Stories
Slash Boxes
Comments

SoylentNews is people

Want to Hack a Voting Machine? Hack the Voting Machine Vendor First

posted by Fnord666 on Wednesday April 04 2018, @07:14AM   Printer-friendly
from the get-yourself-elected dept.

An Anonymous Coward writes:

Thousands of voting machine vendor employees' work emails and plaintext passwords appear in freely available third-party data breach dumps reviewed by CSO, raising questions about the security of voting machines and the integrity of past election results.

While breached sites, like LinkedIn after the 2012 breach, force users to change their passwords, a significant number of people reuse passwords on other platforms, making third-party data breaches a gold mine for criminals and spies.

For many years voting machine vendors have claimed that voting machines were air gapped — not connected to the internet — and were thus unhackable. Kim Zetter debunked that idea in The New York Times in February.

[...] CSO found five voting machine vendors in the third-party data breaches we reviewed, including more than two thousand credentials for the defunct Diebold, now owned by Dominion Voting.

[...] The breached credentials include key members of management, engineering, and operations teams for these companies. One case of password reuse over the last ten years would have been enough for an attacker to gain a foothold in a voting machine vendor's network and potentially compromise the integrity of voting machines — and election results.

Source: CSO

Original Submission

 
This discussion has been archived. No new comments can be posted.
Want to Hack a Voting Machine? Hack the Voting Machine Vendor First | Log In/Create an Account | Top | 6 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by frojack on Wednesday April 04 2018, @08:03AM (2 children)

    by frojack (1554) Subscriber Badge on Wednesday April 04 2018, @08:03AM (#662399) Journal

    The New York Times article proves nothing, and it never makes the claim that Voting machines are Not Air gapped, and certainly does not debunk that claim. It a mish-mash of confused reporting, speculating that election tampering happens when random people come into possession of a Stingray and somehow intercept telephone transmissions of data over cellular modems.

    Fake news.

    Gaining a password to an email account does not give anyone access to a voting machine. It doesn't even give access to the software of a voting machine.

    The whole article is juvinile, and tracking down who CSO actually is amounts to an exercise in futility. Even Bloomberg doesn't know who these clowns are.

    Come on AC, pick your sources more carefully. I rather suspect a planted story here.

    --
    No, you are mistaken. I've always had this sig.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 4, Informative) by takyon on Wednesday April 04 2018, @08:14AM

    by takyon (881) <{takyon} {at} {soylentnews.org}> on Wednesday April 04 2018, @08:14AM (#662404) Journal

    CSO's parent company is the Chinese-owned, American-based International Data Group [wikipedia.org] (IDG), which operates CIO, Computerworld, CSO, Macworld, Network World, PC Advisor, PC World, InfoWorld, ITworld, JavaWorld, TechWorld, and LinuxWorld.

    Actual reporting from CSO looks like a happy accident.

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]

  • (Score: 2) by el_oscuro on Thursday April 05 2018, @02:22AM

    by el_oscuro (1711) on Thursday April 05 2018, @02:22AM (#662738)

    You might want to read https://www.theregister.co.uk/2017/09/11/virginia_to_scrap_touchscreen_voting_machines/ [theregister.co.uk]

    --
    SoylentNews is Bacon! [nueskes.com]