Skip to main content

There are a couple of recommended posts about anonymous's claims to have hacked the Republican software platform and thereby blocked a planned large-scale forgery of voting results. As someone who dabbles in security, (the main focus of my research is in machine learning and bioinformatics), I thought I'd add my two bits.

I'll add more detail below the orange squiggle, but in brief:
1. Although possible, it is unlikely that the client program of ORCA was an attack agent.
2. It is possible that the Republican's main system was attacked and crashed from the outside. This would be hard to show without examining their logs, and if the hackers were sufficiently clever may be hard to prove even then (i.e. not even false).
3. If some parts of the ORCA software - even the compiled versions - are available it should be possible to examine them with computer forensic techniques to look for holes. It may even be a useful exercise in software engineering, if they didn't fail for trivial reasons.

ORCA client as an attack agent
The client has to be light weight and distributed to many relatively low power machines (things like ipads) in order to function. Suppose it were the attack agent,  This would have to be kept secret, since even the current supreme court would have to throw out an obviously fraudulent election (Rmoney would have been the first president impeached before his oath of office). Keeping that secret would involve making sure that every copy of the ORCA client was removed from every volunteer's machine and not a single copy was leaked to a computer forensics lab.  

There is an interesting possibility that would probably have been beyond the ability of the hackers to stop. A distributed vote-flipping attack (a variation of distributed denial of service), where each individual client flipped a few votes. A centralized vote-flipping attack would leave traces since a single machine or a small number of machines would do the work, but a distributed attack would not leave an obvious track in any system log. However, there would always be tracks for this in the ORCA client.  Either hard coded copies of the attack locations/attack vectors, code to retrieve attack locations and vectors, or anomalous code for automatically downloading software components to attack would have to be present in the client.

So if people believe this is a serious possibility, the thing to do is to examine the client software, disassemble it, and look for anomalous chunks.

Hacking the Main System
This wouldn't surprise me.  It is very difficult to make a "unhackable" computer system. A simple misconfiguration or poor choice of username/password would leave the system vulnerable even if the republicans used a reasonable VPN or ssh.  For example, root/Romney12 (root is the unix administrator account). Since the main system had to talk to its clients in order for the clients to have current information, there must be some communications channels, and these may very well have been vulnerable. A scan with a network utility like nmap would have revealed any known weaknesses.

A distributed denial of service attack would be an alternative.  This would have brought down the system at a critical time and then it may not have had time to resynchronize and recover.

These attacks would be hard to prove without the logs from the republican's machines. There are utilities which can edit the log files on machines that are compromised, so it might take very careful scanning by a skilled forensics person to find the inconsistencies.

Examining ORCA client software
The client software is probably written in a language like Java or C#.  (It is also possible that they used a pure scripting language like python or php, which would be even easier to check).  These languages compile to instructions for a virtual machine that actually does the work. Even without a disassembler, the names of classes and other pointers (pun intended) to the structure of the application are exposed in these languages.  (For example, Java can grab classes from other modules in its class path and use them. It has to be able to find them somehow.)

Even in the absence of disassembly or code examination, a client could be put on a machine where its network connections would be monitored and where the date could be set to Nov 7th.  Attempted connections to the Ohio board of elections or individual county election offices (for example) would be highly suspicious.

Because it is testable, and the consequences of being tested and being found out are severe, I think it is somewhat unlikely that the ORCA client was a vote changing application.  It is not beyond belief that anonymous hacked the republican's servers and caused mischief. Given what I've read about the quality of the ORCA deployment and testing, it may not have been necessary or sufficient to cause them to have software headaches.

Your Email has been sent.
You must add at least one tag to this diary before publishing it.

Add keywords that describe this diary. Separate multiple keywords with commas.
Tagging tips - Search For Tags - Browse For Tags


More Tagging tips:

A tag is a way to search for this diary. If someone is searching for "Barack Obama," is this a diary they'd be trying to find?

Use a person's full name, without any title. Senator Obama may become President Obama, and Michelle Obama might run for office.

If your diary covers an election or elected official, use election tags, which are generally the state abbreviation followed by the office. CA-01 is the first district House seat. CA-Sen covers both senate races. NY-GOV covers the New York governor's race.

Tags do not compound: that is, "education reform" is a completely different tag from "education". A tag like "reform" alone is probably not meaningful.

Consider if one or more of these tags fits your diary: Civil Rights, Community, Congress, Culture, Economy, Education, Elections, Energy, Environment, Health Care, International, Labor, Law, Media, Meta, National Security, Science, Transportation, or White House. If your diary is specific to a state, consider adding the state (California, Texas, etc). Keep in mind, though, that there are many wonderful and important diaries that don't fit in any of these tags. Don't worry if yours doesn't.

You can add a private note to this diary when hotlisting it:
Are you sure you want to remove this diary from your hotlist?
Are you sure you want to remove your recommendation? You can only recommend a diary once, so you will not be able to re-recommend it afterwards.
Rescue this diary, and add a note:
Are you sure you want to remove this diary from Rescue?
Choose where to republish this diary. The diary will be added to the queue for that group. Publish it from the queue to make it appear.

You must be a member of a group to use this feature.

Add a quick update to your diary without changing the diary itself:
Are you sure you want to remove this diary?
(The diary will be removed from the site and returned to your drafts for further editing.)
(The diary will be removed.)
Are you sure you want to save these changes to the published diary?

Comment Preferences

  •  From my reading of the comments I get that (1+ / 0-)
    Recommended by:

    Anon. used a BJ attack, the old winds blowing through the barn door trick.

    Hey, GOP - Get In, Sit Down, Shut up, & Hang On!

    by 88kathy on Sun Nov 18, 2012 at 08:49:10 AM PST

  •  Thanks for a reasoned evaluation. (1+ / 0-)
    Recommended by:

    He who can make you believe absurdities, can make you commit atrocities.

    by Sophie Amrain on Sun Nov 18, 2012 at 09:11:43 AM PST

  •  Get out the vote does not necessarily mean (2+ / 0-)
    Recommended by:
    Amber6541, smokey545

    the same in Republican speak as it does in Democratic speak. "Get out" may well be similar in meaning to "out, out, damned spot."
    If the electorate cannot be sufficiently trimmed and thinned afore hand, targeting the ballots as they are logged makes sense.
    We tend to assume that miscreants won't do the same thing again, but they do.  That's why we call them habitual offenders. Our false assumptions give them cover. A reputation for incompetence also gives them cover.

    We organize governments to provide benefits and prevent abuse.

    by hannah on Sun Nov 18, 2012 at 09:22:57 AM PST

    •  What to look for. (4+ / 0-)

      A distributed vote flipping attack is what would worry me the most simply because it would be the hardest to trace and prove.  

      Most of the individual vote counting machines are not connected directly to the internet (at least in Georgia). The poll workers manually tabulate (take a device from machine to machine) the votes and report them up to the county.

      Unless they manually take a physical device to the county office, the system is now vulnerable to flipping via a remote access (assuming this is possible).  The county machines that report to the state will also have remote access at least some of the time.

      With a non-distributed attacks there would be a single host accessing either county or state machines.  With a distributed attack there would be individual and different machines accessing county or state machines.  In either case there would be an external access that should not happen.

      To prevent these sorts of attacks, it is necessary, but possibly not sufficient, to have the summarizing and tabulating machines configured so that the only respond to certain machines.  Each machine has an IP number and a set of "ports". Each data packet contains the IP number of the originator, the IP number of the destination, and the port to use. The ports determine what program is called for each packet of data send to a machine (for example port 80 calls up the webserver in response to a web browser's request for a page). It is not difficult to set up machines so that they will only talk on certain ports to certain machines.  (in other words, the state machine should only listen to pre-registered county machines and so forth). It's not sufficient because you could have a corrupted machine that ignored its configuration and responds to specific requests from an attacker.  Therefore in addition to configuring the machines properly, the elections office should scan the machines (look up nmap, but there are others) to check that unusual ports have not been opened up.

      It is also important to use some sort of encryption and signature algorithm to ensure that the data is exchanged correctly without being manipulated by a "man in the middle".

      If something like this isn't happening, then the election system is very vulnerable.  An "incompetent" board of elections could deliberately leave the system open.

      •  Paper ballots (0+ / 0-)

        How many battleground states have VVPB laws, like Ohio?

        If the DRE is printing out Paper, that vastly complicates the flip.

        IIRC Ohio has a auto paper recount if the DRE totals are within .5% in a race. SO one might wish to flip enough votes to win by .51% or more.

        Forcing the vote flipper to flip more votes, to avoid the auto paper recount. But leaving a thicker trail of flips is more visible.

        FDR 9-23-33, "If we cannot do this one way, we will do it another way. But do it we will.

        by Roger Fox on Sun Nov 18, 2012 at 10:40:05 AM PST

        [ Parent ]

  •  Very reasonable and well-reasoned (0+ / 0-)

    I don't know anything about this, but this seems to be a very reasonable argument based on knowledge I do not possess. Thank you for sharing your expertise with us. We otherwise have no way of assessing whether what anonymous says is plausible.

    Helping a food pantry on the Cheyenne River Reservation,Okiciyap." ><"

    by betson08 on Sun Nov 18, 2012 at 09:31:26 AM PST

  •  Maybe its just me but (0+ / 0-)

    though it does seem that ORCA was a a colossal failure, it was nothing more than a GOTV tactic that failed.  

    The idea that somehow ORCA could have been used to manipulate and alter reported vote totals I find not credible.  I noticed in the Anonymous claim reference to their "tunnels."   What has Ted Stevens resurfaced and joined Anonymous?  

    At least in Ohio at this point I am relatively confident of our counting and reporting system.  Each County generates and reports their own number in a bi-partisan process.  Its easy enough to add up the County numbers and see if the state totals match.

    •  Every DRE in Ohio prints a paper ballot (1+ / 0-)
      Recommended by:

      FDR 9-23-33, "If we cannot do this one way, we will do it another way. But do it we will.

      by Roger Fox on Sun Nov 18, 2012 at 10:41:40 AM PST

      [ Parent ]

    •  tunneling (1+ / 0-)
      Recommended by:

      Tunnelling is slang for redirecting data packets through a machine or system of machines. It's typically done to avoid a restriction - ten years ago my university blocked all incoming logins, but left web servers open - so we "tunnelled" a webserver to let us remotely log into our machines.
      (google netcat to see an example package).

      I really like paper backups - or for that matter any non-volatile (write once) backup system.

      That raises the barriers to funny business way above any reasonable level - because it can always be checked.  The level of paranoia about voting machines can drop nearly to zero with a non-volatile backup.

  •  I read a detailed description by a ORCA user (1+ / 0-)
    Recommended by:

    And he was only trying to use ORCA as a GOTV app on his smartphone at and it seemed to be only a GOTV software package that deployed late, crashed a lot and was very buggy.

    Romney had no IT staff until after Labor Day according to Mother Jones so the Romney campaign was way behind the curve.

    ORCA was probably an outsourced GOTV software package.

    Major fail.

    The Ace of Spades HQ web site had the original article. A good read on how ORCA failed big time.

    "We must be the change we wish to see in the world" - Gandhi
    "The test of our progress is not whether we add more to the abundance of those who have much; it is whether we provide enough for those who have too little" – FDR

    by smokey545 on Sun Nov 18, 2012 at 11:35:16 AM PST

    •  well of course it was outsourced (0+ / 0-)

      this is Mitt Romney we're talking about

      My money says Romney sues  his own campaign,  or the RNC, collects a settlment, and then sells the company that wrote the ORCA package ... which he already owns thru his "blind" trust, pockets the vig, and adds  solid gold controls on his car elevator.

      It's not a fake orgasm; it's a real yawn.

      by sayitaintso on Sun Nov 18, 2012 at 03:40:50 PM PST

      [ Parent ]

  •  Electronic Voting Machines (0+ / 0-)

    Electronic Voting Machines that do not create a paper record of a vote can easily be hacked and can flip an election without trace.  The bad code can be loaded in and operate all the way through the voting, skewing the vote however the hacker desires.  And as soon as the voting is completed and totals are requested, the hacked code can report out the bogus results and erase itself, leaving the nice pristine, honest code alone.
    The only way we eliminate that possibility is to require hand-marked paper ballots for every election.  The hand-marked ballots can be read with scanners to make the arithmetic easier, but paper ballots can be retained for actual recounts.  Electronic voting machine have no paper trail.  
    A simple paper ballot, marked by a #2 pencil, is also the cheapest -- and quickest -- method for balloting.  

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site