Ohio invites hackers to try to break into voting websites

Ohio's chief elections officer has invited hackers to break into the state’s voting websites.

OHIO'S CHIEF ELECTIONS OFFICERWANTS VOTING WEBSITES HACKED.SERIOUSLY!THERE'S ANINVITATION ONLINE FOR"ETHICAL"HACKERS.IT'S CALLED A"VULNERABILITY DISCLOSUREPOLICY."NO OTHER STATE HAS ONEAND SECRETARY OF STATE FRANKLAROSE THINKS IT MAKES VOTINGSAFER.HERE'S REPORTER LARRYSEWARD.(nats from RFN MEETING VIDEOtc :01)"well good morningeveryone..."(track)ohio'slatest november task forcemeeting...(sot from RFNMEETING VIDEO/ tc 44:41/ franklarose/ ohio secretary ofstate)"...if you find a holeand tell us about it... we'renot going to sue you..."(track)(show CRYPTIC COMPUTER VIDEO)...included offers tohackers...(sot from RFNMEETING VIDEO/ tc 44:22/ franklarose/ ohio secretary ofstate)"...these are white hathackers..."(track)...uniqueroles in election security noother state offers.(sot fromRFN MEETING VIDEO/ tc 36:49/matt masterson/ us homelandsecurity, senior cyberanalyst)"ohio really is ahead of thecurve on this... these alreadytaking proactive steps..."(track)that's matt mastersonof u-s homeland security.(showHOMELAND SECURITY INFO CENTERPHOTO)their info sharing andanalysis center gets dailyrisk intelligence from all 50states... and see no betterpartner than ohio and (showtitle from VULNERABILITYPOLICY PAGE)its one-of-a-kind"vulnerability disclosurepolicy."(sot/ tc 37:32/ mattmasterson/ us homelandsecurity, senior cyberanalyst)"now you get the benefit ofthe incredible cyber securityresearchers across thiscountry.

You've given thempermission to and an abilityto work with you."to identifythose holes in your outerperimeter."(track)(show WHITEHAT HACKERS PHOTO)for thefirst time... so-called "whitehat hackers"... (show CRYPTICCOMPUTER VIDEO)routinely hiredby private companies to findand help patch holes incybersecurity... have invites(show WEBSITE LIST) to scannine state government sites...including vote-ohio, safe-at-home-ohio, (show SOS WEBPAGE)even secretary of state franklarose's page.(show BROLL OFVOTING MACHINES)votingmachines, electronicpollbooks, ballot markers andcounty voter registrationsystems are off limits.(showPOLICY PAGE WITH PULL QUOTES)so is "phishing", "spoofing","defacement" and anything thatcould do damage.(show AP BANKPHOTOS)and if hackers shouldfind social security numbers,credit card or bank accountnumbers... (show POLICY PAGEWITH PULL QUOTES)this policyasks hackers to immediately"stop and tell" authorities.(show POLICY PAGE WITH PULLQUOTES)they are also supposedto keep quiet about problemsfound "during the 120-daywindow" created by larose'sstaff to fix any bugs.(show APFBI, HOMELAND SECURITY PHOTOS)the feds and law enforcementcould see these reports.(showPOLICY PAGE WITH PULL QUOTES)but ohio's policy promises "nolegal action", "no lawsuits"and anonymity.(show POLICYPAGE WITH PULL QUOTES)laroseis letting hackers use"pseudonyms" and "throw awayemail account" to protecttheir identities.(sot/ tc :38/ jeremiah grossman/ good guyhacker)"...if you think ofhacker as jedi and sith, i'mdefinitely on the good guyside.

(laughs)(track)(showGROSSMAN PHOTOS)...jeremiahgrossman... a "white hathacker" for 20 years... justheard of ohio's program...(show USE CRYPTIC COMPUTERVIDEO HERE)but sees noadvantage for bad guy hackerswho if interested would bargein anyway.(sot/ tc 3:29-42/jeremiah grossman/ securityanalyst)"there's lots ofpeople out there like myselfincluded who wouldn't mindtesting the security of.asystem that we might haveinterest in.

And if we find avulnerability, we would justlike as good samaritans wantto be able to report it to theright people so it can befixed."(larry looklive)"critics say the differencebetween good and bad hackersis as thin as those double-yellow lines.

They wonderabout the timing of ohio'smove and how the state plansto handle hackers who abuseaccess.

You'll hear fromsecretary larose tomorrow.larry seward... wcpo... ninenews."