Everything You Need To Know About Cyber-Hacking And the Russian Election Hacks

Russian election hacks

I’ve spent 30 years hacking computers. I’ve done just about every trick in the book.

Many people I’ve known over the years have spent time in jail or in some other capacity that is specifically unclear after their hacking was uncovered.

And many people I know have never been discovered.

A) THE ABCs OF HACKING

I want to stick to the basics so people can understand what they are seeing in the news and think intelligently about it.

I also want to underline what the real problems are and not just the isolated problems we saw in this past election (although they are serious and I use them to demonstrate why the real issues could be much more serious).

First: what is hacking? How do people hack? What’s the difference between the movies/TV and real hacking? What is legal in this particular situation and what is illegal?

First, the WHAT: How does someone hack in today’s world (and the rules and techniques change constantly since 30 years ago).

TECHNIQUES:

1) HOLES IN THE NETWORK

One time a friend of mine was playing a joke on a well known media company.

For the sake of explanation, let’s say that media company had the initials “M” “T” “V” and just for the purposes of why it would have such strange initials, let’s say that stands for “Music TeleVision”.

MTV had a hole in their network. Every network has thousands of “ports”, like a massive cruise liner.

An “open port” sends messages back and forth. Like someone waving from a cruise ship as it pulls away.

Most ports are simply closed. But some are open in order to receive various special messages.

For instance, there is a port that listens for requests for web pages.

Like when you type into your URL box: “http://mtv.com” a message is sent (usually) to port number 80 at a computer at MTV (or wherever MTV stores their web pages).

Then a special language is spoken between your browser and the server at MTV that is listening to port 80.

An example conversation in the special “HTTP language” might be:

(from the browser) GET /pages/index.html
(from the server after sending the html): HTTP 1.1 200 OK

(this is very rough and abbreviated).

There are other ports open to listen to other computers on the local network: requests for files to be transferred in non-HTTP protocols (like FTP), and most importantly, requests for email.

Some software will OPEN unassigned ports for their own nefarious purposes.

Malicious software that keeps track of every letter typed on the keyboard might open and use such a port. VERY common.

Back to: One time in 1995 I was having fun with a friend of mine. He was pulling a prank on MTV.

MTV had an open port that they weren’t protecting properly. It was the SMTP (EMAIL!) port.

I logged directly into it (rather than send an email) and pretended to be “legal@mtv.com” and then I sent an email to my friend from that address saying he was in “BIG TROUBLE” unless he called immediately and confessed.

Fun things happened.

Most companies (maybe 99.99%) have now covered up basic holes like that and it’s much more difficult.

That said, for every type of software that does any network communication, there are always holes in the ports that are forgotten until someone hacks them and then they are patched.

If there’s a new computer or phone, then there are new security breaches. 100% of the time!

2) PASSWORD LAZINESS

Again, 15 or so years ago, I was in charge of a particular website.

Someone was causing a lot of problems on the site. He was a massive troll and was harassing people.

I tried to reason with him, but he ignored me.

So this is basic hack #2.

Most people use the SAME password for everything, or for most things. Hackers know this.

I looked up the password he was using for my site. I then tried it out on his email site.

BING!

I logged into his email (yes…illegally) and learned everything about him. Then I “messed his email up”. I won’t describe what that means but he wasn’t a problem on the website anymore.

This is what happens to trolls: trolls graduate to worse things. 15 years later this person is now in jail for 30 years to life for first degree murder.


This is a longish post because I’m explaining the basics of something that others have put their 10,000 hours into in order to get really good.

But #1 and #2 are the basics of almost all hacking right now.

There’s a #3 and #4 but they are infinitely more complicated and don’t really work except in the movies.

#3: For instance, “packet sniffing” is when someone hacks into the actual network pipes (or wireless) that sends information from outside of a company into a company.

If you can gather all the packets, and then like a giant puzzle, put them in order, you can see every password and piece of information going into a network. Which is a big assumption.

And then you have to assume that packets aren’t encrypted at the “firewall” level of a company, which they almost always are.

So this method is mostly useless.

#4: BOT ARMIES

This is related to other techniques and probably occurred (and is still occurring) with the Russian hacks.

A “bot” is a small piece of software that sits on your computer and sits on most of the other computers in your company’s network.

A Bot is malicious.

It has some code that is ready to do something bad to your network. It got into your computer through some other technique similar to the Russian hack which we will describe below.

Millions of bots exist on computers around the US. Maybe 70 or 80% of companies are infected with “bot armies”.

They are like sleeper cells waiting for a message to act.

Millions of hours of effort are spent identifying bots and eliminating them from networks.

I once visited a company manned by about 100 PHDs that were trying to figure out how to fight bot armies.

They told me something that stuck with me: “No matter how smart we are, the people creating these bots are smarter”.

The answer then is…who knows. Bad things are happening and there’s nothing we can do about it.

But since networks and security are constantly being updated in various unknown ways each year, it’s often hard for the bots to stay updated. This is probably the best defense. So a “sleeper bot” that infected a computer a year ago might be useless today.

What is the best defense against a bot army? There is really only one if you think you are infected.

THROW OUT your computers, throw out your routers and pipes and everything that created your network and buy totally new computers straight out of the warehouse and then you MIGHT be safe.

If your computer is logged onto the Internet for about ten minutes without any security then there’s a decent chance a bot has infected it.

There’s a #5, #6, #7 but they are more advanced versions of what I described above.

The one exception is not so much a hack INTO the network but a hack that destroys your network called a “denial of service attack”.

Since this is not related to the Russian election hack (yet) I’m not going to deal with it now.

The only thing I will mention is that often the reason a bot army is so dangerous is because they are very effective at initiating denial of service attacks to bring down a network.

When you hear something like, “Netflix was down from a hacker attack today” it usually means a massive bot army sent billions or even trillions of requests for “House of Cards” at the same second to Netflix and the Netflix servers went down.

And since the bot requests are coming from unsuspecting computers all over the world and hitting every open port at Netflix, it is very hard to block.

Congratulations! Those are the ABCs. Now for the more advanced stuff so you, too, can hack election systems on the world’s most powerful country.

B) PHISHING AND SPEAR PHISHING

As opposed to all the movies where hackers are trying to figure out passwords and do packet sniffing, etc. almost all hacking today begins with a Phishing email.

A Phishing email might look like this:

“Dear James,

Someone just tried three times in a row to unsuccessfully log into your Gmail account. At Google, we take security very seriously.

We will be shutting down your Gmail account effective immediately unless you log into our secure site and confirm that the Gmail log-ins were legitimate or not.

We also strongly suggest you change your password when you log into our security site.

Please click HERE to validate your account. Thank you.

– The Google Security Team

“HERE” is a link to a page that looks like Google and the URL might be a bit.ly link, which looks somewhat obscure but we are used to seeing obscure shortened links so we might not care.

Once you click on HERE, you did two things:

– you notified the hackers that you are the type of person who can potentially respond to a Phishing attack. So even if you don’t proceed further, you might on the next one (coming, say, from your bank).

– you might type in your password. In which case, not only do the hackers instantly download all of your emails and storage, etc but they have access to your password, which means they probably know your password for Facebook, twitter, your company accounts, etc. (see above).

Millions of these phishing attacks are sent out every day and you can find them usually in your Spam folder. Often the ISP that provides you Internet access will recognize these attacks and block them before you see them.

SPEAR IT:

Which is why SPEAR PHISHING is often more effective and is the technique used in the “Russia hacks”.

SPEAR PHISHING is when the mail is directed very specifically TO YOU. You are “speared”.

This happened when Russian hackers attacked Norman Podesta at the DNC and revealed his various unusual tastes that embarrassed the Democratic campaign of Hillary Clinton.

It’s a spear because very specifically emails were sent to officials at the DNC and although I don’t know what they said, they probably had enough information about the recipient to make it even more likely that they would pass through the network security servers and make it more possible for Podesta to click the link.

In fact, the email was so specific, he apparently sent it to his IT department and said, “Is this real?” and they wrote back right away, “RESPOND TO THAT IMMEDIATELY!” So he did.

He logged into a fake server. Typed in his password, and the rest is history.

Another example of a spear phishing attach worth mentioning:

MALWARE

instead of clicking on a link and typing in a password the Phishing email might say,

“Hey John, here’s the latest info on the delegates in Indiana you should know about”.

Then there’s an attachment. John clicks on it. It’s a simple Microsoft Word document and John is working on a Microsoft Windows machine.

Microsoft Word, every now and then, has a security breach.

MS Word can talk to other pieces of software on the computer. For instance, the software that controls the printer. Or the software that controls the web browser. Or the software that controls the calendar.

And some MS Word documents are much more sophisticated and can download applications right into the operating system.

These applications can never be detected.

For instance, a hack that I “have never done” is where you get someone to accidentally download a “keystroke logger”.

The keystroke logger is installed inside the operating system and can never be detected.

It opens up a new port (see above) and starts sending every key ever typed. So you can get every password for every service the person uses and then do whatever you want.

The port sends all the passwords to a server that is offshore and untraceable. The hacker logs into it and sees all the information about who ever has the malware.

The ONLY solution if you suspect you have been hacked this way: change every password and throw away EVERY computer and phone you own.

I can say for sure: this type of attack works and is more common than people think.

People who are good at this form of attack should never even be allowed to touch a computer or phone because it might only take seconds to execute in one form or other.

C) WHAT WAS THE RUSSIAN SPEAR PHISHING ATTACK

The true answer, despite the NSA leak, is that we don’t know and will never know.

All we know are these facts:

– Some election company was targeted by someone in sophisticated Spear attack.
– This was a “double spear” attack: once the first company was infiltrated, they used fake accounts at the first election company to then launch spear attacks at other election officials.

They speared and then went viral.

For instance, it’s one thing if you get a random email from someone. It’s another if you are an election official in Ohio and you get an email from someone who appears to be working at one of your election software vendors (the first company attacked and infiltrated) and they say, “Hey, we’re just testing the software to make sure Ohio is safe. Click HERE.”

The first successful Spear Phishing led to an even more successful Spear Phishing. Hence the “DOUBLE SPEAR”.

– According to the NSA leak, the initial Spear attack seems to have come from a Russian military team that is set up just to do Spear Phishing attacks against the US.

Similar to teams we probably have set up at the NSA, the CIA, the DIA, the FBI, and probably places with initials we don’t know.

What we DON’T KNOW:

– what information they received from us.
– how they infected the software of the election vendors or the election offices
– if they left any bots or malware behind (e.g. 2020 might be their target and not 2016).
– who told them to do this. This was probably their normal jobs. It’s probably not the case that Putin made a specific call and said, “hack this software election provider”.

It’s more likely they have a general mandate to disrupt our elections all of the time in every possible way. Just like we have teams that do the same. This is not excusing them. This is reality.

What we SUSPECT but DON’T KNOW

– Did Trump, or someone from Trump’s camp, talk to Putin, or someone from Putin’s camp and said “don’t just disrupt the election but do something specific that hurts Hillary and helps Trump.”

We simply don’t know that although the inference is often made because the attack on Podesta seems like this attack was very focused on Democrats.

That said, Podesta and his IT team were particularly foolish and even Obama, afterwards, said, no election services were effected. But….he would really have no idea. Nobody would.

– WHAT SPECIFIC VENDORS WERE ATTACKED AND WHAT DAMAGE COULD THEY CAUSE?

According to the NSA leak, it’s still very unclear. Some possibilities.

A) VR SYSTEMS (and probably similar companies)

VR Systems makes an electronic poll book. This has nothing to do with counting votes.

This has entirely to do with how people register to vote.

For instance, when people come into vote they are either registered to vote or not. A database needs to be checked (it used to be all on paper until fairly recently).

The electronic poll book allows for quick checking, and even registering of new voters.

Two very bad things can happen if pollbook companies like VR are effected:

A) REGISTRATION SCREWUPS

Any damage or interference on an electronic poll book could cause voter turmoil among a targeted class of voters (e.g. Democrats, or people from a specific county, etc).

It doesn’t stop people from voting (there are backup ways to find out who is registered) but can make it so inconvenient that people give up.

If the Russians wanted the Republicans to win, for instance, they can disrupt or slowdown the registration checking process in mostly Democratic counties.

B) DEEPER PHISHING

Companies like VR Systems are in email contact with election officials in every state. It could be that pollbooks / registration systems were not the final target but a leaping off point for a deeper Spear Phishing attack.

An election official in Indiana can get an email from VR (as described above) that says, “Doing a last minute check. Click HERE”. And now the entire Indiana election system is in question FOREVER.

Not only registrations but these election officials are presumably also in contact with the software companies that COUNT votes. These companies can now be targeted for future elections.

My guess is this is what happened and the attacks are far from over.

– WHO IS GUILTY?

Possible guilty parties that have been mentioned include Russia, rogue groups within Russa, the Russian military that operated independently from Putin.

On the American side, guilty parties mentioned include: Trump, Jared Kushner, other people working for Trump, the Republican party, rogue participants that wanted influence, etc.

It’s also possible that Putin wanted Trump elected, he got his people to hack, and he never notified Trump’s team of this at all. There is no law broken here. But if evidence is found that this is true, some punishment (sanctions, tariffs, cyber warfare) would have to be put in place.

What do we know?

Nothing.

What is legal?

Unclear.

It’s grossly illegal to effect a US election.

But it’s also VERY UNLIKELY Trump (or anyone hired by Trump) simply called Putin (or anyone working for Putin) and said, “use your hackers to make sure I win the election.”

That would be incredibly stupid and so obviously illegal as to defy belief.

Here’s the worst case scenario: someone maybe working for Russia (maybe!) called someone maybe working for Trump (maybe!) and said, “we can do something” and the Trump person most likely said, inappropriately, “I don’t want to hear about it but…I DON’T want to hear about it”. In other words, a wink.

But this is not illegal. If this happened (which is just my worst-case scenario guess), the American side could have said, “Don’t do anything” but that might be just as illegal also (to have any communication whatsoever with a bad participant).

This is where guys like Comey and Flynn get involved and we still don’t know the extent of what they knew and who they spoke to.

The law is very unclear on ALL of this and even Democrat-leaning lawyer Alan Dershowitz has stated no crime was committed by a US citizen in terms of this attack or any influence on the elections. And Barak Obama, probably prematurely, said there was no direct attack on the US election system.

But….we don’t know and never will.


WHY IS THIS IMPORTANT?

So many US elections have been improperly influenced (Nixon 1972 is most prominent as an attempt to influence, Reagan 1980 and his pre-election discussions with Iran were an influence, Kennedy in 1960 in Chicago was an influence, and probably every pre-Kennedy election) that it is not a trivial issue.

Every year there are improvements to the systems to prevent any influence. A lack of faith in the election system would be a lack of faith in the entire republic that the system creates.

As much as I dislike the way the system is built and think there are opportunities to rebuild from the ground up, this is the reality and the law.

CAN HACKERS EFFECT THE SYSTEM?

Yes, and they probably have, and their ability to do so again is probably stronger than ever.

ARE AMERICANS INVOLVED?

No, probably not. When you let the thief in door, nobody is safe, not even people who think they are colluding. Everyone knows this.

BUT…Americans certainly hack the elections of others just like many attempt to hack our elections. This is my guess but why wouldn’t it be true?

CONCLUSION:

A) The US election system is hacked beyond belief.

– Passwords of top officials are known
– Computers are sending every keystroke to bad agents
– Bot armies are ready to shut down election centers at the press of a button
– registration software is probably hopelessly infected
– vote counting software is probably effected but this is much more difficult since there are many backup systems for storage and replication of counting.

B) Hacking is not difficult.

When a team of fairly intelligent people are spending 24 hours a day trying to infiltrate 100s of companies, bad things are unavoidable. There is no stopping this.

C) WHAT CAN WE DO?

1) Awareness is the key.

– party officials can be hacked and embarrassed (Podesta, Hillary, etc), grossly effecting elections.

– registration software can be hacked. Awareness includes backup systems that are disconnected from each other and used to check each other’s work.

– vote counting software can be hacked.

– electors, congressman, election officials can be blackmailed when their emails are read.

2) Punishment of bad parties

At the hint of any other government involvement (or even country involvement without the government being aware) we should threaten immediate sanctions that can’t be stopped without some sort of super majority in Congress.

This would incentivize other governments to work to prevent any hacking of our elections.

3) Mutual Assured Destruction

While cyber warfare is different than nuclear warfare, we should certainly scale up our own efforts to be “bad agents” towards every other government.

Knowledge is power and, unfortunately, hacking gets the knowledge.

4) What about fixing the problem on our side?

Answer: it CANNOT be fixed with better software. Again, however smart the “good agents” are, the “bad agents” are simply smarter and it’s easier to break in than to block.

HAVE I LEFT ANYTHING OUT?

Yes.

I’ve left many many things out. These are the basics.

But the basics provide enough knowledge to understand what is happening in the news, how to learn more about basic hacking, what actually probably happened in the US election, and what the probable involvement of everyone was.

I’m sure we’ll be learning more. But we’re not going to be learning that much more .

The reality is: we were hacked more than will ever be revealed. And the hacking will cause damage.

And like the 44 elections prior, most of which have been manipulated, the US will survive, flourish, and move forward like it always has done.

  • Mike Collins

    So where’s your proof that this was Russia, as everything you just described can easily be done by anyone, anywhere in the world?

    • I agree with this and was going to say the same. Also, his name is “John” Podesta. Secondly, why are the Democrats not listed as a possible guilty party? This is an informative article, but a little tilted on the assumptions.

    • Ali Catharsis

      Good point. Hillary’s friend George Soros made 16% of the voting
      machines, and until Wikileaks threatened to destroy Hillary if she
      didn’t pull out of the race by the day before the election, it could have been part of the plan to secure the election for the Dems. When she didn’t pull out AND Wikileaks didn’t drop the bomb, perhaps a back-door deal was made to back off & not throw the election in her favor?

  • Marty Johnson

    Don’t forget the Wikileaks dump that showed that NSA has the tools to hack anybody, and then make it appear as if somebody else did it. And we KNOW somebody from NSA tried to hack into Georgia’s (and one other state’s) computer system.

  • mighty mouse

    There are a few comments in this article that I find suspicious:

    1) Answer: it CANNOT be fixed with better software. Again, however smart the “good agents” are, the “bad agents” are simply smarter and it’s easier to break in than to block.

    >> Really? Why are the bad agents all smarter? They take multi-vitamins?

    2) You hacked into someone’s account because they were trolling your site? But you could have simply BANNED them from your site….

    3) If your computer is hacked, you need to throw it out? How about re-installing the operating system?

    Sorry, but I don’t trust this article. Peace out.

    • Matt Silver
    • Faeyanpiraat

      I’m sorry but you are wrong on all of your points.

      1) Hackers find remotely exploitable bugs in software. Then the software company fixes the bug. Users will of course always defer those “annoying updates”, and there you have the window of opportunity. Then hackers find a new exploit, and so on.. Hackers are not neccessarily WAY smarter, but simply it is always easier to find a crack in the wall than keeping the wall nice and tidy.

      2) You cannot permanently ban anyone from your website. You ban their IP? Just restart the router to get a new one. Ban the email address? You can get another one in a minute. Etc..

      3) In some situations viruses can survive OS reinstalls, by getting into the firmware of the HDD, or by flashing the BIOS. A compromised system can never be trusted again in a high risk environment.

      The article is technically correct.

  • Dennis

    Paper ballots – Hand counting cures everything

    • David Mitchell

      Paper Ballots and hanging chads have been used for years to fix elections. While going back to horses could reduce auto accidents, people will still die when they fall off horses. Blockchain is a better solution. But true validation requires transparency or authentication.

      We could benefit from Google or other tech companies (Apple/Facebook/Uber) validating if an election was statistically fair and accurate. For example looking at who’s phone spent time in a polling place. (unique ID & GPS) and comparing that to their web trail, email, search history. (Dem/Rep websites, tweets, etc). While this might be wildly inaccurate on an individual, but as a whole the algorithms could tell if an outcome was accurate at the county, state and national levels. In fact using web trails, they can accurately predict the outcome before the election. Eliminate net neutrality, and they can redirect searches to fake news, or Dem/Rep news, and produce an outcome. /sarcasm on: But we don’t have to worry about Google
      because they pledged to do no evil? /sarcasm off

      Watched an episode of Motherboard where they talked about controlling robotic limbs for amputees using brain waves. In a decade the need for keyboards and keyboard loggers will be eliminated. Today voice recognition and Alexa, Cortana, Siri, and Google are always listening and will soon predict outcomes. Regular arguments at dinner time might trigger ads for liquor or divorce lawyers. And before long the voice recognition will be leapfrogged by thought recognition software. Then google, facebook and others won’t have to predict what I’m thinking, they will know it when I do. With AR/VR headsets combined with onboard cameras, they will know where my eyes are looking, and what thoughts it triggers. They will know what I intend to do. /sarcasm on: Who could ever be opposed to giving the gov’t a backdoor to monitor and stop the terrorists before they strike. They could even automate the drone attacks to fire when the malicious thoughts are triggered.

  • BobE

    James, Thanks for the excellent explanations; it’s a real eye-opener. Perhaps your right that there was no collusion from the Trump team; that would also been my operating assumption as well. However, there are troubling signs that there was.

    1. There were several meeting between Trump people and Russian government officials that were not disclosed as required by law. More of these meetings are coming to light each week. Why weren’t they disclosed? What was discussed?

    2. Why wasn’t Trump’s personal, business and/or campaign emails hacked and released? If hacking is so ubiquitous and not likely defensible, then Wikileaks should have his as well, no? If you’re trying to undermine American democracy, you’d release his as well.

    3. Why is there an federal investigation continuing if no evidence indicating collusion has been uncovered after nearly a year of investigation? Surely, there is specific and credible evidence pointing to collusion.

    4. Why is Trump firing or looking to fire anyone leading the federal investigation into the hacking & collusion? If he has nothing to hide, just let the investigation do it’s job as quickly and efficiently as possible so you can move on to governing.

    5. Slowly, drip-by-drip, the facts contained in the British MI6 agent’s “dossier” is proving true. If even 50% is true, the Russian’s already had Trump over the barrel and could have destroyed him with the release of videos/audio recordings of his misdeeds on Russian-soil, making him completely compromised to blackmail.

    Summary: The circumstantial evidence for collusion is strong. Probably the Feds have some real evidence or they’d be done.

    Where there’s smoke there’s fire, no?

    • Terry Hulsey

      BobE, like Altucher, you pose as a serene fount of disinterested reason, when in fact you are quite biased.
      For example, (1) your Russian meetings “not disclosed as required by law” – this is total BS: there is no such law for back-channel meetings in the national interest; (2) Trump not hacked? Are you joking? His every fart is captured and turned on him by a cabal of “unsourced” leakers; (3) You’re standing the joke on its head – the endless investigation turns up nothing and yet you offer that as proof that something illegal is afoot; (4) Trump has shown compliance by letting Mueller take the lead – but any effort to comply only spawns another Congressional investigation; (5) If you believe anything from Christopher Steele, who was HIRED by the jumpsuited Clinton to dig up dirt on Trump (https://consortiumnews.com/2017/03/29/the-sleazy-origins-of-russia-gate/) then you are hopelessly compromised.
      Yes, there’s lots of smoke – from cookie-cutter operatives like you blowing the ashes of a very dead fire. Guess you’ll be huffin’ and puffin’ through the midterms, right?

  • SmartJock33

    Pfft…. Democrats are masters at making crap up. Always have been since KKK days. Didn’t Hillary Clinton help Russia get massive stockpile of uranium from USA? Obama did have secret way of keeping in touch with Russia… As usual, they just make up crap…

    • Scott Phillips

      You don’t think both sides are completely irredeemably full of shit at this point? Trump can’t open his mouth without lying either.

      • SmartJock33

        Again, I repeat… Democrats are the worst of all… Saul Alinksky…. that Obama and Clinton worshipped in the past… might as well worship Lucifer… since I think Saul dedicated Rules for Radicals book to Lucifer… https://www.blackandblondemedia.com/2009/01/14/democrat-race-lie/ Y’all created KKK… now y’all stuck with New Black Panthers, Black Lives Matter, La Raza, etc. Lol… nothing really changed since KKK days. It’s the mindset, not the color of race…. Y’all just want to rule with no moral value…

  • Zoidsoft

    There’s such a thing as an anti-keylogger that encrypts your keystrokes. My biggest problem with the assumption that “the Russians did it” is that we’re expected to believe that they are expert enough to hack into our systems but at the same time don’t know how to hide their IP address? That said, shortly before election time on my Google Analytics account were several ping attacks that traced back to Russian IP’s (again doesn’t prove anything when you know how to hide IP addresses or use proxies), that had messages such as “vote for Trump”. I don’t see any proof of who the guilty parties are. Usually hacking is a multi-national affair.

  • Dana Tabb Martin

    the word “effect” and “effected” in the article should be “affect” and “affected.” i wouldn’t have said anything if it had been used only once… but i am no computer expert so my question is, where do the bots come from? the hackers?

  • Steve Ryan

    I’m just glad that the Lizard Queen was destroyed once and hopefully for good. Now, if we could just read the media tsunami about Bernie Sanders’ involvement in his wife’s corruption case and the former AG Lynch facing jail time… Oh wait, that would be a distraction from the non-existent hacking hoopla.

  • Fabian

    A layer of pseudo educated prose to perpetuate the MSM blabbering about “the Russians elected The Don” and make you feel that you’re now in the loop. It’s been 8 months and still nothing of substance. But Altu excuses them; we’ll never know. Yeah, sure. Easy, sleazy, New York! What matters is that I don’t have to see Pedosta’s face on the news every now and then and this horrible witch and her rapist hubby will not be in the WH. hack, hack, hack!

  • tommo_montana

    Know what we could do? Paper elections.

    https://www.youtube.com/watch?v=w3_0x6oaDmI

    Solves nearly every problem mentioned, as well as several unmentioned problems of electronic voting.

  • Tolulope

    “When a team of fairly intelligent people are spending 24 hours a day trying to infiltrate 100s of companies, bad things are unavoidable. There is no stopping this” ~ I love this sentence

  • Gino

    The Daily Caller reported 2-21-2017 that Department of Homeland Security in 2016 tried to hack Indiana’s state electoral system as well as the system for the state of Georgia. Daily Caller writes:

    “Indiana Secretary of State Connie Lawson, the incoming president of the association, told TheDCNF Tuesday that, “we know that between November 1 and December 16 we were scanned with about 14,800 scans, nearly 15,000 different times.”

    The state’s IT team traced the intruder to a DHS computer’s IP address. The same DHS unit attempted 10 times in 2016 to hack into the Georgia electoral system.

    Federal officials are barred under DHS rules from trying to penetrate a state system without the express approval of the state. Neither Georgia nor Indiana approved the DHS scanning attempts.”

    I am more suspicious of the Obama administration’s attempts than foreign governments. We expect hacking attempts from outsiders but expect our own Federal government to be more respectful of the states and its citizens. Given the info provided by Wikileaks that Federal agencies such as CIA have the ability to hack into systems and leave “fingerprints” suggesting the hacks were done by foreign agents, no one is above suspicion.

  • Terry Hulsey

    You say: “we should certainly scale up our own efforts to be ‘bad agents’ towards every other government.”
    You mean: Like letting loose fatal hacking tools as revealed by WikiLeaks’ Vault 7 release? Do you really hope that by throwing gas on the fire, things will just smolder down nicely? This makes no sense.

    You say: When you say “Russians! Russians! Russians!” you seem to automatically assume or imply that this means the Russian government, when it’s very easy to dirty the trail with fake “Russian” markers. This makes no sense.
    Why not more reasonably say: The election offices of all the states are nearly all fat, slow-moving prey, ripe with everything a conventional hacker needs to get very rich. Some election offices even have key parts of Social Security numbers, in addition to other personally identifiable data. It seems to me that you are pushing a very common cocktail-party meme. Don’t buy it.