These Machines were being managed by a Win10 system certified in March 2020 using an image deployed in February. Not a single asset was updated past August 2020.
Wifi access is not the same as Direct Access unless you’re claiming a vulnerability enables an attacker access that they would not otherwise have remotely.
Wireless access IS direct access if you know what youre doing.
It doesn't require vulnerabilities or 0day. Do you even know what a RAT (remote admin tool) is?
A RAT and wireless access gives a remote user full control over the entire system. Attacker can even remotely take over your mouse control and act like he was physically sitting at the terminal
IT (over three decades). You are Flat Out Wrong about “unless you have physical access” and you should know once you get into a system via the internet, you can control it. That means “manipulate and/or delete data”. This is not brain surgery - it’s SOP. I hope you just misunderstood the context, because otherwise ....
Access to the information system exactly how? It doesn’t matter if you can see the traffic flowing across the network if the traffic is encrypted at the application/session layer. You have no access to it. It doesn’t matter if your network access to the voting machine means that the voting machine refuses to accept admin connections from your IP address. Access control of management ports is STANDARD practice.
Please describe EXACTLY how you intend to gain access to a voting machine over the Internet that refuses to answer from your source IP address.
The attack surface is anything on the win10 based machine if you get privileged access via any number up exploits the sky is the limit you can do anything.... read memory directly... write to it... whatever you want. A lot of places had machines with admin interfaces using default passwords too although I don’t know for sure about this exact case. Either way it’s ridiculous if you really believe there is no way to gain control just because a network channel might be encrypted.
Actual IT guy here.
Physical Access is all access.
If this Machine was left on an unsecured network I would have direct access.
Less than two hours worth of YouTube videos could teach the average adult all they need to be able to quickly compromise these Machines.
You would have nothing unless you have physical access to the voting machines themselves. That is NOT what this post was declaring.
Is physical access “game over”. I agree for the most part. (unless the target is encrypted, etc.). But that is NOT was this post was declaring.
I have 20 years of IT experience. Don’t claim to be an “Actual IT guy”.
Wifi Access is the same as Direct Access.
These Machines were being managed by a Win10 system certified in March 2020 using an image deployed in February. Not a single asset was updated past August 2020.
That took me 2 minutes.
Wifi access is not the same as Direct Access unless you’re claiming a vulnerability enables an attacker access that they would not otherwise have remotely.
You are talking out of your ass.
Wireless access IS direct access if you know what youre doing.
It doesn't require vulnerabilities or 0day. Do you even know what a RAT (remote admin tool) is?
A RAT and wireless access gives a remote user full control over the entire system. Attacker can even remotely take over your mouse control and act like he was physically sitting at the terminal
IT (over three decades). You are Flat Out Wrong about “unless you have physical access” and you should know once you get into a system via the internet, you can control it. That means “manipulate and/or delete data”. This is not brain surgery - it’s SOP. I hope you just misunderstood the context, because otherwise ....
Access to the information system exactly how? It doesn’t matter if you can see the traffic flowing across the network if the traffic is encrypted at the application/session layer. You have no access to it. It doesn’t matter if your network access to the voting machine means that the voting machine refuses to accept admin connections from your IP address. Access control of management ports is STANDARD practice.
Please describe EXACTLY how you intend to gain access to a voting machine over the Internet that refuses to answer from your source IP address.
The attack surface is anything on the win10 based machine if you get privileged access via any number up exploits the sky is the limit you can do anything.... read memory directly... write to it... whatever you want. A lot of places had machines with admin interfaces using default passwords too although I don’t know for sure about this exact case. Either way it’s ridiculous if you really believe there is no way to gain control just because a network channel might be encrypted.
"actual IT guy here"
After reading that Im not so sure.