Are Voting Machines on WiFi?

Vanity

[tired&retired]

This past week I was in Lowes purchasing a refrigerator. I went to use my phone to read reviews of various models, and there were dozens of wi-fi networks available.

They were all smart refrigerators and every refrigerator had its own network that showed on my phone.

These networks are everywhere.

I'm curious. Bet the voting machines are the same..

[linMcHlp]

Artcles found in an FR search. The last article is not about voting machines and networks, but may still interest.

Tech Expert Jovan Pulitzer Shocks Georgia Election Fraud Hearing With News He ‘Got Into’ Voting System With WiFi
https://freerepublic.com/focus/f-news/3920316/posts

New Video Shows Dominion’s Eric Coomer Admitting Their Voting Machine Systems Are Wireless and Support All Networks
https://freerepublic.com/focus/f-bloggers/3921219/posts

Green Bay Officials Turn Down Request to Testify on March 31 After they Gave Dem Operatives Access to Voting Room and Internet Network During Election — They Say They’re Busy
https://freerepublic.com/focus/f-bloggers/3944983/posts

New U.S. Guidelines Ban Network-Connected Voting Systems, Acknowledging Vulnerability to Attack
https://freerepublic.com/focus/f-news/3992957/posts

Waterloo researchers discover security loophole allowing attackers to use WiFi to see through walls
https://freerepublic.com/focus/f-news/4105776/posts

[tired&retired]

Thanks.. Excellent articles.

[Jonty30]

They aren’t supposed to be, but you know they will be.

[srmanuel]

Even if they aren’t on WiFi, normally other ways exist to get into machines like voting machines.

For example Cisco System routers have what’s called console access, I use to support routers for some major corporations, we could get into routers via modems and do anything we wanted, we also had a method called reverse telnet and could in certain situations gain remote access to routers even if the router contained no configuration.

WiFi is just one-way, other ways exist and are likely being used.

[ClearCase_guy]

From what I’ve seen in the media there are two reasons you don’t have to worry:

1) Voting machines cannot access the internet.
2) Expert Cyber Crime teams have been deployed to block foreign countries from hacking into our voting machines from overseas.

Yes, these two things contradict each other, but I think we’re not supposed to notice.

[MMusson]

Here in North Carolina, we do not use Dominion servers. Our simpler voting machines do not have a Wifi connection.

[rarestia]

Even if a computing system is not exposed to the Internet, there are other ways to compromise it. “Air gapped” systems are often high value targets for hackers.

A mainboard/motherboard and its peripherals are only useful to humans if there’s an interface, be it a command line (CLI) or graphical (GUI). Thus, an operating system is born. Modern operating systems like Windows, Apple’s iOS, Cisco’s ios, and any of a variety of Linux-based platforms are built on code bases that have been around for a long time. Unless an entity makes an operating system from actual assembly code (e.g. from scratch), there are going to be holes somewhere that could be exploited.

The data on those voting machines has to be removed to be tallied centrally. Thus, an interface like a USB port or a network connection via cable or wifi is necessary. Just because something connects to a network doesn’t mean it’s on the Internet. “Air gapped” systems are often parts of larger network systems that are completely segregated, but they are connected, usually via CAT5/6 cable to a network switch. Wifi is often not used unless they’re buried deep in a concrete bunker or inside of a Faraday cage.

[maddog55]

I let my refrigerator know via the Samsung app that I'll be home shortly for a cold beer and it has one ready right up front when I open the door. My smart tv has the news on waiting for me, lights are on in my house when the car is within a half mile, the stove turns on and cooks the meal in the oven, the car ask me if I need anything before it finishes driving me home, parks itself in the garage and shuts down...

This is progess.... I think not.

[mewzilla]

On that note...

Politico Establishes the Groundwork for Democrats to Deny 2022 Election Results “Thanks for inadvertently confirming 2020 was rigged.”

[rlmorel]

This was a Dominion Systems block diagram. See that big yellow zig-zag thing in the lower right quadrant right between the item called "Result Files" and "Democracy Suite EMS Results Tally and Reporting"? That is a modem. It isn't Wi-Fi, but it is a remote access point.

And, anytime there is a "remote access point" a system is vulnerable.

Also, wherever you see the icon of what looks like a red square overlaid with a gray square, I believe that means an encrypted USB drive.

The issue with those encrypted USB drives are two-fold:

1. Password protection: The first item is passwords. The people who design these systms like to tout this as security, but password security is only as good as the passwords you assign, and how secret the passwords are. In both cases, the implementation by these is extremely insecure in practice, and I believe, by deliberate and malicious design. All you have to do is look at the Antrim County (Michigan) forensic analysis done after the 2020 "election". That demonstrates exactly the issue.
   
   They had one password for ALL people and functions and EVERYONE could login to the system as an Administrator with FULL privileges. (The password was probably "password") They actually had the full administrator username and password for the entire system taped to computer monitors for "convenience". So, anyone could sit down at any computer, log in as an administrator, and do whatever they wished with NO accountability. Anyone who looked at logs would not see an individually assigned user doing things, but a generic Administrator. Their SQL database had NO password. NONE. So, anyone could login and get direct access to the database. I could have walked off the street and done it.
   
   So, it is not a stretch to me to imagine those secure USB drives didn't have the password taped directly on the outside of them. And this is by malicious design, not laziness or ineptitude. SEE MY FREEP TAGLINE.

2. Chain of Custody: The second item is "Chain of custody". There was none. That is, who was allowed to handle those secure USB drives? There should be a documented chain of custody. And there was either none, or they were so patchy and sloppy as to be useless. They actually have video of a "Vendor" who was palming these things secretively so it couldn't be see that was what he was doing. They actually have video of it, yet nothing was done.

The point is, even if there is no Wi-Fi, they are completely and deliberately insecure.

[linMcHlp]

bttt

[Manuel OKelley]

Just to clarify (and not saying that voting machines cannot be accessed) it’s near certain that what you saw was each of those refrigerators name/Id so that it can be connected (like to your home wifi) and not a network of its own

[rarestia]

I want to point out that network-based communications CAN be highly secure. Using elliptical curve key exchange and signature algorithms with AES GCM encryption makes for data signals that would take thousands of years to crack with modern computing technology. The problem, however, is that implementation of newer cryptography is complex.

Humans are the weakest link in any cybersecurity chain. That’s why entities like Microsoft are pushing passwordless authentication. You take human logic out of password generation in lieu of cryptographically complex “passwords,” and it makes it much harder to be a hacker. Passwordless also ensures one person, one logon. None of this sharing passwords garbage. That means every entity gets a thumb drive, that thumb drive is tattooed with the user’s unique fingerprint when they use it, that’s written to an audit log somewhere and tracked via multiple registers to ensure consistency. When the data has been read from the thumb drive, the thumb drive is physically destroyed. It can’t be read again or wiped or tampered with. It’s just destroyed.

Checksums, integrity algorithms, and indelible registers such as blockchain have been around for decades. There’s no reason an election couldn’t be conducted using programmatic means to tabulate, validate, and audit votes from voting booth to official report. The problem with graphics like what you’ve posted here is that it’s too damn complex. Complexity introduces opportunity for compromise. I’m all on board for paper ballots, but if we feel the need to go with digital systems, they need to have end-to-end protections in place with cryptographic technologies we already have at the ready such as encryption, integrity algorithms, message authentication, and indelible registers. Any attempt to explain away using those things is inexcusable.

[rarestia]

FWIW, a lot of modern wifi technologies are either configured by the factory or configurable with little effort to connect without centralized access point infrastructure.

Download Wireshark and run it on a computer connected to your home wifi. You would be amazed if not terrified the amount of traffic being passed between devices. Hell, Amazon devices are configured out of the box to perform network discovery as part of their normal operations. Then they automagically connect to things like your TVs, “smart” devices, etc. All without asking you if that’s okay.

We need to have laws on the books that change how tech orgs do business in this way. We need to go to an opt-in model. Too often the public buys technologically complex devices not realizing that they’re introducing devices into their home networks that make spying all but certain. Then they wonder how it is that they’re getting advertisements for cookies on social media after talking about how they have a hankering for Oreos over breakfast with the family.

[rlmorel]

LOL, I completely understand, but...you see my point in the first words of your second paragraph...”Humans are the weakest link...”

Especially when they are intentionally “the weakest link” which is where we are now with the voting process.

[Sicon]

I’m surprised that they’re not accessible through a Chinese-made smartphone app. But then again, maybe they are.

[rlmorel]

We have been doing secure networking for decades in the military, and we have the know-how to do it. Gen. Robert Spalding points this out clearly in his works.

The point is, the people in power (and with election processes, that is almost all Democrat for some reason) do not want the election process to be secure or fair.

They don’t want voter rolls to be cleaned up. They don’t want ID. They want to use mail in ballots because they are insecure.

Everything you say is spot on. We even have laws on the books. But they are simply ignored.

[Georgia Girl 2]

Yes dominion machines are on wifi.

[tired&retired]

I agree.. most likely...