Today on The BradCast, exceedingly powerful hacking tools from the NSA make their way to the black market as concerns about hackable U.S. election systems continue to raise concerns just weeks before our next Presidential Election. [Audio link to the show posted at end of article below.]
A shadowy hacking organization, thought to be a foreign entity, has made a set of hacking tools --- thought to have been purloined in some fashion from another shadowy hacking organization, thought to be the NSA --- available to the highest bidder. The vulnerabilities exposed by the malware tools suggests that the NSA is aware of serious, heretofore unknown vulnerabilities in worldwide computer networks, about which they have failed to notify the commercial vendors who produce the hardware and software found to be at risk.
The issue has raised disturbing questions and no small amount of outrage about the NSA's practice of keeping such vulnerabilities a secret, for their own cyber-offensive purposes, despite the risk it poses to our critical, commercial cyber-infrastructure.
In a somewhat related issue --- as we've been yelling and screaming about for more than a decade --- vulnerabilities to U.S. voting and tabulation computers have long been a threat to the nation, but are only now being taken (somewhat) seriously by corporate media, the U.S. government, and, as I report on today's program, at least one of the major political parties.
A man who knows all about the above --- if only because he was, as we reported back in 2007, one of the first to hack an electronic voting system in the U.S. after he purchased five Sequoia AVC Advantage voting systems for about $82 on the Internet (the same "closely guarded" systems, still used in states like NJ, PA, VA and LA, were originally sold for about $10,000 a piece) --- is Andrew Appel, Professor of Computer Science at Princeton University. (That's him in the photo above with one of his voting machines.)
On the NSA matter, Appel tells me today: "They should not hoard the vulnerabilities in the hope the NSA can use them to spy on everybody else. The assumption the NSA is implicitly making is that nobody else will be able to find these bugs and vulnerabilities and use them to spy on us, and do banking transactions in our name, and read our emails." That, he explains, is a huge mistake and a grave disservice.
On the continuing concerns about U.S. voting systems and the Dept. of Homeland Security's very recent attempt at helping local election officials before November 8, he cautions: "Security is not something you can just patch on by some sort of 'critical infrastructure security squad' that descends and surrounds your house with the National Guard. It's got to be built in to all the software we buy." He adds ominously, in describing the type of voting systems used across the country: "Whoever got to install the software most recently is the one who gets to decide what kind of results are reported."
Appel, tends to concur with my general assessment that it's largely too close to the election to make real changes to protect our voting systems. He also shares the warning I've tried to give so many years about the real vulnerabilities to our electronic voting and tabulation systems."In this country, most election fraud has been conducted by insiders, who have access to how the votes get added up." But, he also goes on to offer a few proactive measures --- including "witnesses in each polling place just at the close of polls" to independently track numbers as originally reported by the voting systems --- that, he says, can still be taken to try and safeguard results.
Also today: Obama visits flood disaster sites in Louisiana; Trump continues his (potentially illegal) voter suppression dog whistles; and Desi Doyen joins us for the latest Green News Report with, among other things, a heart-wrenching tale of an Alaskan native American tribe forced to move their entire village as the Arctic continues to melt away...
(Snail mail support to "Brad Friedman, 7095 Hollywood Blvd., #594 Los Angeles, CA 90028" always welcome too!)