Slashdot Mirror
Should We Ignore the South Carolina Election Hacking Story? (securityledger.com)
chicksdaddy provides five (or more) "good" reasons why we should ignore the South Carolina election hacking story that was reported yesterday. According to yesterday's reports, South Carolina's voter-registration system was hit with nearly 150,000 hack attempts on election day. Slashdot reader chicksdaddy writes from an opinion piece via The Security Ledger: What should we make of the latest reports from WSJ, The Hill, etc. that South Carolina's election systems were bombarded with 150,000 hacking attempts? Not much, argues Security Ledger in a news analysis that argues there are lots of good reasons to ignore this story, if not the very real problem of election hacking. The stories were based on this report from The South Carolina Election Commission. The key phrase in that report is "attempts to penetrate," Security Ledger notes. Information security professionals would refer to that by more mundane terms like "port scans" or probes. These are kind of the "dog bites man" stories of the cyber beat -- common (here's one from 2012 US News & World Report) but ill informed. "The kinds of undifferentiated scans that the report is talking about are the internet equivalent of people driving slowly past your house." While some of those 150,000 attempts may well be attempts to hack South Carolina's elections systems, many are undifferentiated, while some may be legitimate, if misdirected. Whatever the case, they're background noise on the internet and hardly unique to South Carolina's voter registration systems. They're certainly not evidence of sophisticated, nation-state efforts to crack the U.S. election system by Russia, China or anyone else, Security Ledger argues. "The problem with lumping all these 'hacking attempts' in the same breath as you talk about sophisticated and targeted attacks on the Clinton Campaign, the DCCC, and successful penetration of some state election boards is that it dramatically distorts the nature and scope of the threat to the U.S. election system which -- again -- is very real." The election story is one "that demands thoughtful and pointed reporting that can explore (and explode) efforts by foreign actors to subvert the U.S. vote and thus its democracy," the piece goes on to argue. "That's especially true in an environment in which regulators and elected officials seem strangely incurious about such incidents and disinclined to investigate them."
I pretty much just assume that any computer attached to the internet is being tested by hackers all the time. Why should election computers be any different?
SJW: Someone who has run out of real oppression, and has to fake it.
The public-facing srvers I'm reponsible for are port-scanned thousends of times a day in addition to the SSH access attempts, but these are all so common that only a fool falls victim to this sort of thing, the basic protections are fairly elementary and catch most if not all such common garbage.
If you want news from today, you have to come back tomorrow.
Perfectly willing to claim Trump was elected from vote hacking, utterly unwilling to investigate or question any votes - and in fact attempts to block those seeking to investigate voter hacking.
It is absurd to claim with as loose as protocol is around most voting systems, that there is not widespread voter fraud ongoing - probably "benefitting" both parties and screwing honest voters over with rigged elections across the country.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
If it's such a "very real problem," then why has not one single media outlet actually explained how the election was "hacked?" We hear "Russians" twenty times a day, but no one actually points a single compromised voting system, nor any research that show Clinton would have won if hadn't been circulated. This, from a media that has become otherwise quite good at explaining things like quantum teleportation and CRISPR/CAS9 to the general population - but somehow lots of hand-waving about the "hacked election."
Sorry for being painfully naive, but no, the election hacking thing, whether it be in SC or elsewhere is a Big Fucking Deal. We need to have confidence in the election results or no elected representative (note the use of the word "representative" and not "leader") can have the confidence of the people that he/she is legitimate.
To reduce crime, make fewer things against the law.
More like man inhales story...
I ran a basic web server for awhile at home a few years ago just for amusement on a Linux box running apache. It served up ONE static page that said something like "this is the only page on this server" and that was it. I got "attacked" thousands of times a week by the script kiddies running the IIS exploit attempt scripts, port scans and all sorts of things that I found a little bit amusing.
Surely, during an election, ANY computer on the net associated with anything to do with voting would be a primary target of all the hackers out there trying to make a name for themselves....Oh Look at me! I broke in and disrupted the election!
The fact is, this is not unusual..
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Is that Voter ID really free of charge or is it free after you pay a fee to get a certified copy of your birth certificate which is required in order to get your free ID? Paying money for anything in order to vote has a bad history in this country, as do literacy tests (hey, you should be able to read, else how can you cast an informed vote!), etc. You can always make an argument why there should be some test or other extra-constitutional requirement to vote -- they've all been tried in the past.