CISA boss swatted: 'While my own experience was certainly harrowing, it was unfortunately not unique' CISA Director Jen Easterly has confirmed she was the subject of a swatting attempt on December 30 after a bogus report of a shooting at her home. Easterly described the incident as a "harrowing" experience in an official statement: One of the most troubling trends we have seen in recent years has been the harassment of …
Someone could use a VPN to disguise where they're coming from, and there are probably laws preventing 911 centers from deciding to ignore calls they think are fake. They probably have to pass them all along, and leave it up to the judgment of local emergency personnel to make that determination.
Eh? 911 centers are local, for some reasonable values of "local", and 911 operators most definitely do triage calls:
911/Emergency Communications Center: Trained 911 dispatchers code and determine the appropriate response, sometimes with the help of embedded behavioral health specialists, for immediate assessment and intervention. From there, dispatchers may route the call to community responders or other first responders for help.
There may be other local regulations in place — community response is not standardized across the US. But in the communities where I've lived, 911 dispatchers were not required to "pass them along", and they had discretion to determine whom to pass them to if the did.
They probably aren't using one directly, but a local VOIP provider. It might be a giveaway if it's all coming from international numbers, but if it's a number from that country, there's less that can be done to identify whether it's being proxied for an international origin. In addition, it's probably not being proxied in this or many other cases. The people who want to attack a US election official are probably in the US to begin with, so wherever they're calling from, it's in the country. You would have to use geolocation data to identify where the caller was, and I don't think the systems for collecting and reporting it are fast enough to let them filter it. With all of these obstacles, they probably send the calls to the local authorities rather than deal with the risk that someone actually has an emergency and they ignored it.
>geolocation data
Worth noting that this can be less useful/accurate than you might expect.
For example, as I discovered tracing & discovering an Australian govt standard medical data breach, at least some of Salesforce's main email servers (*.mta.salesforce.com):
* identify themselves as being in San Francisco CA ("/C=US/ST=California/L=San Francisco/O=salesforce.com"),
* are set to San Francisco CA time,
* but geolocate as being in Francisco, Indiana
https://www.newstatesman.com/science-tech/2015/08/swatting-uk-trolls-newest-intimidation-and-harassment-tool-and-police-need-take-it
The UK for a start.
But really anywhere that has an emergency dispatch number that can deliver lumps of firearm wielding meat to your doorstep, which is most countries.
https://www.forbes.com/sites/jacquelynsmith/2013/08/22/americas-10-deadliest-jobs-2/
"Airplane pilots have the third deadliest jobs, according to the BLS. Like loggers, pilots are menaced by the threat of malfunctioning machinery and falling heavy objects. "
Yeah, pilots are at risk of falling heavy objects. They tend to be in them at the time.
Lumberjack is the most dangerous job in the US
No, it isn't. It's not close to President of the United States, for example.
Responding to GP: My best friend was a police officer for decades. He never shot anyone, and never wanted to. I've known a number of police officers in the US who aren't "trigger-happy".
There are many problems with policing in the US — militarization, expanded duties,1 systemic racism, "revolving door" hiring of bad cops, routine abuse of QI by the courts and of discretion by prosecutors, and so on — but generalizing about what "all cops" are like certainly does not shed any illumination on those issues. Police officers are human. Some of them are better than most; some are vile; most are somewhere in the middle.
As for the "police are under siege by criminals" claim: 224 officers killed on duty in 2022; 1176 civilians killed by police that year. There's a bit of an asymmetry, and it's not on the side of the angels. Certainly I wouldn't want more police officers to die in the line of duty, but the self-protection argument is rather thin.
But, hey, people should definitely form their own opinions, preferably without citing, or probably knowing, any facts.
1In most communities police have to deal with crime response, public safety, traffic safety, homelessness, incapacitation (particularly due to drugs and alcohol), domestic disputes, McNugget crises, and all sorts of other issues, many of which they are not properly suited or trained for, or provided with appropriate resources to resolve.
Swatting is toxic but ElReg readers may be unaware of just why emotions are running high over there.
Note what she very oddly chose to bring up then emphasise:
>work tirelessly to ensure their security and integrity. We at CISA, along with our partners, will continue to support these election heroes as they work every day to safeguard our most sacred democratic process.
A/ General Note: This wildly overflown black&white us&"them" heroes-vs-evil melodramatic language is characteristic of activist deceit/manipulation.
B/ Tech.Note: It is over 6mths since the public release of the tech.investigation of the Dominion election machines. First & only one with hands-on access. Readers of this site might understand the implications of some of the larger findings re Easterley's oddly-referenced topic: Election Security:
* You get full Root access + tools if you plug in an external keyboard.
* If you have a staff card, for your convenience you get this by just triggering the onscreen keyboard.
* All election setup data (eg candidate names) is centrally prepared then distributed & manually loaded by Zip files. Which are mini file systems. Dominion wrote their own Zip file extractor. It has full Zip Slip compatibility. It will place any file any where in the file system with whatever self-assigned permissions it comes with. This includes the core election app binaries. So any BadActor at any point in the distribution process can invisibly hijack every machine downstream of that point. This will only be detectable on site if people can read the QR codes on their printed ballot.
For a quick laugh, check out this short inclusion in the tech.report:
Election Headquarters & Server Room -- Site Inspection
Best not have coffee in your mouth. It's only 3 paragraphs but it's like Quentin Tarantino wrote the Christmas Panto version of an On-Call story.
"odd"... Mate, you haven't seen "odd" until you've paid close attention to a US case's actual day-to-day Process. "Surreal" and "insane" and "lunaticly decoupled from anything remotely connected to law let alone justice" are more the mot juste. Example I saw just yesterday, a climate scientist suing someone for defamation for referencing "flaws" in his work, has successfully prevented defence witness testimony for years now, on the basis that the witnesses know something about the topic. Ex post, that will just look like he was in the right, since no evidence tendered in defence.
In this case, the tech.report was sealed by a Court 2 years before. Everyone knew what was in it, but it could not be used in evidence. It was only unsealed by a superior Court some months after the Dominion-vs-Fox case was successfully won due to no evidence tendered in defence.
Side note: you accidentally helped me with a head-scratcher. While checking Dates, I tripped over an explanation for why that tech.report is so professionally damning about the security/hijackability, then suddenly flips and starts making bizarrely disingenuous political claims that there's no evidence it's actually been done. Doubly bizarre because the lead author has done previous court-submitted analyses of election machines with far more restricted attack surfaces, wherein he's demonstrated it was easy to eliminate all evidence of major election manipulation -- tidying up logs, etc. So he knows damn well he's talking foolishness, and he's got one hell of a CV, so what on earth?
Turns out he's a major Clinton etc. supporter. He kicked off this tranche of work as an anti-Trump effort.
Why do you keep saying tech.report?
And surely you're aware that there were a gazillion electoral fraud cases brought to caught by Trump's cronies and the common pattern was that Guliani, Sidney Powell et al would stand outside the court and say they had lots of evidence, file case papers with no evidence, the case would be thrown out due to no evidence and then they would stand outside and continue with their previous bleating about a stolen election to push their domestic political agenda.
They've had countless opportunities to provide some actual evidence. Give it up.
To be fair, Sidney Powell would have trouble providing evidence she can distinguish her ass from her elbow. But, yeah, someone on their crack team (or, more likely, the people pulling the strings) ought to have been able to provide some evidence if the whole thing weren't a fabrication from whole cloth.
> no evidence
Suggest you read this, above: #c_4798054
I did look at one group of those at the time. 3-simultaneous and the 1 final. Trump's actual cases.
The first 3: judge announced "New rule: all declared witnesses must have submitted affidavits -- no affidavits, therefore no evidence, therefore no case -- The End." So for the next&final 1, they submitted affidavits, judge announced "New rule: if you submit affidavits the witnesses can't testify -- no witnesses, therefore no evidence, therefore no case -- The End." Surreal but that's the way US "law" can be gamed in practice/practise.
.
> Why do you keep saying tech.report?
Because tech.report. Hence I used the term "tech.report".
Remember, I was pointing out to people some of the actual context, for why emotions are validly running pretty hot over there. The tech.report is NOT a he-said/she-said (unlike the tangential replies here), and has some IT-specific info professionally meaningful to commentards.
Thus: https://storage.courtlistener.com/recap/gov.uscourts.gand.240678/gov.uscourts.gand.240678.1681.0.pdf
His informal run thru it, when unsealed 2yrs later: https://freedom-to-tinker.com/2023/06/14/security-analysis-of-the-dominion-imagecast-x/
Sorry, I thought I'd posted that initially.
Solid credentials: Prof. J.Alex Halderman, who is responsible for some major security work on which you rely daily eg https, plus related stuff like the free LetsEncrypt certificate service. Here's his wikipedia article: https://en.wikipedia.org/wiki/J._Alex_Halderman; and here he is a few times right here on ElReg: https://search.theregister.com/?q=halderman. Non-trivial competence and authoritativeness. Re Bias: he's anti-Trump, as you'll see from the ElReg articles etc.
Alert readers may although ask why you try to change the topic of the discussion from swatting Easterly and election officials to the security of voting machines.
Do you think people believing those officials allowed and covered up fraud in the voting process have a good reason to get those officials harmed by swat teams?
It’s hard to figure out how heavily-armed law-enforcement, who are supposedly trained to deal with tricky situations, should so thoroughly misjudge things at a bogus callout that they end up injuring or killing innocent parties who are no threat to anybody. Seems like they are primed to shoot first and ask questions later.
Maybe they watch too much too much of their country’s movies and TV shows?
Seems a terribly labor intensive and expensive process.
Judging from all the impressively accurate artilalry systems being demonstrated in Ukraine couldn't some much more cost-effective Shooting-As-A-Service be implemented?
Simply enter the coordinates into a local police website, put in your credit card number, and have 155mm of constitutionally protected bared arms delivered to your special friend
"It’s hard to figure out how heavily-armed law-enforcement, who are supposedly trained to deal with tricky situations, should so thoroughly misjudge things "
Too many US police officers have had no proper training in threat assessment, de-escalation, but have had a ton of training in shooting anything that moves. This curiously enough disempowers them, makes them approach situations fearfully and happy to pop off at anything that moves suddenly. Or in some cases didn't move suddenly and just did as it was told.
Obviously with the US public all tooled up as the world's biggest, most unneeded and least trained army* you can understand the need for US police to always carry arms.
*About 16 million US civilians own one or more assault rifles. That's four times the size of China's active, reserve and paramilitary forces. Or another comparison, the total active military strength of the entire world is around 20m.
Too many US police officers have had no proper training in threat assessment, de-escalation, but have had a ton of training in shooting anything that moves. This curiously enough disempowers them, makes them approach situations fearfully and happy to pop off at anything that moves suddenly.
Yes, and they're protected from any adverse consequences, and rewarded for this sort of behavior. The officer who killed Andrew Finch — the "Kansas man" mentioned in the article — was promoted not long after, for example.
In fact very few Americans own machine guns, the number is closer to thousands than millions.
Not only are they very expensive, starting at well over $10,000, but you have to get a even more expensive federal license to own one.
You are probably thinking of semiautomatic rifles, some versions of which, like the AR-15 (which is neither a machine gun nor an assault rifle) are sometimes called "assault weapons". An assault rifle is defined as a rifle that can be switched between semiautomatic (one pull of the trigger fires one round), and fully auto (pull the trigger and the gun keeps firing until it runs out of rounds).
The media and the left like to talk about "assault weapons", which is really a political term that can be best defined as "scary looking gun".
who are supposedly trained to deal with tricky situations,
I'm old enough to remember the introduction of guns for my local (vic.au) police.
First they shot windows, clock towers, and each other, because they had no gun training or experience.
Then they were trained on an American model, stopped killing each other, and started killing criminals, until the criminals started shooting back ("I'll take some of you with me")
Then they were trained on an English model, and police officer shooting deaths went down again. (most police officer deaths on duty are caused by stupidity in traffic stops ("I can't get run over, I'm in uniform" and those deaths are unrelated to firearms).
Since then the training has changed again, and for a while they were shooting psychotic schizophrenics. I don't know what the training is now, but the point is that the effect of "trained to deal with tricky situations" depends on police unions and senior management: there is a choice of training and outcomes available.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
