As Twitchy just reported, the Iowa Democratic Party, which still hasn’t released the final results from Monday night, just made “a minor correction to the last batch of results.” This follows reports from Monday night that the app the Democrats were using to transmit the results wasn’t working properly, as well as a report in late January from the Wall Street Journal that there were “major security concerns” with the app.
ProPublica reports that they obtained the app and did some testing, and found that a skilled hacker could easily intercept sensitive data, and possibly even change vote tallies.
NEW: We obtained the smartphone app behind the #iowacaucases fiasco and had it analyzed. Turns out a skilled hacker could intercept — and even change — vote tallies and other sensitive data if they wanted to. My latest w/ @JessicaHuseman https://t.co/qLghEaPRsu
— Jack Gillum (@jackgillum) February 5, 2020
Jack Gillum and Jessica Huseman report:
A glitch in the smartphone app used to count and report votes from individual precincts continues to delay results from Monday’s Iowa caucuses. But a closer look shows that the app had a potentially graver problem that apparently did not come into play: its vulnerability to hacking.
The IowaReporterApp was so insecure that vote totals, passwords and other sensitive information could have been intercepted or even changed, according to officials at Massachusetts-based Veracode, a security firm that reviewed the software at ProPublica’s request. Because of a lack of safeguards, transmissions to and from the phone were left largely unprotected.
Chris Wysopal, Veracode’s chief technology officer, said the problems were elementary. He called it a “poor decision” to release the software without first fixing them.
The app was developed by the “inexcusably secretive” Shadow, Inc., which is largely made up of Hillary Clinton campaign staffers.
this party does not deserve to exist
— the devil knows fire (@devilknowsfire) February 5, 2020
Iowa needs to be invalidated and moved to Super Tuesday as a Primary this cycle.
These results cannot stand.
— Alex (@AlexSheltman) February 5, 2020
" if they wanted to"
— Joji Teira (@joji_teira) February 5, 2020
Maybe the weakness was by design? We know that @dnc main job is not to hold primaries or promote any policies, but to prevent Sanders from winning. They cheated last time, and it seems they are doing it again…
— Helmholz Watson (@NatarajaWatson) February 5, 2020
Well wasn't that the plan?
— Annie_Bannany (@Annie_Bannany) February 5, 2020
Yep, as planned
— Covfefe Lover⭐️⭐️⭐️🇺🇸 (@VickieB35168664) February 5, 2020
Here’s a word from the DNC….. pic.twitter.com/w1lUak83Tb
— 🎶Del Paxton’s Piano🎶 (@Mark_Derr) February 5, 2020
“Hacker” aka the DNC.
— Jeremy au Barca (@ProgDownTicket) February 5, 2020
Problem sounds like a feature for a party interested in stopping Bernie
— the void shouts back (@but_rly_tho) February 5, 2020
Sounds like a feature rather than a mistake.
— HappyMemesForNeutralGoodFiends (@MemesFiends) February 5, 2020
— Nick Lyles (@NickLyles10) February 5, 2020
we all know what's coming next. Enter stage right on the political drama, the Russian Boogeyman. it's not manipulative little Lucifers wearing pastel sweaters like Robby Mook that we have to worry about, no no it's the Russians.
— Brian Heflin (@brianheflin2020) February 5, 2020
Which they probably left that backdoor open for a reason. To be exploited. And guess what, wasn't Russia, never has been. We got some good home cooked corruption , right here, domestically. They just want you to look the other way though
— E. Laufenburg❤️⌛ (@EvMclovin) February 5, 2020
Not even a skilled hacker – a child could have done this. No encryption, no CRC hash, no data integrity at all. Was this even a TCP connection? What destination port was this sent on?
— tara 🦝 (@hrtaddict) February 5, 2020
you don't even need to be a skilled hacker, you just need the app and the PIN that one of buttchug's guys 'accidentally' tweeted out
apps are bad, jack pic.twitter.com/VkLiQ5sFVF
— AngryBurner (@BurnerAngry) February 5, 2020
Have u asked @PeteButtigieg about his staff tweeting out login credentials for this app?
— Iowa caucus app dev (@HelpfulKraken) February 5, 2020
I saw app error screenshots that suggest each device was trying to directly connect to their database rather than handshaking with a connection/ query manager. Did you find anything that would also suggest this? Normal databases handle ~150 direct conns MAX not 1700…
— Scott Miller (@scottc_miller) February 5, 2020
They didn't even pen test the app. 😂😂😂
— M (@m0pinions) February 5, 2020
Have we learned nothing?!
— Laura Covington (@LauraJoy70) February 5, 2020
Now what was that thing about allowing people to vote online? 🤔
— ⏳ Benjamin Henry ⏳ (@BenStincident) February 5, 2020
We need a recount ASAP!
— Eric🌹 #Bernie2020 (@EricChvz) February 5, 2020
No more apps to count votes.
— CaliBerns (@BerninginCali) February 5, 2020
The whole hacker thing is obvious bullsh!t… get more creative to cover up this rampant, intentional democratic corruption.
— SeyWerd 🇺🇸🇮🇪 ⭐⭐⭐ – Text TRUMP to 88022 (@seywerd137) February 5, 2020
It’s the dems
— jnarcus. ⭐️⭐️⭐️ (@jnarcus) February 5, 2020
— NYConservatarian (@NYConservtarian) February 5, 2020
Great … it’s been three days and we still don’t even have a winner declared in Iowa. After three years of the Russian collusion hoax, we don’t need any help with people questioning the results of elections.
New report on Shadow Inc.'s Iowa caucus 'epic fail' suggests that this disaster was basically 'an F5 tornado of incompetence' waiting to touch down https://t.co/uxUcavgwBS
— Twitchy Team (@TwitchyTeam) February 4, 2020