Voting Machines in Clark County
10 views
Skip to first unread message
Daniel Hill
Aug 11, 2017, 11:46:16 AM8/11/17
to SYN Shop
Following DEFCON, I sent a letter to the Clark County Registrar of Elections. This was their reply:
> I am aware of the DEFCON conference and the voting machine activity.
> We are replacing our Edge system with the ICX equipment manufactured by Dominion Voting Systems (formerly Sequoia Pacific) They were not used in the testing and our system does not have any connectivity to the Internet or wi-fi capabilities. The hackers in this case had unrestricted access to the machines and the some of the machines they used had wi-fi capability. I’m told the WinVote system was compromised, however, the system was decertified in Virginia and is no longer in use as far as I know. Regardless if the hackers were given complete access without any physical security it was an unrealistic scenario.
> We are consistently working to prevent hacking using physical security, bio metric access to the tabulation systems, firewalls, and other software antivirus tools. Our central IT is very aware of the threats and monitors it closely. The other concern is our voter registration database, which we also use several tools to deter hackers, multiple sign in to systems, antivirus software, and physical security. Our system does not stand out alone like an ATM, there is always a physical presence and procedures to follow to deter this type of activity. Not to say that our system is impervious to hackers, but we do a lot to prevent access to our systems.
Perhaps the InfoSec gurus from the shop would be interested in reaching out again for educational purposes?
> I am aware of the DEFCON conference and the voting machine activity.
> We are replacing our Edge system with the ICX equipment manufactured by Dominion Voting Systems (formerly Sequoia Pacific) They were not used in the testing and our system does not have any connectivity to the Internet or wi-fi capabilities. The hackers in this case had unrestricted access to the machines and the some of the machines they used had wi-fi capability. I’m told the WinVote system was compromised, however, the system was decertified in Virginia and is no longer in use as far as I know. Regardless if the hackers were given complete access without any physical security it was an unrealistic scenario.
> We are consistently working to prevent hacking using physical security, bio metric access to the tabulation systems, firewalls, and other software antivirus tools. Our central IT is very aware of the threats and monitors it closely. The other concern is our voter registration database, which we also use several tools to deter hackers, multiple sign in to systems, antivirus software, and physical security. Our system does not stand out alone like an ATM, there is always a physical presence and procedures to follow to deter this type of activity. Not to say that our system is impervious to hackers, but we do a lot to prevent access to our systems.
Perhaps the InfoSec gurus from the shop would be interested in reaching out again for educational purposes?
Daniel Hill
Nov 1, 2017, 7:52:56 PM11/1/17
to SYN Shop
Check out this Meetup with #Resist: Las Vegas related to new model voting machines to be used next year.
http ://meetu.ps/e/Dsw0q/zcdj/d
http ://meetu.ps/e/Dsw0q/zcdj/d
Reply all
Reply to author
Forward
0 new messages