Profile picture
Richard DeMillo @rad_atl
, 9 tweets, 2 min read Read on Twitter
1/I've been asked how malware capable of undetectable manipulation can find its way onto computers used in GA elections. 2 Windows systems are used. Windows CE for Diebold touchscreen voting machines and desktop versions of Windows for tabulation. Here are the vulnerabilities.
2/ Windows CE is the mobile version of Windows used in hand held devices around the year 2000 (remember?) Windows CE basically has no security features at all. These are the vulnerabilities. Windows CE is an obsolete Microsoft product. It has not been strengthened.
3/Hackers cracking familiar desktop Windows OS try to take over when the computer is first turned on when various tests are run and necessary software is loaded. If something bad happens here, abandon all hope. You'll never find the malware bc its hiding deep b4 even the OS loads
4/ Anti virus software doesn't exist for Win CE. Anti virus software is ineffective if the boot sequence is compromised. And it doesn't matter if the machines are connected to the Internet.
5/Bios updates happen invisibly, often when vendors like Dell flash updates for drivers and firmware. POST sequences pull code from attached devices which may have been purchased from 3rd parties bc original parts are no longer available from original mfr.
6/You cant even trust memory which may have been replaced during system maintenance (KSU/CES did exactly that). When the boot sequence sets up memory it will read whatever is loaded into certain memory locations. Remember: no OS to help you out at this point.
7/A big problem bc Defcon researchers found Chinese songs stored in the memory of Winvote voting machines. That memory was supposed to be initialized and not contain any data at all. Means to me that the supply chains are compromised. Oh, and by the way:
8/Barcode readers and writers are examples of devices that are queried during system initialization. So you barcode enthusiasts, just keep that in mind as you drift off to sleep tonight.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Richard DeMillo
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!