Article from Mother Board by Kim Zetter: Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States <read>
Remote access software can be used to take over a computer from a distant computer for maintenance and trouble-shooting, unfortunately also from fraud.
From the article:
The nation’s top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years, raising questions about the security of those systems and the integrity of elections that were conducted with them.
In a letter sent to Sen. Ron Wyden (D-OR) in April and obtained recently by Motherboard, Election Systems and Software acknowledged that it had “provided pcAnywhere remote connection software … to a small number of customers between 2000 and 2006,” which was installed on the election-management system ES&S sold them.
The statement contradicts what the company told me and fact checkers for a story I wrote for the New York Times in February. At that time, a spokesperson said ES&S had never installed pcAnywhere on any election system it sold. “None of the employees, … including long-tenured employees, has any knowledge that our voting systems have ever been sold with remote-access software,” the spokesperson said.
ES&S did not respond on Monday to questions from Motherboard, and it’s not clear why the company changed its response between February and April. Lawmakers, however, have subpoena powers that can compel a company to hand over documents or provide sworn testimony on a matter lawmakers are investigating, and a statement made to lawmakers that is later proven false can have greater consequence for a company than one made to reporters.
Election-management systems are not the voting terminals that voters use to cast their ballots, but are just as critical: they sit in county election offices and contain software that in some counties is used to program all the voting machines used in the county; the systems also tabulate final results aggregated from voting machines.
We point out that because those machines can be used to “used to program all the voting machines”, they can be used to change the software used on those machines and essentially are just as risky to those machines as would be if pcAnywhere were installed on those machines as well.
Wyden told Motherboard that installing remote-access software and modems on election equipment “is the worst decision for security short of leaving ballot boxes on a Moscow street corner.”
I would add that lying about ballot boxes being left on a Moscow street corner is equivalent to flat 0ut lying about the software installed on your products. We should expect more from companies whose hands and integrity upon which our elections depend.
