Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Sunday August 09 2020, @09:59PM   Printer-friendly
from the getting-involved dept.

US voting hardware maker's shock discovery: Security improves when you actually work with the community:

Just hours after Professor Matt Blaze today discussed the state of election system security in America, one of the largest US voting machine makers stepped forward to say it's trying to improve its vulnerability research program.

Election Systems and Software (ES&S), whose products include electronic ballot boxes and voter registration software, said it is working with infosec outfits and bug-finders to improve the security of its products.

Speaking at this year's online Black Hat USA conference, CISO Chris Wlaschin outlined a number of steps his biz has already or will soon take to overhaul its relationship with bug-bounty hunters.

In addition to its ongoing vulnerabilities rewards program, ES&S said it will employ the services of security house Synack to bridge the gap with bounty hunters, and make its products better able to withstand attacks from the likes of state-sponsored groups.

Most notably, ES&S will beef up said rewards program. With the help of ethical hackers at Synack, testers will be able to hammer on devices like the ES&S ExpressPoll without fear of legal reprisal.

[...] One of the bounty hunters who has worked with ES&S, industry veteran Jack Cable, issued his seal of approval to the expanded program.

Today, the nation's largest voting vendor released a vulnerability disclosure policy giving hackers authorization to test their systems. This is a great step towards transparency for election security. I hope that other vendors follow suit and welcome hackers with open arms. 🧵

— Jack Cable (@jackhcable) August 5, 2020


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Sunday August 09 2020, @10:38PM (4 children)

    by Anonymous Coward on Sunday August 09 2020, @10:38PM (#1034053)

    I'm quite surprised Trump hasn't yet been sued by the postal union. When you accuse mail-in voting of being subject to fraud, you're basically accusing the postal service of being undermined by its employees.

    Or perhaps the police union should sue him. If it's not the postal workers, he's basically accusing the police of turning a blind eye to large scale theft out of mailboxes.

    Or perhaps neither actually happens and he's just paranoid. If you can't trust the integrity of your country's mail service, how is America great again?

  • (Score: 2) by Runaway1956 on Sunday August 09 2020, @10:42PM (3 children)

    by Runaway1956 (2926) Subscriber Badge on Sunday August 09 2020, @10:42PM (#1034055) Journal

    Maybe you're unaware that Porch Piracy has become a thing.
    https://www.youtube.com/watch?v=6f8iQJQLbhw [youtube.com]

    • (Score: 0) by Anonymous Coward on Sunday August 09 2020, @10:52PM (1 child)

      by Anonymous Coward on Sunday August 09 2020, @10:52PM (#1034057)

      Sure but you're talking Portland, in a lawless Democrat state that would never vote for Trump anyway. :)

      If package theft is rampant in that state then surely Amazon should be sending in its own paramilitaries* to ensure the integrity of its end-to-end deliveries!

      * that's why y'all have guns, no?

      • (Score: 0) by Anonymous Coward on Sunday August 09 2020, @10:59PM

        by Anonymous Coward on Sunday August 09 2020, @10:59PM (#1034061)

        Amazon has Parmalat?

    • (Score: 2) by MostCynical on Sunday August 09 2020, @11:27PM

      by MostCynical (2589) on Sunday August 09 2020, @11:27PM (#1034070) Journal

      do people leave their ballots on their porch for collection?

      --
      "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex