Massive data leak exposes 200 million American's votting record.
mxdan 
12384 cr points
Send Message: Send PM GB Post
28 / M / A Husk.
Online
Posted 6/20/17 , edited 6/20/17
http://www.msn.com/en-us/news/us/nearly-200m-americans-hit-by-massive-voter-records-leak/ar-BBCVA1r?li=BBmkt5R&ocid=spartanntp


Personal information for more than 198 million American voters were left exposed this month after a data analytics firm hired by the Republican National Committee stored the files on an unsecured Amazon server.

Deep Root Analytics, the conservative analytics firm, confirmed in a statement Monday the files had been accessed without their knowledge.


Well that's no good...
1792 cr points
Send Message: Send PM GB Post
24 / M / Spokane, Washingt...
Offline
Posted 6/20/17 , edited 6/20/17
Shit...
Now the real question is, who did it. I wouldn't care if it was some snot nosed punk who thinks hacking is cool. But if it's someone targeting specific voters, or some country that hates the USA, then we might have problems.

Glad I voted green party, nobody hates the green party, since you can't hate that which you don't know exists.
74 cr points
Send Message: Send PM GB Post
M
Offline
Posted 6/20/17 , edited 6/20/17
It is impossible to out a true voting record. Your ballots are blind. So no one can see who you voted for. Ever. And your record of which elections you voted in or did not vote in are a matter of public record. Anyone can look them up. All I need is your name and your county and I can tell you which elections you voted in or did not vote in.

It sounds like this was a mix of the publicly available voter records that anyone can look up, and personal party information, donation records, etc, that the RNC would have.

So unless you are a donor to the Republican National Party or one of its political organizations, they didn't get any information on you other than information that is already out there for the public.
qwueri 
26190 cr points
Send Message: Send PM GB Post
32 / M / TN
Offline
Posted 6/20/17 , edited 6/20/17
Sounds like a case of going with the most convenient option rather than the most secure.
24648 cr points
Send Message: Send PM GB Post
777 / The White House
Offline
Posted 6/20/17 , edited 6/20/17
Ffs none of the parties knows what security is. Wonder what is on them...? Is it just generic county level bulk statistic info or does it have info about individual voters.
24187 cr points
Send Message: Send PM GB Post
27 / M / Winter Park, FL
Offline
Posted 6/20/17 , edited 6/20/17
OH NO SOMEONE KNOWS WHAT PORN THAT I LIKE! WHATEVER SHOULD I DO?!
12916 cr points
Send Message: Send PM GB Post
Offline
Posted 6/20/17 , edited 6/20/17
Delete your browsing history before the FBI arrives?
Posted 6/20/17 , edited 6/20/17

Rujikin wrote:

Ffs none of the parties knows what security is. Wonder what is on them...? Is it just generic county level bulk statistic info or does it have info about individual voters.


One thing I've learned is that the government, outside of the DoD-level of operations, have absolutely nothing in terms of security. NetBIOS, rootkits, ... pretty much any exploit that worked back in the late 90's or early 2000 still works on most government computers as long as they're not under the jurisdiction of the Department of Defense. The issue is that neither the political party nor their offices really bother with hiring a security analyst or netadmin with a strong security focus. It's kind of sad, kind of annoying.
runec 
42272 cr points
Send Message: Send PM GB Post
Offline
Posted 6/20/17 , edited 6/20/17
I'm...not sure what I think about the fact they scoured /r/rfatpeoplehate for voter data. But then I remember that fatpeoplehate was the second most visited subreddit by members of the The_Donald so I guess....it makes sense?



ninjitsuko wrote:
One thing I've learned is that the government, outside of the DoD-level of operations, have absolutely nothing in terms of security. NetBIOS, rootkits, ... pretty much any exploit that worked back in the late 90's or early 2000 still works on most government computers as long as they're not under the jurisdiction of the Department of Defense.


https://cyberresilience.io/spy-games-39a4a2e8668a

Literally the same people that caught this leak also caught a DoD leak on Amazon through a contractor too. ><


37966 cr points
Send Message: Send PM GB Post
Offline
Posted 6/20/17 , edited 6/20/17

Lance_Clemings wrote:

Shit...
Now the real question is, who did it. I wouldn't care if it was some snot nosed punk who thinks hacking is cool. But if it's someone targeting specific voters, or some country that hates the USA, then we might have problems.

Glad I voted green party, nobody hates the green party, since you can't hate that which you don't know exists. :P


I think it was operator error. They fucked up a setting or something. No way of knowing who all got a copy though. Also am I the only one a little upset that they even have this information?
Posted 6/20/17 , edited 6/20/17
Well nothing new here oks.
24648 cr points
Send Message: Send PM GB Post
777 / The White House
Offline
Posted 6/20/17 , edited 6/20/17

ninjitsuko wrote:


Rujikin wrote:

Ffs none of the parties knows what security is. Wonder what is on them...? Is it just generic county level bulk statistic info or does it have info about individual voters.


One thing I've learned is that the government, outside of the DoD-level of operations, have absolutely nothing in terms of security. NetBIOS, rootkits, ... pretty much any exploit that worked back in the late 90's or early 2000 still works on most government computers as long as they're not under the jurisdiction of the Department of Defense. The issue is that neither the political party nor their offices really bother with hiring a security analyst or netadmin with a strong security focus. It's kind of sad, kind of annoying.


People wonder why I dont like filling anything out or signing up for anything....

I've noticed most small businesses dont even bother changing their routers default passwords. The most they do is change the WiFi password.
36311 cr points
Send Message: Send PM GB Post
23 / M / U.S.A.
Online
Posted 6/20/17 , edited 6/21/17

Rujikin wrote:

I've noticed most small businesses dont even bother changing their routers default passwords. The most they do is change the WiFi password.



Sounds like something people would do.
11316 cr points
Send Message: Send PM GB Post
37 / M
Offline
Posted 6/20/17 , edited 6/21/17

Sparrowcc wrote:

It is impossible to out a true voting record. Your ballots are blind. So no one can see who you voted for. Ever. And your record of which elections you voted in or did not vote in are a matter of public record. Anyone can look them up. All I need is your name and your county and I can tell you which elections you voted in or did not vote in.

It sounds like this was a mix of the publicly available voter records that anyone can look up, and personal party information, donation records, etc, that the RNC would have.

So unless you are a donor to the Republican National Party or one of its political organizations, they didn't get any information on you other than information that is already out there for the public.


True... Sorta.

So I do work as a poll worker, and for anyone that signs that votes knows, you sign a book, we assign a number based on a ticket. That ticket goes on a ring, and we press a button. That gets counted and that's the only part stored within a computer (that doesn't even understand wifi, and is basically just above a 1980's casio calculator when it comes to computing power). We know how many votes, and the votes are stored there on a catridge bigger than a god damned original NES cartridge, which after voting, is sent to offices along with a paper printout, the cards and the books.

Now the thing is, were as we have your signature in two spots denoting that you got a number, it doesn't necessarily mean that the votes occur in sequential order. Voter #65 may come before, say voter #63, which in turn may come before voter # 72 followed by #64. The only thing that is important to us is that the overall number of cards matches the number of votes the machine reads.

Now, THEORETICALLY, the thing is that the cards are placed on the ring in order of people who voted So even though #34 may have been our 37th voter, if, THEORETICALLY, the votes are recorded sequentially, you could possible trace back the votes and see who someone voted for.

BUUUUT not by electronic means. You'd have to have the ring of cards, the book of signatures, and the electronic voting record, and pray to god that the ring and the sequential list match up, which you would then have to trace back to see who signed the book to get a (readable) name.

Waaaaaaaayyyyyyyy too much hassle. Especially for a committee to do so for 198 MILLION people's votes.
You must be logged in to post.