- How to watch Disney XD online for free 10 Months Ago
- Who survived the ‘Game of Thrones’ series finale? Sunday 10:21 PM
- Justin Bieber fans are damaging one of Iceland’s top tourist spots Sunday 1:28 PM
- James Charles drops 41-minute response video to Tati Westbrook’s accusations Sunday 1:15 PM
- Watch what happens when this Twitch streamer quits his job on camera Sunday 12:25 PM
- Men are finally sharing their abortion stories Sunday 10:58 AM
- Netflix’s ‘Maria’ is a trigger-happy B-movie Sunday 9:07 AM
- How to stream Money in the Bank 2019 for free Sunday 9:00 AM
- How to watch ‘Game of Thrones’ season 8, episode 6 for free Sunday 8:00 AM
- These ‘Game of Thrones’ houses are gone forever Sunday 7:54 AM
- The 10 best anime movies on Hulu Sunday 7:00 AM
- Vibe TV puts a premium price tag on piracy Sunday 6:00 AM
- Twitter unites in collective confusion over ‘Democrats for Trump’ trending Saturday 2:28 PM
- YouTube star tweets and deletes video of his Black cousin ‘Peanut’ acting as a stool Saturday 1:04 PM
- The ‘Do you wash your legs in the shower’ debate has now escalated to feet Saturday 12:20 PM
Voting machine vendor admits to putting remote access software on U.S. systems
The company, Election Systems and Software, previously denied doing so.
In a note to a federal lawmaker, one of the country’s biggest voting machine makers admitted to a potential major security hole in its devices. The company installed remote connection software on election-management systems for several years in the early 2000s.
Election Systems and Software said that it “provided pcAnywhere remote connection software … to a small number of customers between 2000 and 2006,” according to Motherboard. The company previously denied doing so when contacted by reporter Kim Zetter and New York Times fact checkers for an investigation published in February.
pcAnywhere allows remote system administrators to maintain and upgrade machines. However, such software poses a security risk: It means these devices are connected to the internet, which leaves them vulnerable to hacking by third-parties, like any IoT connected device. (The Election Integrity Act of 2016 further banned voting machines from connecting to the internet.)
“If an attacker can gain remote access to an election-management system through the modem and take control of it using the pcAnywhere software installed on it, he can introduce malicious code that gets passed to voting machines to disrupt an election or alter results,” Zetter writes for Motherboard.
Election Systems and Software’s products were used for at least 60 percent of U.S. ballots cast in 2006, according to Motherboard. These systems aren’t the ones that voters directly input their votes on, but county election offices use them to program voter machines and calculate results from those machines. Thus, they form a critical part of the modern electoral process.
The company reportedly stopped installing the pcAnywhere software on its election-management machines in December 2007. At that time, a new set of standards for voting systems went into effect which required Election Systems and Software’s machines to be federally tested and certified to contain only election-released programming.
Before this time, Election Systems and Software was not alone: Other election-management device makers also shipped their products with remote-login capabilities.
It’s unclear why Election Systems and Software decided to about-face on its use of remote connection software, but it’s now evident that it was a terrible security decision that could have opened up American elections to exploitation by hackers.
Sen. Ron Wyden (D-Ore.), who spearheaded this inquiry, is still waiting on the company to answer questions he asked back in March. Election Systems and Software was also asked to send a representative to an election security-related meeting last week with the Senate Committee on Rules and Administration. The company did not send anyone to the Senate hearing.
H/T the Daily Beast
Christina Bonnington is a tech reporter who specializes in consumer gadgets, apps, and the trends shaping the technology industry. Her work has also appeared in Gizmodo, Wired, Refinery29, Slate, Bicycling, and Outside Magazine. She is based in the San Francisco Bay Area and has a background in electrical engineering.