CT

Secret Ballot and Constitution under assault in Connecticut by AP and Secretary of the State’s Office

One AP story, two different versions in the Connecticut Post and the Hartford Courant.

As we said in our comment on the Connecticut Post article:

Connecticut has this other thing called the Constitution. It is even available at the Secretary’s website. It says: “The right of secret voting shall be preserved.”, which would likely be interpreted as not taking a picture of your ballot such that you could prove how it was voted. Otherwise votes could easily be bought, sold or intimidated. http://www.ct.gov/sots/cwp/view.asp?q=392288

Ballots Still Broken: Doug Jones on Today’s Voting Machines

Broken Ballots co-author, Doug Jones interview on the vulnerabilities of today’s voting machines, the newer models available, risks of Election Management Systems, and Internet voting: Douglas Jones on Today’s Voting Machines  <read>

Fortunately, Connecticut has avoided the problem of corruption of the EMS by using a separate system from programming elections and using a manual reporting system to accumulate the results at the end of the night.  That does not mean our systems are safe from errors, hacking, and fraud.

Dr. Harri Hursti addresses the potential for Russian election attacks

Dr. Harri Hursti is a respected international expert on electronic security, especially electronic voting.  In a recent interview he addressed  the risks and chances of correctly attributing the source of attacks, specifically focusing on Russia.

What do you think of the news that a member of Congress says there is “no doubt” that Russia is behind recent attacks on state election systems

The article makes several dangerous assumptions about the security of elections and election systems. Representative Adam Schiff said he doubted (Russians) could falsify a vote tally in a way that effects the election outcome. He also said outdated election systems makes this unlikely, but really, it just makes it easier. The voting machines were designed at a time when security wasn’t considered, included, or part of the specifications at all.

April Presidential Primary Audit – Does Not Make the Grade

Checks on State Voting Machines Do Not Make the Grade
Do Not Provide Confidence in Election System, Says Citizen Audit

From the Press Release:

Audits of the recent presidential primaries are so faulty that exact final vote tallies cannot be verified, says the non-partisan Connecticut Citizen Election Audit. Unless state and local election officials make changes, the same will be true for the November elections.

“State law requires audits to verify the accuracy of optical scanner voting machines as a check for errors and a deterrent to fraud. Local registrars gather officials to manually count paper ballots and compare their totals to the totals found by the scanners, explains Luther Weeks, Executive Director of Connecticut Citizen Election Audit.

Issues reported by the group were:

  • Incomplete or missing official reports of vote counts from town registrars;
  • The lack of action on the part of the Secretary of the State’s Office to check that all required reports are submitted and all submitted reports are completed fully;
  • Of 169 municipalities required to submit lists of polling places before the election, the Secretary of the State’s Office recorded only 68, with 101 missing;
  • Poor security procedures to prohibit ballot tampering;
  • Not following procedures intended to ensure “double checking” and “blind counting” rather than having scanner counts as targets while counting manually;

“The public, candidates, and the Secretary of the State should expect local election officials to organize proper audits and produce accurate, complete audit reports. The public and candidates should expect the Secretary of the State’s Office to take the lead in ensuring the audits are complete. Yet, due to a lack of attention to detail and follow-through the audits do not prove or disprove the accuracy of the reported primary results,” Weeks said.

<Press Release .pdf> <Full Report pdf> <Detail data/municipal reports>

Security Against Election Hacking

From Freedom to Tinker, Andrew Appel: Security against Election Hacking – Part 1: Software Independence <read>

We have heard a lot lately about the vulnerabilities of our elections to hacking.  Both cyberhacking and unsophisticated insider attacks. Andrew Appel describes some common sense approaches to detect and deter error and fraud in our elections, covering three major vulnerabilities:

  • Incorrect or unavailable poolbooks.
  • Voting machines
  • Accumulation of results across polling places and jurisdictions

Letter: Focus on Russia Takes Heat Off Multitude of Election Vulnerabilities

My letter, published in the Courant today:

Many Election Security Risks

The Sept. 6 article “U.S. Fears Russia Hack” [Page 1] provides an inflammatory view of the risks to U.S. elections. Focusing on one potential risk from our current enemy of choice takes the attention off the multitude of risks…
We can do much better in the long run, if the actual risks are not forgotten after November.

Highly Recommended: Hacking Elections Is Easy!

From the Institute for Critical Infrastructure Technology: Hacking Elections Is Easy <read>. It is the most layperson accessible comprehensive overview of the problems we face protecting our elections that I have seen in a long time.  It is 23 pages yet very readable.  The main points are:

  • We face multiple risks our elections:  Registration systems, voting systems, reporting systems, and ballot security.
  • We face risks from multiple actors: Nations with interests in manipulating our elections, corporations, U.S. Government agencies, sophisticated hackers, and insiders at all levels.
  • For the unsophisticated, Hacking Is Easy.  There are simple insider attacks, simple cyber attacks, and kits on the Internet to compromise results or simply disrupt elections.
  • Most election officials are of high integrity.  Yet, blind trust in all officials, machines, and that hacking is difficult is perhaps our greatest risk.

Just a couple excerpts from the Introduction:

To hack an election, the adversary does not need to exploit a national network of election technology. By focusing on the machines in swing regions of swing states, an election can be hacked without drawing considerable notice. Voter machines, technically, are so riddled with vulnerabilities that even an upstart script kiddie could wreak havoc on a regional election, a hacktivist group could easily exploit a state election, an APT could effortlessly exploit a national election and any corrupt element with nothing more than the ability to describe the desired outcome could order layers of exploits on any of the multitude of deep web forums and marketplaces. Yes, hacking elections is easy…

Hack Pointless? Or State of Denial?

Earlier this week Secretary of the State Denise Merrill, ROVAC President Melissa Russell  and the Manchester CT Registrars of voters talked to NBC Connecticut.  We add some annotation to the transcript,  in [Brackets].

Even the machines used to digitally tabulate election results aren’t connected to the internet in cities and towns. Melissa Russell, a Bethlehem Registrar of Voters, with the Registrars of Voters Association of Connecticut reiterated the point that physical record keeping in Connecticut places the state at an advantage. [Not having voting systems connected to the Internet is definitely an advantage. Yet, not so much against local insider attacks, especially when local officials and their leaders are so confident (overconfident?)]

Local registrars, like Jim Stevenson and Tim Becker in Manchester, wonder what a hacker could really get from a hack of even a local election computer. [The answer, known for years is: Even skilled amateurs could change the result printed by the scanner.  One method is the widely know Hursti Hack. UConn has articulated others.  We are left to wonder why NBC did not interview anyone with expertise to answer the registrars questions. ]

Report: Secret Ballot At Risk

A new report from the Electronic Privacy Information Center, articulates some of the risks of losing the the Secret Ballot: Secret Ballot At Risk: Recommendations for Protecting Democracy <Exec Summary> <Report>

We recommend reading the Executive Summary and at least the section of the report covering the history of and the need for the secret ballot, pages 4-9 and the section for your state, e.g. Connecticut pages 54-55.

Our only criticism is that the report does not cover the risks to the secret ballot and democracy posed by photos, most often seen in selfies of voters with the voted ballot taken in the voting booth.  Nor does it cover the risks  to the secret ballot posed by absentee voting.

NPV Note: Trump and Hillary visit Connecticut

Donald Trump is visiting Connecticut tonight at Sacred Heart University in Fairfield, while Hillary is visiting Greenwich on Monday for a fundraiser <read>

This provides a great opportunity to discuss a couple of points often touted in favor of the National Popular Vote.

  • That presidential candidates will never campaign in Connecticut until we have a national popular vote.
  • That candidates only come to Connecticut to take money out of the state.
  • And apparently we would benefit from the money they would spend here.
Page 3 of 6212345...102030...Last »