Tag Archive for: recall

Election security experts call for rigorous audit to protect upcoming California gubernatorial recall

/in


A group of election security experts on Thursday called for a rigorous audit of the upcoming recall election for California’s governor after copies of systems used to run elections across the country were released publicly.

Their letter sent to the secretary of state’s office urges the state to conduct a type of post-election audit that can help detect malicious attempts to interfere.

The statewide recall targeting Democratic Gov. Gavin Newsom, set for Sept. 14, is the first election since copies of Dominion Voting Systems’ election management system were distributed last month at an event organized by MyPillow CEO Mike Lindell, an ally of former President Donald Trump who has made unsubstantiated claims about last year’s election. Election offices across 30 states use the Dominion system, including 40 counties in California.

Election security experts have said the breaches, from a county in Colorado and another in Michigan, pose a heightened risk to elections because the system is used for a number of administrative functions — from designing ballots and configuring voting machines to tallying results. In the letter, the experts said they do not have evidence that anyone plans to attempt a hack of the systems used in California and are not casting blame on Dominion.

“However, it is critical to recognize that the release of the Dominion software into the wild has increased the risk to the security of California elections to the point that emergency action is warranted,” the experts wrote in their letter, which was shared with The Associated Press.

The eight experts signing the letter include computer scientists, election technology experts and cybersecurity researchers.

Jenna Dresner, a spokeswoman for Secretary of State Shirley Weber, said the 40 counties in California using Dominion employ a different version of the election management system that meets various state-specific requirements. She outlined numerous security measures in place to protect voting systems across the state. That includes regular testing for vulnerabilities, strict controls on who has access, physical security rules and pre-election testing to ensure that no…

Source…

No over-the-air update means GM has to recall four million cars to fix fatal software defect

/in
No over-the-air update means GM has to recall four million cars to fix fatal software defect

US motor company General Motors is recalling four million vehicles worldwide due to a software bug that has been linked to at least one death.

Read more in my article on the Hot for Security blog.

Graham Cluley

With ‘recall,’ Fiat Chrysler makes its car hack worse

/in

After Wired showed two hackers remotely gain access and immobilize a moving Jeep by exploiting software vulnerabilities last week, Fiat Chrysler responded by patching the vulnerability in several Jeep, Dodge, and Chrysler models that were equipped with the Uconnect software that was hacked. How they went about issuing the patch, however, may just put the company’s customers further at risk.

Rather than simply treating the software patch as a traditional recall (i.e. requiring them to visit a service center and have an expert make the fix), Fiat Chrysler is mailing a USB thumb drive to owners of the affected cars. From there, the cars’ owners can plug the USB drive into the cars’ USB port to patch the software vulnerability. This seems like a convenient way to issue a recall for something that car owners can fix themselves. 

To read this article in full or to leave a comment, please click here

Network World Colin Neagle