Security analyst explained how to hack an election

In 2017, an election security analyst explained how to hack an election

By Andrea Widburg

In 2017, the hard-left Brennan Center for Justice, mired deep in the Russian collusion hoax, decided to examine the American election system and do what it could to come up with ideas to protect future elections from foreign (i.e., Russian, not Chinese) interference.  A young election security analyst realized that the report utterly failed to account for fundamental security failures in America’s computer-based voting system. By exposing the defects, he also inadvertently gave a roadmap for hacking the 2020 election.

According to his LinkedIn page, Sergio Valente is an undergraduate at American University, while also working for the OSET Institute, an ostensibly non-partisan organization that focuses on encouraging publicly available open-source software for elections.  His internship history indicates that he’s a bona fide progressive.  He’s also a very smart young man.

In July 2017, the Brennan Center published its analysis for “Security  Elections from Foreign Interference.”  As part of his work at OSET, Valente, who was styled “Election Infrastructure Analyst, Office of the CTO,” reviewed the study over the course of three posts.  In his second post, Valente made a “bold assertion: Many of the solutions in the Brennan Report, while undoubtedly helpful, fail to do enough to increase the security of our elections.”

According to Valente, the Brennan Center was just offering piecemeal patches, such as updating old election hardware.  However, these suggestions would “only marginally improve” the voting machines’ reliability.

The real problem, he wrote, “is that basing our electoral infrastructure on current PC technology is a fundamentally insecure architecture.”  New equipment on the same insecure architecture would not correct the election systems’ vulnerability.  What concerned Valente, and what he felt the Brennan report ignored, is the fact that “our current election systems contain software that is modifiable and thus can be tampered [with].”

It’s possible to build systems that can’t be modified.  For decades, aerospace, intelligence, defense, satellite, and weapons fields have been based on embedded, unmodifiable systems.  Because elections have national security consequences, says Valente, election computers should be built in the same way.

Valente goes on to note that the Elections Assistance Commission (EAC) already has a rule stating that, once election machines are certified for an election, they cannot subsequently be modified.  (The forensic analysis that Allied Security Operations Group did on the voting machines in Antrim, Michigan revealed that the machines had been modified after certification.)

While acknowledging that the EAC performs an important role, Valente points out that the current certification process is “inadequate for the current threat environment.”  Part of this is that it’s antiquated, but, as is often the case with things in Washington, the industry lobbyists had the biggest say in writing the regulations.  This meant that the EAC requirements tend to serve market interests and vendors more than the election system itself.

In sum, three years ago, a bright young progressive pointed out that the voting machines in use in America are easily hackable by altering software, that they could be built to resist this type of alteration, and that the government oversight system is woefully inadequate for the purpose. In other words, when Trump and his supporters argue that the computer voting systems in place across America, and especially in the contested states, were ripe for the plucking and, in fact, were plucked, they’re saying things completely in line with a cutting-edge election system analysis from OSET, a progressive institute.


This entry was posted in Crime, Politics and tagged . Bookmark the permalink.

Leave a Reply