came to him to explain its conclusion that at least two Florida county’s voting machines were hacked by Russians during the 2016 election, but that they swore him to secrecy so he can’t reveal which counties and which machines were hacked.
Continue reading “Florida Governor says the FBI told him how the Russians hacked Florida voting machines, but swore him to secrecy”
Unisyn voting machine manual instructs election officials to use and recycle weak passwords
No one knows who wrote this Unisyn optical vote-counting machine manual that has appeared in multiple sites served by the California-based vendor, but only because Unisyn won’t comment on whether they wrote it.
Voting systems in Wisconsin and Kentucky are running FTP. Seriously.
FTP — the “file transfer protocol” — is a long-supplanted Unix tool for transferring files between computers, once standard but now considered to be too insecure to use; so it’s alarming that it’s running on the voting information systems that will be used in elections in Wisconsin and Kentucky tomorrow.
Continue reading “Voting systems in Wisconsin and Kentucky are running FTP. Seriously.”
Ebay is full of used voting machines full of real electoral data and riddled with security defects
Back in 2012, Symantec researcher Bryan Varner bought some used US voting machines on Ebay and found them to be incredibly insecure and full of real, sensitive election data; in 2016, he did it again and things were even worse.
Continue reading “Ebay is full of used voting machines full of real electoral data and riddled with security defects”
Leading voting machine company admits it lied, reveals that its voting machines ship backdoored, with pre-installed remote access software
Election Systems and Software is America’s leading voting machine vendor, a category notorious for buggy, insecure software and rampant manufacturer misconduct. As the 2018 elections loom, voting machine companies are coming under scrutiny, and when veteran security reporter Kim Zetter asked them, on behalf of the New York Times, if their products shipped with backdoors allowing remote parties to access and alter them over the internet, they told her unequivocally that they did not engage in this practice.
Continue reading “Leading voting machine company admits it lied, reveals that its voting machines ship backdoored, with pre-installed remote access software”
In 2009 a NJ judge banned hooking up voting machines to the internet, but that’s exactly how ES&S’s “airgapped” machines work
Connecting voting machines to the internet is a terrible idea: the machines are already notoriously insecure, and once they’re online, anyone, anywhere in the world becomes a potential attacker.
Continue reading “In 2009 a NJ judge banned hooking up voting machines to the internet, but that’s exactly how ES&S’s “airgapped” machines work”
A bipartisan, GOP-led voting machine security bill that would actually fix vulnerabilities in US elections
The Secure Elections Act is a bipartisan Senate bill with six co-sponsors that reads like a security researcher’s wish-list for voting machine reforms. Specifically, it reads like Matt Blaze’s wishlist, hewing closely to the excellent recommendations laid out in his testimony to the House of Representatives’ Committee on Oversight and Government Reform Subcommittee on Information Technology and Subcommittee on Intergovernmental Affairs Hearing on Cybersecurity, recounting his experiences as a security researcher and as the founder of Defcon’s Vote Hacking Village.
Someone wiped a key server in Georgia right after voters filed a lawsuit over insecure voting-machines
Georgia’s voting machines are among the worst, most hackable in the nation, and that’s why a “diverse group of election reform advocates” including the Coalition for Good Governance sued the state to purge its hoard of 27,000 AccuVote voting machines, whose defects were not patched though the state was warned of them six months prior to the election. Accuvote machines do not keep any kind of paper audit-tape that can be used to compare the electronic total to a hardcopy.
Continue reading “Someone wiped a key server in Georgia right after voters filed a lawsuit over insecure voting-machines”
How do you dump the firmware from a “secure” voting machine? With a $15 open source hardware board
One of the highlights of this year’s Defcon conference in Vegas was the Voting Machine Hacking Village, where security researchers tore apart the “secure” voting machines America trusts its democracy to.
Continue reading “How do you dump the firmware from a “secure” voting machine? With a $15 open source hardware board”