Slashdot Mirror
File-Sharing Software On State Election Servers Could Expose Them To Intruders (propublica.org)
An anonymous reader quotes a report from ProPublica: As recently as Monday, computer servers that powered Kentucky's online voter registration and Wisconsin's reporting of election results ran software that could potentially expose information to hackers or enable access to sensitive files without a password. The insecure service run by Wisconsin could be reached from internet addresses based in Russia, which has become notorious for seeking to influence U.S. elections. Kentucky's was accessible from other Eastern European countries.
The service, known as FTP, provides public access to files -- sometimes anonymously and without encryption. As a result, security experts say, it could act as a gateway for hackers to acquire key details of a server's operating system and exploit its vulnerabilities. Some corporations and other institutions have dropped FTP in favor of more secure alternatives. Officials in both states said that voter-registration data has not been compromised and that their states' infrastructure was protected against infiltration. Still, Wisconsin said it turned off its FTP service following ProPublica's inquiries. Kentucky left its password-free service running and said ProPublica didn't understand its approach to security. "FTP is a 40-year-old protocol that is insecure and not being retired quickly enough," said Joseph Lorenzo Hall, the chief technologist at the Center for Democracy and Technology in Washington, D.C., and an advocate for better voting security. "Every communication sent via FTP is not secure, meaning anyone in the hotel, airport or coffee shop on the same public Wi-Fi network that you are on can see everything sent and received. And malicious attackers can change the contents of a transmission without either side detecting the change."
The service, known as FTP, provides public access to files -- sometimes anonymously and without encryption. As a result, security experts say, it could act as a gateway for hackers to acquire key details of a server's operating system and exploit its vulnerabilities. Some corporations and other institutions have dropped FTP in favor of more secure alternatives. Officials in both states said that voter-registration data has not been compromised and that their states' infrastructure was protected against infiltration. Still, Wisconsin said it turned off its FTP service following ProPublica's inquiries. Kentucky left its password-free service running and said ProPublica didn't understand its approach to security. "FTP is a 40-year-old protocol that is insecure and not being retired quickly enough," said Joseph Lorenzo Hall, the chief technologist at the Center for Democracy and Technology in Washington, D.C., and an advocate for better voting security. "Every communication sent via FTP is not secure, meaning anyone in the hotel, airport or coffee shop on the same public Wi-Fi network that you are on can see everything sent and received. And malicious attackers can change the contents of a transmission without either side detecting the change."
The article talks about the how ftp can be used to peek at the operating system but any worthwhile ftp blocks that sort of nonsense. No, ftp doesn't encrypt or sign data but neither does http and people love that protocol.
Ftp actually can be secure. See gss.
You are all cows. Cows say moo. MOOOOOO! MOOOOOOO! Moo cows MOOOOOO! Moo say the cows. YOU PORT 21 COWS!!
FTP doesn't seem to be reported for getting compromised. Is that because it is mostly non-existent now?
Or is it like the Vice item, where they reported on a something, browser history sniffing, that would only occur for those that don't care about how much they lose.
can the MPAA and RIAA's shut down the vote if say the hot new movies where to be hosted there?
... just like everything else. I wonder how many of those devices are hooked up to routers / access points that have the default admin password and web based login enabled.
I'm not a betting man but I'd put money on it being at least one of them.
Well surely this new internet evil "FTP" should be banned. We need to draft new legislation against this new insidious threat actor.
These could also be reached from internet addresses based in any other country, because it's facing the internet and poorly secured.
This is my signature. There are many like it, but this one is mine.
Regardless of the presence of state actors wanting to interfere in our elections...
WHAT KIND OF MORON RUNS FTP ON AN ELECTIONS SERVER?
#DeleteChrome
This is why all my servers are fully armed. No intruder will ever surprise my beloved Dell Optiplex on the toilet without the ability for it to return fire. PROTECT YUR FREEDOM: ARM YUR COMPUTER SERVERS!
FTP is perfectly reasonable when used and protected appropriately.
This article is so much FUDD that is disgusts me.
Yes, the servers the allow people to register and post the election results are connected to the Internet and they should have FTP so the public can get election data.
The missing part is that the tabulation servers and equipment are air gapped and on their own separate system, as well as the state database that maintains registration. Can you hack the site and change the results? Yes, you can change the html export from the tabulation system to say whatever you want. It isn't going to change the official tabulation results that are communicated to the state and verified three times against the ballot boxes and tabulation systems.
The system is secure. Don't believe me? You can ask to be an auditor and watch how the poll-workers conduct the election and the procedures used back at the warehouse. Every ballot is counted. The numbers must match ballots issued at the poll vs ballots tabulated vs voters checked in. These are three separate systems that are reconciled against each other by hand and electronically by multiple individuals.
Overall the system is only as secure as the folks conducting it. They usually welcome outsiders to watch as it reinforces transparency.
to explain what FTP is on a /. post? I get TFA might have ...but...in the preview text, really?
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
That's the whole point of installing it on there?
Those GOP wins aren't going to win themselves.
"The service, known as FTP, provides public access to files"
Wow slashdot has gone so low that we need to be explained what ftp is ?
I've been trying to download Putin's Greatest Hits. I'm stuck at 99%
damn those TLS connections
Court declines to end paperless voting in Georgia before midterms
https://www.politico.com/story/2018/09/18/georgia-voting-paperless-elections-791427
"“While Plaintiffs have shown the threat of real harms to their constitutional interests, the eleventh-hour timing of their motions and an instant grant of the paper ballot relief requested could just as readily jeopardize the upcoming elections, voter turnout, and the orderly administration of the election,” Judge Amy Totenberg wrote in her ruling siding with Georgia Secretary of State Brian Kemp and the other state defendants over the activists"
KEMP, the man running the election can put any vote count he likes on those machines, so that KEMP, the man trying to get elected can win.
In a not too surpising twist, KEMP claims the Democrats hacked his machines ahead of the election. Which means he's setting the back story defense if any inconsistencies are spotted.
My guess is KEMP will declare KEMP the winner, by a close 51%. He'll say it was a close thing but he was glad the electorate decided for him KEMP. KEMP will congratulate KEMP on his victory and declare there was nothing wrong with the election which was totally fair.
I personally have seen horrible things done by otherwise good election processes.
Such as in the 90s a personal office laptop was used to manage totals for a whole metro county and this same windows 98 laptop ran a free anon FTP server to share exported text files that all news networks used to get results imported into excel etc.
The FTP was wide open and known to have problems and I didn't even bother a port scan but I suspect the usual things were blocked by the firewall not that it would matter because their FTP was open to manipulation; the system could be hacked and the vote counting software compromised. this happend for YEARS! and I'm told not much different elsewhere at the time all over.
The thing wasn't that the news was going to be wrong that could be sorted out if it happened and a bad hacker would get caught after the FBI got involved and they would since people would notice big shifts... that is until they banned exit polling!
We had paper ballots. still do. but are machine counted. big changes might be noticed by local officials as not matching. but that never happened. possible.
The BAD part is that the official count totals were done on this same computer! after exit polls were dead... they could have had a few % shift and probably not have it go noticed; you just need a judge in an area who doesn't double check... or the newer machines which directly uploaded the numbers to the county without a person seeing what exactly they were doing...
FTP isn't bad as long as it's another machine. doesn't matter what they use; as long as there is no WRITE access to the real election machine. screwing up the FTP shouldn't do anything but confuse reporting by the news orgs.
anon for reasons.
“As recently as Monday, computer servers .. ran software that could potentially expose information to hackers or enable access to sensitive files without a password. The insecure service .. could be reached from internet addresses based in Russia, which has become notorious for seeking to influence U.S. elections. Kentucky's was accessible from other Eastern European countries.”
.. doh .. network. Serious dudes, enough with this anti-Russian cyber bollix.
Yea, there's this thing called the Internet, it's like a network of computers that can connect to other computers on the same er
It's not a voting machine, and it's not a critical system. It's a reporting machine that has to be publicly facing to give the public the election reports. In fact, putting FTP on it is a *good* idea to allow bulk transfer of data, as it's a much more appropriate protocol than HTTP for file transfer. Oh, and you idiots suggesting rsync or scp, the entire point is to allow the data to be available without a login. FTP does that, your favorite protocols don't.
https://xkcd.com/463//
100% of real-world FTP servers I've seen running in the last decade were setup on orders from Sales or Marketing departments. Those folks tend to have low technical ability, zero understanding of security, and far more political power than Dev or IT.
In fact, the presence of an FTP server on an important host tells us something about their organizational structure. It tells us there is at least one zero-tech-knowledge person in the org, whose mere whim carries more weight than the CTO's (or CSO's) total office-political power.
It's a social problem. We now live in a world where everything is controlled by computers. Yet programmers have no real upward career path and are systematically excluded from leadership positions in most organizations. Thus even highly tech- dependent orgs usually have 100% tech-illiterate leaders.
Until this social problem is fixed, expect security incidents to get steadily worse and more frequent.
Having worked on federal, state and local projects for almost two decades I can assure you that the project was almost certainly implemented by the lowest bidder who either:
a) Substituted junior staff fresh out of college for the staff who actually did the presentation and were in the proposal/quals.
b) Farmed the work out to one of their off-shore teams.
Thankfully a lot of RFP's are starting to stop this kind of nonsense, stating that a certain percentage of the staff is physically onsite and that a certain percentage of the staff explicitly listed in the proposal actually work on the project. However, contractors still find ways around this.
For my own sanity I stopped working on this nonsense (although I found out my former consulting firm is still using my resume as part of their quals package... even though there is zero chance of me actually working on it).
Of course they are accessible in "Russia and other eastern European countries" It's on the god damn internet. Any country also on the internet can access it.
FTP like HTTP does not need to always be SSL/TLS encrypted depending on your use case. If you are just using it to serve up what are otherwise public files that any one can access there is no problem with an ftp that allows anonymous logins to retrieve files. Same as there is no real reason to have anything that is not an ecomerce site or a site handling some other form of PII behind https. Sure it doesn't hurt, but i really get the feeling there is a sh*t load of scaremongering going on about what actually needs to be encrypted and what does not. Google and its browser warnings are not helping either.
You would think that people who try to influence the political climate in other countries would be smart enough to cover their tracks... Wait! maybe they are! I can rent proxies in Russia, why couldn't a US interest do the same?
It is beyond belief that the public have accepted electronic voting, it is so obviously vulnerable to fraud.
Try the 'Robinson Method' - fraud proof, no computers or technology needed whatsoever, the result is known INSTANTLY the moment the final vote has been cast. The 'ballot' boxes are never taken out of the sight of whoever wants to be present throughout the voting period (which could be thousands of people if necessary), and the results can be shown on video, over the internet, as they are revealed.
Unfortunately the website that explains it all has a MySQL problem at the moment:
http://paul-robinson.us/index.php?blog=5&title=the_robinson_method_a_really_simple_way_&more=1&c=1&tb=1&pb=1
there is nothing wrong with ftp, as long as it is used in the correct way.
On a long enough timeline, the survival rate for everyone drops to zero.
I still use FTP for file transfer. It's simple to set up and has many good features, it's extremely handy for transferring multiple and large files. I mean what else are you going to use? HTTP? Good luck trying to transfer that 500GB file without restarting the transfer when you are losing the connection every once in a while. FTP has restarts and retries and I don't see how you are going to get that with HTTP. FTP isn't insecure by default, it's just as secure as any other protocol.
Displays the agenda, as well as insulting the reader's intelligence. I wonder how many are that dumb?