This is only a Preview!

You must Publish this diary to make this visible to the public,
or click 'Edit Diary' to make further changes first.

Posting a Diary Entry

Daily Kos welcomes blog articles from readers, known as diaries. The Intro section to a diary should be about three paragraphs long, and is required. The body section is optional, as is the poll, which can have 1 to 15 choices. Descriptive tags are also required to help others find your diary by subject; please don't use "cute" tags.

When you're ready, scroll down below the tags and click Save & Preview. You can edit your diary after it's published by clicking Edit Diary. Polls cannot be edited once they are published.

If this is your first time creating a Diary since the Ajax upgrade, before you enter any text below, please press Ctrl-F5 and then hold down the Shift Key and press your browser's Reload button to refresh its cache with the new script files.


  1. One diary daily maximum.
  2. Substantive diaries only. If you don't have at least three solid, original paragraphs, you should probably post a comment in an Open Thread.
  3. No repetitive diaries. Take a moment to ensure your topic hasn't been blogged (you can search for Stories and Diaries that already cover this topic), though fresh original analysis is always welcome.
  4. Use the "Body" textbox if your diary entry is longer than three paragraphs.
  5. Any images in your posts must be hosted by an approved image hosting service (one of: imageshack.us, photobucket.com, flickr.com, smugmug.com, allyoucanupload.com, picturetrail.com, mac.com, webshots.com, editgrid.com).
  6. Copying and pasting entire copyrighted works is prohibited. If you do quote something, keep it brief, always provide a link to the original source, and use the <blockquote> tags to clearly identify the quoted material. Violating this rule is grounds for immediate banning.
  7. Be civil. Do not "call out" other users by name in diary titles. Do not use profanity in diary titles. Don't write diaries whose main purpose is to deliberately inflame.
For the complete list of DailyKos diary guidelines, please click here.

Please begin with an informative title:

There are a couple of recommended posts about anonymous's claims to have hacked the Republican software platform and thereby blocked a planned large-scale forgery of voting results. As someone who dabbles in security, (the main focus of my research is in machine learning and bioinformatics), I thought I'd add my two bits.

I'll add more detail below the orange squiggle, but in brief:
1. Although possible, it is unlikely that the client program of ORCA was an attack agent.
2. It is possible that the Republican's main system was attacked and crashed from the outside. This would be hard to show without examining their logs, and if the hackers were sufficiently clever may be hard to prove even then (i.e. not even false).
3. If some parts of the ORCA software - even the compiled versions - are available it should be possible to examine them with computer forensic techniques to look for holes. It may even be a useful exercise in software engineering, if they didn't fail for trivial reasons.


You must enter an Intro for your Diary Entry between 300 and 1150 characters long (that's approximately 50-175 words without any html or formatting markup).

ORCA client as an attack agent
The client has to be light weight and distributed to many relatively low power machines (things like ipads) in order to function. Suppose it were the attack agent,  This would have to be kept secret, since even the current supreme court would have to throw out an obviously fraudulent election (Rmoney would have been the first president impeached before his oath of office). Keeping that secret would involve making sure that every copy of the ORCA client was removed from every volunteer's machine and not a single copy was leaked to a computer forensics lab.  

There is an interesting possibility that would probably have been beyond the ability of the hackers to stop. A distributed vote-flipping attack (a variation of distributed denial of service), where each individual client flipped a few votes. A centralized vote-flipping attack would leave traces since a single machine or a small number of machines would do the work, but a distributed attack would not leave an obvious track in any system log. However, there would always be tracks for this in the ORCA client.  Either hard coded copies of the attack locations/attack vectors, code to retrieve attack locations and vectors, or anomalous code for automatically downloading software components to attack would have to be present in the client.

So if people believe this is a serious possibility, the thing to do is to examine the client software, disassemble it, and look for anomalous chunks.

Hacking the Main System
This wouldn't surprise me.  It is very difficult to make a "unhackable" computer system. A simple misconfiguration or poor choice of username/password would leave the system vulnerable even if the republicans used a reasonable VPN or ssh.  For example, root/Romney12 (root is the unix administrator account). Since the main system had to talk to its clients in order for the clients to have current information, there must be some communications channels, and these may very well have been vulnerable. A scan with a network utility like nmap would have revealed any known weaknesses.

A distributed denial of service attack would be an alternative.  This would have brought down the system at a critical time and then it may not have had time to resynchronize and recover.

These attacks would be hard to prove without the logs from the republican's machines. There are utilities which can edit the log files on machines that are compromised, so it might take very careful scanning by a skilled forensics person to find the inconsistencies.

Examining ORCA client software
The client software is probably written in a language like Java or C#.  (It is also possible that they used a pure scripting language like python or php, which would be even easier to check).  These languages compile to instructions for a virtual machine that actually does the work. Even without a disassembler, the names of classes and other pointers (pun intended) to the structure of the application are exposed in these languages.  (For example, Java can grab classes from other modules in its class path and use them. It has to be able to find them somehow.)

Even in the absence of disassembly or code examination, a client could be put on a machine where its network connections would be monitored and where the date could be set to Nov 7th.  Attempted connections to the Ohio board of elections or individual county election offices (for example) would be highly suspicious.

Because it is testable, and the consequences of being tested and being found out are severe, I think it is somewhat unlikely that the ORCA client was a vote changing application.  It is not beyond belief that anonymous hacked the republican's servers and caused mischief. Given what I've read about the quality of the ORCA deployment and testing, it may not have been necessary or sufficient to cause them to have software headaches.

Extended (Optional)

Your Email has been sent.