BC POLITICS
Saved by @Alex1Powell

August 2019:

Exclusive: Critical U.S. Election Systems Have Been Left Exposed Online Despite Official Denials

https://t.co/upYeltANXG

 The top voting machine company in the country insists that its election systems are never connected to the internet. But researchers found 35 of the systems have been connected to the internet for months and possibly years, including in some swing states.
But a group of election security experts have found what they believe to be nearly three dozen backend election systems in 10 states connected to the internet over the last year, including some in critical swing states.
These include systems in nine Wisconsin counties, in four Michigan counties, and in seven Florida counties—all states that are perennial battlegrounds in presidential elections.
Some of the systems have been online for a year and possibly longer. Some of them disappeared from the internet after the researchers notified an information-sharing group for election officials last year.
But at least 19 of the systems, were still connected to the internet this week, the researchers told Motherboard.
The researchers and Motherboard have been able to verify that at least some of the systems in Wisconsin, Rhode Island, and Florida are in fact election systems.
The rest are still unconfirmed, but the fact that some of them appeared to quickly drop offline after the researchers reported them suggests their findings are on the mark.
“In some cases, [the vendor was] in charge [of installing the systems] and there was no oversight. Election officials were publicly saying that their systems were never connected to the internet because they didn't know differently."
The systems the researchers found are made by Election Systems & Software (@essvote), the top voting machine company in the country.
They are used to receive encrypted vote totals transmitted via modem from ES&S voting machines on election night, in order to get rapid results that media use to call races, even though the results aren’t final.
Generally, votes are stored on memory cards inside the voting machines at polling places. After an election, poll workers remove these and drive them to county election offices.
But some counties want to get their results faster, so they use wireless modems, either embedded in the voting machines or externally connected to them, to transmit the votes electronically.
The system that receives these votes, called an SFTP server, is connected to the internet behind a Cisco firewall.
For security reasons, the SFTP server and firewall are only supposed to be connected to the internet for a couple of minutes before an election to test the transmission, and then for long enough after an election to transmit the votes.
But the researchers found some of the systems connected to the internet for MONTHS at a time, and YEAR-ROUND for others, making them vulnerable to hackers.
Hacking the firewall and SFTP server would allow an attacker to potentially intercept the results as they’re transmitted and send fake results to the FTP server, depending on how securely the ES&S system authenticates the data.
Although the election results that are transmitted via modem are unofficial—official votes are taken directly from the voting machine memory cards when they arrive at county offices—
— a significant discrepancy between the unofficial tallies and the official ones would create mistrust in the election results and confusion about which ones were accurate.
But connected to the firewalls are even more critical backend systems—the election-reporting module that tabulates the unofficial votes as well as the official ones, and the election-management system that is used in some counties to program voting machines before elections.
Gaining access through the firewall to these systems could potentially allow hackers to alter official election results or subvert the election-management system...
... to distribute malware to voting machines through the USB flash drives that pass between this system and the voting machines.”
Online, the researchers can only see the firewalls configured in front of these systems and cannot see anything behind them—a federal law makes it illegal for them to probe beyond the firewall.
But ES&S documents posted online in various counties show that these critical backend systems are connected to the firewall, and ES&S also confirmed that this is the correct architecture in counties that want to transmit results electronically.
ES&S has long insisted that election-management systems are air-gapped—that is, not connected to the internet or connected to any other system that is connected to the internet—and the company insists that the diagram it provided isn’t showing them connected to the internet.
“There’s nothing connected to the firewall that is exposed to the internet,” Gary Weber, vice president of software development and engineering for @essvote, told Motherboard. “Our [election-management system] is not pingable or addressable from the public internet.”
This makes them invisible to bad actors or unauthorized users, he said.

But Skoglund said this “misrepresents the facts.” Anyone who finds the firewall online also finds the election-management system connected to it.
“It is not air-gapped. The EMS is connected to the internet but is behind a firewall,” Skoglund said. “The firewall configuration [that determines what can go in and out of the firewall]… is the only thing that segments the EMS from the internet.”
And misconfigured firewalls are one of the most common ways hackers penetrate supposedly protected systems. The recent massive hack of sensitive Capital One customer data is a prime example of a breach enabled by a poorly configured firewall.
“If they did everything correctly [with the ES&S systems] as they say they do, there is no danger,” Robert Graham, CEO of Errata Security, told Motherboard.

“These are all secure technologies that if [configured] correctly work just fine.
It’s just that we have no faith that they are done correctly. And the fact that [election officials are] saying they aren’t on the internet and yet they are on the internet shows us that we have every reason to distrust them.”
Even proper configurations won’t secure a firewall if the firewall software itself has security vulnerabilities that allow intruders to bypass all the authentication checks, whitelisting rules, and other security parameters set in the firewall’s configuration file.
“If this system hasn’t been patched and has a critical vulnerability… you may be able to subvert any kind of security scheme that you’ve put in place,” Skoglund told Motherboard.
Senator Ron Wyden (D-Oregon) said the findings are “yet another damning indictment of the profiteering election vendors, who care more about the bottom line than protecting our democracy.”
It’s also an indictment, he said, “of the notion that important cybersecurity decisions should be left entirely to county election offices, many of whom do not employ a single cybersecurity specialist.”
“Not only should ballot tallying systems not be connected to the internet, they shouldn’t be anywhere near the internet,” he added.
What’s not generally known by the public about @essvote systems is that the company’s entire configuration for transmitting election results—from the modem to the SFTP server—is NOT CERTIFIED BY THE ELECTION ASSISTANCE COMMISSION (EAC).
The EAC oversees the testing and certification of voting equipment at the federal level. ES&S voting machines are tested and certified, but the transmission configuration isn’t. The labs test them for functionality to make sure they transmit votes, and that’s it.
In marketing literature, ES&S highlights the certified parts of its election system in blue and labels them "EAC Certified Configuration." The uncertified part is highlighted in white and labeled "Extended Configuration."
.@essvote told Motherboard that instead of federal certification, his company has focused on working with officials in states that allow modem transmission to test and certify the configuration under their own state certification programs.
This is said to include a security assessment of the configuration. Asked which states do these security assessments, he cited Wisconsin, Florida, and Minnesota.
But someone familiar with Wisconsin’s certification testing, who spoke on condition of anonymity, told Motherboard it doesn’t include a security assessment of the modem transmissions and configuration.”

More from Jewhadi™

Jewhadi\u2122
Jewhadi™
@JewhadiTM
Biden is not smart.

Biden's Iran policy is deeply flawed https://t.co/Jlc1EC9mt6

Biden “falsely claims the Iran nuclear deal that the Obama/Biden administration negotiated has kept Americans safe. The Joint Comprehensive Plan of Action (JCPOA) was flawed in many ways.

For starters, it failed to do anything about Iran's terrorist activities, which is significant considering they are the largest state sponsor of terrorism in the world and a leading cyber threat.

By releasing nearly $100B to Iran and omitting their nefarious activities from the agreement, not did the Obama/Biden admin reward bad behavior, but they gave Iran more money to finance its destabilizing foreign policy which includes arms transfers to terrorists & missile tests.

Iran is led by a revolutionary regime, and if the objective was to keep Americans safe, then any agreement reached with Iran should have included all the various ways they put American lives in danger.
POLITICS
Jewhadi\u2122
Jewhadi™
@JewhadiTM
Star-studded Time's Up charities spent big on salaries, little on helping victims @Alyssa_Milano @MiraSorvino @GloriaSteinem https://t.co/m5kM0W1UjE via @nypost

The organization, which is comprised of the Times Up Foundation and @TIMESUPNOW, raised $3,670,219 in 2018, its founding year, but spent $1,407,032 on salaries and only $312,001 on the @TimesUpLegal Defense Fund for people who have experienced sexual harassment.

Time’s Up Now, the lobbying arm of the organization, also spent $157,155 on conferences “designed to build community and spark critical conversations about gender equity,” tax filings show.

In addition to posh conferences, Time’s Up Now spent $288,007 on advertising, and $940,328 on “legal” costs, with the majority of that figure ($719,522) going to Arnold & Porter Kaye Scholer, a multinational law firm with a powerful lobbying arm on Capitol Hill.

Time’s Up Now also spent $58,395 on travel and $112,435 on Rally, a public relations company, according to tax filings.
CHARITY
Advertisement
Jewhadi\u2122
Jewhadi™
@JewhadiTM
.@JoeBiden’s ‘Dark Winter’ Is A Warning About His Economy, Not The China Virus

Should President Trump’s election challenges fail, it’s a certainty that bleak days are ahead. We’re staring into the barrel of 4 years of sclerotic economic

Six days after the election, Biden, employing the Democratic Party strategy of sowing fear whenever possible, warned that the country is facing a long night.

CNBC:

“‘We remain in the midst of one of the worst economic and job crises in modern history,” said the man who as vice president oversaw one of the weakest economic recoveries in U.S. history.

Apparently it never occurred to Biden and his handlers that government intervention, not the virus, caused 2020’s downturn.

Nor have they even begun to understand that Democrats’ economic policies, filled with steep, punitive taxes, and impossible-to-jump regulatory hurdles, are a slow-motion march of the economic lockdowns that almost instantly paralyzed the economy this year.
POLITICS
Jewhadi\u2122
Jewhadi™
@JewhadiTM
Radical Muslim political advocacy orgs are celebrating the election of 62 Muslim Americans who won races at all levels of government. Their victories mark another banner year for Islamist groups that seek to train, fund, and elect their favored politicians

Among these winners are a handful of Islamist politicians who espouse radical views and associate with extremist groups.

Many of these newly elected officials belong to the far-left wing of the Democratic Party, but others have even more troubling resumés, leading Islamist student movements and nonprofits or owing their political fortunes to Islamist underwriters.

Chief among these is Democrat @akoabdulsamad, who was reelected to the Iowa state legislature’s 35th district. Since 2015 Abdul-Samad has been the chairman of the American Muslim Alliance, a controversial political action group whose leaders have promoted violence against Israel.

“The statements that are attributed to the organization and some of its members are offensive and outrageous,” Hillary Clinton said in 2000 after returning a $50,000 political donation to AMA.
RELIGION
Jewhadi\u2122
Jewhadi™
@JewhadiTM
The Threat of Authoritarianism in the U.S. is Very Real, and Has Nothing To Do With Trump

The COVID-driven centralization of economic power and information control in the hands of a few corporate monopolies poses enduring threats to political

Asserting that Trump is a fascist-like dictator threatening the foundations of US democracy has been a virtual requirement over the last 4 years to obtain entrance to cable news Green Rooms, sinecures as mainstream newspaper columnists, and popularity in faculty lounges.

Yet it has proven to be a preposterous farce.

In 2020 alone, Trump had 2 perfectly crafted opportunities to seize authoritarian power—a global health pandemic and protests and sustained riots throughout American cities—yet he did virtually nothing to exploit those opportunities.

Early in the pandemic, Trump was criticized, especially by Democrats, for failing to assert the powers he had, such as commandeering the means of industrial production under the Defense Production Act, invoked by Truman to force industry to produce materials for the Korean War.

In March, The Washington Post reported that “Governors, Democrats in Congress and some Senate Republicans have been urging Trump for at least a week to invoke the act, and... Joe Biden came out in favor of it, too,” yet “Trump [gave] a variety of reasons for not doing so.”
TRUMP

More from Politics

Mike Dunford
Mike Dunford
@questauthority
THREAD:
Good afternoon, followers of frivolous election litigation. There's a last-minute entry in the competition for dumbest pre-inauguration lawsuit - a totally loony effort to apparently leave the entire USA without a government.

We'll start with the complaint in a minute.

But first, I want to give you a quick explanation for why I'm going to keep talking about these cases even after the inauguration.

They're part of an ongoing effort - one that's not well-coordinated but is widespread - to discredit our fundamental system of government.

It's a direct descendent, in more ways than one, of birtherism. And here's the thing about birtherism. It might have been a joke to a lot of people, but it was extremely pernicious. It obviously validated the racist "not good enough to be President" crowd. But that wasn't all.

Don't get me wrong, that was bad enough. Validating racism helped put the kind of shitbird who would tweet this from an official government account into power. But it didn't stop


(Also, if you agree with Pompeo about multiculturalism - the legendary melting pot - not being what this country is all about, you need to stop following me now. And maybe go somewhere and think about your life choices and what made you such a tool.)
POLITICS
Alexandria Ocasio-Cortez
Alexandria Ocasio-Cort...
@Ocasio2018
We’ve been getting calls and outreach from Queens residents all day about this.

The community’s response? Outrage.


Amazon is a billion-dollar company. The idea that it will receive hundreds of millions of dollars in tax breaks at a time when our subway is crumbling and our communities need MORE investment, not less, is extremely concerning to residents here.

When we talk about bringing jobs to the community, we need to dig deep:
- Has the company promised to hire in the existing community?
- What’s the quality of jobs + how many are promised? Are these jobs low-wage or high wage? Are there benefits? Can people collectively bargain?

Displacement is not community development. Investing in luxury condos is not the same thing as investing in people and families.

Shuffling working class people out of a community does not improve their quality of life.

We need to focus on good healthcare, living wages, affordable rent. Corporations that offer none of those things should be met w/ skepticism.

It’s possible to establish economic partnerships w/ real opportunities for working families, instead of a race-to-the-bottom competition.
POLITICS
Advertisement
Kanekoa
Kanekoa
@KanekoaTheGreat
*The Evidence Collection*

There is overwhelming evidence of election fraud. Therefore it is the duty of the Executive, Legislative, & Judicial branches to throw out the fraudulent votes & to honor their oath to protect & defend the Constitution of the USA.🇺🇸🦅

A list below.🔻


1/ Navarro Report: The Immaculate Deception - Six Key Dimensions of Election Irregularities -

2/ Analysis of 3,000 U.S. counties shows Joe Biden received 5.6 % more votes in counties using Dominion Voting Systems (Video) -

3/ Antrim Michigan Dominion Voting Systems Forensics Report -

4/ Evidence Grows: ’20 Election Was Rigged -
POLITICS , ALL
Mangy Jay
Mangy Jay
@magi_jay
I don't think that "Democrats were cowards and couldn't stand up to McConnell" is the correct framing. Dems clearly made a political calculation. Plenty to potentially criticize about that calculation, but it was informed by factors unrelated to generalized "fear of republicans"

What we largely know now:
-There would never have been enough GOP votes to convict
-GOP had the power to hold up *all* Senate business & that means COVID relief (Dems would have been blamed for this hold up)
-Witnesses were uncooperative & would have had to have been subpoenaed

So I think the correct framing is that Democrats made a political calculation that the benefit of adding witnesses (who would not change the outcome) was not worth the political & moral cost of holding up COVID relief, as well as important confirmations. . . .

This calculation can be criticized on its own merits, but it's categorically different than just being scared of McConnell & the GOP.

For my own part, I think an error Democrats made w/r/t witnesses was not calling cooperative police officers who had been attacked that day. Just a few personal narratives from the police would have deeply embarrassed the GOP. That's a missed opportunity, in my view.
POLITICS
Demola Olarewaju
Demola Olarewaju
@DemolaRewaju
The death of Alhaji Lateef Kayode Jakande brings to my mind the triumph of excellence in political leadership as well as rebellion against the political order.

A lot has been said about LKJ since he died yesterday and I hope only to contribute my perspective to enrich all said.

My emphasis with history has always been to draw out lessons relevant to the present, to show how trends repeat themselves and to show certain hypocritical contradictions within the present system.

Only few others qualify as well as LKJ to do all the three - I hope I do justice.

One area pundits have largely missed out in the Jakande story is the very beginning - both of his life and of his politics.

LKJ's parents were from Omu-Aran in present day Kwara State but he contributed more to Lagos than so many others - we will return to this subsequently.

LKJ was not originally a political ally of Awolowo - a number of elders were with Awo right from the very beginning but LKJ contributed politically to Awolowo at a crucial time of religious threat to the dominance of the Action Group (Awo's party) in the pre-Independence mid 50s.

A group had been formed in 1957 and named the National Muslim League headed by Alhaji R.A. Smith who had been very critical of Awolowo's AG as a Christian party and moved to align with the Northern People's Congress of Sir Ahmadu Bello.

The political threat to Awo was very real.
POLITICS

You May Also Like

Mau Abata \U0001314a
Mau Abata 𓅊
@MauAbata
Read through a forum thread on Chastity Mansion to see who is talking about the Edge-o-Matic and figure out what more to address regarding frequent questions, as well as scout out user feedback. Here's some thoughts you can carry back to the forums!

My website doesn't have any product reviews, but people scatter them everywhere else in forums, tweets, xtube vids, etc.

If you ARE a previous customer, and you like the thing, can you drop a review on my site to help others?

The price is steep, but that's the amount of coins I calculated to make these. I have several spreadsheets calculating every expense involved with this project.

The current cost sustains production and development of new tech, and is helping create jobs. We are 2 people now!!

It IS 3D printed, because injection molding is orders of magnitude more expensive for the initial tooling, and I am still making small revisions to the enclosures.

Injection molded plastics are a six thousand dollar commitment for fifteen cent parts. Great for mass mfg.

Also, if you didn't know, 3D printing technology allows for some shapes which would be difficult, expensive, or impossible on injection molding or milled parts!!

Undercuts, which I use in this design, require special lifters to mold that cost a tremendous fortune.
FOR LATER READ
Noah Smith
Noah Smith
@Noahpinion
1/Politics thread time.

To me, the most important aspect of the 2018 midterms wasn't even about partisan control, but about democracy and voting rights. That's the real battle.

2/The good news: It's now an issue that everyone's talking about, and that everyone cares about.

3/More good news: Florida's proposition to give felons voting rights won. But it didn't just win - it won with substantial support from Republican voters.

That suggests there is still SOME grassroots support for democracy that transcends

4/Yet more good news: Michigan made it easier to vote. Again, by plebiscite, showing broad support for voting rights as an

5/OK, now the bad news.

We seem to have accepted electoral dysfunction in Florida as a permanent thing. The 2000 election has never really
POLITICS
Advertisement
Robin Berjon
Robin Berjon
@robinberjon
Recently, the @CNIL issued a decision regarding the GDPR compliance of an unknown French adtech company named "Vectaury". It may seem like small fry, but the decision has potential wide-ranging impacts for Google, the IAB framework, and today's adtech. It's thread time! 👇

It's all in French, but if you're up for it you can read:
• Their blog post (lacks the most interesting details): https://t.co/PHkDcOT1hy
• Their high-level legal decision: https://t.co/hwpiEvjodt
• The full notification: https://t.co/QQB7rfynha

I've read it so you needn't!

Vectaury was collecting geolocation data in order to create profiles (eg. people who often go to this or that type of shop) so as to power ad targeting. They operate through embedded SDKs and ad bidding, making them invisible to users.

The @CNIL notes that profiling based off of geolocation presents particular risks since it reveals people's movements and habits. As risky, the processing requires consent — this will be the heart of their assessment.

Interesting point: they justify the decision in part because of how many people COULD be targeted in this way (rather than how many have — though they note that too). Because it's on a phone, and many have phones, it is considered large-scale processing no matter what.
TECH
Marina Amaral
Marina Amaral
@marinamaral2
Rio de Janeiro, 1920. 🇧🇷


São Paulo, 1910. 🇧🇷


“Arpoador”, Rio de Janeiro, 1900. 🇧🇷


“Avenida Paulista”, São Paulo, 1902. 🇧🇷


Recife, 1885. 🇧🇷
HISTORY
Richard James
Richard James
@RJSHutton
I think a plausible explanation is that whatever Corbyn says or does, his critics will denounce - no matter how much hypocrisy it necessitates.


Corbyn opposes the exploitation of foreign sweatshop-workers - Labour MPs complain he's like Nigel

He speaks up in defence of migrants - Labour MPs whinge that he's not listening to the public's very real concerns about immigration:

He's wrong to prioritise Labour Party members over the public:

He's wrong to prioritise the public over Labour Party
POLITICS