Computer Server Security and Voting Machine Security

We've had the internet for a solid 20 years now. What I can't stand is how the government can't get its act together when it comes to computer security. It's just amazing in 2017 we still hear stories of hacking. Honestly, this is truly ridiculous. It's just mind boggling to me with all the money we spend on 3-letter organizations that our government can't have secure computers. What the heck are we paying these bozos for. Maybe we just fire EVERYONE at the FBI, CIA, and NSA. It's like all the money we spend on the military and we still get 9/11. What's the fricken point in paying these bozos!!

There should not be a voting machine or voting machine system being used in this country that is not certified by the some 3-letter organization as being secure. Passwords should be done with biometrics. I read several stories of counties putting voting machine systems in place and did not change the manufacturer's default password. This is pure insanity. Again, fire everyone at the FBI, CIA, and NSA for this Shiite. Just freaking unbelievably these systems go "live" without the proper security and certifications.

a reply to: dfnj2015

Well, it does make it easier for the DNC to cheat.

That should make you happy.

a reply to: Metallicus

No it doesn't. I would rather have people indicted for breaking the law regardless of party. Can we at least agree to that?

a reply to: dfnj2015

Centralizing information (so it can be exploited( is why they collect it, period.

a reply to: dfnj2015

My State is a one party state, our county is going to some computerized system where they will store all the voter registration data. Since voting here is pretty pointless, I am going to try to "delist" my registraton before it gets dumped into the computer.

Government, at least in the US can't be trusted with confidential information.

a reply to: dfnj2015

Just for the record, the only secure data is under lock and key, with the power off.

In other words, forget about networked ANYTHING. Electronic voting, unless perhaps using it can be made as secure as Bitcoin, will never work based on proprietary hardware. The avenues for exploitation are practically infinite. Old ladies counting physical ballots, with olther old ladies watching them, is much more secure than anything else.

originally posted by: Namdru
a reply to: dfnj2015

Just for the record, the only secure data is under lock and key, with the power off.

That is not entirely true. It's all about key management. Every bit you add to encryption doubles the amount of time it takes to crack. Eventually, with enough bits of encryption, there will not be enough time in the Universe to crack it.

But Email servers being hacked I bet is a password or firewall issue. Both of those can be addressed by policy. My point is we pay these intelligence agencies to hack everyone else. Why can't they work for the American people by using their superior brain power to ensure our government computers can't be hacked.

You would not give nuclear launch codes away to our enemies. Why would you allow free access to all government computers? There needs to be standards and a level of competence in terms of policy and awareness.

Contrary to Hollywood mythology, hackers do not have free access to every computer on the Internet. Otherwise, if hackers were able to traverse all the boundaries we would have out of control chaos everywhere but we don't. Millions of people's computers would start playing you've been hacked animations. But they don't.

I get it. Government can't do anything well accept the military. But that doesn't mean we have to tolerate blatant corruption or incompetence. This is why this is a rant. It bothers me but most people would rather bitch about Trumps latest circus act.

originally posted by: dfnj2015
a reply to: Metallicus

No it doesn't. I would rather have people indicted for breaking the law regardless of party. Can we at least agree to that?

I guess we can't even agree that both parties should be held accountable when it comes to breaking the law.

You're using "the government" as a singular entity. That's fine as ling as your talking points remain so broad. Security is not uniform in our government. Different agencies have different protocols. Furthermore, protocols may not be followed by human beings who occupy a government position.

Calling for everyone in the NSA to be fired is ludicrous. The NSA has done a lot to help the cybersecurity landscape. If an admin bothers to properly setup selinux on RHEL/CentOS they will benefit from a fine gradient security policy system with periodic audits to boot.

You should be calling out specific individuals and incidences. This fire everyone attitude is moronic.