Slashdot Mirror
No, a Teen Did Not Hack a State Election (propublica.org)
Headlines from Def Con, a hacking conference held this month in Las Vegas, might have left some thinking that infiltrating state election websites and affecting the 2018 midterm results would be child's play. Articles reported that teenage hackers at the event were able to "crash the upcoming midterm elections" and that it had taken "an 11-year-old hacker just 10 minutes to change election results." A first-person account by a 17-year-old in Politico Magazine described how he shut down a website that would tally votes in November, "bringing the election to a screeching halt." But now, elections experts are raising concerns that misunderstandings about the event -- many of them stoked by its organizers -- have left people with a distorted sense of its implications. From a report: In a website published before r00tz Asylum, the youth section of Def Con, organizers indicated that students would attempt to hack exact duplicates of state election websites, referring to them as "replicas" or "exact clones." (The language was scaled back after the conference to simply say "clones.") Instead, students were working with look-alikes created for the event that had vulnerabilities they were coached to find. Organizers provided them with cheat sheets, and adults walked the students through the challenges they would encounter. Josh Franklin, an elections expert formerly at the National Institute of Standards and Technology and a speaker at Def Con, called the websites "fake." "When I learned that they were not using exact copies and pains hadn't been taken to more properly replicate the underlying infrastructure, I was definitely saddened," Franklin said. Franklin and David Becker, the executive director of the Center for Election Innovation & Research, also pointed out that while state election websites report voting results, they do not actually tabulate votes. This information is kept separately and would not be affected if hackers got into sites that display vote totals.
and they wouldn't do stupid things like what they are doing now
This was reported already she manipulated the html to display incorrect results. I don't get why this is new news.
the Russians.
... I was surprised at how little the Voting Villiage resembled actual election systems. The language used to promote the event seemed sensationalistic and disingenuous. The whole thing seemed engineered to generate the headline "Teen Hacks US Midterm Elections". It's like they started with the headline they wanted and then enginneered (and re-engineered) the specifics until the system produced it.
What sort of shoddy clickbait is this? Mention HAXX but then say THERE ARE NONE?!?!?!?
IMPOSSIBRU!
The letdown!
The k-radness! Well, lack thereof.
Always you hear about "hacking" elections and other "manipulations"... ... but why anyone would feel the need to do that, when everyone anyone could vote for, is already a "lobbyist"?
("Lobbyist" is lobbyist-speak for somebody who commits treason against the sovereign of the country. So against you.)
Seriously, try to find a single politician who has a chance at being elected anywhere, and hasn't worked for a big corporation, will not work for one afterwards, and doesn't get kickbacks in any other way ... and I'll show you somebody who will have a "accident" in the future. (Like Kennedy, one could say.) Or be Sanders’d (so probably blackmailed). Often even if they are lobbyists for one side, but another side doesn’t approve.
You and me don't get to vote. There is no election for us. We only get to pick between a tiny set of lobbyists that are completely the same in all relevant questions, and only differ in things useful for meaningless "us vs them" bickering. Lobbyists that have been pre-picked in the actual election, by their employers. "Interest groups", corporations, local and foreign nutjobs, etc.
Linux geeks and programmers on Slashdot, we known damn well they hacked the website, not the voting machine and we also know damn well that any voting machine without a paper audit trail, reports whatever the votes the Russian hacker says it should report.
Stop the PR effort against auditability, and help get the last of the states still using non-auditable voting machines to get their shit together.
There should *not* be a single voting machine now that cannot be audited, yet Florida and Pennsylvania, both swing states, both running large number of DRE machines without paper audit trails. How the f**k is that even legal, they could never comply with a recount, because they could only recount what the voting machine says it recorded as the vote, not the actual voters vote.
It's not a good thing, to pretend there is no problem here and sweep it under the rug, block the use of the paperless voting machines and use the emergency paper voting backup. Because the vote is worth far more than the Grocery you bought at Walmart and received a *paper* receipt for.
Sometimes people feel so strongly about a cause, for example the dangers of electronic voting, that they think its ok to distort information or even outright lie for that cause. Its becoming very common - and I think its always wrong.
While the organizers of the event themselves stoked the misunderstanding, everything about it smelled like a kids hacking competition with an election theme rather than a real thing. Even if you assumed that the headliner child was some sort of once in a lifetime super genius, it certainly wouldn't have been the case for the majority of the participants to succeed, which did occur.
If the real thing were so trivial so that an 11 year old could casually do it, then one of the *huge* number of veteran security researchers would have found those problems for real in the real sites.
XML is like violence. If it doesn't solve the problem, use more.
You mean an 11-year-old boy and 11-year-old girl didn't just hack all-der-voting-machines with their mad-crazy l33t hacking skills alone?!?
You lied to me AGAIN, media! DAMN YOUR HOUSE OF LIES!
SJW: Someone who has run out of real oppression, and has to fake it.
Yeh sure, the election wasn't hacked, those hacked emails were all nothingburgers and Slashdot wasn't deluged with a bunch of "Texas Houswives" suddenly concerned about "Bengazi".
Also computers never get hacked, even modern ones, Windows XP used in these old voting machines without paper trials has stood the test of time. No need to add any kind of paper trail, or test their security, since mother time has tested it for you!
Also Russian asbestos is totally tasty and edible and should be used as a filler in nothingburgers!
Why did so many editors uncritically fuel the idea "voting is rigged, therefore pointless" at a time when a known adversary is pushing that very idea into the US electorate through various media?
As I commented in another thread on election security, unless you have run an actual election, you probably don't appreciate the sheer scale of what's involved in securing an election. I am an election officer in Virginia. Let me shed some light on the subject.
An election is a massively live event involving hundreds of millions of individuals spread out over 7 time zones (don't forget Guam) and an entire continent-sized geographic area.
51 independent elections are held, each with their own rules of procedure, equipment, and personnel, with the exception of some common rules for federal elections.
Within these 51 elections there are thousands of individual voting precincts where the actual votes are counted. Each one of those 51 x 000s precincts are under the complete supervision and control of volunteers. No politician or government worker ever administers the casting of a vote. This is done by your neighbors, a veritable small army of people.
A voter can only vote in the same physical place where they are a resident. You cannot vote remotely.
Before you can cast your vote, in most states you must prove your identity and residency. In all states, this process is entirely disconnected from the actual casting of a ballot.
Except in two states that allow mail-in voting (shame on them), your vote is completely private. No one can force you to vote against your conscience. No one can force you to prove how you voted.
The threat surface of such an undertaking is massive. There is the possibility of fraud in registering voters. There is possible fraud in selecting and configuring equipment. There is possible fraud in authentication. There is possible fraud in training (or lack thereof). There is possible fraud in counting. There is possible fraud in administration and reporting. And on and on.
There is no "this one thing" that can defeat an election. To successfully throw an election is a non-trivial task of monumental proportions. Of course that doesn't stop people from trying.
The gold standard preventative tools we use to secure a vote are:
- Contemporaneous, independent protocols recording the votes, such as scanned paper ballots, hourly running call logs of the number of voters voting, and duplicate end-of-day reports placed under court custody
- 100% Chain-of-custody controls of equipment
- Black-box testing
- Training, training, training
- Aggressive de-duplication and data cleansing.
Anyone who tells you that some 11 year-old can "throw" an election with a hack on some copy of a reporting web site is just trying to sell you something or gain some internet fame.
"We receive as friendly that which agrees with, we resist with dislike that which opposes us" - Faraday
Only exist in film.
Avantgarde Hebrew science fiction
...Headlines from Def Con, a hacking conference held this month in Las Vegas, might have left some thinking ...
... but all the articles I read on the topic left me with the impression that it was a duplicate copy of the election system, not the real, live election system itself.
...I hacked a state election. Posting anonymously for obvious reasons.
Impersonating me again I see: Poor imitation & yet sincerest form of flattery proving you WISH you were ME but an offtopic "ne'er-do-well" in yourself can NEVER ever be since you waste your time producing the outcome of your WASTED LIFE we all see now from you.
APK
P.S.=> Grow up, get on topic & be normal... ok? Thanks... apk
This works on MacOS X: It's easy to manually enter for users of it w/ rights to hosts https://it.slashdot.org/commen... just as I do it on Linux vs. MAC/DAC & in Windows too vs. WFP/SFP to edit hosts!
* VERY tiny amount of entries to do to be SAFE vs. this threat & MANY OTHERS this month alone e.g. https://it.slashdot.org/commen... + https://it.slashdot.org/commen... + https://it.slashdot.org/commen... & that's only recently while I've been on Linux AGAIN (a month++ now only) & 100's of times vs. MANY other botnets/malwares etc. in the past circa 2006-early 2018 while I was on Windows
PLUS, like I said - a PURE MacOS X version of my program?
Only a compile away once the guy I know w/ a Mac frees up time to load FreePascal 3.04 & Lazarus 1.8.2 IDE for it to make it so (not long now I imagine)!
APK
P.S.=> Lastly as to OFF TOPIC? Speak for yourself & GET ON TOPIC chump... apk
See subject: 30 reviews by registered /.ers on quality/efficacy of Win32/64 model (Linux one's faster too) https://tech.slashdot.org/comments.pl?sid=12478398&cid=57130680/ https://tech.slashdot.org/comments.pl?sid=12478398&cid=57137806/ https://tech.slashdot.org/comments.pl?sid=12478398&cid=57137868/ https://tech.slashdot.org/comments.pl?sid=12478398&cid=57137916/ https://tech.slashdot.org/comments.pl?sid=12478398&cid=57137944/
* Want more? Ask & "ye shall receive"!
(YOU WISH YOU WERE ME & your IMPERSONATING me proves it, lol!)
APK
P.S.=> Accept NO substitute for NATIVE efficacy vs. "Bolt-on-'MoAr'" ILLOGIC-LOGIC "solutions" FULL of security issues (DNS/Antivirus) OR that don't work by default (e.g. AdBlock) that SLOW YOU DOWN vs. hosts speeding you up 2 ways... apk
Khazar Talmudic Jews believe this of all they call goyim/gentiles (any non-jew): Jews = biggest racists of all (for which they "jew guilt" you for no less! They're hypocrites known as thieves all thru history or were Argentines in the 1940 under Peron, Spanish inquistion, France (1306), Egypt (despoiled/robbed by jews), Arabs (pre & post 1948), England (1330 Edward longshanks), Romans under titus, Russia pogroms and Germany who got rid of them from their nations nazi german's too? No. Driven into DESERTS ages ago! Don't wonder why after all those exilings above.
Should anyone doubt any of this see Jacob Javits' crony Rosenthal spill the beans on it https://www.youtube.com/watch?v=D4zMVZ8HnFI/ where he called all Christianity fools for helping Israel and the biggest scam of all time per their beliefs below from their Talmud.
This is the province of the synagogue of Satan (Pharisees whom Jesus Christ himself kicked to the curb out of the temple & they killed him for it. Jeremiah did the same to them also + the Essenes could not stand them either breaking away from the pharisee corruption):
Mark Zuckerberg stole the Winklevoss twins' code for Fakebook (figures as he is a thieving low jew too).
Maria Abramovic satanist spirit cooker pal of Hillary Clinton the Voodoo queen is a jew https://www.google.com/search?...
Like Hillary Clinton's mentor Saul Alinsky author of rules for radicals book dedicated to Lucifer
"Most Jews do not like to admit it, but our god is Lucifer Â- so I wasnÂ't lying Â- and we are his chosen people. Lucifer is very much aliveÂ" Harold Rosenthal http://www.thetruthseeker.co.u...
Jewish rabbi openly admits to satan worship use white children's blood they kill for passover bread, infiltrating and subverting the catholic church, creating the Jesuit order https://www.youtube.com/watch?... and https://www.youtube.com/watch?...
Barbara Spectre, a jew, tells everyone it's jews orchestrating the muslim migrant problem in Europe https://www.youtube.com/watch?v=MFE0qAiofMQ/ . No migrant raping of women in Poland. Tons in Sweden. Do the math. Use common-sense. This is to get muslims and other goyim/gentiles to wipe one another out as incompatible cultures that will clash and always have.
Rabbi A. Finkelstein ADMITS their greatest enemies are ARABS and WHITES (blacks too) whom they wish to kill one another in a 'theater of war' which they find AMUSING https://www.youtube.com/watch?...
Finkelstein also admits JEWS DID 9/11 (perpetrated by the Mossad & Bebe Netanyahu of ISRAEL) https://www.youtube.com/watch?... profiting by it (and that 3,000 jews employed there did not show up for work that day knowing about it beforehand).
Finkelstein also admits JEWS are going to destroy the U.S. Dollar and dumping it for other world currencies and gold to destroy the United States.
George Soros who funds groups to create division in the USA?? A jew. One who sold his own jew people into death for the nazis.
Zucker now FIRED @ CNN is another frying publicly for lying about "russians" and John Bonifield a producer @ CNN said it is bs. Van Jones did also.
Bernie Madoff (who made off with everyone's money, especially construction union pensions) shows the thieving nature of the JUDEN!
Eric Schmidt had to step down @ JEWgle (a jew).
Adam Schiff (gosh s
these manipulated headlines are so boy-cries-wolf I just ignore them, knowing the real story will come out after the clickbait ad impressions have been recorded - you guys remember the teen app millionaire who sold his app to yahoo? turns out his father gave him financing and he hired people to write code for him and his mother was a yahoo lawyer - same kind of thing here, only without the millions
See subject & the rest listed here + why (butthurt ac who destroyed himself on hosts kernelmode) https://it.slashdot.org/comments.pl?sid=12012911&cid=56473441/ vs. slower usermode (the little fuck that's doing this is a SERIOUS screwup, lol, hence the WEAK butthurt effete attempts @ "impersonating" me, via harassing others).
I STAND BEHIND my words... you are a stupid nígger. You're probably impersonating me as a BUTTHURT AC because I EASILY DUSTED your bullshit blatherings about hosts and guns.
* Unbelievable... lmao!
APK
P.S.=> You really are a stupid pathetic nígger. That's probably the RESULT of being raised as a "soyboy" weasel for the whimp trying to make me look "bad" impersonating me - RoTfLmAo... apk
Grow up & it was a pleasure ANNIHILATING you easily here https://politics.slashdot.org/... + here too https://politics.slashdot.org/...
* :)
(Man - you KNOW you're just making me HAVE to say it again, don't you? See my p.s. below, lol...)
APK
P.S.=> THIS? This is tradtion vs. WEAK trolls & this was just "too, Too, TOO EASY - just '2ez'" & it always is vs. "ne'er-do-well" TROLLS wishing they were ME by IMPERSONATING me (or STALKING ME by UNIDENTIFIABLE anonymous)... apk
Impersonating me again I see: Poor imitation & yet sincerest form of flattery proving you WISH you were ME but an offtopic "ne'er-do-well" in yourself can NEVER ever be since you waste your time producing the outcome of your WASTED LIFE we all see now from you.
APK
P.S.=> Grow up, get on topic & be normal: Ok? Thanks... apk
And that was when the Internet was barely even a thing in private homes.
Nowadays, the "hacking" tools have become way easier (or rather, exist at all), but the security measures also have become way harder. If you're a smart kid, you could find out how to hack into networks/computers back then, and certainly can do it now that all the information is at your fingertips.
(Especially if you can speak Russian. Good black hat hacker communities available to the common man only speak Russian, unfortunately.)
The voting village had several machines opened up to be poked and prodded. The majority of people walked by, some looked at the chip names, some looked closely to find a serial port, but most just said "well if you hardware access, then of course it can be hacked." The hacks weren't great. Using SQL injections to hijack web pages aren't new, and that hack didnt change the tally. The only way any meaningful hack could take place would be to put someone in where they are stored between elections and add some remote access, but the caveats are obvious. After being in most of these machines, the hacks are not that easy to do surreptitiously.
I knew as soon as I heard the story that it was 100% pure, uncut bullshit. That much was obvious. I figured the "exact copy" of the website was the HTML code your computer downloads when visiting the site, and that THAT's what he allegedly changed, which is a bit like claiming someone can hack your car and open the doors because he can open the doors on HIS car, which happens to be the same kind as your car, and oh, we forgot to mention the doors were already unlocked... or something like that. In any case, even if for not precisely the right reasons, I was right about the fact that the story was total bullshit.
HOWEVER... I can't help but wonder if this is going to turn into a zombie-lie, you know, a fake, bullshit story that people go on citing over and over again either in stupid, pointless verbal arguments or in substantiate, meaningful, important debates on matters of policy, and that the dolts who are convinced that an 11 year old hacked into the voting system of a US state... will keep spouting this debunked claim over and over again. I'm sure in some circles, it will. Anything, for some people, that serves the point of their argument, they'll insist is "valid" even when it plainly ISN'T.
Our reign has gone on long enough. Indeed. Summon the meteors.
Alexander Peter Kowalski continues his Lies
Like how he claims the Chinese copied him but can't produce any evidence.
How about when he states that hosts does port filtering but again can't backup his statement which was shown to be false.
There is also his list of "experts" who support him but it turns out they don't say what he is claiming.
This also ignores his out of context quotes he uses to lie by omission.
The problem with APK is that his entire reputation is built upon the lie he told years ago that hosts is an effective security solution. It has been exposed numerous times as being a lie and when exposed APK fails to argue logically and instead will try to deflect criticism, change the subject, move the goal posts, return to a previously disproven statement, demand you prove you did better than his file concatenator, or just call people names. He will continue to lie by stating that he won or "dusted" you while failing to refute anything you said, will never provide real evidence, and generally try to dodge the issue.
Face it Alexander Peter Kowalski is one of the most detested individuals here for good reason. When ever his poor behavior, awful logic, over statements, and horrendous writing are called out he has a fit and has done so for years across the internet. He is a spammer, and is an abusive insecure little man who is washed up and never amounted to anything. Until he produces actual verifiable facts supporting his case nothing he says should be taken seriously.