Stanart pushes back on election security claims

Our County Clerk is not happy with recent stories about the potential for vulnerability in our election systems.

Despite reports from federal intelligence agencies and media outlets of Russia’s widespread targeting of state and local elections around the country and in Texas, election administrators in the nation’s third-largest county say Vladimir Putin’s government does not pose a unique or heightened cybersecurity threat.

Harris County Clerk Stan Stanart said his office, which runs local elections, has a slew of checks in place to prevent hackers from tampering with the vote, including multiple backed-up voter registration databases that are kept offline. He said reports produced by voting machines before every election ensure the machines do not come pre-loaded with votes and after the election allow the county to cross-check against final tallies to make sure the vote is not manipulated.

While most observers and experts agree Russia exemplifies a new threat to election infrastructure nationwide, Stanart said the county faces no greater risk from Russia today than threats going back to the 1980s. He also challenged the veracity of reports that the Kremlin had attempted to coordinate widespread attacks on state and local election systems in 2016.

“Where’s the evidence?” Stanart said. “I would really question that.”

[…]

Bloomberg reported in June that Russian hackers “hit” voter databases and software systems in 39 states, in some cases penetrating campaign finance databases and software used by poll workers, and attempted to alter or delete voter data in Illinois.

Also last month, the Dallas Morning News published a story that election officials there had found attempts to hack their election system ahead of the November election. The newspaper reported that election officials there cross-referenced hundreds of suspicious or possibly Russian-linked IP addresses provided to them by the U.S. Department of Homeland Security against those that had attempted to access Dallas County servers in early October and found 17 matches.

Stanart said his office has not seen that list of IP addresses. Dallas County election officials did not respond to a request for comment.

[…]

Harris County officials refuse to answer whether they saw any attempts to penetrate the county’s systems. While Stanart himself said he has not found that Russian-linked hackers targeted the local election system, he acknowledged that other county security officials could have found and stopped such attempts before they reached his office.

Those officials repeatedly have not answered questions about whether they saw such a threat.

Bruce High, the chief information officer and executive director of the county’s Central Technology Services, has acknowledged a recent “spike” in attempts to hack Harris County servers from outside of America’s borders, but has declined to explain when the spike began, what is being targeted and where the hack attempts are coming from.

See here for the background. I received some feedback from the County Clerk’s office following the publication of that piece, including a fuller response from Stan Stanart that I believe is intended to be an op-ed in the Chronicle that specifically disputed several of the claims made by Dan Wallach. I’m printing it here beneath the fold for your perusal. Beyond that, I don’t understand why the County Clerk says it has not seen the aforementioned list of Russian IP addresses, nor do I understand the reluctance by Harris County to discuss their cybersecurity measures in any depth. I don’t expect them to lay out their defense plans in detail, but some reassurance beyond “trust me” that they’re on the job would be nice. Maybe trot someone out who can at least speak the lingo or something like that, I don’t know. This is a legitimate thing for voters to be concerned about, and we have a right to expect those concerns to be addressed in a more responsive fashion than what we are getting.

Harris County Clerk Stan Stanart responds:

First and foremost, the title of the article “Harris County’s vote isn’t safe from the Russians” is unproven, misleading, factually inaccurate, and highly inflammatory. (Editor’s note: The headline has been changed to reflect the current nature of this article, including Stanart’s response. Wallach stands by the original headline.)
Apparently, the author is purposely misleading or is unfamiliar with the security of Harris County’s voting system as there are many inaccuracies in the article. The comment in the first paragraph, “the Russians might attempt to simply delete voters altogether,” does not take into account that voter registration does daily backups, that there are logs of every change made, and that the Secretary of State obtains copies nightly of any changes or updates made to the voter roll.

In addition, my office receives daily all updates to the voter roll. We back up these daily and store them on and offsite. There are many other processes in place to identify suspicious activity and we have the ability to restore a previous version, if it was ever needed. The copy of the voter roll on the voter registrar’s website, or HarrisVotes.com, is a separate system that is used by the voter for finding their polling location is simply one of many copies and not the official version used to conduct an election. How can any rational person really believe that the Voter Registrar’s copies and backups, the County Clerk’s copies and backups, and Secretary of State’s copies and backups could be hacked at the same time without anyone noticing?

The statement by the author that “an attacker need only tamper with a single voting machine. After that, the infection can spread “virally” to every machine in the county” is ridiculous.

Apparently, there is an attempt to deceive or a total lack of knowledge of the software on the Hart eSlate voting machines. The software is very specific in its functionality; and does not contain the functionality to download code from another unit so as to spread a virus to other machines when connected. In addition, even if the functionality was there, the connections are limited to a single string of 1-12 voting machines making it impossible to spread to “every machine in the county”.

We run hash code tests to verify the integrity of the voting software code and the only thing that changes from election to election is the ballot specific items such as candidates and propositions. We also run a publicly held logic and accuracy test that is overseen by appointees from both major political parties for every election to ensure that the voting machines are accurately recording the vote.

The accusation that the voter tabulation system is running windows 2000 is simply false. All tabulation systems are running on Windows 7. In addition, these machines are never connected to any network, that includes the county network or to the internet. There is no access or opportunity for hacking, mischief or manipulation.

The author states that we need a major upgrade to our systems so that voters can verify their polling locations. Apparently, he has never visited Harrisvotes.com during an election cycle because I put this in place approximately five years ago. HarrisVotes.com runs on a separate copy of the voter roll so that the voter can see their polling locations, print their personal sample ballot, and obtain a Google map to their voting location.

The author once again is wrong when he states that we need an online database to track voters who cast votes during early voting. Harris County has been doing this for over a decade. Per Texas Election code, we provide the list of early voters the next day.

I understand the author has considerable time invested in the Star-Vote system that he worked on with the Travis County Clerk. Our understanding is the system is not complete and has not been certified by Federal Election Assistance Commission or the Texas Secretary of State making it illegal for us, or any county in Texas to use it. Harris County has a significant investment in our current Hart eSlate voting system. We should be able to easily get an additional five years of use from our existing technology after which, we will be evaluating the most current and secure election technology at that time to be the replacement product. As the author mentions, he was part of the team that evaluated the Hart eSlate voting system in California and attempted to manipulate it for eight weeks and was unable to change any votes, add any votes, or corrupt any votes.

The concept of taking off-the-shelf computers without them going through a full testing cycle is dangerous. Off-the-shelf equipment has firmware that’s embedded within the machine that is more susceptible to hacking than the technology in the secure Hart machines used in Harris County.

In the earlier years of my career, I was the manager of BIOS Development and Test for consumer PCs at Compaq computer. I have extensive knowledge and experience in the internals of a personal computer. Without fully testing every piece of code that could actually run on a PC including the BIOS and all the firmware, and operating system of a computer, it is not possible to ensure the integrity of the whole system.

This is why the Federal Elections Assistance Commission has voting machines standards and a full suite of tests that a voting machine must pass to ensure the integrity of a voting system. The complexity of a complete operating system whether that be Windows, Apple’s IOS, Android, etc., makes it much much more complicated to fully test all of the potential code that could interact with any voting software. That is why having a very small, special-purpose, dedicated operating system that does not have the ability to transmit viruses is a much more secure and safe system to have as the basis for our voting machines.

Related Posts:

This entry was posted in Local politics and tagged , , , , , , , . Bookmark the permalink.

21 Responses to Stanart pushes back on election security claims

  1. neither here nor there says:

    This is a crucial position, the best Democrat needs to run for that position. Please don’t bring out her majesty, she won with negative campaigning and lies, Trump lite.

  2. Stan is a good guy. He has good people at that office. I am not concerned. Maybe Russia helped the County turn blue in the last election.

  3. neither here nor there says:

    Good does not equal qualified, he does work well with Republicans.

  4. Bill Daniels says:

    @Neither: Do you hate all women, or just women of pallor?

  5. neither here nor there says:

    I love my wife, I loved my mother now deceased, I love my sisters.

    Unlike you Bill I don’t care for the “white walkers”.

    Popeye, sticks and stones … have a great day Bill, but are you suggesting that Stan is not what he appears to be?

  6. Neither,

    Stan is a public servant. He will work for all citizens of Harris County.

  7. neither here nor there says:

    Paul, there is a reason why people run as an R or a D. In a world where everything is perfect, I would agree.

  8. Neither,

    I just really like Stan that is all. On another note take a at the Congressional Republicans and Obama Care. What a bunch of losers.

  9. neither here nor there says:

    I am too old, but the day will come when the United States has a single payer system similar to Medicare. It is a lot cheaper for the vast majority of people that depend on insurance. More of us than millionaires.

    I don’t him, but people that do say he is very nice individual. Just pissed at the Republicans for the way they have gone to, when someone gets elected by riling people up with comments like;

    “Trump has always described unauthorized immigrants in harsh, disparaging terms. But here he went further, spinning a lurid and explicit tale of extreme violence against innocent people.

    “You’ve seen the stories about some of these animals,” said the president.
    They don’t want to use guns, because it’s too fast and it’s not painful enough. So they’ll take a young, beautiful girl—16, 15, and others—and they slice them and dice them with a knife because they want them to go through excruciating pain before they die. And these are the animals that we’ve been protecting for so long. Well, they’re not being protected anymore, folks.”

    That statement was made two days ago.

  10. Bill Daniels says:

    @Neither:

    Trump’s talking about street gangs, notably including MS-13. You’re really going to claim victimhood because Trump calls a spade a spade? Trump’s mounting an assault on these gangs, especially in the sanctuary cities where they perpetrate their terrorism with protection from the local governments.

    Keep it up and watch another shellacking in ’18, because most Americans don’t support violent street gangs, even if their membership does include undocumented immigrants.

  11. neither here nor there says:

    Bill I was expecting you to come back with BS like that, that is how the Black person has become a monster to way too many white folks. Hope the Budda are right and you come back as a Black person in your next life.

    White people are mass murders and serial killers, should we be scared of white males?

    Remember Central Park and Trump, they were innocent but they were dark skinned persons. I have no love for racists or bigots.

    Why so much hate for “Undocumented” folks Bill?

  12. Bill is correct about the street gangs. However, I don’t know about 2018. The Republicans are doing the best they can to show how they can’t govern. It would seem to me that the position of a lot of the progressives is that if you are white and you complain about the crime committed by criminal illegals then you are just as bad as those people committing those crimes. Just like the current Harris County Bonding Issue. 30% of the innocent people waiting for trial (who got free bonds) failed to appear in court. I have no idea why they didn’t show up.

    https://www.click2houston.com/news/investigates/concerns-raised-over-new-harris-county-bail-system

    After watching the Republicans mismanage and I think I am about to start voting Democrat again I come here and I am reminded of the problems of the current Democrat party.

  13. neither here nor there says:

    Paul, if Trump said we are going after street gangs, or maybe Aryan Brotherhood, IF, but he singled out a gang that is associated with undocumented folks, who happen to look Mexican.

    Bill thinks that one must hate undocumented to be against illegal immigration, I have been against it long before it became popular among so many people. I have seen how it disrupts the people who are displaced by them, the other “Legal” brown folks are usually first.

    I have also seen the profiling effects.

    Criminals are criminals regardless of their status. I have voted Republican most of my adult life, but they have gone too far. I am a fiscal conservative and believe in a strong military. I really don’t care what people are, straight or not, I believe that Jesus will judge those that abort, I don’t have, but I am pro-life but I am not a woman. I don’t like the Harris County Democrats but see the Republicans as being anti people that are not white, of course there are exceptions.

  14. Bill Daniels says:

    @Neither:

    Your hatred of women leads you to support criminal gangs like MS-13, because they hurt women, including American women. What you fail to grasp, however, is that their victims aren’t only female. They kill, rob, extort and otherwise victimize men, too, both undocumented and legal men.

  15. neither here nor there says:

    Bill do your Republican friends and probably racists and bigots practice what to say that has no logic?

    So Bill why do you hate “Undocumented Folks” so much?

    Bill why would you assume that my intelligence is at the same low level? In fact because this is not a Republican blog the level of intelligence of the readers is much higher.

  16. Flypusher says:

    Bill, what Trump is doing is straight out of the Nazi playbook. He’s scapegoating a group of people, and while he may be citing facts about how bad MS-13 is, he’s doing so without the proper context and perspective. But you’re OK because they’re not coming for you, I imagine. And telling police to deliberately injure suspects- what a touch of class!

    You want to go after gangs, I’m fine with that. But that includes the Bloods and the Crips and the Aryan Brotherhood and all the rest of them, not just those with undocumented people.

  17. PDiddie says:

    Glad to see you’ve finally taken up the ‘So-and-so responds’ mantle Carl Whitmarsh left behind. Now if you could just start a listserv with ten thousand Democrats on it, that would be cool. ;^)

  18. Bill Daniels says:

    @Fly:

    Trump’s law and order platform is going to help him keep his promise to the inner city poor, mainly minority people, and Trump is taking the gloves off. Those inner city denizens suffer the most from crime, and from criminals making their cities no-go zones for law abiding citizens.

    If you and Neither aren’t happy with enforcing our criminal laws, I tell you the same thing you always tell me…..contact your legislators and have the law changed. Tell them you want open borders, tell them you want the law to read “no person is illegal,” tell them you want the law changed to stop persecution of people who commit crimes. Why not repeal the laws requiring driver’s licenses and car insurance, too? Those laws are obviously racist.

    Is Trump scapegoating criminals? Sure. That’s good. No, that’s great! They should be living in fear They should be thinking, “hey, maybe I should stop committing crimes, because this time I won’t get a slap on the wrist when caught.”

    Nazi tactics? LOL! Weak sauce argument, unless you think of our existing laws regarding immigration and crime are preexisting Nuremberg Laws. And let’s talk about SB4. Yes, it’s a new law, but all it does is make companion, state crimes out of already existing federal crimes, namely harboring and aiding the undocumented. But wait, it’s even more narrow in scope, because it only addresses public servants who harbor and aid undocumented folks who commit new crimes and end up in jail.

  19. Flypusher says:

    You Bill, are providing a perfect example of “those who fail to learn from history are doomed to repeat it”. The Nazis played up crimes committed by Jewish individuals just like Trump is doing with undocumented people:

    https://www.theatlantic.com/politics/archive/2017/03/trump-scapegoats-unauthorized-immigrants-for-crime/518238/

    This is how fascism gets started Bill. It doesn’t suddenly just leap out at you in its full grown, nasty, and easy to recognize form. It grows from things like scapegoating people, and hopes that not enough people call it out until it’s too late.

    So you also love more civil forfeitures without any convictions required? Ramping up the failed war on drugs? That’s what this administration is pushing under the guise of “law and order”. You’re fine with police deliberately injuring people when they arrest them? Trump just said that’s OK with him (kudos to Chief Acevedo and the other chiefs who rebuked that). As for the inner city regions that suffer from crime, you neglect to mention that more often than not the people there don’t trust the police, and they don’t trust the police based on a history of practices like stop and frisk, racial profiling, and coverups of police abuses. But Trump doesn’t want to admit to any of that, because that doesn’t fit his overly simplified view.

    I’ve never pushed for open borders, so don’t toss that red herring at me. I’ll repeat again what’s I’ve said many times- deal with the hypocrisy baked into the foundation of our system. Don’t put up that “help wanted” sign next to the “no trespassing” sign and act all shocked that we still have a problem.

  20. Bill Daniels says:

    Fly:

    Civil forfeiture without conviction of a crime is theft, plain and simple. Trump and Co. are waaaay wrong on that, and I’ll stand with my fellow libertarians and with you liberals to oppose that all day long. How this crap stands up in court, I have no idea. In fact, most of the “tea party” type Pubs I am friends with all feel the same. It’s bad, real bad. Now, war on drugs? Yeah, that’s wrong, too, but here’s the thing. You want to stop that, change the law. It’s said that the very BEST way to get a bad law changed is to strictly enforce it, which sounds like what Sessions wants to do.

    Maybe Sessions is trying to force Congress to get off its ass and do what they are supposed to do. Most of the country wants pot legal for recreation (excepting minors, of course). Congress won’t do anything to address that because special interests like policing agencies and Big Pharma don’t want it legal. As far as I am concerned, I hope Sessions does hammer down on marijuana, hard, to force changes in a bad law.

    As far as Trump telling cops to manhandle criminals, don’t be obtuse. He’s just telling them there’s a new sheriff in town, one that has their back, to contrast with the last eight years of open hostility. Nobody wants police abuses, and we have seen a few cases of that, like the two dead in Minnesota, but we’ve seen a lot more cases where people got exactly what they had coming to them, including some of the most infamous cases, like the Ferguson thug.

    One final thought……every time we have our own American Kristallnacht, it’s leftist agitators breaking the glass, not Trump’s people.

  21. Flypusher says:

    “It’s said that the very BEST way to get a bad law changed is to strictly enforce it, which sounds like what Sessions wants to do.”

    An even BETTER way would have been to not vote for authoritarian types like Trump who appoint authoritarian types like Sessions to cabinet posts.

    “Maybe Sessions is trying to force Congress to get off its ass and do what they are supposed to do.”

    Yeah right. This guy is on record for criticizing the KKK not for the racism, but because he found out some of them smoked pot. He’s not going to hammer down with the motive of making the hippy lettuce legal.

    “As far as Trump telling cops to manhandle criminals, don’t be obtuse. He’s just telling them there’s a new sheriff in town, one that has their back, to contrast with the last eight years of open hostility.”

    Sounds like you’re vying for Conway’s job as official liar there. Here is exactly what Trump said:

    ‘“When you guys put somebody in the car and you’re protecting their head, you know, the way you put their hand over?” Trump said, miming the physical motion of an officer shielding a suspect’s head to keep it from bumping against the squad car.
    “Like, don’t hit their head, and they just killed somebody — don’t hit their head,” Trump continued. “I said, you can take the hand away, okay?” ‘

    That is not “I’ve got your back.” That is also not “There’s a new sheriff in town.” It is, literally, Trump thinks it’s OK the bash a suspect’s head against the door frame. How convenient that you’ve also ignored all the condemnations of that statement from many police chiefs/ departments across the country. Of course we now have the “It was a joke” defense, in a clear demonstration of the Schroedinger’s Asshole phenomenon. Here’s what Houston’s Chief Acevedo said on Twitter about that: “To be clear, inappropriate attempt at gallows humor does not reflect values of respect & commitment to constitutional policing of profession”.

    “One final thought……every time we have our own American Kristallnacht, it’s leftist agitators breaking the glass, not Trump’s people.”

    Lame Bill, very lame. Kristallnacht was an example of state sponsored terror, targeting a specific minority group. The people you reference are punk-ass anarchist idiots who break stuff because they like breaking stuff. They aren’t set on terrorizing any specific group of people, and they don’t have any official endorsement or support. If you want to invoke a more accurate American analogy to Kristallnacht, try the KKK lynching people, bombing churches, and committing other acts of domestic terror in the decades between Reconstruction and the Civil Rights movement.

Comments are closed.