US Voting Server At Heart of Russian Hack Probe Mysteriously Wiped

A computer at the center of a lawsuit digging into Russian interference in the U.S. presidential election has been wiped. "The server in question is based in Georgia -- a state that narrowly backed Donald Trump, giving him 16 electoral votes -- and stored the results of the state's vote-management system," reports The Register. "The deletion of its filesystem data makes analysis of whether the system was compromised impossible to ascertain." From the report: There is good reason to believe that the computer may have been tampered with: it is 15 years old, and could be harboring all sorts of exploitable software and hardware vulnerabilities. No hard copies of the votes are kept, making the electronic copy the only official record. While investigating the Kennesaw State University's Center for Election Systems, which oversees Georgia's voting system, last year, security researcher Logan Lamb found its system was misconfigured, exposing the state's entire voter registration records, multiple PDFs with instructions and passwords for election workers, and the software systems used to tally votes cast. Despite Lamb letting the election center knows of his findings, the security holes were left unpatched for seven months. He later went public after the U.S. security services announced there had been a determined effort by the Russian government to sway the presidential elections, including looking at compromising electronic voting machines.

In an effort to force the state to scrap the system, a number of Georgia voters bandied together and sued. They asked for an independent security review of the server, expecting to find flaws that would lend weight to their argument for investment in a more modern and secure system. But emails released this week following a Freedom of Information Act request reveal that technicians at the election center deleted the server's data on July 7 -- just days after the lawsuit was filed. The memos reveal multiple references to the data wipe, including a message sent just last week from an assistant state attorney general to the plaintiffs in the case. That same email also notes that backups of the server data were also deleted more than a month after the initial wipe -- just as the lawsuit moved to a federal court. It is unclear who ordered the destruction of the data, and why, but they have raised yet more suspicions of collusion between the Trump campaign team, the Republican Party, and the Russian government.

insecure voting machines

[phantomfive]

Bet you'll find plenty of insecure voting machines around. There is absolutely no reason to have those things connected to the Internet.

Re:Like Hillary's server was?

[quantaman]

Hillary's server was wiped, and the circumstances under which is was wiped (and who decided to do what when) was thoroughly investigated and no one was charged (though the admin probably should have been), and the files were recovered.

Hopefully this server wiping is as thoroughly investigated.

Re:Hillary lost

[modmans2ndcoming]

We are over it....what we are NOT over is the whole sale theft of our elections by a foreign adversary and the help they got from the winner of that election, as well as the cover up by the party of that winner. It puts all future elections in question and is the main reason our republic is going to fail in the next 20 years. Go fuck yourself you fake patriot.

Calm down... there was a backup

[SlaveToTheGrind]

The non-clickbaity side of the story (a statement from Center for Elections Systems at Kennesaw State University, who had possession of the server) is here:

"In March 2017, a Center for Election Systems’ server involved in an alleged data breach was turned over to the FBI. While the server was in the possession of the Bureau, a forensic image or copy of all the data on the server was made and held by the agency. Following the notification from the FBI that no data was compromised and the investigation was closed, the server was returned to the University’s Information Technology Services group and securely stored. In accordance with standard operating procedures, an after-action report was prepared. This report outlined hardware improvements for the Center, including repurposing the impacted server and surplusing servers that had exceeded end of life. As part of the report, the original server that had been investigated by the FBI was designated to be repurposed, and the drives on the server were erased and the server made available for alternative uses."

"As noted by the subpoena filed today by the Attorney General’s Office, the data and information that was on the server in question has been and is still in the possession of the FBI and will remain available to the parties in the event it is determined to be relevant in the pending litigation."

So (a) the feds already investigated and found no evidence the server was compromised, and (b) they still have their forensic image of the server. This seems a lot more like litigants and journalists huffing and puffing than it does a real issue.

Re: Calm down... there was a backup

You don't find it odd that the server was wiped after a lawsuit was filed? You don't find it odd they degaused the backups three times when the lawsuit moved to federal court? Are you for real here? I mean the first wipe could have been morons being morons. But the destruction of the backups? And hey isn't preservation of records in the face of litigation a thing? Even armchair lawyers know that's a thing. Somebody really doesn't want those records examined.

Re:Does not get much more sketchy

[sjames]

You're nearly 30 years out of date. On '80s era HDs, it's true, a single overwrite of the data would leave traces sufficient that given some very expensive equipment and a very expensive analysis, the data could be recovered. On modern drives, even a single overwrite with zeros is sufficient to make the data irretrievable.

Re:Like Hillary's server was?

You are fake news.

http://thehill.com/policy/national-security/313555-comey-fbi-did-request-access-to-hacked-dnc-servers

>The bureau made “multiple requests at different levels,” according to Comey, but ultimately struck an agreement with the DNC that a “highly respected private company” would get access and share what it found with investigators.

>“We’d always prefer to have access hands-on ourselves if that’s possible,” Comey said, noting that he didn’t know why the DNC rebuffed the FBI’s request.

NO voting machines are connected to the Internet

[davide+marney]

I am a volunteer poll worker in Virginia. NO vote-tallying equipment is connected to the Internet, anywhere in the U.S. We are not idiots. We have about 230+ years' worth of experience with people trying to throw an election, and we understand -- and mitigate -- the risks.

This server in Georgia did NOT hold vote counts. It held voter registration records, instructions, and voting equipment passwords.

Each precinct tallying the votes keeps an independent record of their machines. There are paper backups of voting totals in the form of printed counts and hand-copied summary sheets.

In my state, we have switched over to machine-counted paper ballots in all precincts. Those scanners do not even have wireless hardware in them, they can only be accessed via ethernet cable. Once a machine is tested and certified for voting, a cover is placed over the ethernet socket and it is sealed with a plastic band.

I do advocate the use of paper ballots, but not because then humans could do a hand-count of them. Humans are lousy at repetitive tasks. A hand-count of millions of votes would have a margin of error 10x the size of the margin of error of machine-counted votes. In Virginia, when there is a recount, we bring in a completely different set of scanners than were used to originally count the votes, and run the same paper ballots through them. That is a excellent independent count.