This morning, a joint press release from Gov. Jared Polis and Secretary of State Jena Griswold announced that the emergency operation to change every voting hardware password accidentally disclosed by the SoS office in a publicly-posted spreadsheet, which resulted in a major political embarrassment just days before the election despite posing little actual security threat due to a host of additional measures in place to protect the machines from unauthorized access, was completed last night:
Colorado elections include many layers of security. The passwords that were improperly disclosed were one of two passwords to make changes to these particular voting system components and can only be used with in-person physical access to that specific machine. Under Colorado law, voting equipment must be stored in secure rooms that require a secure ID badge to access. That ID badge creates an access log that tracks who enters a secure area and when. There is 24/7 video camera recording on all election equipment. Clerks are required to maintain restricted access to secure ballot areas, and may only share access information with background-checked individuals. No person may be present in a secure area unless they are authorized to do so or are supervised by an authorized and background-checked employee. There are also strict chain of custody requirements that track when a voting systems component has been accessed and by whom. It is a felony to access voting equipment without authorization.
“The effort to change these passwords been completed in every affected county. I want to thank Governor Polis for deploying extra state resources to help in this effort,” said Secretary of State Jena Griswold. “Colorado has many layers of security to ensure our elections are free and fair, and every eligible voter should know their voice will be heard.”
“We appreciate the swift work to update these passwords and provide voters confidence in Colorado’s elections system. Every Coloradan can rest assured that their vote will be counted fairly and accurately. While the leaked passwords compromised just one of many layers of security that protect our election integrity in Colorado, we knew it was critical to take swift action and to work with Secretary Griswold and the county clerks to update the passwords immediately,” said Governor Jared Polis. “I want to especially thank the hardworking state employees and county clerk personnel who were part of this effort.”
Although the affected passwords have now been changed and there is no evidence that any of the other layers of security in place to protect voting machines across the state were compromised, yesterday afternoon Donald Trump’s Colorado attorney, infamous former Secretary of State and oft-debunked election conspiracy theorist Scott Gessler, sent a letter demanding that all ballots processed by affected equipment be rescanned–which would be a huge logistical monkeywrench in Colorado’s ballot count with 1.5 million ballots already in:
“The Secretary of State must immediately identify the counties affected by the security breach, notify them, direct them to halt processing of mail ballots, and prepare to re-scan all ballots,” states a press release from the Trump-Vance campaign.
AP reports that Secretary of State Griswold rejected Gessler’s overreaching request in a letter last night:
Former President Donald Trump’s campaign sent a letter to Griswold to express concern, which followed a similar letter from the chairman of the Colorado GOP. Griswold responded in a letter Thursday evening, saying that because of the many security levels, “no single error can compromise the integrity of the system,” and reiterated that the leak presents “no immediate threat.”
The accidental public posting of these passwords is without question humiliating for the Secretary of State’s office, and we’ve been unsparing in our criticism of Secretary Griswold’s initial response to the controversy. With that said, this mistake does not make the usual suspects rushing in to exploit the situation in order to sow doubt in Colorado’s elections any more credible. Scott Gessler still has his license to practice law unlike several other attorneys who represented Trump in the fruitless lawsuits in late 2020 challenging the election results, but Gessler was nonetheless rebuked by the Nevada Supreme Court for his lawsuit on behalf of Trump based on rank falsehoods and conjecture substituted for facts. We don’t hear much from Colorado GOP chairman Dave Williams anymore since his job now is pretty much solely to siphon money from the party coffers through the next party leadership election in the spring, but after a year of offending and alienating every Republican outside his dwindling clique of supporters, Williams is one of the few Republican figures in Colorado with even less credibility than Scott Gessler.
These are the bad actors who have been given an opening by the SoS office’s mistake, and that in the end could be the biggest lasting consequence. Even though there is no reason to believe that any voting systems were actually compromised, rightly turning down the Trump campaign’s over-the-top demand to restart the count of millions of ballots is practically guaranteed to be the pretext by which Trump and his local allies claim the election in Colorado he is certain to lose is illegitimate. No amount of evidence to the contrary will be enough to convince them, because Trump’s supporters don’t want to be convinced.
For all of us trying to sort through what just happened without ulterior motives, the takeaway is simple: yes, this was a big mistake by the Secretary of State’s office at perhaps the worst possible moment–but numerous additional layers of security prevented any real-world impact other than the time spent changing the passwords on voting machines scattered across the state. Colorado voters have nothing to fear casting their votes with the same highly secure and accurate systems they’ve trusted for years.
Defending the integrity of Colorado’s elections from Donald Trump is all that matters before Election Day. It’s more important than any individual’s reputation, and more important than settling pre-existing political scores.
After the dust settles and the full outside investigation Gov. Polis is calling for is complete, we can fairly assess the consequences for others.
You must be logged in to post a comment.
BY: notaskinnycook
IN: Monday Open Thread
BY: 2Jung2Die
IN: Monday Open Thread
BY: JohnInDenver
IN: Monday Open Thread
BY: 2Jung2Die
IN: Monday Open Thread
BY: spaceman2021
IN: Monday Open Thread
BY: spaceman2021
IN: Monday Open Thread
BY: joe_burly
IN: Monday Open Thread
BY: Duke Cox
IN: Monday Open Thread
BY: 2Jung2Die
IN: Monday Open Thread
BY: spaceman2021
IN: Monday Open Thread
Subscribe to our monthly newsletter to stay in the loop with regular updates!
Griswold's office fucked up, but unless it comes out that the machines were actually hacked as a result I think it will fade away except in MAGA world where nothing ever fades away.
I agree with Pols that giving goons like Gessler something to exaggerate is the worst of all of it.
I can't believe that partisan hacks like Scott Gessler used to be able to actually win statewide elections in Colorado when it used to be swingy. Even then, people like him were rarely elected so that must have been a fluke, but still a thing that used to happen anyways. Glad that nutjobs like him are given the middle finger nowadays.
It isn't JUST Republicans ….
Colorado Libertarian party files lawsuit against Secretary of State after partial password were posted online
These days it'd be awful damn difficult to swing a dead cat by its tail and not hit some conspiracy theory fringe politico square in the puss (face) who doesn't already have a team of shysters retained and on speeddial just awaiting to hear the word "go."
First off kudos to Polis for stepping up and both rectifying the problem and for kicking off an independent review of what happened and why.
Griswold has been a competent SoS to date, which is a gigantic improvement over her predecessors. And mistakes do happen. Even really dumb bad mistakes.
Where she blew it is twofold. First, she didn't fix the problem. That should have been an all hands on deck work 24/7 get it fixed. Second, she did not tell the counties that were affected so they could lock down the relevant systems until this was resolved.
Event without all the claims of false voting, this is bad. With those claims, leaving the systems exposed and not notifying, and laying out the whole situation in details, including why it was not impactful of the vote count, is inexcusable.
Griswold should resign. She obviously won't, but she should. And whoever created that spreadsheet, adding the passwords as a hidden worksheet, at a minimum needs to take some remedial classes in cyber security.