NYT’s Churlish Vote Hacking Story Should Name Reality Winner

NYT has a story reporting that that there has been almost no forensic analysis to find out whether Russian attempts to tamper with localized voting infrastructure had any effect on the election.

After a presidential campaign scarred by Russian meddling, local, state and federal agencies have conducted little of the type of digital forensic investigation required to assess the impact, if any, on voting in at least 21 states whose election systems were targeted by Russian hackers, according to interviews with nearly two dozen national security and state officials and election technology specialists.

It’s a worthwhile story that advances the current knowledge about these hacks in several ways. It reveals that several other election services companies got breached.

Beyond VR Systems, hackers breached at least two other providers of critical election services well ahead of the 2016 voting, said current and former intelligence officials, speaking on condition of anonymity because the information is classified. The officials would not disclose the names of the companies.

It reveals a local investigation (which had already been reported) into one county that used VR systems, Durham, North Carolina, did not conduct the forensic analysis necessary to rule out a successful hack.

In Durham, a local firm with limited digital forensics or software engineering expertise produced a confidential report, much of it involving interviews with poll workers, on the county’s election problems. The report was obtained by The Times, and election technology specialists who reviewed it at the Times’ request said the firm had not conducted any malware analysis or checked to see if any of the e-poll book software was altered, adding that the report produced more questions than answers.

And it describes other counties that experienced the same kind of poll book irregularities that Durham had.

In North Carolina, e-poll book incidents occurred in the counties that are home to the state’s largest cities, including Raleigh, Winston-Salem, Fayetteville and Charlotte. Three of Virginia’s most populous counties — Prince William, Loudoun, and Henrico — as well as Fulton County, Georgia, which includes Atlanta, and Maricopa County, Arizona, which includes Phoenix, also reported difficulties. All were attributed to software glitches.

That said, the headline and the second framing paragraph (following the “After a presidential campaign scarred by Russian meddling” one above) suggest no one else has been looking at this question.

The assaults on the vast back-end election apparatus — voter-registration operations, state and local election databases, e-poll books and other equipment — have received far less attention than other aspects of the Russian interference, such as the hacking of Democratic emails and spreading of false or damaging information about Mrs. Clinton. Yet the hacking of electoral systems was more extensive than previously disclosed, The New York Times found.

That’s particularly churlish given that NYT’s story so closely resembles a superb NPR story published on August 10.

Both stories focus on Durham County, NC. Both stories start with an extended description of how things went haywire as people showed up to vote. Both rely heavily on someone who worked Election Protection’s help lines on election day, Susan Greenhalgh.

It’s not just NPR. One of NYT’s other premises, that no one knew how many states were affected, was reported back in June by Bloomberg (which gave an even higher number for the total of states affected). Another detail — that local officials still don’t know whether they’ve been hacked because they don’t have clearance — has been reported by Motherboard and NPR, among others.

And, like both the NPR Durham story and the Bloomberg one, NYT also invokes the Intercept’s report on this from June.

Details of the breach did not emerge until June, in a classified National Security Agency report leaked to The Intercept, a national security news site.

But unlike Bloomberg (and like NPR) NYT doesn’t mention that Reality Winner is in jail awaiting trial, accused of having leaked that document (as I noted about the Bloomberg article, it’s highly likely the multiple “current and former government officials” who served as sources for this story won’t face the same plight Winner is).

I get that outlets may have a policy against naming someone in a case like this. But if you’re going to claim people aren’t paying attention to this issue, it’s the least you can do to actually inform readers that someone risked her freedom to bring attention to the matter, and the government has successfully convinced a judge to prohibit her from even discussing why leaking the document was important.

By all means, let’s have more analysis of whether votes were affected. But let’s make sure the people who are actually trying to generate more attention get the credit they deserve.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

11 replies
  1. SpaceLifeForm says:

    Nice. Finally waking up but really stealing stories because they were lazy.

    Why does media rely on ‘leaks’ so much?
    Why can’t they do real Independent investigations which used to happen 4 or 5 decades ago?

    Because money.

    The media is basically under a version of regulatory capture.

    It costs a lot to do in-depth long-term investigations.

    Much more profitable to just publish what they are ‘fed’.

    They are the ‘product’.

    Back to the other point of Marcy’s post, I.E. the voting problems,

    gee, it’s almost like Gucifer2.0 did not do what she/he said they would do regarding election monitoring.

    I certainly have seen nothing from Gucifer2.0 pointing out any voting problems.

    Anyone seen anything from Gucifer2.0 on this issue?

    Anyone?

    Yeah, I thought so.

    • Evangelista says:

      “It costs a lot to do in-depth long-term investigations.”

      It takes intelligence and effort and requires ability to think critically and in continuities, in depth and in breadth, to assemble a subject fabric, and then ability to critique the constructed fab ric for holes, runs, ladderings, loose-ends and all the rest.

      All way more than  modern ‘journalists’ are willing or able to invest.

      So, instead, we have breathless bloviating, serial updating, with no fundamental fact-checking (“But all of it is fact-checking!”  Except it isn’t fact-checking when a last lie, or accepted renditiion, is assigned to support the next, or, later, additional fabrications on down the Yellow-Narrative Road)…

      The results that we see and read are creative-narrative writings, back-fence gossip glorified, bullshit collaged and resined to be made “history”…

    • dev null says:

      Not precisely to the point, but …

      Ceterum censeo Novem Pravdem esse delendam. (h/t wiki)

      Or more pithily (is “pithily” a word?) …

      Nova Pravda (“all the shit that fits we print”) delenda est. [/rant]

      “Afflict the afflicted; comfort the comfortable.”

      You’d be pith’d too …

  2. SpaceLifeForm says:

    OT: In the city that never sleeps, some will find that this will be their personal nightmare

    http://www.thedailybeast.com/exclusive-mueller-enlists-the-irs-for-his-trump-russia-investigation

    But the team-up between the IRS and Mueller probe could come with political complications. Mueller has already taken some criticism for the number of Democratic donors on his team. Those critiques intensified yesterday, when word leaked that Mueller was coordinating some of his activities with New York State Attorney General Eric Schneiderman, a long-time Trump adversary.

    The fact that there is not a senate-confirmed Assistant Attorney General for the Tax Division, and that the Trump people have disregarded it despite warnings as far back as December that they needed to fill the AAG’s spot… shows what a self-created mess the Trump administration has found itself in,” said the former prosecutor, who requested anonymity to speak candidly. “They have no one to keep Mueller and his Brooklyn team honest. They should be concerned about that.”

    [Keeping them honest? That is a weird comment]

  3. SpaceLifeForm says:

    OT: SS7

    I keep beating this dead horse. My arms are tired, and the stench is strong. But now we are getting better traction. There be doc.

    http://www.thedailybeast.com/telecoms-knew-about-spying-loophole-for-decades-did-nothing

    But at least some members of the telecom community have known about the serious security issues in SS7 for nearly two decades, according to a document reviewed by The Daily Beast. The news highlights the snail’s pace at which the industry has addressed glaring holes in the world’s mobile infrastructure, leaving U.S. citizens and others around the world open to spying.

    https://www.documentcloud.org/documents/3984374-ETSI-Document-with-SS7.html

    [It’s all about black budget money for telcos]

  4. lefty665 says:

    The reports coming out of Richmond, and adjacent Henrico County on election day ’16 were that there were fewer than expected problems. The headline issue out of Henricio was that very high turnout in some precincts created long lines could cause them to be split in the future.

    Henrico reported a jammed optical scanner at one precinct and two computers that failed at another because workers had failed to load e-vote software. Although slower, lookups on paper voter rolls worked just fine. It appears that you can take Henrico County off the list of hacking suspects.

    Around the state there were a few and varied machine problems as well as some longstanding issues with Department of Motor Vehicles registered voters. Pretty much what you’d expect, and better than some prior years in part because Virginia ditched touch screen machines in ’15. The headline might be “Despite suspected Russian hacking Virginia’s voting systems worked better than ever”.

    Given the documented interest Russia showed in poking around in our electoral systems it is wise to pay attention. But it is not wise to attribute predictable glitches in a large and very diversified system staffed in many cases by people with modest training and few technical skills to Russian hacking. Our own homegrown liveware is perfectly capable of screwing things up on their own.

    http://www.richmond.com/news/problems-at-the-polls-in-richmond-long-lines-premarked-ballot/article_cc73cf63-6319-5c81-8192-95b86ca03f37.html

    • emptywheel says:

      Thanks for that lefty. I agree about glitches: I’ve done voter protection enough to know that what we saw this year looks normal (though I worked at a whiter precinct, my own, as compared to 2012 and 2008, where problems were rampant, but that’s partly bc of the more transient population). That said, the people who got struck from the polls may be a problem.

      • lefty665 says:

        Tks. Your prior comments were right on the money too. Large scale GOP efforts to disenfranchise minority voters are a clear and persistent threat to voting rights. Fortunately (??) they are usually high profile so we can at least see them and oppose them. That has not changed since the days of poll taxes and literacy tests.

        Maybe the old advice “To relieve crowding Dems vote on Tuesday, Repubs vote on Wednesday” should be publicized :)

Comments are closed.