I neglected to highlight an Arkansas angle in yesterday’s items about the many things wrong with the misleadingly named Election Integrity Commission endeavoring to fuel conspiracy theories about voter fraud to the benefit of Donald Trump and other Republicans.
Secretary of State Mark Martin is in the middle of criticism.
It was in the Gizmodo story that talked about how easy it would be to hack into the trove of personal national voter data the commission is assembling. It pertains to the demonstrably faulty Crosscheck system devised by Kansas Secretary of State Kris Kobach. Examinations have shown untold numbers of false positives in matching up names on voter records in the states. There ARE, to put it simply, a lot of Mary
In any case, the relevant passage:
“Crosscheck was launched by the Kansas Secretary of State’s office, which continues to run the program to this day. But, for whatever reason, before election officials in Kansas actually acquire any of the voter data, it is dumped onto a server maintained by the Arkansas Secretary of State’s office. According to security experts, the network on which the server sits is highly susceptible to attack. One of the researchers told Gizmodo with high confidence that infiltrating the network would likely take only a matter of hours.”
One of the researchers told Gizmodo with high confidence that infiltrating the network would likely take only a matter of hours.
Researchers at Netragard, a penetration testing company specializing in “realistic threats,” concluded that administrators overseeing the Arkansas server are likely deluded by a false sense of security. The firm’s CEO and managing partner, Adriel Desautels, said that “breaching these systems can likely be done by a novice hacker,” a conclusion he arrived at less than five minutes into examining the network.
“If the State of Arkansas hired us to deliver a penetration test, based on what we see here, we’d almost certainly be able to breach without them detecting us,” Desautels said. “In fact, we’re so confident in that, that we wouldn’t bill them if we failed to breach.”
I’ve asked Secretary of State Mark Martin’s office about the issue.