If Israel or Russia are interfering with our elections, then shame on us.

UPDATED: Sunday, August 11, 2019 22:42
PAGE 1 of 1

Sunday, August 11, 2019 9:02 PM


Goodbye, kind world (George Monbiot) - In common with all those generations which have contemplated catastrophe, we appear to be incapable of understanding what confronts us.

This is a story that goes all the way back to the 2000 "hanging chad" election, where it was demonstrated how easy it was to rig and hack voting machines and counting machines; and where iirc electronic voting systems exclusively had severe statistical anomalies in the final count.

"Knowing the vote transmissions are going over the internet, the researchers decided to see if they could find the backend internet-connected systems that receive the transmitted votes. They discovered a method of searching for connected ES&S systems after one of their group stumbled across the IP address for an ES&S firewall in Rhode Island in a publicly available document. "


Exclusive: Critical U.S. Election Systems Have Been Left Exposed Online Despite Official Denials
The top voting machine company in the country insists that its election systems are never connected to the internet. But researchers found 35 of the systems have been connected to the internet for months and possibly years, including in some swing states.
by Kim Zetter
Aug 8 2019, 10:55am

For years, U.S. election officials and voting machine vendors have insisted that critical election systems are never connected to the internet and therefore can’t be hacked.

But a group of election security experts have found what they believe to be nearly three dozen backend election systems in 10 states connected to the internet over the last year, including some in critical swing states. These include systems in nine Wisconsin counties, in four Michigan counties, and in seven Florida counties—all states that are perennial battlegrounds in presidential elections.

Some of the systems have been online for a year and possibly longer. Some of them disappeared from the internet after the researchers notified an information-sharing group for election officials last year. But at least 19 of the systems, including one in Florida’s Miami-Dade County, were still connected to the internet this week, the researchers told Motherboard.

Some of the systems were verified voting systems. It appeared to "Kevin Skoglund, an independent security consultant who conducted the research with nine others, all of them long-time security professionals and academics with expertise in election security" that vendors set up the systems without oversight from election officials.

The systems the researchers found are made by Election Systems & Software, the top voting machine company in the country. They are used to receive encrypted vote totals transmitted via modem from ES&S voting machines on election night, in order to get rapid results that media use to call races, even though the results aren’t final.
Rapid (unofficial) results are transmitted via the internet to an SFTP server behind a Cisco firewall.

For security reasons, the SFTP server and firewall are only supposed to be connected to the internet for a couple of minutes before an election to test the transmission, and then for long enough after an election to transmit the votes. But the researchers found some of the systems connected to the internet for months at a time, and year-round for others, making them vulnerable to hackers.
This is in contrast to official votes that are tallied from memory cards pulled from the voting machines.

Generally, votes are stored on memory cards inside the voting machines at polling places. After an election, poll workers remove these and drive them to county election offices.
But hacking through the firewall could be more consequential than merely altering rapid results reports. The hacker could also gain access to official results AND the election-management system.

... Motherboard has learned that connected to the firewalls are even more critical backend systems—the election-reporting module that tabulates the unofficial votes as well as the official ones, and the election-management system that is used in some counties to program voting machines before elections. The researchers said that gaining access through the firewall to these systems could potentially allow a hacker to alter official election results or subvert the election-management system to distribute malware to voting machines through the USB flash drives that pass between this system and the voting machines.
Could it happen IRL?

... ES&S documents posted online in various counties show that these critical backend systems are connected to the firewall, and ES&S also confirmed to Motherboard that this is the correct architecture in counties that want to transmit results electronically.
And ES&S refutes that hacking could happen -

“There’s nothing connected to the firewall that is exposed to the internet,” Gary Weber, vice president of software development and engineering for ES&S, told Motherboard. “Our [election-management system] is not pingable or addressable from the public internet.” This makes them invisible to bad actors or unauthorized users, he said.
But ...

... Skoglund said this “misrepresents the facts.” Anyone who finds the firewall online also finds the election-management system connected to it.

“It is not air-gapped. The EMS is connected to the internet but is behind a firewall,” Skoglund said. “The firewall configuration [that determines what can go in and out of the firewall]… is the only thing that segments the EMS from the internet.”

And misconfigured firewalls are one of the most common ways hackers penetrate supposedly protected systems. The recent massive hack of sensitive Capital One customer data is a prime example of a breach enabled by a poorly configured firewall.

And the firewall software could also have bugs.

Even proper configurations won’t secure a firewall if the firewall software itself has security vulnerabilities that allow intruders to bypass all the authentication checks, whitelisting rules, and other security parameters set in the firewall’s configuration file.

“If this system hasn’t been patched and has a critical vulnerability… you may be able to subvert any kind of security scheme that you’ve put in place,” Skoglund told Motherboard.

Though federal legislation may set some standards and beef up local systems where officials have no expertise in computer security ...

Wyden said two pieces of federal election security legislation that have stalled on Capitol Hill due to Republican leaders—the SAFE Act and a Wyden bill called PAVE Act—would effectively ban transmission of votes via modem and prohibit connecting any election-reporting or election-management system to the internet or to a telecommunications network at any time.

While ES&S says only authenticated systems have access through the firewall to the SFTP server, because in what seems to be a single operation, passwords are generated on the

election-management system and passed to the voting machines on a USB flash drive when the systems are programmed before each election, and the passwords are also stored on the SFTP.

The two backend systems—the reporting system that tabulates votes and the election-management system—sit on a local area network, which is connected to the Cisco firewall through a switch. The switch doesn’t provide additional security; it simply acts as a traffic cop to direct incoming data to the right system. To collect the encrypted votes the voting machines have deposited on the SFTP server, the backend reporting system reaches through the firewall to query the server every few minutes. If new files have arrived, the reporting system grabs those, decrypts them to read the votes inside, then tabulates them.

At least this is how the configuration in the diagram ES&S provided Motherboard works. But a different diagram the company submitted last year to Travis County, Texas, as part of a contract proposal, and which is available online, shows the reporting system and election-management system directly connected to the SFTP server through the switch, and all of them are connected to the firewall. This would mean the backend reporting system could bypass the firewall to reach the SFTP server directly, a less secure configuration.

Weber of ES&S told Motherboard the Travis diagram is incorrect.


Unfortunately, there are a number of reasons to be concerned about the security of the firewalls and SFTP servers.

ES&S installs and configures the firewalls for the “majority” of its customers, the company told Motherboard. Counties then take over the maintenance or contract it out to a third party, which may even be ES&S in some cases.

Last year, the Cisco firewalls in Wisconsin failed to receive a patch for a critical vulnerability until six months after the vulnerability had been made public and the patch was released, Motherboard has learned. Patch delays aren’t unusual in states that require their election systems to be state certified as well as federally certified—a patch that needs to be applied to a certified system generally has to be reviewed for compliance with the certification requirements before it can be applied. But six months is a long time, and this means the systems were vulnerable to attack during a lengthy period before the 2018 midterm elections.

And then there's the problem of making sure the systems are software-upgraded ...

The current version is 10.0, and despite the fact that it has been available since November 2018, none of the ES&S SFTP servers the researchers found online are running it.
,,, and certified.

What’s not generally known by the public about ES&S election systems is that the company’s entire configuration for transmitting election results—from the modem to the SFTP server—is not certified by the Election Assistance Commission (EAC), which oversees the testing and certification of voting equipment at the federal level. ES&S voting machines are tested and certified, but the transmission configuration isn’t. The labs test them for functionality to make sure they transmit votes, and that’s it.

Weber told Motherboard that instead of federal certification, his company has focused on working with officials in states that allow modem transmission to test and certify the configuration under their own state certification programs. He said this includes a security assessment of the configuration. Asked which states do these security assessments, he cited Wisconsin, Florida, and Minnesota. But someone familiar with Wisconsin’s certification testing, who spoke on condition of anonymity, told Motherboard it doesn’t include a security assessment of the modem transmissions and configuration.


Hunting Election Systems

The researchers began looking for connected systems in July of 2018 after seeing repeated comments from state and local election officials as well as federal officials with the Election Assistance Commission, that voting machines and backend election systems are never connected to the internet.

Although these officials acknowledge that many voting machines use modems to transmit election results over cellular networks and landline connections, they have long insisted that modem transmissions don’t involve the internet. A New York Times story I wrote last year, however, showed that the modem transmissions do pass through the internet, and even an ES&S document that the company supplied to Rhode Island in 2015 calls the modem transmission of votes an “internet” transmission. A document for modem transmissions from voting machines made by Dominion Voting Systems—another top voting machine company in the country—similarly discusses TCP-IP and SSL, both protocols used for internet traffic.


“The configurations show TCP-IP configuration and ‘SSL Optional,’ making it clear that at least the vendors know their systems are connecting through the internet, even if their election official customers do not realize it or continue to insist to the public that the systems are not connected to the internet,” Skoglund said.

Knowing the vote transmissions are going over the internet, the researchers decided to see if they could find the backend internet-connected systems that receive the transmitted votes. They discovered a method of searching for connected ES&S systems after one of their group stumbled across the IP address for an ES&S firewall in Rhode Island in a publicly available document.


... they used a specialized search engine called Censys to find connected systems that matched this configuration combination. Censys scans the internet weekly for connected devices and catalogues information about them, including their IP address, in a database. Their search led them to 35 connected systems over the last year, though Skoglund notes that there may actually be more ES&S systems connected to the internet that are not visible to Censys scans, since administrators can configure their connected devices to block automated scans. This doesn’t mean, however, that someone can’t still find the systems online.

When examining the ownership records for the IP addresses of the connected systems, at least four of them were registered to county governments in Michigan and Florida. This helped bolster the researchers’ belief that what they had found were county election systems. The other IP addresses were harder to trace, however, since they were registered to large internet service providers, and not the ISP customers using them.

The researchers found one or two systems online in Illinois, Indiana, Minnesota, Nebraska, Rhode Island, Tennessee, and Iowa. The Nebraska system, they surmise, is probably a demo or test system for ES&S, which has its headquarters in Omaha. They also found two systems in Canada, where ES&S has field offices and customers, that may also be demo or test systems.

Although only one system was found online in Rhode Island, this one was particularly problematic, the researchers note. Rhode Island, unlike other states, conducts its elections from a centralized office at the state Board of Elections, instead of farming out election administration to each county or jurisdiction. The election reporting system the researchers found online, therefore, was the reporting system for the entire state.

One of the most dense states for online election systems was Florida, where the researchers found a number of connected systems that they believe belong to Bradford, Charlotte, Flagler, Wakulla, Miami-Dade, and Pasco counties, and one other county they’re unable to identity from the IP address.

Florida is known for its knuckle-biting elections. Trump won the state by just 1.2 percentage points in 2016, and in 2018 the state had senate and gubernatorial races that were too close to call on election night. Miami-Dade county in particular, with 1.4 million registered voters, is one of the most intensely watched counties in federal elections—it was using ES&S machines with embedded modems in the 2016 elections.


Any election system connected to the internet creates potential vulnerabilities for elections. But the nine systems in Wisconsin and four in Michigan that the researchers found raise particular red flags since these were two states among three where Green Party presidential nominee Jill Stein sought a recount of the 2016 presidential votes. All three states, which included Pennsylvania, produced results that were contrary to election polls and prior state voting trends.

... Wisconsin’s recount was completed, but some counties that used optical scan machines didn’t do a true recount—they simply ran the paper ballots through the optical-scan machines a second time, instead of manually comparing them against the digital tallies to uncover discrepancies. If any problems existed in the scanner software to produce incorrect results during the first scan, they would reproduce the same incorrect results in the re-scan.
Looking for holes or flaws in the information the researchers found ...
> The researchers repeated their searches of the Censys database periodically to see when systems dropped out of visibility or new ones popped up online.
Motherboard asked Errata Security CEO Graham, who created an internet-scanning tool called Masscan, to independently verify the methodology the researchers used to find the systems, and he confirmed that the method was sound, using the search parameters the researchers provided.
> An independent election security expert named Harri Hursti, who consults with election districts and helps run the annual Voting Machine Hacking Village at the Def Con security conference, also verified the methodology for Motherboard without being told how to find the systems. Hursti in fact told Motherboard that many other election systems are online that the researchers’ particular search parameters missed.
> The researchers ... also attempted to search for connected systems for the other top two voting machine vendors in the country—Dominion Voting Systems and Hart InterCivic. But Skoglund said the configuration footprints for these systems are less distinctive than ES&S’s footprint, resulting in the team finding thousands of systems that were clearly not election infrastructure.
> Although the researchers have not been able to confirm with elections officials in every state that all of the firewalls they spotted are connected to ES&S systems, they were able to verify enough of them that Skoglund says he feels confident their list is reliable. And all of the systems the researchers found share a configuration footprint that, as far as they can tell, is unique to ES&S systems. Furthermore, the IP addresses for the firewalls of the non-confirmed systems all appear to be in counties that also use ES&S voting machines, according to a crosscheck against a web tool operated by Verified Voting, a nonprofit that tracks voting machine use around the country. Although resolving IP addresses to precise geographical location is difficult to do, the researchers were able to pinpoint the addresses they found to a specific city or region in all cases except four of the systems.

Because the researchers only began looking for the systems last year, it’s not known how long they’ve been online, but it’s likely that some have been connected to the internet for years, going back to whenever a county first began to use modems to transmit election results.

But Hursti told Motherboard it makes little difference how long election systems are connected; any connectivity at all opens them to potential attacks.

“For a skillful, motivated attacker, it doesn’t matter much if [the system is connected] two minutes or a whole year. But for a less skilled fool, less motivated attacker, the fact that they are there for a year, it lowers the bar,” he told Motherboard. “It actually buries the bar under the ground to carry out attacks with less skill. [And] you have a way longer time when the hack can be carried out and the evidence of the attacks [hidden]. What you are describing is a bad behavior amplified by sloppiness and complete negligence of security.”

A more skilled and motivated hacker—such as a Russia-backed nation-state hacker—could potentially compromise the firewall or SFTP server and plant malware that gets delivered to each voting machine that communicates with the server, Skoglund and Hursti said. This is similar to what security professionals refer to as a “watering hole” attack, named after predatory animals who lie in wait at watering holes for prey to arrive to drink.

And if hackers could push malware to the voting machines from the SFTP server, the malware could potentially reconfigure the modem on those machines to make them dial out to a system the attackers own, while preventing any evidence of these calls from showing up on the system’s log. This would give attackers time to subvert the machines for subsequent elections.

The researchers did pass along their information "in August 2018 to the national Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)—a 24-hour watch center funded by the Department of Homeland Security and operated by the Center for Internet Security, a nonprofit established to develop and promote best practices in cybersecurity."

There's a fairly long accounting of which sites went offline after being told, sometimes repeatedly, about their vulnerabilities.


Skoglund has also witnessed another problems as systems dropped offline after his group’s disclosure to a county; some IT workers are simply turning off the SFTP server or switching it to standby mode so traffic can’t come into it. But as long as the firewall is online, the backend systems are still connected to the internet and can be found. And if the AnyConnect VPN is still enabled, this also provides a potential pathway into those backend systems.

Skoglund said he’s concerned that no one is monitoring all of these systems once they’re online, and that counties are trusting the configuration instructions ES&S gives them, or trusting ES&S to configure the systems securely for them, and are then ignoring the systems once they’re set up.

“When a corporation sets up a firewall and a VPN … there is someone who is applying patches and monitoring logs … and really actively ensuring the security of the device to make sure it doesn’t become a vulnerability,” Skoglund said. “That’s a real question with election infrastructure. Who manages this hardware after it’s deployed? And what oversight is there?”

My conclusion from this article is at there are many ways into not just the immediate votes tallies, but also the official ones and the vote-management system that also programs voting machines.

I don't expect local election officials to be cyber-security experts. But they're potentially up against some of the best hackers in the world like the Israelis (Stuxnet). If US researchers could find their way to voting systems (though they refrained from going past the firewall to keep their research legal) then surely other agents with far more intent and far fewer scruples can do the same, and more.

Instead of leaving cyber-security to non-technical officials and vendors with promises to sell, it seems like a good idea to bring in our non-political experts (and NOT intelligence agencies!), including NIST (as mentioned in the full article).


Sunday, August 11, 2019 9:13 PM


rezident owtsidr

Interesting, but unreadable.
The pix cauze the text to run past the ej uv the window.
Insted uv posting the entire article, just put in a link.

Also keeps you frum getting hung by your cahones for
copyrite violation.

DUZ XaT SEM RiT TQ YQ? - Jubal Early .


Sunday, August 11, 2019 10:19 PM


Goodbye, kind world (George Monbiot) - In common with all those generations which have contemplated catastrophe, we appear to be incapable of understanding what confronts us.

The link is at the top of the quote section.

Hopefully more readable AND shorter!

And if democrats don't do anything different, how are they any better?


Sunday, August 11, 2019 10:42 PM




Originally posted by JO753:
Interesting, but unreadable.
The pix cauze the text to run past the ej uv the window.
Insted uv posting the entire article, just put in a link.

Also keeps you frum getting hung by your cahones for
copyrite violation.

That's not how it works in 'Merica... at least not yet, anyhow.

If this were "Great" Britain, she'd be in a bit of trouble right now after they passed the Articles.

As to the OP?

Yup. Shame on us.

Shame on us for having a bunch of dumb old jagoffs in the most powerful offices in the country that have no idea how a computer works and only use one because the great people at Apple made it so easy that any retard can use it.

Forget Epstein. Think of how much extremely valuable data these idiots have given away for free because they're absolutely computer illiterate.

Do Right, Be Right. :)






In the garden, and RAIN!!!!
Fri, December 6, 2019 00:25 - 3440 posts
Dec 10, google begins The Purge; and other big tech nastiness. And gee, just before campaiging really starts ...
Fri, December 6, 2019 00:15 - 5 posts
Another Putin Disaster
Thu, December 5, 2019 20:51 - 203 posts
IG report incoming...
Thu, December 5, 2019 20:51 - 123 posts
Countdown Clock to Trumps impeachment " STARTS"
Thu, December 5, 2019 18:58 - 3345 posts
Trump Is Destroying Everything He Touches
Thu, December 5, 2019 18:56 - 291 posts
Another delusion dispelled
Thu, December 5, 2019 13:42 - 24 posts
A thread for Democrats Only
Thu, December 5, 2019 12:22 - 2932 posts
Impeachment Investigation Is Underway, Judiciary Committee Says
Thu, December 5, 2019 12:15 - 1074 posts
Ukraine Recommits To NATO
Thu, December 5, 2019 07:51 - 20 posts
Russia wants to upend Western democracy
Thu, December 5, 2019 06:34 - 176 posts
Who Is Running In 2020?
Wed, December 4, 2019 17:34 - 350 posts