Security version of Everyone should code

Post Reply
User avatar
Pigeon
Posts: 18062
Joined: Thu Mar 31, 2011 3:00 pm

Security version of Everyone should code

Post by Pigeon » Sat Oct 16, 2021 11:23 am

Judge bars county clerk after voting machine passwords leaked to QAnon

This week, a Colorado judge barred Mesa County Clerk Tina Peters from overseeing the county’s upcoming November election in relation to a leak of voting machine BIOS passwords. Peters, who tweeted in support of former President Donald Trump’s election conspiracy theories, invited a man named Gerald Wood to a meeting involving a “trusted build” software update that was meant to ensure the security of the county’s voting machines. Peters claimed Wood was an “administrative assistant” transitioning to her office, but then later described him as a “consultant” she hired to copy information from the computers.

Ahead of the meeting, Belinda Knisley, Peters’ deputy, sent an email to staff asking that they turn off the security cameras in the Election Department and not turn them back on until after August 1st. Knisley didn’t explain the reason for her request, but it was carried out either way. On the day of the meeting, Wood photographed a spreadsheet that contained the passwords to the machines and copied over their hard drives. Following the meeting, the passwords were publicly posted to an “online social media site.”

“Peters directed the creation of the images of the hard drive, which was not authorized by law and which directly led to the decommissioning of Mesa County’s voting systems, facilitating the leak of sensitive data and exposed the county’s voting system to compromise,” Judge Valerie Robinson wrote in a decision spotted by Ars Technica.



Post Reply