- 2016年8月，發現 elections.kennesaw.edu （隸屬KSU，儲存選舉數據）有安全漏洞：内容管理系統Drupal兩年之後仍未更新，儘管相關補丁2014年9月就已經發佈；軟件公司聲明話如果補丁發佈之後7個鐘無更新，就可以認爲個server已受侵害
in August 2016 I discovered serious vulnerabilities affecting elections.kennesaw.edu. The website was misconfigured so that it leaked confidential election data and the version of its content management system, Drupal, was out of date and vulnerable to a well-known exploit called drupageddon. An announcement from the Drupal security team on October 29, 2014 details how severe this vulnerability is, stating that if a vulnerable Drupal server was not updated within 7 hours of the announcement it should be assumed compromised.
The server running elections.kennesaw.edu was taken offline on March 2nd, 2017 after KSU was notified a second time the server was still leaking sensitive election data. A forensic image of this server was created on March 6th, 2017 by the FBI.
- server log淨係去到2016年11月10日，之後就唔見（大選兩日之後）
- 投票機上邊嘅BallotStation系統（而家佐治亞個版本係4.5.2!）極有可能被hacker利用，之前嘅版本4.3.15已被踢爆有類似漏洞（安裝文件包含DES key明文F2654hD4，呢條key一早就街知巷聞，用來破解投票機應該輕而易舉 ）
- 佐治亞選舉由Kennesaw State University下屬選舉系統中心（Center for Elections Systems，CSE）提供技術支持，而CES就係用 elections.kennesaw.edu 做主要server
- 呢個server儲存嘅重要資料有：BallotStation系統安裝文件，會裝落投票機度；佐治亞選民登記冊，包含可辨認嘅個人信息（personally identifiable information）；佐治亞各種選舉嘅管理軟件下面嘅數據庫
2014年12月2日，即係軟件公司發佈補丁三個月之後，個server仲未更新，有人創建咗用戶“shellshock” （shellshock本身就係安全漏洞嘅名 ，利用呢個漏洞可以操控成個server），之後出現以下活動
- 12/2/2014 10:45 – the user mpearso9 is modified using the Webmin console
- 12/2/2014 10:47 - shellshock user created using Webmin console
- 12/2/2014 10:49 - /home/shellshock/.bash_history last modified
- 12/2/2014 11:02 - /home/shellshock/shellsh0ck file is deleted
- 12/2/2014 11:06 - bash patched to version 4.2+dfsg-0.1+deb7u3 to prevent shellshock
- 12/2/2014 11:40 - shellshock user disabled using Webmin console
投票機上邊嘅BallotStation系統（而家佐治亞個版本係4.5.2!）極有可能被hacker利用，之前嘅版本4.3.15已被踢爆有類似漏洞（安裝文件包含DES key明文F2654hD4，呢條key一早就街知巷聞，用來破解投票機應該輕而易舉 ）
- DES key得56位，用窮舉就可以破解，70年代中期開始就漸漸唔興
The Diebold debacle is fascinating chronicle of corporate irresponsibility, hubris, incompetence, political chicanery, and power politics.
Diebold's story is a shining example of the voting machine industry's heritage of stupidity and arrogance and the public's tolerance of proprietary electronics and software that have never been adequately tested by impartial, legitimate domain experts.
A group of Georgia voters and a Colorado-based watchdog organization filed a lawsuit late Monday asking a judge to overturn the results of last month’s 6th Congressional District special election and scrap the state’s voting system.
The complaint, filed in Fulton County Superior Court, alleges that state and local election officials ignored warnings for months that Georgia’s centralized election system — already known for potential security flaws and lacking a paper trail to verify results — had been compromised and left unprotected from intruders since at least last summer.
October 27, 2017 APNewsBreak: Georgia election server wiped after suit filed
The server’s data was destroyed July 7 by technicians at the Center for Elections Systems at Kennesaw State University, which runs the state’s election system. The data wipe was revealed in an email sent last week from an assistant state attorney general to plaintiffs in the case that was later obtained by the AP. More emails obtained in a public records request confirmed the wipe.
After declining comment for more than 24 hours, Kennesaw State’s media office issued a statement late Thursday attributing the server wiping to “standard operating procedure.” It did not respond to the AP’s question on who ordered the action.
The Kennesaw elections center answers to Georgia’s secretary of state, Brian Kemp, a Republican running for governor in 2018 and the suit’s main defendant. His spokeswoman issued a statement Thursday saying his office had neither involvement nor advanced warning of the decision. It blamed “the undeniable ineptitude” at the Kennesaw State elections center.
June 16, 2017 AP Georgia official discounts threat of exposed voter records
Lamb discovered the security hole as he did a search of the website of the Center for Election Systems at Kennesaw State, which manages voting statewide. There, he found a directory open to the internet that contained not just the state voter database, but PDF files with instructions and passwords used by poll workers to sign into a central server used on Election Day. Lamb said he downloaded 15 gigabytes of data, which he later destroyed.
The directory of files “was already indexed by Google,” Lamb said in an interview — meaning that anyone could have found it with the right search.
“I don’t know if the vote could have been rigged, but compromising that server would have served as a great pivot point and malware could have been planted easily,” he added.
NOV 14, 2017 https://www.wabe.org/two-georgia-election-servers-timeline/
Lamb notified Merle King, the executive director of the KSU Center for Elections Systems, where a server (elections.kennesaw.edu) was housed that contained the information Lamb accessed. King pressed Lamb not to talk to anyone about what he’d found.
Information security specialist Christopher Grayson accesses the server at the Center for Elections Systems and finds the same information discovered in August by Lamb is still available.
1st: Grayson contacts a friend, Andy Green, who teaches IT security at KSU. Green discovers the vulnerability for himself and contacts KSU’s Chief Information Security Officer, Stephen Gay. Gay alerts the Center for Elections Systems of an “alleged data breach” on the server (elections.kennesaw.edu). The KSU information security office seizes the server.
3rd: KSU turns the server (elections.kennesaw.edu) over to the FBI, which has recently opened an investigation into the breach.
A 180-page collection of Kennesaw State emails, obtained Friday by the Coalition for Good Governments via an open records search, details the destruction of the data on all three servers and a partial and ultimately ineffective effort by Kennesaw State systems engineers to fix the main server’s security hole.