Donate

One of the largest manufacturers of voting machines has admitted it sold election-management systems with software that allowed remote access via the internet. They're pretty sure nobody hacked into a state election, but they're also not sure.


From 2000 to 2006, Election Systems and Software (ES&S;) sold a specialized computer with a program that allowed tech support geeks to dial into election systems and take control. ES&S; says that the program, pcAnywhere, was only installed on a "small number" of the voting systems sold during that time, and they only put the program there so some nerd could fix glitches or send updates. The only problem is that we're just now finding out, and ES&S; is being very shady after being caught with their pants down.

ES&S; says that they stopped using pcAnywhere in 2007 after the Election Assistance Commission changed voting standards in 2005. Yet public records show they signed a contract with at least one state in 2006 that specifically said they could use the program for "software support calls that cannot be resolved over the telephone." It wasn't exactly criminal to sell software they knew had dangerous holes large enough to drive a truck through, but it is a bit mysterious.

A contract between ES&S; and the State of Michigan from January 2006

At the same time ES&S; was still installing pcAnywhere on a "small number" of computers in 2006, some hackers actually stole the source code. Like DNA, the source code is the program, holding instructions on what to do, how, and when. ES&S; didn't bother to mention the code had been stolen until 2012, and only after part of the code showed up online. Symantec, which actually created the pcAnywhere software, immediately told users to turn off or delete the program; ES&S; didn't do squat. Shortly after the code appeared online, some nerds found a bug in it that allowed enterprising SOBs to take control of any system with pcAnywhere. Ooops.

The election management systems used by ES&S; are not the voting machines most of us use in a polling booth. They're the computers that crunch numbers and tabulate votes so that grandmas don't have to sit in an elementary school lunchroom until 3:00 a.m. on election night.

For security reasons, election management-systems and voting machines are not connected to the internet. This is called an "air gap," and it is supposed to prevent someone from breaking into a computer and poking around. As long as computers remain unconnected to the internet, the only way they can talk to the outside world is through something like a thumb drive, or by connecting a bunch wires. It's not 100% safe, but it's closer.

Silly internet, you can't see this computer!


ES&S; is now in damage control and refusing to talk publicly about whether or not any of its customers were using pcAnywhere during the 2016 election, but records show the software was installed on some systems as recently as 2011. Instead, they've offered to chat privately with Sen. Ron Wyden, the loudest voice on e-voting fuckery. After hearing that ES&S; had sold election systems with remote access software baked in, Wyden told reporters it was "The worst decision for security short of leaving ballot boxes on a Moscow street corner."

While ES&S; purposely installed this hole in their software, cyber security experts have been warning that simply downloading updates and software patches puts other election systems at risk. Even uploading unofficial voter talleys on election night creates a big risk as the data and the system can be seen by other computers. Though those kinds of attacks don't really affect the voting machines the rest of us use, they're vulnerable to other attacks that don't require much time, money, or nerd super powers.

Voting machine companies are trying to calm growing fears of electoral shenanigans by stressing how complicated it is to mess with an election. But cybersecurity experts point to old and outdated voting systems, shady practices by local officials, a lack of security protocols, and an ignorance of basic cybersecurity as proof that it's actually really easy to screw with an election. The Election Assistance Commission hasn't said much about election hacking, but Robert Mueller did when he indicted 12 Russian military intelligence officers for spear phishing attacks aimed at election officials, and for screwing with 39 state votings systems.

A very dubious history surrounds e-voting systems, and calls for paper trails are growing among cybersecurity experts. As we learn just how vulnerable the democratic process has become, there are tools that allow you to check what voting machines your district uses. Good-guy hackers have been tinkering with voting machines for years, and the largest hacker convention in the world, DefCon, is inviting state election officials to learn how to hack voting machines in the interest of education and safety next month. Public officials may not be taking this stuff seriously, but there are some angry nerds who do.

[Motherboard]

Wonkette is ad-free and reader-supported, and we're all about taking apart our toys to see how they tick.

Dominic Gwinn

Dominic is a broke journalist in Chicago. You can find him in a dirty bar talking to weirdos, or lying in a gutter taking photos.

$
Donate with CC

Nancy Pelosi is making news again today after her weekly press conference, mostly because she said this about yesterday's nutbag performance from President Stable Genius:

[T]his time, another temper tantrum — again — I pray for the President Of The United States. I wish him and his family, his administration and staff would have an intervention for the good of the country.

She prays for him. And she's just kind of suggesting that maybe the president is unwell, in his brain. She's being very subtle!

When Glenn Thrush asked afterward what kind of "intervention" she might be talking about, she suggested that Article 25 would be just fine.

But many folks out there right now are saying "BUT WHAT ABOUT INPEACH! They are not going to do an intervention, because the intervention is called INPEACH!" (They are taking her words very literally, it would seem.) Every other damn day lately, there is news about how "NANCY SAID INPEACH IS BAD" or "NANCY SAID TRUMP'S ACTIONS IS SELF-INPEACH-ATORY, WHAT DOES THAT EVEN MEAN, NANCY!" and whatever else, we don't know, because we have muted all of Twitter until further notice. (Here is some news about the House Democrats' weekly meeting yesterday, most of which was about Democrats yelling INPEACH! while Nancy Pelosi gave them cold showers.)

Here's the thing:

In today's presser, Pelosi was clearer than ever about her feelings on impeachment -- she doesn't like it, and she'd really hate for the nation to get to a place where that's inevitable, she is just saying it would be truly terrible for them to have to do that -- but they might just be FORCED to go there. And wouldn't that be just terrible? Nancy Pelosi is praying about that just like she is praying for Trump, under a big oak tree that casts all the shade she threw at Donald Trump for her entire fucking presser.

Keep reading... Show less
$
Donate with CC

Happy Throwback Thursday! Remember Paul Manafort? He's still in jail, don't worry. But it looks like he might be getting some company soon from his old pal Stephen Calk, who just got indicted today by the Southern District of New York.

Calk was a simple CEO and COB at the Federal Savings Bank of Chicago, but he had big dreams. He'd been an army pilot and a money guy, so he figured he was competent to be either Secretary of Treasury or Secretary of Army. He'd take Commerce or HUD, or even a cool ambassadorship to France, or the UK, or the UN -- he wasn't picky. Just any old position befitting a guy who is 100 percent going to be played by Michael McKean in the movie version of this nightmare.

Luckily Calk knew a guy on the inside. Sure that guy had recently been You're Fired from the Trump campaign for ratfucking the Ukrainian election, but Paul Manafort was still waving his bits all over Trumpland in the summer and fall of 2016, so Paul Manafort had the hookup that Calk needed. Luckily, Calk had what Manafort needed, which was MONEY. Manafort's fountain of untaxed cash had dried up since the Ukrainians gave his guy Viktor Yanukovych the boot, and he was in danger of losing multiple investment properties to foreclosure. So naturally Calk stepped up to the plate with $15 million in loans to keep the wolves at bay, because what are friends with more political ambition than scruple for, right?

Keep reading... Show less
$
Donate with CC
Donate

How often would you like to donate?

Select an amount (USD)

Newsletter

©2018 by Commie Girl Industries, Inc