Electronic Vulnerability

The web: Hardly ready for Internet voting.

So many articles this week demonstrating that the web is not safe for voting. Especially when in the hands of under-resourced government agencies and political parties. (It is also unsafe in the hands of fully-resourced governments and cyber-experts.)

 

  • Singapore plans to take its Government offline.
  • Then we have an above average size government agency that cannot create a safe voter registration system.
  • Meanwhile the party that allows overseas voters to participate in its primaries via Internet voting has its own problems.

As CTVotersCount readers know, Internet voting should not be compared to a normal application. Its not like the risk of copying some public information, information that should be public, stealing a few million from a bank. Its about billions in government spending, changing election results and covering that up.

Why Online Voting is a Danger to Democracy

An article by David Dill, founder of Verified Voting, from Stanford University: Why Online Voting is a Danger to Democracy

How could we be fooled?

Suppose masses of emails get sent out to naive users saying the voting website has been changed and, after you submit your ballot and your credentials to the fake website, it helpfully votes for you, but changes some of the votes. You also have bots where millions of individual machines are controlled by a single person who uses them to send out spam…

How bad could it be?…

If they fear Internet privacy and security, why would they vote that way?

A new government survey highlights the consequences of Internet insecurity.  From the Washington Post: Why a staggering number of Americans have stopped using the Internet the way they used to <read>

Nearly one in two Internet users say privacy and security concerns have now stopped them from doing basic things online — such as posting to social networks, expressing opinions in forums or even buying things from websites, according to a new government survey released Friday…

The research suggests some consumers are reaching a tipping point where they feel they can no longer trust using the Internet for everyday activities…

Amid positive systems news, SOTS recognizes online registration issues

As we mentioned earlier in the week, Connecticut State systems are an embarrassment and our Online Voter Registration system was down Saturday morning.  Apparently it has been down more than that. Yesterday the Secretary of the State took note in a press release

It has come to the agency’s attention that there were intermittent slowdowns and disruptions to the online voter registration system.

UPDATED

Connecticut Makes National Short List – Embarrassing

Yesterday the Connecticut Online Voter Registration System was down for the morning.  Reminiscent of last fall when the system was down for most of the last day local election officials had to print voter lists for polling places in the November election.

Last week Reuters covered a study of cybersecurity and Connecticut was cited as one of the weakest states. It also cited the U.S. Government as worse than most U.S. Corporations.

We sadly await the Election Day when the Connecticut voter registration system is down, especially with no contingency plan for Election Day Registration. Don’t say “Who Could Have Imagined”, we did.

Apple vs. the Government: Security and Privacy overlap

Apple is right to object to the government’s request to help open an iPhone.  Many claim it is an issue of balance between Security and Privacy. Perhaps. Yet, the Constitution talks of the the right of the people to be Secure in their effects.

To all those voices discussing this issue, we add:

  • Cracking “just one phone” and destroying the program thereafter is a myth…

While we applaud Apple’s efforts to make it impossible to crack new iPhones, such claims, in our view, are mythical.

Brennan Center: Election Integrity: A Pro-Voter Agenda

Whenever we open a report with multiple recommendations we start from a skeptical point of view. We expect to agree with some proposals and disagree with others.  A new report from the Brennan Center for Justice is the exception.  We agree with every recommendation:
Election Integrity: A Pro-Voter Agenda

It starts with the right criteria, it has a great agenda, strong supporting arguments, and ends with an appropriate call to action

Will encryption save us? No, “It’s Saturday Night!”

Last Saturday, some may have been channel surfing and mistakenly thought they were watching Saturday Night Live.  As one the 2% of voters spending last Saturday night intentionally watching the debate between the Democratic candidates and two ABC hosts, I was not the only one that noticed the flaws in one candidate’s claims for encryption that went unchallenged.

Fortunately, Jenna McLaughlin of The Intercept articulates the issues and the faulty assumptions of candidates and pundits: Democratic Debate Spawns Fantasy Talk on Encryption <read>

During Saturday’s debate, Democratic presidential frontrunner Hillary Clinton said the U.S. should commission a “Manhattan-like project,” a reference to the secret World War II-era atomic bomb endeavor, to address the alleged threat encryption poses to law enforcement. She also admitted she doesn’t actually understand the technology.

What if we used computers for voting, not just driving?

From OpEd News, Interview with Barbara Simons: What the Heck Does the Recent Volkswagen Scandal Have to Do with Our Elections? <read full interview>

Since the Volkswagen hacking was disclosed we have been using that to highlight the potential of rigged elections as we have for earlier, more dramatic, vehicle hacking demonstrations.

Any large software program contains undetected bugs. That’s why software vendors such as Microsoft and Apple send out frequent software updates, many of them to fix security holes. Likewise, it also can be very difficult to detect cleverly hidden malware.Computers can greatly facilitate both car performance and ballot tabulation. But just as laboratory tests are not adequate for testing pollution controls in the presence of malware, so too we cannot depend solely on voting system “certification” to verify that our voting systems are accurate and secure

CT Lottery Hacked. Claimed to be easy “unsophisticated” hack

Once again, we wonder which is safer Gambling or Voting?

Courant story:  Suspended Lottery Game Had Too Many Winners <read>

Just how some lottery agents were able to manipulate their machines is not clear, but
investigators believe there was a vulnerability between the time a ticket was ordered at a terminal when it was printed…

[Consumer Protection Commissioner Jonathan] Harris said he does not think those who manipulated the system were sophisticated hackers, but rather people who were able to figure out how the lottery terminals work.

We are not reassured.

Page 3 of 2112345...1020...Last »