If I were building a voting application, I would assume the network is untrusted because I don’t control the networks they run on. I would encrypt everything at the application level and control access at the application level.
1st - you assume there is app encryption. Are you sure ? No proves it isn't no proves it is.
2nd : being real killing blow to your bullshit - communication from is not important if you can compromise source machine. Without well configured firewall or so connection to wifi means not only output out,but also input in you dumb.
Even linux have exploits,and windows... windows is one big bug. If you can compromise voting machines you don't need to compromise application even. Viruses changing bank account number when people are using internet banking are quite popular. You infect voting machines and game over. App don't need to have changed even single bit,its communication too.
You simply don't need to change things going from from application,everyone is trying to explain it to you.
Access to the information system exactly how?
for example mstc.exe - by default it is said to be disabled,but once computers are for example serviced online it could be enabled. And I would suspect it enabled on voting machines.
And yet nobody can read. My point was that just because the Wi-Fi was open to the voting machines does NOT mean that votes could be changed on the voting machines. Actually read OP’s title of their post.
I am not taking a position that the voting machines were safe or free from attack, etc. My position is that simply because a voting machine connected to Wi-Fi without a password does not automagically mean that votes can be changed on the voting machine.
For me it rather looks you can't read things mentioned to you.
My point was that just because the Wi-Fi was open to the voting machines does NOT mean that votes could be changed on the voting machines
It doesn't mean it were changed,but definitely mean can be changed. If not safe from attack that means votes can be changed.Anyone could hack it with ease. 8 year old script kiddie would do it so I say - anyone.Period.
If you interpret that "anyone" means caveman from the street not knowing computers except turning on and off and typing a text,browsing porn or watching video could do that you would be right - such person were unable to do that.But probably only such - anyone with basics able to download and copy-paste exploits would hack it.Period.
The point is also you assume the rest of system were secured. But being sincere there had to be complete idiot to configure this shit those way,and probably the rest too was such F.U.B.A.R. system like we see on the examples of SSIDs and passsword - it would be strange if ladmin (if not saboteur) would fuck only those things. It rather suggests that those network were open like the door of a country barn.
Of course we don't have binary or source of voting application - correct. (If we will have it then probably we will have to use some tool for RE Q mentioned),but I would bet for a beer that those dominion app was fucked up or has backdoor too.
Of course it isn't hard proof of voter fraud - correct.But for example for some circumstantial trial this thing would be useful nevertheless.
1st - you assume there is app encryption. Are you sure ? No proves it isn't no proves it is.
2nd : being real killing blow to your bullshit - communication from is not important if you can compromise source machine. Without well configured firewall or so connection to wifi means not only output out,but also input in you dumb.
Even linux have exploits,and windows... windows is one big bug. If you can compromise voting machines you don't need to compromise application even. Viruses changing bank account number when people are using internet banking are quite popular. You infect voting machines and game over. App don't need to have changed even single bit,its communication too.
You simply don't need to change things going from from application,everyone is trying to explain it to you.
for example mstc.exe - by default it is said to be disabled,but once computers are for example serviced online it could be enabled. And I would suspect it enabled on voting machines.
https://www.welivesecurity.com/2013/09/16/remote-desktop-rdp-hacking-101-i-can-see-your-desktop-from-here/
https://www.beyondtrust.com/blog/entry/how-attackers-exploit-remote-desktop-6-ways-to-step-up-your-cyber-defense
https://blog.netop.com/how-to-protect-against-rdp-hack
Also : router settings or infesting router what allows for example redirecting movement.Once you are in the network you can try attack router.
And yet nobody can read. My point was that just because the Wi-Fi was open to the voting machines does NOT mean that votes could be changed on the voting machines. Actually read OP’s title of their post.
I am not taking a position that the voting machines were safe or free from attack, etc. My position is that simply because a voting machine connected to Wi-Fi without a password does not automagically mean that votes can be changed on the voting machine.
For me it rather looks you can't read things mentioned to you.
It doesn't mean it were changed,but definitely mean can be changed. If not safe from attack that means votes can be changed.Anyone could hack it with ease. 8 year old script kiddie would do it so I say - anyone.Period.
If you interpret that "anyone" means caveman from the street not knowing computers except turning on and off and typing a text,browsing porn or watching video could do that you would be right - such person were unable to do that.But probably only such - anyone with basics able to download and copy-paste exploits would hack it.Period.
The point is also you assume the rest of system were secured. But being sincere there had to be complete idiot to configure this shit those way,and probably the rest too was such F.U.B.A.R. system like we see on the examples of SSIDs and passsword - it would be strange if ladmin (if not saboteur) would fuck only those things. It rather suggests that those network were open like the door of a country barn.
Of course we don't have binary or source of voting application - correct. (If we will have it then probably we will have to use some tool for RE Q mentioned),but I would bet for a beer that those dominion app was fucked up or has backdoor too.
Of course it isn't hard proof of voter fraud - correct.But for example for some circumstantial trial this thing would be useful nevertheless.