Georgia uses the dumbest election system imaginable with zero security and zero paper trial. They’re not the only ones either but one of the easiest targets as they have a single point system using the same machine throughout the state.
A researcher named Logan Lamb ran a simple scrape on Georgia’s public facing network and came away with 15 gbs of the family jewels.
The machines themselves have frequently broken the “air-gap” and have been individually connected to the internet.
The central server itself never faced a security audit, was connected to the public web. When told to fix it they just mirrored it so there were two versions, one behind a firewall, the other still connected to the public web.
Nothing encrypted. Nothing patched, so well known security holes from years ago work. Holes so open web-bots were accidentally breaching the systems and cataloging confidential files on the web.
No side can say the other side is to blame because everyone was responsible, everyone was warned, and anyone from anywhere can get in to do anything at anytime.
So naturally, nothing will be done to fix this. My hope is that whoever hacks it next is more of a comedian than a villain and elects Donald Duck.
Even when it wasn’t, the central server sat in a public university department closet, staffed by students. And, that university’s IT department didn’t maintain it or even know about it.
Put on an orange vest, wear a multi-meter on your hip and you could walk right in and kick the thing.
“Essentially, what that report is saying is that there was this rogue operation,” says someone familiar with the UITS analysis. “The Election Center was operating outside of [the university’s] processes, and they weren’t aligned with any larger security strategy.”
The UITS staff also discovered that although the center had separate public and private networks, there was a live network jack (going out to the public network) in the closet where the private network systems are kept, raising the possibility that workers could have, at some point, connected the private network systems to the internet. Workers had also installed their own wireless access point in the office—a possible point of entry into networks for attackers. Will the Georgia Special Election Get Hacked? - POLITICO Magazine
Just incase you’re sitting smugly because you’re not in Georgia:
… the center is held up by the federal Election Assistance Commission as a model for election management and implementation of touch-screen voting systems. King and his staff train county election workers in Georgia and are often asked to speak to officials in other states and other countries.
Just a reminder, paper ballots were the common thing until Democrats had a fit over “hanging chads” in the 2000 election.
Then we all had to move to nice safe electronic ballots.
Democrats like to have fits when they lose. Some things stay the same.
