Jul 17, 2018

Top election software maker admits it allowed some remote access

Photo: Brendan Smialowski/AFP/Getty Images

Election Systems and Software (ES&S) admitted to installing remote access software on election management systems sold to “a small number of customers between 2000 and 2006,” which could open it up to manipulation by a hacker. The admission came in a letter to Sen. Ron Wyden (D-Ore.) obtained by Axios and first detailed by Kim Zetter in Motherboard.

Why it matters: Remote access meant those systems, which, among other tasks, have tabulated votes from voting machines, could have hypothetically been manipulated by a hacker.

The intrigue: Zetter wrote an earlier story for the NYT on the use of remote access software in voting machines, in which ES&S denied installing the software.

What they're saying:

  • ES&S's letter to Wyden explained the use of remote access software on these machines as an "accepted practice."
  • Sen. Wyden said, "Installing remote-access software and modems on election equipment is the WORST decision for security short of leaving ballot boxes on a Moscow street corner. Congress MUST pass my bill to require paper ballots and audits."

The impact:

  • More than 60% of votes tabulated across the country in 2006 used ES&S election management systems.
  • ES&S says the software was configured to not allow incoming connections, which significantly reduces the risk of an attack but does not outright eliminate it.
  • ES&S says it stopped installing this vulnerable software in 2007, which is when new Voluntary Voter Systems Guidelines from the Election Assistance Commission went into effect.
  • ES&S wrote in the letter that it has confirmed that the election management systems with the remote-access software installed are no longer using the application today.

Go deeper

Tech can't remember what to do in a down market

Illustration: Rebecca Zisser/Axios

Wall Street's two-day-old coronavirus crash is a wakeup alarm for Silicon Valley.

The big picture: Tech has been booming for so long the industry barely remembers what a down market feels like — and most companies are ill-prepared for one.

Brace yourself for a coronavirus outbreak

Illustration: Aïda Amer/Axios

Public-health officials’ warnings about the coronavirus are sounding increasingly urgent, with one top CDC official asking the public yesterday "to prepare for the expectation that this might be bad."

Reality check: Other administration officials, including President Trump himself, were more subdued in their assessments. But underneath those tonal differences, the reality of the coronavirus is the same: It spreads quickly, and has already spread to many countries, making it likely to start spreading here, too.

Go deeperArrow57 mins ago - Health

Exclusive: Pro-Trump group plans post-Super Tuesday blitz on Democrats

Democratic presidential hopefuls take the debate stage in South Carolina. Photo: Logan Cyrus/AFP via Getty Images

Pro-Trump super PAC America First Action is preparing to unleash a series of targeted, swing-state attacks on the Democrats most likely to face President Trump after Super Tuesday, people familiar with the group's plans tell me in an exclusive preview of its strategy.

The state of play: The group has been tracking favorable/unfavorable ratings in Florida, Georgia, Michigan, North Carolina, Ohio and Pennsylvania for 2020 candidates Joe Biden, Bernie Sanders, Elizabeth Warren, Pete Buttigieg and Michael Bloomberg — under the theory that if Trump wins each of these six states he would win re-election.