Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
Rubio IS NOT on record in agreeing with Nelson on anything.
Rubio IS NOT on record disagreeing with Nelson either. 2 FL Supervisors of Election are on record confirming that Rubio met with them at the Orlando Airport and they are on record saying that Rubio mentioned the Russia hack into FL Elections systems during that meeting. Rubio has not confirmed or denied what was discussed at that meeting.
It's classified info and Rubio is not saying much in public about the details.
Article in Washington Post this AM that Microsoft security unit discovered 5 sites designed by the Russian hackers Strontium--connected to Fancy Bear--designed as spear-fishing sites
They were mimicking established sites connected to current US websites and designed to capture traffic to those sites
They were caught early---in creation stage--before they were actually useable
Microsoft filed court order to take over the websites because they were infiltrating based on Microsoft's copywrited materials the original websites used
This is not anyone's imagination
The Russian government FSB is engaged in an active, professional infiltration of US websites related to election and informational sites and has no intention of doing anything GOOD with the information gained by its efforts...
ANYONE who tries to downplay or divert from this actual threat to American security is doing the work of Putin...
Basically becoming a party to Russian subtrifuge and counter-intelligence..
I have not read how vulnerable the FL system itself might be but there are stories out now that an 11 yr old showed how easy it was to hack one aspect of the voting system at DEFCON last week in Las Vegas--and another 11 yr old manipulated the system to make it appear Liberterian candidate Darrell Castle has won the presidential vote in 2016...
Did it in like 11 seconds-- that is all over the news if you Google hacking FL voting system
Minutes, not seconds. Is that any comfort?
The organization is called DEFCON Voting Village (@VotingVillageDC on Twitter). Following is their report from day one of the conference. (It's kind of long, so I added emphasis to parts that I found particularly noteworthy.
Quote:
ROOtz
39 kids from ages 6 - 17 attempted to hack replicas of the SOS websites of 6 swing states; 35 kids were able to complete an exploit.
The quickest exploit was done by an 11 year-old in 10 minutes; kids were given an introductory walkthrough of how to perform an SQL injection. From there they ran with it and were able to complete the hacks.
Kids tampered with vote tallies, party names, candidate names, etc; Total vote counts were changed to numbers like 12 billion and candidate names were changed to things like "Bob Da Builder" or "Richard Nixon's Head".
Voting Village
Diebold TSX
Active Diebold TSX voting machines were found to be running on expired SSL certificates (2013) which makes these machines vulnerable to any vulnerabilities catalogued since then, and to hackers who could exploit the specifically on these machines. Diebold machine locks are also easily hackable.
A hacker was able to reprogram a Diebold TSX to play gifs and music after uploading a Linux operating system. While this can not be easily carried out in the time it may take a voter to vote, it illustrates the malleability of these systems.
Diebold Express Poll 5000
Poll Book Machines (Express Poll 5000) were found to be vulnerable to having their easily accessible memory cards removed from the top of the machine and replaced with a market-purchased copy pre-loaded with alternative voting poll information. This means that voters that attempt to vote at a polling place may find that they are no longer in the precincts records, or other voters could be added wha could then vote in that polling place. The hack can easily be performed by a voter within 5- seconds using a distraction or by a poll worker with access to all machines.
Poll Book Machines (Express Poll 5000) also keep supervisor passwords on these cards and they are listed in plain text. These poll book machines also keep personal records for all voters including last four of social security numbers, address, drivers license numbers and are completely unencoded.
Expanding on the password details above: The hackers were able to read and write the database inside, using SQL lite (a simple database program available everywhere). They discovered that the root password and administrative password are stored in the device, in clear text. The root password is: "password" (Something we're all taught NOT to do). While exploiting this vulnerability would require physical access to the poll books to make use of the info, it's entirely possible to do. The real security failure is that the passwords are stored in clear text in the machine.
ES&S
ES&S Vote Counter machines, the kind used by counties to count ballots from municipalities, were found to have active ethernet ports, exposing them to several vulnerabilities.
ES&S m650 - The hacker had never seen the machine before today. He discovered that if you remove the back panel, that there is a port there that he could completely control the machine from. He was able to get serial console access to the machine. The machine is running a version of QNX operating system, that is a multi user operating system but that was configured for only one user (the root user) and that there was NO password. The machine has a very accessible zip drive on the front of the machine. In order to update the software, you insert a zip disc that has the new copies of the software. You can create corrupted version of software, add to a zip disk, and insert it, which will override the software on the machine. There is NO check that the software is genuine. The software should have digital signature, which it would check, before doing any update. The machine does not have this.
The danger here is that you can create a corrupted version of the software which will not only corrupt the machine, but when you insert a good zip disk, the machine can infect that zip disk, which if inserted into others will cause a viral spread of the infected software.
This vulnerability was discovered years ago, but it was not published. Cyber Range (Voter Registration Database)
The Cyber Range project was a simulation of a state's voter registration database that hackers attempted to break into and modify. One hacker was literally one step away from totally compromising the system in the short time the hacker was working to compromise the system, which unlike hacking voting machines, can be done over a longer period of time.
Last year, the cyber range was penetrated in 10 minutes. This year, it deployed a security code used by foreign military to make it harder to penetrate. And it was still almost penetrated.
The company running the Maryland election system--servicing the machines and other aspects--is supposedly owned by Russian company or company with a Russian owner
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
