Last Updated: 2008-11-06 16:36:18 UTC
by donald smith (Version: 3)
You probably have heard of voting machines that have various security issues.
This article isn't about that. In attempting to hack the election the "politically motivated"
have tried methods other then breaking into the voting machine infrastructure.
I have heard reports of automated phone calls, sms and seen email intended to convince
the receiver that they should vote the day after the election.
Why would you want to convince people to vote late, because that means they didn't
get to vote? People are great procrastinators given an option of doing something today or
doing something tomorrow many of us choose tomorrow;)
This is an email with headers that was sent to George Mason distribution list.
Received from caduceus1.gmu.edu ([18.104.22.168]) by mercury1.gmu.edu (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) with ESMTP id <0K9S00CFRQAJRMF0@mercury1.gmu.edu>; Tue, 04 Nov 2008 01:35:07 -0500 (EST)
Received from cronus.gmu.edu ([22.214.171.124]) by caduceus1.gmu.edu (Sun Java System Messaging Server 6.2-2.05 (built Apr 28 2005)) with ESMTP id <0K9S00AZLQ20TAA0@caduceus1.gmu.edu>; Tue, 04 Nov 2008 01:35:07 -0500 (EST)
Received from ironport2.gmu.edu (ironport2.gmu.edu [126.96.36.199]) by cronus.gmu.edu (8.13.4/8.13.4) with ESMTP id mA46SYhN028499; Tue, 04 Nov 2008 01:28:43 -0500 (EST)
Received from mail04.gmu.edu ([188.8.131.52]) by ironport2.gmu.edu with ESMTP; Tue, 04 Nov 2008 01:28:42 -0500
Received from LISTSERV.GMU.EDU (mail04.gmu.edu [184.108.40.206]) by mail04.gmu.edu (8.11.7p3+Sun/8.11.7) with ESMTP id mA46Sg429402; Tue, 04 Nov 2008 01:28:42 -0500 (EST)
Received by LISTSERV.GMU.EDU (LISTSERV-TCP/IP release 14.4) with spool id 2611076 for ANNOUNCE04-L@LISTSERV.GMU.EDU; Tue, 04 Nov 2008 01:26:42 -0500
Received from ironport2.gmu.edu (ironport2.gmu.edu [220.127.116.11]) by mail04.gmu.edu (8.11.7p3+Sun/8.11.7) with ESMTP id mA46Gg427221 for <ANNOUNCE04-L@mail04.gmu.edu>; Tue, 04 Nov 2008 01:16:42 -0500 (EST)
Received from m154.prod.democracyinaction.org ([18.104.22.168]) by ironport2.gmu.edu with ESMTP; Tue, 04 Nov 2008 01:16:42 -0500
Received from [10.15.20.114] ([10.15.20.114:39637] helo=web4.mcl.wiredforchange.com) by mailer.mcl.wiredforchange.com (envelope-from <firstname.lastname@example.org>) (ecelerity 22.214.171.124 r(26825/26826)) with ESMTP id BC/ED-21096-AC8EF094; Tue, 04 Nov 2008 01:16:42 -0500
Date Tue, 04 Nov 2008 01:16:42 -0500
From Office of the Provost <email@example.com>
Subject Election Day Update
Sender ANNOUNCE04-L <ANNOUNCE04-L@mail04.gmu.edu>
Content-type multipart/alternative; boundary="----=_Part_3017_30982749.1225779402108"
X_DIA_Originating_IP : 126.96.36.199
X_DIA_Source : Host:web4.mcl.wiredforchange.com DB org
X-IronPort-AV E=Sophos;i="4.33,541,1220241600"; d="scan'208";a="55510806"
X-IronPort-AV E=Sophos;i="4.33,541,1220241600"; d="scan'208";a="55510203"
Comments To: ANNOUNCE04-L@mail04.gmu.edu
To the Mason Community:
Please note that election day has been moved to November 5th. We apologize for any inconvenience this may cause you.
Peter N. Stearns
Brian Krebs does a good job of covering this here:
These tricks aren't new they are just upgraded for the Internet and the mass
messaging capabilities that has created.
This is a list of "dirty tricks" from the 2004 election.
Putting flyers on the door is a bit risky, calling from your home phone is a bit risky,
sending sms spam, email spam, etc ... is fairly safe. Just do it from a compromised system
in another nation, via an open mail relay and chances are you'll never get caught (sigh).
Thanks to our friend and fequent contributor Juha-Matti we have the text of the SMS's being sent
"Due to long lines if you are voting for Barack Obama you can vote tomorrow"
"Due to long lines, all Obama voters are asked to vote tomorrow".
The orginating phone number is reportedly 505-507-6041.
It appears both of the campaings were hacked.
"The computer systems of both the Obama and McCain campaigns were victims
of a sophisticated cyberattack by an unknown "foreign entity," prompting
a federal investigation, NEWSWEEK reports today."