There are two broad ways Russia can hack a voting machine: through compromised access to the machine or compromised access to a developer.
-
-
I don't actually believe the machines themselves got hacked to the point of modifying totals. But if I wanted to do it and I was Russia...
-
You bet your ass I would have profiled every engineer working at ES&S
-
Someone might have gambling debts. Someone might be cheating on their spouse. Someone might have a sick kid and shitty health insurance.
-
This is old spycraft. You don't need zero-days to compromise an employee. This is how it's been done for all time.
-
What it boils down to is this: vote-tallying code pathways aren't tested. This is bad. Regardless of the cyber.
-
This is ES&S. Yes, it's actually on John Galt Boulevard in Omaha, Nebraska. (capitalism is a parody) Not exactly Silicon Valley high life.pic.twitter.com/aCE8wvojrI
-
FBI security briefings are full of stories of people that worked at places just like this selling info for a few thousand bucks.
-
Trust me, I know. I had to sit through the comically terrible movies.
End of conversation
New conversation -
-
-
Or to trick them into using a compromised lib or apt server...
-
Issue is most don't autoupdate. They have to lock versions to the certification version and check it against a build hash.
-
I can only say that this has not always been the case in Gov contracting... to say the least. And I'm talking about stuff I've done!
-
I should delete that in case I decide to re-enter the workforce. Heh.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.