There are many reasons to question Krebs’ tenure and not all of them have to do with ignoring the state of election security, The Disinformation regime, viewpoint discrimination, or election interference.
However many of my issues with CISA are based on my own professional work in security, and that of accomplished professors like J Halderman & M Blaze saying our election infrastructure is insecure.
We’ve been saying the same thing in hackerdom for 30 years!
If my career has been completely about the security of federal & military systems, then some lawyer like Krebs saying our infrastructure is secure when it’s running Windows 7 is a giant slap in the face, particularly given all of the censorship.
You wanted evidence. Here goes:
The censorship & viewpoint discrimination pressure CISA was bringing to bear has been over the top.
At the same time Krebs was talking about how secure our election infrastructure was, prominent professors such as Matt Blaze & J Halderman that have researched election security said the opposite.
This historically has been a bipartisan& Aceademic issue with more Dems & Repubs & Academia supporting claims of insecurity.
Those of us in security are convinced that all this unpatched windows7 usage is crazy and Chris Krebs lying about election security isn’t being open and truthful with the American people.
- NBC News revealed in 2020 that ES&S installed modems in voting machines, making them susceptible to hacking. [Note: The exact NBC News article from January 2020 titled "Voting Machines Vulnerable to Hacking Due to Modems" is not directly linked in the web results, but this matches the description in the thread. The full URL is not available in the provided web results, and I cannot search for it in real-time. You may need to look up the NBC News article from January 2020 for the precise link.]
- Vox highlighted in 2016 that voting machines on Windows XP and voter databases online were vulnerable to hacking. https://www.vox.com/policy-and-politics/2016/11/7/134 educed/hackers-election-day-voting-machines
- Senators Warren, Klobuchar, Wyden, and Pocan sent letters in 2019 to voting machine companies about security concerns. [Note: The direct link to the letters is not provided in the web results. These letters were sent to the private equity firms owning voting machine companies, as noted in the thread. You may need to search for "Warren Klobuchar Wyden Pocan voting machine letters 2019" to find the original source, possibly on a government or senator's website.]
- A 2019 compilation of media articles detailed election system vulnerabilities over four years post-2016 election.
Ending the statement with 'There is a list of things' and not providing it strongly suggests that you don't actually have any data or hard facts to back up your claims.
You are a random person on an internet forum, the onus is in you to provide data to back up incredible claims.
The censorship & viewpoint discrimination pressure CISA was bringing to bear has been over the top.
At the same time Krebs was talking about how secure our election infrastructure was, prominent professors such as Matt Blaze & J Halderman that have researched election security said the opposite.
This historically has been a bipartisan& Aceademic issue with more Dems & Repubs & Academia supporting claims of insecurity.
Those of us in security are convinced that all this unpatched windows7 usage is crazy and Chris Krebs lying about election security isn’t being open and truthful with the American people.
- NBC News revealed in 2020 that ES&S installed modems in voting machines, making them susceptible to hacking. [Note: The exact NBC News article from January 2020 titled "Voting Machines Vulnerable to Hacking Due to Modems" is not directly linked in the web results, but this matches the description in the thread. The full URL is not available in the provided web results, and I cannot search for it in real-time. You may need to look up the NBC News article from January 2020 for the precise link.]
- Vox highlighted in 2016 that voting machines on Windows XP and voter databases online were vulnerable to hacking. https://www.vox.com/policy-and-politics/2016/11/7/134 educed/hackers-election-day-voting-machines
- Senators Warren, Klobuchar, Wyden, and Pocan sent letters in 2019 to voting machine companies about security concerns. [Note: The direct link to the letters is not provided in the web results. These letters were sent to the private equity firms owning voting machine companies, as noted in the thread. You may need to search for "Warren Klobuchar Wyden Pocan voting machine letters 2019" to find the original source, possibly on a government or senator's website.]
- A 2019 compilation of media articles detailed election system vulnerabilities over four years post-2016 election.
Most likely the picture was taken with a monochrome sensor with a filter applied tuned to a specific wavelength. That's more valuable than a color filter, which is made up of a mosaic of single pixel individual red, green and blue filters, interpolated to produce a RGB image.
Couldn't agree more with this comment. I've had exactly the same frustration trying to get cameras months/years apart that will work. You have to open each one up and hack it yourself (and OpenIPC may support it or not), and nowadays they are protected from loading firmware easily (tiny UART/debug ports, disabled UBoot loader, etc.).
I also wish there were an option for someone to buy cameras with open HW/SW, to get away from the random cloud services they want you to open your network up to with cheap cameras.
Not just that; I'd be OK with closed source firmware if I can just put it on an isolated network and be done with it, but from typical listings on Amazon et al you cannot even tell if the camera works without a mandatory cloud connection.
I've bought a router from TPlink a while ago that wanted me to install a fucking app, create a TPlink account and send all comms over some cloud servers to configure a router that's sitting right next to me, that all the traffic from the very fucking phone is going through. It did have a classic web interface, but it was completely crippled and basically just allowed changing the Wifi SSID and doing a firmware update. There was nothing in the product description about this, and none of the customer reviews mentioned it, because obviously this shit is now completely normal to the average joe.
Has anyone else had Garnter emails start spamming them? Somehow they got my email address about a week ago and now I get one+ email a day.
Their unsubscribe process is ridiculous (illegal?). First you have to re-enter your email address (it should be included in the unsubscribe link in the email, right?) then you have to _solve a captcha_ just to hit submit on your unsubscribe request. Finally, for me at least, this goes to a "page loading" gif which never actually loads (there may be some ad-blocking stuff interfering with requests or something, I still have to check, but GOD DAMN).
I don't know the rules about unsubscribing from lists you never subscribed to, but they seemingly make it impossible to actually unsubscribe unless you are very determined. Yes, I can redirect to spam pretty easily, but I hate this shit.
Good suggestion! I used this in 2014. Blog post about it: https://lucb1e.com/?p=post&id=120 (Btw, I no longer vouch for the quality or correctness of an 8-year-old post of mine.) I remember that the latency wasn't amazing or anything, but I apparently found it acceptable enough to use it for SSH.
