EXCLUSIVE: Top Election Official Found ‘No Credible Evidence of Election Tampering

[Amica Nostra 4,803]

20 hours ago, IAMX said:

They're still yet to figure out it's Americans who voted Trump into the WH rather than Russians. 

 

15 hours ago, IAMX said:

Aye.. some wonderful quotes of the posts I can see:

 

 

 

 

 

 

 

 

 

 

You have a lot of spare time on your hands, but at least you care enough to collect our quotes!

[IAMX 3,055]

4 minutes ago, ccneat said:

 

You have a lot of spare time on your hands, but at least you care enough to collect our quotes!

Took about 5 minutes just doing a simple search of "Putin" and "Russia", and having a natural art of skimming. I loved this gem:

 

"For brief periods the Athenians set aside democracy and adopted a single ruler for the good of the nation, we are entering such a period."

 

How's that single ruler government coming along?

Edited June 22, 2017 by IAMX

[Amica Nostra 4,803]

14 minutes ago, IAMX said:

Took about 5 minutes just doing a simple search of "Putin" and "Russia", and having a natural art of skimming. I loved this gem:

 

"For brief periods the Athenians set aside democracy and adopted a single ruler for the good of the nation, we are entering such a period."

 

How's that single ruler government coming along?

Looks froggie is on the run at this point...

[IAMX 3,055]

2 minutes ago, ccneat said:

Looks froggie is on the run at this point...

From the unhinged left? Possibly.. they worry me too.

 

But certainly not from elections. 

[Amica Nostra 4,803]

On 6/21/2017 at 6:14 AM, jg121783 said:

I wonder who is more credible here. Bloomberg with their annynomous sources or the president of the National Association of Secretaries of State. I bet the left will go with the anonymous sources because they back their made up narrative.

I don't think that the Bloomberg Report contradicts  this comment : "No major cybersecurity issues were reported on Election Day: November 8, 2016"  

 

Bloomberg

Russia’s cyber-attack on the U.S. electoral system before Donald Trump’s election was far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.

In Illinois, investigators found evidence that cyber intruders tried to delete or alter voter data. The hackers accessed software designed to be used by poll workers on Election Day, and in at least one state accessed a campaign finance database. Details of the wave of attacks, in the summer and fall of 2016, were provided by three people with direct knowledge of the U.S. investigation into the matter. In all, the Russian hackers hit systems in a total of 39 states, one of them said.

 

So we are really talking apples and oranges here.  As far as we know the hacking efforts were not successful in disrupting the day of election activities. I don't think the voting tallies would even be the target.  One big concern would be that voter rolls would be altered creating confusion at the polls with everyone needing to sign an affidavit  and take a provisional ballot gumming up the works.  That is always a challenge hackers or not, a lot of things go wrong with the voter rolls.

 

One of the best features of our election system is that it is federated and distributed down to the country level making it a tough nut to crack on a wholesale level. Inversely, one of the challenges from an IT Security standpoint is that same distribution. So many systems to insure the correct level of security.

[IAMX 3,055]

2 hours ago, ccneat said:

I don't think that the Bloomberg Report contradicts  this comment : "No major cybersecurity issues were reported on Election Day: November 8, 2016"  

 

Bloomberg

Russia’s cyber-attack on the U.S. electoral system before Donald Trump’s election was far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.

In Illinois, investigators found evidence that cyber intruders tried to delete or alter voter data. The hackers accessed software designed to be used by poll workers on Election Day, and in at least one state accessed a campaign finance database. Details of the wave of attacks, in the summer and fall of 2016, were provided by three people with direct knowledge of the U.S. investigation into the matter. In all, the Russian hackers hit systems in a total of 39 states, one of them said.

 

So we are really talking apples and oranges here.  As far as we know the hacking efforts were not successful in disrupting the day of election activities. I don't think the voting tallies would even be the target.  One big concern would be that voter rolls would be altered creating confusion at the polls with everyone needing to sign an affidavit  and take a provisional ballot gumming up the works.  That is always a challenge hackers or not, a lot of things go wrong with the voter rolls.

 

One of the best features of our election system is that it is federated and distributed down to the country level making it a tough nut to crack on a wholesale level. Inversely, one of the challenges from an IT Security standpoint is that same distribution. So many systems to insure the correct level of security.

Spear phishing is as much an attack as McDonalds' ads are twisting your arm into buying a McDouble. In the end, there's a conscious choice to partake in an action that can be detrimental to one's own interest, such as opening attachment from unverified sources, or clicking links rather than manually putting in the link via copy/paste. Phishing of any kind is extremely easy to defeat by using common sense.

Edited June 22, 2017 by IAMX

[Amica Nostra 4,803]

45 minutes ago, IAMX said:

Spear phishing is as much an attack as McDonalds' ads are twisting your arm into buying a McDouble. In the end, there's a conscious choice to partake in an action that can be detrimental to one's own interest, such as opening attachment from unverified sources, or clicking links rather than manually putting in the link via copy/paste. Phishing of any kind is extremely easy to defeat by using common sense.

Not everyone is a smart , brilliant , articulate and perceptive as your are. Most folk are not like you and cannot tell when they are being bs'd

[IAMX 3,055]

43 minutes ago, ccneat said:

Not everyone is a smart , brilliant , articulate and perceptive as your are. Most folk are not like you and cannot tell when they are being bs'd

Me: "Common Sense"

You: "Smart, brilliance, articulate, and perceptive"

 

You writing for WaPo?

 

Knowing not to 1) Open attachments, especially in secure environments, unless they come from a local server, and 2) Not clicking on links (that can be spoofed) isn't something only brilliant people do. Guaranteed those employed by the US government and DNC are specifically trained on this. They just chose to ignore it. 

 

It shouldn't take being compromised (hacked, identity stolen, etc.) to know how to learn basic security for protecting your own computer and data. People who are trained in this (virtually everyone that has a job that deals with emails, and especially those working with sensitive data) have absolutely no excuse. It's 100% their own fault if they are phished and have data compromised. Especially in the case of people like Podesta losing his devices (with sensitive data) in public places, or Clinton using a private home email server for highly classified communications where the IT guy had to ask Reddit both how to secure their server and how to destroy evidence.

Edited June 22, 2017 by IAMX

[Dashinka 24,492]

1 hour ago, ccneat said:

Not everyone is a smart , brilliant , articulate and perceptive as your are. Most folk are not like you and cannot tell when they are being bs'd

Like the brainiacs running Hillary's campaign?

[Amica Nostra 4,803]

41 minutes ago, IAMX said:

Me: "Common Sense"

You: "Smart, brilliance, articulate, and perceptive"

 

You writing for WaPo?

 

Knowing not to 1) Open attachments, especially in secure environments, unless they come from a local server, and 2) Not clicking on links (that can be spoofed) isn't something only brilliant people do. Guaranteed those employed by the US government and DNC are specifically trained on this. They just chose to ignore it. 

 

It shouldn't take being compromised (hacked, identity stolen, etc.) to know how to learn basic security for protecting your own computer and data. People who are trained in this (virtually everyone that has a job that deals with emails, and especially those working with sensitive data) have absolutely no excuse. It's 100% their own fault if they are phished and have data compromised. Especially in the case of people like Podesta losing his devices (with sensitive data) in public places, or Clinton using a private home email server for highly classified communications where the IT guy had to ask Reddit both how to secure their server and how to destroy evidence.

83% of large organizations test their vulnerability through testing employee clicks. 17 % of the time the testing fails.  So it may be all well and good to say there is no excuse,  but the entire org is at risk with one bad link.  And if there is a desirable target behind that firewall, the attacker will be clever and relentless.

[IAMX 3,055]

52 minutes ago, ccneat said:

83% of large organizations test their vulnerability through testing employee clicks. 17 % of the time the testing fails.  So it may be all well and good to say there is no excuse,  but the entire org is at risk with one bad link.  And if there is a desirable target behind that firewall, the attacker will be clever and relentless.

Then give people like Podesta simple phones they can only make phone calls with and not a Blackberry or whatever he uses, and bar people like Clinton from setting up their own private email server to do government business with. They're supposed to be archiving them on government servers anyways for the sake of record keeping, not keeping them on private servers to be bleached/destroyed when they receive a Congressional subpoena. Everything wrong here is how individuals like Podesta, Clinton, et al. handled it.. anyone involved in phishing of any kind couldn't have done it without their help.

Edited June 23, 2017 by IAMX

[Amica Nostra 4,803]

3 hours ago, IAMX said:

Then give people like Podesta simple phones they can only make phone calls with and not a Blackberry or whatever he uses, and bar people like Clinton from setting up their own private email server to do government business with. They're supposed to be archiving them on government servers anyways for the sake of record keeping, not keeping them on private servers to be bleached/destroyed when they receive a Congressional subpoena. Everything wrong here is how individuals like Podesta, Clinton, et al. handled it.. anyone involved in phishing of any kind couldn't have done it without their help.

Spoken like a true bean counter

[Dashinka 24,492]

6 hours ago, ccneat said:

Spoken like a true bean counter

What if the phishing had come from someone inside the US, does that make it better?  At some point people have to take responsibility for their own actions.  There are nefarious people all over the world trying to cheat, steal, or just cause mayhem.  The best way to combat that is to be self vigilant in one's own security.

[Amica Nostra 4,803]

3 hours ago, Bill & Katya said:

What if the phishing had come from someone inside the US, does that make it better?  At some point people have to take responsibility for their own actions.  There are nefarious people all over the world trying to cheat, steal, or just cause mayhem.  The best way to combat that is to be self vigilant in one's own security.

Time has shown that end user education increases  security in areas like links and passwords helps but it is not enough to keep  your assets protected.   Security breaches  in it are not all about individual responsibility, architecture and technology choices are key. 

[IAMX 3,055]

5 minutes ago, ccneat said:

Time has shown that end user education increases  security in areas like links and passwords helps but it is not enough to keep  your assets protected.   Security breaches  in it are not all about individual responsibility, architecture and technology choices are key. 

This is not about "security breaches" in general. In the case of phishing, which this subject is about.. it's entirely the end user who needs to disregard their training and common sense security to allow others access to their data. You've been worked up about phishing campaigns, but there's no proof this phishing campaigns 1) came from the Russians, and 2) shows Russians "hacked", "meddled", etc. in the elections. Thus far it's much hysteria over run of the mill threats with no substance.