Defending Election Campaigns from Cyberspace

so uh this presentation is titled defending election campaigns from cyberspace um feel free to ask questions bug me and uh just have a good time throughout um this was from myself Josh Franklin and my father Kevin Franklin who ended up getting a little bit sick and couldn't make it so uh I'm gonna be speaking um so this site is for a guy named John Lewis uh he was running in 2014 he's a Democrat um but if you don't look at the small text you might actually think that this is um this is a pro John Lewis site if you click donate there that money is actually not going to John Lewis it's actually going to the National

Republican Congressional committee there as you can see down here um and we found stuff like this on both sides this just happens to be how I'm uh starting it but um so this is the kind of stuff that actually interests me and I wanted to see uh the scope of this how much of this is actually going on out there and we found 12 Pages basically exactly like this using just different bootstrap templates and um using different images um so today I'm gonna I'm gonna talk about who I am some previous work introduce my election scanning tool election uh Buster uh we'll dig into some of my results files uh look at how we can uh apply these Concepts to other

areas and then we'll have fun with some 2016 presidential hopefuls and then we'll discuss some recommendations and conclusions just a big note on this this is party agnostic for nearly every single um for nearly every single egg example I have from I have something from either party uh if I don't have something if I don't have two of of uh something it's purely because I didn't have an egg and egg sample from the other party um but yeah this is not pro r or Pro D um and this is and I am not representing my M employer either they got a little bit uncomfortable when I started saying I'm going to be showing pictures of real

presidential uh candidates and so uh yeah so my name's uh Josh about 10 years experience in the election Technology field um I've helped run elections uh at both the local and state level um I've uh certified voting systems at the federal level and I've written uh I've helped write the voting uh standards uh that um are voluntary in the U.S um I have a Ms and infosec from George Mason my father's supposed to be here uh 15 years expertise in Big Data um and he has an MS in computer science um so in 2012 uh some friends and I decided we would find uh if there's any really interesting election cyber crime going on out there it was a very manual

and arduous process we had to you know substitute O's for zeros and L's For Eyes inside of main domains for uh candidates and that was really uh really tiresome and boring and so um but we did that in 2012 and we found a bunch of really cool examples of people uh basically doing cybercrime on on the internet um and here's just one example this was a fake Democratic National Committee site this is a dnc.org and if you if you click that make a donation button there uh that money's not going to the DNC I promise you uh this doesn't even look like a legit website almost I mean um yeah this was Democratic National Committee dot org uh hosted on the same

server was a Republican National committee.org taking money uh in the name of uh the Republican party uh and they're both hosted on a server in Oregon um but today we're going to talk about the 2014 election um this was not a presidential election year which meant in terms of Elections is a little bit boring uh my thought was I'll get my tools going now and then I can do it at scale for the 2016 election which sounded fun um so there's one third of the Senate was up for re-election in 2014 that's just how our electoral system works um every two years every single house uh every single house rep is up for re-election and then there are many many

uh local and state elections Nationwide there's over ten thousand different election Juris addictions in the US there is literally an election somewhere in the US every seven days so um yeah so it's just there was a lot of Elections going on and um it's pretty hey so this was a pretty small potatoes election though um in terms of uh methodology I was looking for fake campaign sites and other malfeasance uh basically I really want a candidate stealing traffic from each each other and then uh candidates stealing money from each other that was what I was really looking for was money where's the the money going um I wrote tools uh with my father to basically scan every single candidate

running for the Senate and House in 24 for uh Teen um we also scanned some Mayors and some Governors um and so that was and this was every single candidate this isn't just everyone who actually uh won right I mean sometimes there's four or five people running for a single office uh so this is a crap ton of people within rote tools to take screenshots of uh you know of each of our hits if you if you uh will and then we uh collected the who is information as well and let me comb through data to actually find um anything that was malicious the timeline of scans generally were from February 2014 to I want to say November

2014 but then last week I decided to scan some of the 2016 presidential hopefuls and uh so I just made the um the timeline of scans to October um yeah workflow this is our crazy process uh we had a candidate list that I built from ballotpedia.org um then we would feed those into election Buster uh once uh once we've started finding things we would then iterate on Election Buster over and over again to make the tools smarter better faster stronger uh and then uh election Buster outputs results files which is what we really really wanted um we would take those results files we would shoot them through some scripts uh basically using Phantom JS and some Firefox extensions

uh down them all and then uh we get both of those pieces of information and then we would perform manual review which is slow and arduous and tiresome and it was awful uh basically me just going through screenshots on my iPad just looking does this look interesting is this interesting is this interesting um and if something was fun uh then we would you know celebrate and we would put it into our uh let's talk about it at the presentation category and if not we just threw it on the big old pile and just kept on going um so let's talk about election Buster um it's a python open source tool um it requires five different inputs

first name last name type of election home state and year of the election um yeah um it requests every single combination of characters for a domain uh and so um you know if there's uh you know it would try Barack Obama for president but it would put an A in every single spot and then a b in every single character spot C and they would just try every single domain so we're literally trying millions of domains this is what it looks like when you're actually running it just a really simple script um but what does it do it will quickly identify a candidate's real domains where you know Hillary Clinton lives on the internet um it will quickly identify typo

squatters someone trying to put up a fake site for uh someone um it will help real candidates identify where they should be defensively purchasing or acquiring domains and so um I'm going to show a big list at the end of where I think uh nowadays any candidate should probably buy these 10 or 12 sites um and then really cool it'll actually predict if someone's thinking about running because if you um in 2014 I uh I scanned Hillary for 2016. what you end up seeing is this really methodical Hillary Clinton uh you know.com dot org dot me.us um Chris christchristy.org.me.us and so someone has very methodically gone gone through and purchased each of these domains of

course we can't get 100 certainty on if that's actually Hillary you know Hillary Clinton or Chris Christie's actual campaign but um you can get a rough eye Dia if anyone wants to mess with it it's right there on GitHub please go play with it Fork it make it better um break it and if you break it please email my dad uh not me um uh issues with it it is slow we're talking unconscionably slow we're we're requesting millions of domains so uh when I started doing this I was on my 2008 MacBook Pro over Wi-Fi uh took about 8 to 12 hours to scan one candidate um which basically meant um you know actually uh coding it up and

testing my code was really awful because it would go for 11 hours and then you know it would have some sort of fault or error um uh but then I I wised up and I put it up on Amazon ec2 and takes 5 to 15 minutes per candidate now much much better which means you can do it at scale which means you can make these giant lists and just script uh scanning a whole election in like three or four days like every single person thousands of folks um issues I mean your typical input validation issues I handle most of the things but there are some things that don't quite work well um so O'Malley you just I just made it

so you have to take out the the uh the special character there and um if you have something like like West Virginia put it in as West Virginia as a single word um but yeah let's get to the actual thing okay so you're gonna see where you know what uh party and what candidate where they're from on the top right for most of these um so you can quickly know what I'm talking about on the left here you see a sample scan this like these are actual hits this is alfrankin.com alfrankin.net if you get nothing it just looks like you know it's basically just a uh a HTTP error on the right here you get um after millions of these errors

basically you get Al Frank whatever and these are the actual positive results you see your input and how long it took to to perform that scan which is cool um same thing here this is uh this is a red uh candidate Corey Gardner um and same thing you can see he had a lot less uh output and we're talking I'm scanning millions and upon millions and we have 15 positive results here so uh there's a lot of things that um it makes a lot of incorrect guesses um like I said this was a multi-year project lots of log files lots of screenshots thanks to Google for hosting that um we got lots of false positives and

parked domains we're talking ninety percent of the screenshots we got we're just GoDaddy like it's basically just GoDaddy uh everything's GoDaddy it seemed I expected a lot more domains out there that would be uh through other registrars um we didn't find a lot of malicious activity in 2014 found a lot more in 2012 actually found mostly uh slanderous sites and we don't have any statistical analysis on this at this point in time something I'm building into it for 2016 um should be cool let's take a look at some of the positive things here um well the positive results um the slander sites we just called that muck raking uh it's where you you someone purchase it someone purchases a

domain that people are likely to visit um like Jeb Bush with two h's someone might accidentally type that and they would put up a anti Jeb Jeb Bush ad um or a a Bernie Sanders with no e and it would you know put up an anti-burnie Sanders ad um these sites could be from blogs uh from citizens or sites set up by their opponent doesn't really matter it's kind of interesting though to see what people put up there this is probably legal right there is an anti-typo squatting law in the U.S but I'm fairly certain this this uh this falls under the first amendment that pesky First Amendment um and we found a lot of these muck

raking sites as the most uh thing that we've found here here's Mark Udall the site was actually Marx Udall you can see in the bottom left-hand Corner um kind of interesting you know something it was a fairly decent graphic designer behind this you know Well Done um kind of a cool site um right here you have the real Corey Gardner and that's what it is real coreygardner.com and this is part of the development of election Buster when I found um a site such as real Corey Gardner my tool probably wouldn't have caught that and so once I saw that I put that in to my tool as a template and so I you know I now try real first name last name.com

you know.com me US info whatever um and that's just how the tool iterated um this is another interesting one Shelley capito it says hypocrite didn't coward um but they're missing an e in Shelley down in the left hand corner you can see um it's another slanderous site here this is for edema crat uh Amy Bell guard I actually learned a lot about all these candidates that I've never heard of before you have to go visit their their Wikipedia page right um yeah and uh someone didn't like her and they put up a you know Amy is not cool website um and she actually didn't win um so identifying typo squatters this one's cool because this was the biggest

race in 2014. um the biggest race at least in my opinion was uh the secretary of state of Kentucky versus uh Mitch McConnell who is in the uh the uh the U.S Senate um and he's uh I think he's the uh he's the he's not the junior uh he's the senior senator um yeah and so Allison Grimes was really challenging him um and so what you see here is you go to Mitch mcconnell.org and uh ends up going to Allison for KY which is Kentucky um and so I have no idea if Allison Grimes actually did this I doubt it um but who knows um that's the whole thing about this you know on the internet in general if

someone uh attacks you attribution is difficult right you can check the who is but most of the time that's read redacted um so yeah so we saw a fair amount of typo squatters there um and then the predicting who will run this was done in 2014. I I promise I have no way to prove to you that but um the scam was done in 2014 these are just some of the domains that I saw for Chris Christie at that point in time people were talking about him being the Republican front runner so I you know I paid a lot of attention to him at that point in time um and so I just set it up

for Chris Christie New Jersey president 2016 and this is what pops out um there's a there's many many more um and then same thing for Hillary this is yeah this is Hillary I didn't know whether to call Hillary Arkansas or New York so I put in in in y in the top right so whatever if I'm if I'm wrong um and again what you're seeing here is a very methodical person going through and purchasing all these domains which really should make someone think there's probably someone doing that because a lot of the um a lot of the scans didn't have um this many results most people returned five or six domains Max um and so I think Hillary returned like

180 or something um malware so this happened a couple times and it taught me a good lesson of doing this on my personal box don't do it not in a VM because I was stupid um got to blow away my whole computer uh but I found a uh this is Phil gingry he's from Georgia um went there and uh is a drive-by download and some nice malware hit my hit my box uh um so we we alerted the candidate via Twitter um the guy never got got back with me I don't know what what gives I don't know um but yeah it was kind of it was kind of interesting we saw a couple different

instances of that um and last in 2012 just it just uh off the top of my head in 2012 we found a number of of uh candidates who were actually accidentally hosting of Viagra Stores um on their on their really old website so you know like uh oh Obama still had like a Obama 2008 site um you know and his wasn't one of those but a lot of candidates just kind of let their old sites die but they just kept him up uh and um they just left them unmaintained a lot of them got penetrated and yeah it's kind of interesting uh future updates to election Buster uh I'll make it faster I think I can do that through some DNS

trip um statistical analysis I want to put that in there I hear R is a cool programming language just for that I've never done it sounds like a fun challenge um I want to use computer vision to automatically pull out the parked domains um seems pretty easy because every single GoDaddy site has that giant Go Daddy logo in the exact same spot um frankly I could probably just parse the HTML uh using you know Python's beautiful soup library but I want to make it fun um yeah so I want to pull those out to make um to reduce my total screenshots that I have to re review from Millions uh to um you know a couple hundred hopefully

something I can sit down with a giant pizza and two liter of Code Red you know and just finish it um piping into who is um lots of Dom domains which is really really cool that we find all these crazy domains let's throw them through um uh who is and let's pull down that info information and parse that info that that information out I wrote a quick little script to read election Buster output files and uh put that information all into a single dock for you and then it scans it for Gmail Hotmail you know whatever.gov um and it just and it just kind of puts that out and says hey here's a couple email addresses

um here is Allison Grimes again her um her husband uh registered uh a domain for her and he used his real first name last name and then his real address if you look it up on Google Maps you can totally see it and he used a real phone number too totally wanted to call that phone number but I I didn't um wink uh no um then the PA house re Republicans was kind of interesting instead of using who is privacy uh from like GoDaddy or wherever um they just use the Gmail address um PA House Republicans gmail.com um which was kind of cool and you know here's three that happened to be using it but it was literally like it was it

was it I think it was like 50. um something people um so I wanted to apply this to other areas you got State and County election sites right you got super Pacs you got special interest groups um why can't this concept be done in other areas act blue is something that just kept popping up again and again and again and act blue was actually it's like a um when you push donate on a Democrat site except for Hillary um you're probably using ACT Blues Tech it's just you know like a just like a a portal to receive money um and I was like oh man this is gonna be so cool there's gonna be all these

fake act blue sites no there was a bunch of a bunch of parked domains with very similar names but no one's actually using them um so those two were the real sites everything else was just a false alarm um I thought it'd be interesting just to scan the our country deserves better pack um and you know when you get to these long domains like our country deserves better.com election buster takes so long because it runs through every single possible combination A through Z one through zero through nine and this thing ran for like a day or something for git but it only returned to one um which was very anti-climactic um this one's kind of cool

um I was just cruising on a Maryland State Board of Elections website like you do and um I saw this really interesting note that says potential fishing alert legitimate emails from the State Board of Elections end with maryland.gov um there's some other information there and so I thought oh man I'm totally scanning that it's gonna be awesome um I scanned it ended up being really weird um so uh you can see all these typos that returned a real site um and not exactly sure what's going on with it uh if anyone wants to help me find out that would be cool um I have contacted them um they're not exactly sure what's going on either but basically anything I think

someone bought md.org and md.com and I think um there are they are just re returning a splash page for that sub domain I'm not sure it's really shady looking though um so yeah that was kind of cool um 2016 presidential hopefuls this was awesome um you can't have anything without Anonymous right at a security conference someone's got to bring it up um um this is uh thump 2016.com um I uh I don't know why but this says the huge the humanity party and I was like okay and they're telling people in here to go register to vote which is awesome go register that's really cool um and then they say but don't register your real name register Anonymous

um I have no idea why why that's not gonna help anyone uh um yeah and of course attribution is difficult who knows this is actually an anonymous um yeah so here's some more Trump pages I didn't drop in the URLs but they're all various typos um my favorite is Ronald Trump 26 16. I'm digging that one um Trump make America great again um uh that was that's like a pro Trump site um here uh you know don't be an idiot Are you seriously considering voting for Trump are you I don't know whatever um a lot you can't really see it because of the projector but it's a cat with uh Donald Trump hair and this is another

cat um I don't know why someone else also had a bunch of um uh chickadees like tiny ducks or whatever um with tiny two pays on that was really cute um I just kept that one for my own usage um yeah and uh Donald Trump actually did a really good job of Defending his name space if you you will um he purchased a lot of the really reasonable don't domains that one would need to purchase um and uh there was a lot less um you know anti Donald Trump muck raking um stuff than I thought that they would be I figured there was going to be a you know he's a very uh he's a candidate who

gets people excited one way or the other so I figured there was going to be a lot of interesting things there and um a little less than I thought um I will say that Donald uh Donald Trump redox to a Jeb Bush Sucks Facebook site um don't know why um yeah and then um there's a lot of uh redirects from his namespace to Bernie Sanders um his act blue page I don't know why I just uh what I found um this one's interesting uh this is Carly Fior Fior Arena I can never say her name right um uh she was uh she did some controversial things I'm just assuming no one knows anything about politics

whatever she did some uh some really interesting things in terms of um uh she uh she fired a lot of people made a lot of people angry um and so I found this site it's Carly fiorina.org there's actually 30 000 of these sad sad faces I just Photoshopped it into to one um yeah uh this is kind of interesting um uh so Hillary uh this is hillaryclinton.net you can go there right now I have no idea well there's a picture of her and Trump uh looked into the who is it's masked um yeah kind of kind of uh kind of interesting um yeah yeah um this guy's awesome Hillary Clinton missing an L um presidential campaign of Donald

Eugene Lowe uh here he is this guy looks like he's having a great time he's got a meme t-shirt uh this guy's making it happen and he's really wanting you to vote for him in 2016. he's going to work hard for you um yeah it's kind of it's just kind of interesting um I found in terms of Hillary I got notes here um so there was lots of Hillary's going to run in 2016 Pages um there's not like Hillary's running right now there were lots of like Hillary is going to run pages I have no idea why um it's like what they all said you know Hillary's going to be running get get uh ready

um I didn't find many slanderous sites against Hillary I was surprised by that um yeah I think I have one more uh here's Bernie um yeah bernie4pres.org this is a pro hymn site I didn't find many folks doing anti-burning sites either um and a matter of fact I mean if you look hard enough you see the guy from Back to the Future in the bottom right hand corner um uh but yeah this is a site from someone else who just happens to be named Sanders um he doesn't look like doc from Back to the Future gosh okay fine um but yeah uh there wasn't too many anti-burnie pages I expected there to be um going a little bit faster than I

expected odds and ends um political domain registrars um there's some political web names here um that's the company this freaking site shows up everywhere like they bought a lot of my templates and so then I I set some of my templates I based it off of their info um and so uh I figured they knew what they were talking about and I didn't include them unless I had a real example but I mean this guy's just uh Joel here has given out his cell phone number um for Udall 2016. um but then he's not even talking about Udall that much he's talking mostly Clinton um yeah kind of odd and then you get a cool Ronald Reagan uh come buy this a

bunch of different domains so there's like I most of these domains people are selling them for like two thousand dollars I have no I no idea if that's a real market value but they're trying to sell them for thousands of dollars and now with my current current knowledge of how this stuff works you can bet I'm going to be trying to make some money in 2016. um so we'll see how that works out um this is my award for the most American domain you get a quote from Patrick Henry you get a gun you get ammo you get the Constitution um you know I have no idea what the site's even about it just showed up I

mean uh and this is this is par for the course here I I I I I didn't think I would have time to show a lot of crazy domains but now I wish I did um but yeah uh uh we found just so many crazy things I saw people trying to sell blood right I mean they're just like vials of blood and it's got all these Russian uh Cyrillic alphabet there lots of porn uh for some reason um and it was mostly Japanese um I don't quite know why uh there was trying to think um lots of parked domains and then lots of um student elections um people are putting up their own student election page

um like like every there was just so many student elections and I found that a lot of the the candidates ended up um really ended up leaving up their old pages from from past years I think I talked about that a little bit but um and they just let those pages go uh into this disorder and some of these uh candidates in the House and Senate have been you know in the House and Senate for you know over a a decade and so those folks in the house some of them have a page every 2 two years for their new election and you can like actually look at it it's cool because you can see

how web design changed every two years that's kind of interesting um his recommendations and conclusions here here's my common templates list um I mean anyone running nowadays I think should really purchase these lname plus fname right um uh L name hyphen f name uh F name plus year F name plus last name plus year um vote uh I get a hit every single time with vote almost I mean even even if it's just um like even if it's just the wrong site I still will get something for vote plus first name uh Team plus first name um I think Mitch McConnell started that in 2012 maybe um but now it's super super popular um like everyone's having their own team

something or other um fname for position so like Josh for president hint hint um that would be a fairly popular um that would be a fairly popular uh uh domain um and then if candidates are going to do this that's just the actual you know text of the domain that has nothing to to do with the actual TLD um and so I found a lot of comnet org me us and info I should have put info there um as some of you know there was just like huge amounts of domains uh like new tlds that were debuted um because I was kind of getting into this I was on I I saw right when that

happened and I was like oh I'm gonna buy cyber dot ninja it's going to be awesome and I bought that for like 200 and um then uh I was like I'm gonna sell this for twenty thousand dollars and then they ended up taking it away from me um and selling it to someone else but uh anyway um I was very unhappy about that um and then our tool does suggest domains you should purchase uh like you should purchase the moment it gets used um and so uh like when you actually push enter the first thing it does it says okay with your inputs here are the top you know 12 uh that you should use you

should go ahead and buy these um so for 2014 there was just um honestly there wasn't a lot I was I knew there wasn't going to be a lot but I thought there was going to be more than what I found um with the 2012 and not even really trying I found so much stuff um so many people stealing traffic from each other stealing money um all these fake sites uh but I really didn't find that and I I I didn't find that in the 2014 um and as you can see with some of those 2016 hopefuls the presidential election is where you start seeing a lot of actual cyber crime um and so uh my goal

is now I can take uh scans every month I'm gonna do them on the first of every single month and then I'm gonna make some statistical analysis tools and uh you know be able to actually measure how much of this is actually going on um and that'll be cool to actually get numbers on this um yeah our tools can be used by any candidate and I'm kind of hoping some candidate will actually use it I don't know how they'll figure out I'll post on Twitter and stuff um but I mean uh you know a a really um you know dog catcher style uh candidate someone who's at the local level they can they can use this and

they can protect their brand um which is kind of cool um uh and so candidates should basically purchase these these uh domains in my opinion um candid should not put personal information into the who is database I know I'm speaking to the choir here um except for that guy um and uh look twice before you donate make sure it's actually who um you know make sure that the money is actually going to who you think and if you want a copy of our data just ask I'm gonna put all this up on my personal website um and if anyone wants uh that information that Link's probably going to be active in a couple hours um yeah so that's my talk uh and any

questions yes sir um no I did not uh he is a very um he is a very uh divisive candidate or you know another candidate who really excites people um and so um uh I didn't show anything from Rick Santorum because it was uh definitely not PG um yes sir once more I'm sorry URL crazy I am unfamiliar with it sir please enlighten me

that would have been awesome to know about

um oh cool nice nice no that's really really cool I hadn't even thought about um yeah yeah going through like so is it actually hooking into a registrar is it a tool from a registrar okay no no it's it's totally cool love it love it yeah yeah I mean um and that's part of the um that's part of the process of making the tool um more streamlined right if I can take out a couple million bad guesses it can be a much better tool and work faster um yeah cool thank you any other any other questions yes sir

can you example me

that's a great point I never thought to look at at that um off the top of my head I will say that um whenever I found like a slanderous or muck raking site um I really didn't see those um uh but yeah it's something that's fairly easy maybe that um maybe that'll go with the whole computer vision thing you know I can look for uh a box at the bottom of the website that'd be a good little indicator this is a legitimate site I think it's a cool idea idea hmm yes yes sir yeah yeah

I found 12. um in 2014 and they're all for house candidates um uh and yeah unfortunately I only found those on one side of the uh coin there um but uh that's that's what I was really looking for right with those types of things that's what I want um so uh I don't I haven't really done much because I work for the federal government and I um I didn't really want to uh um I didn't really want to make too many waves um when I when I saw things that were you know obviously bad like malware I I alerted the candidate ASAP but I am definitely hesitant in calling a site um a site you know uh a crime in in

general um I mean uh we can see that uh but I can show some more examples of those if you you want but if you read the first thing there um I mean there's a case to be made that this is a legitimate site and that's kind of the issue um it's it's a there's a serious shade of gray because I mean the small text is John Lewis is tired of sitting on the sidelines watching his boss longtime liberal Crusader Max Bacchus um that means you know John Lewis is bad for mon Montana right I mean so I I could see see a case to be made that this is just a user hurriedly going through and

clicking donate at the same time I could see there being you know this is it's kind of a vulnerability if you will I mean this is like a this is like a UI issue it's like you know UI trickery um yeah yeah almost yeah yeah um uh yeah so I loved these ones because there was just they were uh they were all out there easy to find my tool found them quickly and um yeah and they were just so gray I couldn't figure out who did who who was actually at fault there um and who is information for this was not uh you know uh scared at all um I think these are actually still out

there if you want to take a take a look at them any other questions we got lots of time folks I don't know sorry for going short yes sir do a private registration did you do any searching for other sites that individual registered because it'd be interesting to know if they type in a squat outside politics that'd be that would be interesting to know again a good idea for a future seriously for a future thing to add I I just didn't to be honest I just didn't think to do that I love it um yeah why wouldn't that happen yeah love it yes ma'am thank you

and I ordered the dog's name is no that's pretty love it no no that's a cool idea

yeah yeah I love it yeah I I I hadn't thought to do that but it's a fairly simple thing you know just gotta hit the Wikipedia page for a given candidate and then um you know run another scan yeah yeah was it Bo no no what's the name yeah it is okay now I'm kind of curious can does anyone know if there's a bow for president site no um uh yeah yeah I like that um yeah uh the only issue to not do that would be um it'd be another set of uh log files and scans to a store but I mean it's not too big of a deal I mean whatever and I'm paying for like 60 gig

of Google storage I'm picking up what you're putting down totally agreed agreed yes sir no no um I I didn't I didn't really have anything that was uh crazy cool in 2014 so I didn't really track it track it down that much I mean this one was someone was uh taking credit for this site right for these um you know these were the 12 smoking uh smoking guns for 2014. um but in uh 2012 yeah we did that sort of stuff yeah yeah um and that's how we found um those fake DNC and RNC Pages you know and then someone might have scanned those sites as well um you know I see what they're running

on top of and things of that nature um any other questions 10 more minutes yes sir

how thin did I see candidates sporadically squatting oh okay see yeah Trump did a great job of that Trump did a really great job um trying to think uh frankly it was it kind of correlated with the larger the candidate was because my guess is that they actually have someone who understands technology behind them right um and that that would make sense right um I I didn't include it right but uh you can see here like there was a fun little Hillary one oh man where's the hell everyone uh if you uh if you looked at the actual HTM HTML of oh this was a good Hillary one uh that was interesting um yeah totally wasn't just doing my

slides uh oh this is a good one Hillary Klingon um um yeah like uh actually Hillary didn't do a very good job of um of uh squatting but if you look at her um you know at the HTML behind her page actually she has her logo in ASCII and it says you know if you want to come work for the Hillary campaign uh you know click this link um we're just kind of that's kind of interesting actually I think oh yeah oh yeah oh I mean those were that those were the domains that returned that's positive results but a good number of those are just parked domains that I couldn't figure out if it was actually anyone um which stinks like

um so here's a results file from Hillary um this is all me just making slides okay cool um so this is like really what a election Buster results file looks like um I mean you get all this information about it um it just kind of goes on and here are the positive results um 177 is what Hillary had as of Thursday um yeah and so I have to go through through all these and most of them are just GoDaddy and I hate my my life the whole time yes sir

I didn't but it's a really reasonable feature um yeah actually I I I'll probably build build that in as someone could uh you know optionally include that command line argument because why not I mean the the biggest reason again to say no is that um I might get a lot of extra garbage but you know I can get something cool and um it's gonna make it run slower because you're adding like six or seven letters and so it's like six or seven letters to the your total character set so like a through zero through nine which is going to add that on and that's going to be you know it's going to add a lot more but still um why

not yeah love it yes ma'am oh

okay R yeah that makes sense interesting

I love it I will totally test that theory out because yeah why not use the uh candidates initials in there I mean that's super sorry yeah yeah yeah yeah yeah yeah I mean uh that would be a really cool that that's all that's that's another awesome I I I idea and it's super simple to try um thank you someone else raised their hand I didn't see them yes sir

no I did not re report them um uh since this is being videotaped I'm not gonna answer you but uh if you want to come ask me after I'm happy to give you the down and dirty and I can send you a couple screenshots whatever you need um you let me know you know I'm not I I ain't judging anybody um but yeah um uh there were a lot more for female candidates unfortunately um like a lot more uh um yeah but most of the pornographic sites were just like random just porn sites and I'm like ah you know and like so that means I can't do anything like on the Metro right because someone could be behind me and I was

like what the hell is that guy look you know um which really made it I had to be home you know uh with like a curtain around me you know um yeah unfortunately anybody else oh yes sir

I I I didn't understand

oh totally oh yeah totes yeah yeah um yeah yeah like uh I can show you a good example here that I have open recent oh nope that's my wife's comments hey honey uh there's there was here somewhere defending cyber common elections there we go um this is my presentation from a little while back uh but you can see that there were yeah I like that one I don't know what party he would be would like be for though right I mean it'd be a little confusing um uh there's a cool example here of okay so this one's awesome because it's on on Craigslist someone's trying to sell their a vote for 25 bucks foreign

there is a there's one where it shows the Google search result yeah so here you you go that our country deserves better pack um and it's a buy Viagra online from an official I don't know a certified Pharmacy all those pharmacies are Canadian I don't know why um you know uh yeah does that answer your question I mean sometimes they were they were in there sometimes they they uh they uh weren't I mean I assume as long as they're um as long as they don't have robots dot dot text in there they will be indexed by Google but then you know their whole algorithm is going to make sites that people go to um more often appear towards the front

so yeah yes sir

no I haven't I've thought about it though yeah um I totally bet it would work right now

have you seen that have you seen like uh Canada a hosting uh like I'm uh Josh so it's like joshsucks.com and then is okay that'd be awesome I would love that yeah yeah I mean I was talking with the with the gentleman who was attending this conference yesterday he was from from India and I was telling him about this and he's like in India you can't you can't put things um you know you can't put anti-candidate things up on up on the internet and stuff and so I mean that would be it'd be cool to see for from a malware perspective and then from like a political speech perspective as well love it how are you doing on time I'm gonna cut

it okay everyone give me a round of applause thank you so much and come say hi