Diogenes
Nemo me impune lacessit
DEMOCRAT
A recently leaked conference call with Colorado's county clerks lays bare the ineffectiveness of the response, and adds a new layer of bureaucratic bungling.
Deputy Secretary of State Christopher Beall admitted that the Secretary of State’s office actively kept the leak of the passwords hidden from county clerks to avoid media exposure.
Their plan? Keep the secret until after the election—without even bothering to change the passwords in a timely manner.
Four full months passed as this ticking time bomb lay in wait, passwords exposed to anyone.
It was like an open buffet for anyone with ill intent.
Worse yet, when county officials finally learned of the breach, the office's response was dismal at best—an ad hoc rush five days before the election to change the compromised passwords.
Adams County Clerk Josh Zygielbaum, frustrated and incredulous, called out the process during the conference call. "Honestly, I'm not very confident in this process," he said. Zygielbaum's concerns were brushed aside, with Deputy Secretary Beall attempting to downplay the risks by dismissively explaining that the breach involved BIOS-level passwords—as if that made the system immune to compromise.
And it wasn’t just the BIOS passwords. Once one voting system component is compromised, anything connected to it—LAN cables, HDMI cables, even air-gapped systems using removable media—must be assumed compromised as well. It’s Cybersecurity 101.
CISA, the lead federal agency for election infrastructure security, lays out clear standards and procedures for handling such incidents. The very least Colorado could have done is follow them. Instead, they opted for a comedic routine of denial, delay, and deception.
This debacle is another nail in the coffin for faith in electronic voting systems, further underscoring the need for a return to paper ballots and same-day voting, at least for federal elections, to ensure the integrity of our electoral process.