GoFuckYourself.com - Adult Webmaster Forum - View Single Post - The Department of Homeland Security notifies 21 states of election hacking

VRPdommy · 09-23-2017, 02:43 PM

There are different parts to voter systems in each state. The same systems do not exist in each state because it is up to the state to run it's own election process in accordance with US constitution, federal law and the states constitution and laws.
Results are judged by the rules that were in place the day before election day.

Voting systems are not state entities. It is a sub-contracted function of the state. (they hire out for it)

Online 'voter registration systems' would never generally be attacked unless you were just trying to prevent them from happening at a particular time. Easily checked for fraud at any time.

Voter tabulation, the individual poll unit used at a poll station can be a target but is not generally because you have to get to the programming that would go into the machine in advance. They are not connected online. Not really a direct target. But the machines that make the programming for them are. Trojan horses will never be found in the machine itself after execution. That is their design.

Counting network machines that tab the data from the polling unit are susceptible to all threats direct and indirect.

Many states have no paper trail to really check the counting system before during or after.
So when a trojan is activated , being part of any segment to the counting system, it does it's deed and can not be found. You have to find recorded accesses to any unit connected to the system to find when and how a trojan was planted. Most of which is not done and for those that are, it is a extremely time consuming process since you may not know exactly what you are looking for and from all machines that had access to the master programming unit or the tabulation systems.
It does no good to attack the final counting machines since everything can be recounted from the raw data again if there is a issue.

The implanted trojan can come from the hack of a authorized unit that has access to the system.
Much how we planted the StuxNet Virus on Iranian nuclear facilities.
There, we already had the blueprint of the system and knew what plc controls they had and via a thumb drive planted a virus that made it's way to the system by a technicians laptop that also connected to the system controlling the plc's and through a normal redirected software update for the control (with a specific serial number range so that other systems that might also use the same control would not be affected in case the virus went wild), they began infiltrating the system.

But to do any of this you need a blueprint to how the system is set-up. You need to see the programming. Nobody would hack these in a way that is directly detectable. They do it by inserting code from that which feeds the programming of the polling unit and via TROJAN..., the code disappears/destroyed after execution.

So that is the accesses and poking around for a looksy. To get the blueprint of the code.
Your not going to find evidence of the code. Just perhaps accesses to where the breach accrued in the chain, 'IF' you know where to look and you have ALL records for those machines that had ANY access. NOT.

DHS does not have the lead on this one, but they are the only ones allowed to talk to the public about any details. They certainly are not saying much. And I can only guess that voter confidence is the issue while they try to figure out how to prevent this in the future.

Consider it all fake news if you must but you might be doing your own interest a disservice for the future.
But I do expect everyone to question any statement made by any government body. Just make sure you demand answers and don't stop till you get them. Just as you might do to me.
No matter your political affiliation. It can and will get worse.

DATA SECURITY...
A fairy tale spoken to create trust and allow a more productive information sharing.

09-23-2017, 02:43 PM
VRPdommy Confirmed User Industry Role: Join Date: Oct 2014 Posts: 9,082	There are different parts to voter systems in each state. The same systems do not exist in each state because it is up to the state to run it's own election process in accordance with US constitution, federal law and the states constitution and laws. Results are judged by the rules that were in place the day before election day. Voting systems are not state entities. It is a sub-contracted function of the state. (they hire out for it) Online 'voter registration systems' would never generally be attacked unless you were just trying to prevent them from happening at a particular time. Easily checked for fraud at any time. Voter tabulation, the individual poll unit used at a poll station can be a target but is not generally because you have to get to the programming that would go into the machine in advance. They are not connected online. Not really a direct target. But the machines that make the programming for them are. Trojan horses will never be found in the machine itself after execution. That is their design. Counting network machines that tab the data from the polling unit are susceptible to all threats direct and indirect. Many states have no paper trail to really check the counting system before during or after. So when a trojan is activated , being part of any segment to the counting system, it does it's deed and can not be found. You have to find recorded accesses to any unit connected to the system to find when and how a trojan was planted. Most of which is not done and for those that are, it is a extremely time consuming process since you may not know exactly what you are looking for and from all machines that had access to the master programming unit or the tabulation systems. It does no good to attack the final counting machines since everything can be recounted from the raw data again if there is a issue. The implanted trojan can come from the hack of a authorized unit that has access to the system. Much how we planted the StuxNet Virus on Iranian nuclear facilities. There, we already had the blueprint of the system and knew what plc controls they had and via a thumb drive planted a virus that made it's way to the system by a technicians laptop that also connected to the system controlling the plc's and through a normal redirected software update for the control (with a specific serial number range so that other systems that might also use the same control would not be affected in case the virus went wild), they began infiltrating the system. But to do any of this you need a blueprint to how the system is set-up. You need to see the programming. Nobody would hack these in a way that is directly detectable. They do it by inserting code from that which feeds the programming of the polling unit and via TROJAN..., the code disappears/destroyed after execution. So that is the accesses and poking around for a looksy. To get the blueprint of the code. Your not going to find evidence of the code. Just perhaps accesses to where the breach accrued in the chain, 'IF' you know where to look and you have ALL records for those machines that had ANY access. NOT. DHS does not have the lead on this one, but they are the only ones allowed to talk to the public about any details. They certainly are not saying much. And I can only guess that voter confidence is the issue while they try to figure out how to prevent this in the future. Consider it all fake news if you must but you might be doing your own interest a disservice for the future. But I do expect everyone to question any statement made by any government body. Just make sure you demand answers and don't stop till you get them. Just as you might do to me. No matter your political affiliation. It can and will get worse. DATA SECURITY... A fairy tale spoken to create trust and allow a more productive information sharing.