Looks like voter reg systems targeted; in many places, these may be on same net that provision machines/tally votes. https://theintercept.com/2017/06/05/top-secret-nsa-report-details-russian-hacking-effort-days-before-2016-election/ …
-
-
That doesn’t matter. See, for example, the EVEREST report for real-world examples of how attack these “offline” systems.
-
Definitely possible, agree. Just think there are bigger vulns in the process.
End of conversation
New conversation -
-
-
I read every voting machine certification report a while back. The biggest risk is crappy, unreviewed code:https://github.com/Gorcenski/voting-machines …
-
Perhaps you know more about this than I do. But I will note that I led several of the security reviews of these systems.
-
Oh I don't disagree that it's possible. My "not really" wasn't well communicated :P
-
The fact that vendors are shipping cert test builds with line-of-code length violations shows that the eng process is super-fucked.
-
Absolutely. But holy grail for attacker is the backend. The vulnerabilities in the voting machines are a path to that.
-
Agreed here. Sorry for miscomm earlier! Meeting and tweeting never works.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.