238
She Won. They Didn't Just Change the Machines. They Rewired the Election.
(thiswillhold.substack.com)
this post was submitted on 15 Jun 2025
238 points (78.7% liked)
United States | News & Politics
3001 readers
1221 users here now
Welcome to !usa@midwest.social, where you can share and converse about the different things happening all over/about the United States.
If you’re interested in participating, please subscribe.
Rules
Be respectful and civil. No racism/bigotry/hateful speech.
Post anything related to the United States.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Wait. This article suggests that a UPS was an attack vector.
Really?
That's actually extremely plausible.
A smart UPS needs to have access to some very low level functionality on the machine it's connected to in order to safely power it off in the event of a power failure. So you're talking about having at least some root / kernel level access there. It's not crazy to imagine that a malicious driver update could slip in more.
As another poster commented, I'd like to see this actually simulated to be sure, but it's not an idea that I'm willing to dismiss out of hand.
All they need is the ability to report battery percentage and send an ahci shutdown command to the OS. This is usually handled by an agent running on the machine, otherwise networked ups's would be useless
Yes, but in theory a malicious driver could do more. How much more I'm not exactly certain of, but I'm not going to outright dismiss the idea. Like I said, I'd like to see someone prove it in a lab.
The most wtf part is using windows on a voting machine and the fact that windows trusts an UPS that connected via usb, I'm not sure how true it is but I'd kind of believe that, as usb is the best way to attack airgapped systems
The voting village at defcon is a nightmare, a dream or a joke depending on your perspective
The most WTF part is that you all use voting machines. In Canadian federal elections every vote is counted by hand, end of story.
IMO there's nothing wrong with both.
💯 we should all be very wary of voting machines. If it's not fully open source and cryptographically verifiable, it's not secure.
Same in the UK
I can't speak for the whole US, but in Connecticut we use a Scantron sort of system where you fill in bubbles on paper and feed it into a machine. This leaves us with a paper ballot in addition to the machine's totals. Using machines isn't necessarily a bad thing, it makes the count a lot faster and it's not like human counters couldn't lie. If other states don't have that paper backup though, they should.
We use the same thing for civic and provincial elections in Canada, but for federal it's strictly hand count only.
The reason governments use windows is because Microsoft paid to have the various certifications done that are required by regulators. That's why when they do use Linux they end up using something like RHEL (the support contracts factor in too)
Sure, why not, any internet connected device is inherently unsafe.