Originally published at: https://boingboing.net/2018/08/14/11-year-old-hacks-replica-of-f.html
…
Surprising no one actually qualified to speak to the topic.
But, wait, hey, look over there! RUSSIANS! I can see Putin from my yard!
Be sure you don’t listen to any computer scientists, because there are pundits and politicians ready to tell you what to think about election hacking.
“Last week at DEFCON 26 in Las Vegas, eleven-year-old Emmett Brewer hacked into a replica of Florida’s state election site and changed the voting results. That’s scary enough. What’s even scarier is that it took him less than ten minutes. An eleven-year-old girl was able to hack into the same site in about fifteen minutes.”
Did the 11 year old girl merit having a name? I mean in life, not merely in the article, where she clearly did not.
I’m unfamiliar with this hacking contest. Is it gender-segregated? Did she win the girls competition? Why doesn’t she get named? Was she the second place finisher? “merely” the first girl? Why is she so important as to be mentioned, but not important enough to be named?
It strikes me that they were trying to give her credit (“See? Even A GIRL can hack their site!”) but completely dropped the ball by not actually crediting her. How disappointing.
It could have been an eight-year-old in 5 minutes and the political will amongst campaign officials (esp. Republican ones) to fix these dangerously compromised systems would still be near-zero.
Can we please have vote-by-mail ballots nation-wide?
Can we please have paper ballots nationwide?
Hey kids… you know what to do now don’t you… good.
I hear “Replica” and I have so many goddamed questions. How was it replicated? Is it just the same platform? Were they secured int he same way? Same patch level? The hell?
I was upset by that, too. Tried a few different places but couldn’t find her name.
No worries, 11-year-olds aren’t allowed into voting booths.
On the one hand -
"While it is undeniable websites are vulnerable to hackers, election night reporting websites are only used to publish preliminary, unofficial results for the public and the media. The sites are not connected to vote counting equipment and could never change actual election results.”’
While on the other -
Until one posts the headline “Candidate X Wins” before the election is over.
This is one of those problems where adding technology makes things demonstrably worse.
You really just need to go back to what we know works.
Paper ballots. Secure ballot boxes, count the votes by hand, and allow independent monitoring of the counting.
It’s not difficult, and you don’t even have the excuse of the complexities of a functioning voting system.
Kiddies these days.
They just don’t stick to the scripts.
They need to be tought a lesson. Let’s not allow them to vote, for a start!
We could post that GIF here of Bugs sawing Florida off the map, but then we’d just have to face up to the fact that the voting sites in other states are connected to the same fucking internet! Cyberspace cares not for our precious little political borders. Seems like we used to celebrate that fact back in the mid-90’s, not realizing in our naivete the potential pitfalls.
That has its problems as well. It makes it easier for someone to sell their vote. The buyer can verify that the bought vote is cast as paid for.
How is that easier than paying someone to go and vote at the local booth? You are mistaking ease of voting for ease of paying someone to commit a federal felony.
You don’t crack down on the latter by making the former more difficult.
And it’s MUCH worse than the Motherboard article headline makes it sound. The remote control software with critical security vulnerabilities (PC Anywhere) was not installed on individual voting machines. It was installed on the systems that configure those voting machines and tabulate the election results.
If you want to wrap your head around this, try thinking of ATMs. What the linked article is saying is, “no remote control software was installed on any ATMs”. Instead, “it was installed at the bank headquarters on the system that controls ALL of the ATMs”.