One Political Plaza - Home of politics
Home Active Topics Newest Pictures Search Login Register
Main
Arizona IT and E******ns Expert: E******ns Assistance Commission Was Aware That Machines Could Be Hacked in Minutes
Aug 1, 2022 06:47:47   #
ACP45 Loc: Rhode Island
 
Quite an interesting but rather long article about the court testimony of an IT Expert Clay Parikh. Here is his background and qualification:

"Parikh is the lead information systems security officer for the ground missile defense system for Northrop Grumman. Prior to that, he worked for Lockheed Martin and Leidos through their merger as the deputy cyber manager for the Army Corps of Engineers.

But it’s his prior work that is of particular relevance to this case: from 2008 to 2017, he worked as a security tester and a security subject matter expert for Wyle Laboratories and Pro V&V. Parikh claims to have tested hundreds of v****g systems, including the D******n and ES&S v****g machines throughout his career as part of the certification process for the EAC and Secretaries of State. He holds a CISSP certification (Certified Information System Security Professional), as well as certification as an ethical hacker and a certified hacking forensics investigator."

One of the interesting findings in his testimony was to"confirm that “some” machines were connected to the internet, he also confirmed that even the ones that seemingly weren’t still had available ports open to allow connection."

Another interesting piece of information is, "LaRue (cross examining attorney) also got Parikh to confess that the testing laboratories he worked for would not let him run certain tests: “…the point I’m trying to get to is…the labs told me not to do certain tests. They will not allow me to do certain tests.” Why would the testing labs try to restrict a certified tester from doing certain tests? You would think a testing lab paid by the state or local government would definitely want to ensure the machines were safe and secure no matter what testing was necessary! But that would imply that the state funds these testing labs. They don’t. The v****g machine vendors pay them. You read that correctly: the v****g machine companies pay the testing companies to certify that the v****g machine companies software is safe and secure."

Finally, "And in the final redirect, plaintiff’s attorney asked about the ES&S DS200 machines. He specifically inquired if he was able to hack them and how long it took. Parikh said that he was “stopped from going further.” He said he wanted to continue and “actually get in and control the software because you can actually manipulate [sic] the statistical data on the system.

In summary:

"In a 20 minute testimony with two attorneys on the cross-examination and a redirect, Clay Parikh revealed that the testing labs:

- Restrict testers from showing vulnerabilities

-Stop testers from going further into the machines in a way that could allow for software manipulation of the statistical data.

-The EAC has been sent reports of all of Parikh’s hackings, which took minutes, and were done in a professional testing environment.

-The v****g machines can connect to the internet and that even the ones that aren’t connected still have open ports and means by which to connect.

-D******n rewrote their Democracy Suite software in 2018"



https://www.thegatewaypundit.com/2022/07/e******ns-assistance-commission-aware-machines-hacked-minutes/

Reply
Aug 1, 2022 07:56:26   #
vernon
 
ACP45 wrote:
Quite an interesting but rather long article about the court testimony of an IT Expert Clay Parikh. Here is his background and qualification:

"Parikh is the lead information systems security officer for the ground missile defense system for Northrop Grumman. Prior to that, he worked for Lockheed Martin and Leidos through their merger as the deputy cyber manager for the Army Corps of Engineers.

But it’s his prior work that is of particular relevance to this case: from 2008 to 2017, he worked as a security tester and a security subject matter expert for Wyle Laboratories and Pro V&V. Parikh claims to have tested hundreds of v****g systems, including the D******n and ES&S v****g machines throughout his career as part of the certification process for the EAC and Secretaries of State. He holds a CISSP certification (Certified Information System Security Professional), as well as certification as an ethical hacker and a certified hacking forensics investigator."

One of the interesting findings in his testimony was to"confirm that “some” machines were connected to the internet, he also confirmed that even the ones that seemingly weren’t still had available ports open to allow connection."

Another interesting piece of information is, "LaRue (cross examining attorney) also got Parikh to confess that the testing laboratories he worked for would not let him run certain tests: “…the point I’m trying to get to is…the labs told me not to do certain tests. They will not allow me to do certain tests.” Why would the testing labs try to restrict a certified tester from doing certain tests? You would think a testing lab paid by the state or local government would definitely want to ensure the machines were safe and secure no matter what testing was necessary! But that would imply that the state funds these testing labs. They don’t. The v****g machine vendors pay them. You read that correctly: the v****g machine companies pay the testing companies to certify that the v****g machine companies software is safe and secure."

Finally, "And in the final redirect, plaintiff’s attorney asked about the ES&S DS200 machines. He specifically inquired if he was able to hack them and how long it took. Parikh said that he was “stopped from going further.” He said he wanted to continue and “actually get in and control the software because you can actually manipulate [sic] the statistical data on the system.

In summary:

"In a 20 minute testimony with two attorneys on the cross-examination and a redirect, Clay Parikh revealed that the testing labs:

- Restrict testers from showing vulnerabilities

-Stop testers from going further into the machines in a way that could allow for software manipulation of the statistical data.

-The EAC has been sent reports of all of Parikh’s hackings, which took minutes, and were done in a professional testing environment.

-The v****g machines can connect to the internet and that even the ones that aren’t connected still have open ports and means by which to connect.

-D******n rewrote their Democracy Suite software in 2018"



https://www.thegatewaypundit.com/2022/07/e******ns-assistance-commission-aware-machines-hacked-minutes/
Quite an interesting but rather long article about... (show quote)


l

These v****g machines should be done away with. go back to paper b****ts . and have the count done at the precinct .This hauling v**es to central locations is the open door to c***ting.

Reply
If you want to reply, then register here. Registration is free and your account is created instantly, so you can post right away.
Main
OnePoliticalPlaza.com - Forum
Copyright 2012-2024 IDF International Technologies, Inc.