Here's a bonkers Sunday Morning political talk show clip for you. Fired Trump 'attorney' Sidney Powell of losing 'Kraken' lawsuit infamy tells Mike Huckabee that voters in the state of Georgia should be wary of voting in the January runoff election unless all the voting machines go away. — Read the rest
For three years now, cryptographer Matt Blaze (previously) and his colleagues have hosted a Voting Village at Defcon, the annual hacker con in Vegas, in which all comers are welcomed to try to compromise a variety of voting machines that are in actual use in American elections.
Election Systems & Software (ES&S) is America's leading voting machine vendor; they tell election officials (who are county-level officials who often have zero cybersecurity advice or expertise) not to connect their systems to the internet, except briefly to transmit unofficial tallies on election night.
When the North Carolina State Board of Elections asked the voting machine companies whose products were used in state elections who owned those companies, both Election Systems & Software and Hart Intercivic claimed that the answers to the question were proprietary, confidential trade secrets that would devalue their companies if they were divulged.
Florida Governor Ron DeSantis says that after the Mueller Report was published, the FBI came to him to explain its conclusion that at least two Florida county's voting machines were hacked by Russians during the 2016 election, but that they swore him to secrecy so he can't reveal which counties and which machines were hacked.
No one knows who wrote this Unisyn optical vote-counting machine manual that has appeared in multiple sites served by the California-based vendor, but only because Unisyn won't comment on whether they wrote it.
Why does Ivanka Trump need trademarks for nursing homes, sausage casing, and *voting machines* in China? Or do we not want to know.
— Read the rest
The hard drives had not been wiped.
Back in 2012, Symantec researcher Bryan Varner bought some used US voting machines on Ebay and found them to be incredibly insecure and full of real, sensitive election data; in 2016, he did it again and things were even worse.
When security researchers report on the ghastly defects in voting machines, the officials who bought these machines say dismiss their concerns by saying that the tamper-evident seals they put around the machines prevent bad guys from gaining access to their internals.
Every year, security researchers gather at Defcon's Voting Village to probe voting machines and report on the longstanding, systematic security problems with them, in order to give secure voting advocates the ammunition they need to convince Congress and local officials to take action into improve America's voting security.
I've been fighting with voting machine vendors since Bush v Gore, when companies like Diebold brazenly sought to subvert the Supreme Court's order to standardize a secure design for US voting machines, going so far as to send out thousands of fraudulent copyright notices in a failed attempt to silence whistleblowers who'd reported defects in their systems.
A federal lawsuit brought by voting security activists against the State of Georgia has revealed breathtaking defects in the state's notoriously terrible voting machines — and, coincidentally, the machines in question were wiped and repeatedly degaussed by the state before they could be forensically examined as evidence of their unsuitability for continued use.
Election Systems and Software is America's leading voting machine vendor, a category notorious for buggy, insecure software and rampant manufacturer misconduct. As the 2018 elections loom, voting machine companies are coming under scrutiny, and when veteran security reporter Kim Zetter asked them, on behalf of the New York Times, if their products shipped with backdoors allowing remote parties to access and alter them over the internet, they told her unequivocally that they did not engage in this practice.
Connecting voting machines to the internet is a terrible idea: the machines are already notoriously insecure, and once they're online, anyone, anywhere in the world becomes a potential attacker.
The Secure Elections Act is a bipartisan Senate bill with six co-sponsors that reads like a security researcher's wish-list for voting machine reforms. Specifically, it reads like Matt Blaze's wishlist, hewing closely to the excellent recommendations laid out in his testimony to the House of Representatives' Committee on Oversight and Government Reform Subcommittee on Information Technology and Subcommittee on Intergovernmental Affairs Hearing on Cybersecurity, recounting his experiences as a security researcher and as the founder of Defcon's Vote Hacking Village.
The University of Pennsylvania's Matt Blaze (previously) is a legendary figure in cryptography and security circles; most recently he convened Defcon's Vote Hacking Village where security experts with no particular knowledge of voting machines repeatedly, fatally hacked surplus voting machines of the sort routinely used in US elections.
One of the highlights of this year's Defcon conference in Vegas was the Voting Machine Hacking Village, where security researchers tore apart the "secure" voting machines America trusts its democracy to.
Former CIA director R. James Woolsey and legendary free software creator Brian "bash" Fox took to the New York Times's op-ed page to explain that proprietary software and voting machines don't mix, because unless anyone who wants to can audit the software that powers the nation's elections, exploitable bugs will lurk in them, ready to be used by bad guys to screw up the vote-count.
Chris Msando is the Kenyan electoral commission IT manager who oversaw the country's computerized voting systems; now, just days before a hotly contested election, his body has been found in the Kikuyu area in Nairobi's outskirts, and the Independent Electoral and Boundaries Commission says he was tortured and murdered.