Internet Security Issues

If [Connecticut] Voting Machines Were Hacked, Would Anyone Know?

NPR story by Pam Fessler:  If Voting Machines Were Hacked, Would Anyone Know?   Fessler quotes several experts and election officials including Connecticut Assistant Secretary of the State Peggy Reeves:

Still, Connecticut Election Director Peggy Reeves told a National Academies of Sciences, Engineering, and Medicine panel on Monday that many local election officials are ill-equipped to handle cybersecurity threats.

“Many of our towns actually have no local IT support,” she said. “Seriously, they don’t have an IT director in their town. They might have a consultant that they call on if they have an issue. So they look to us, but we’re a pretty small division.”

Reeves said the best protection against hackers is probably the fact that the nation’s voting system isso decentralized, with different processes and equipment used in thousands of different locations.

We certainly agree with that and the cybersecurity experts quoted.

Amid Charges Russia Hacked U.S. Election, Keith Alexander Encourages eVoting for Canada

Former NSA Chief and now CEO cyber security contractor says Canada needs more cyber security, cyber weapons,  and should deploy electronic voting:  Don’t let cyberattack threat deter Canada from online voting, says former head of NSA

foreign interference that may have influenced the U.S. election should not deter Canada and other countries from embracing online voting, says the former head of the U.S. National Security Agency.

Retired U.S. general Keith Alexander, speaking at a defence industry trade show in Ottawa, also said it is important the Canadian military have some kind of offensive cyber capacity, even if that ability is limited.

There is no going back to a manual voting system, Alexander said in an interview with CBC News following his remarks to defence contractors, in which he warned that both government and private sector networks are vulnerable to a rising tide of “destructive” cyberattacks…

The U.S. experience is something to learn from, he said, but it should not make countries like Canada leery of e-voting.

Dr. Harri Hursti addresses the potential for Russian election attacks

Dr. Harri Hursti is a respected international expert on electronic security, especially electronic voting.  In a recent interview he addressed  the risks and chances of correctly attributing the source of attacks, specifically focusing on Russia.

What do you think of the news that a member of Congress says there is “no doubt” that Russia is behind recent attacks on state election systems

The article makes several dangerous assumptions about the security of elections and election systems. Representative Adam Schiff said he doubted (Russians) could falsify a vote tally in a way that effects the election outcome. He also said outdated election systems makes this unlikely, but really, it just makes it easier. The voting machines were designed at a time when security wasn’t considered, included, or part of the specifications at all.

A Meeting, A Hearing, and Lots of Nonsense

In the last two weeks there was a meeting of the Election Assistance Commission (EAC) and a hearing of the House Science and Technology Committee on “Cyber and Voting Machine Attacks”.  In total there were seven “experts” giving their opinions along with many of the committee members giving theirs. For the most part, solid facts and reason were missing.  The general plan seemed to be officials going overboard in reassuring the public.

Hack Pointless? Or State of Denial?

Earlier this week Secretary of the State Denise Merrill, ROVAC President Melissa Russell  and the Manchester CT Registrars of voters talked to NBC Connecticut.  We add some annotation to the transcript,  in [Brackets].

Even the machines used to digitally tabulate election results aren’t connected to the internet in cities and towns. Melissa Russell, a Bethlehem Registrar of Voters, with the Registrars of Voters Association of Connecticut reiterated the point that physical record keeping in Connecticut places the state at an advantage. [Not having voting systems connected to the Internet is definitely an advantage. Yet, not so much against local insider attacks, especially when local officials and their leaders are so confident (overconfident?)]

Local registrars, like Jim Stevenson and Tim Becker in Manchester, wonder what a hacker could really get from a hack of even a local election computer. [The answer, known for years is: Even skilled amateurs could change the result printed by the scanner.  One method is the widely know Hursti Hack. UConn has articulated others.  We are left to wonder why NBC did not interview anyone with expertise to answer the registrars questions. ]

How to excite the public about electronic voting: “Russia Might Hack an Election”

Apparently Donald Trump and the media have done in a few days what computer scientists, security experts, and voting integrity advocates have failed at for at least sixteen years:  Excite the public about the dangers of electronic voting.

Apparently the threat of a sophisticated Russian hack is more threatening that an election being taken by the equivalent of amateur electronic ballot stuffing.

There are a lot of articles we could site, but one of the most comprehensive comes from Politico Magazine.  It is written from the prospective of Princeton researchers, with lots of history and articulated concerns, with relatively little red baiting.  How To Hack An Election In 7 Minutes

If Russia hacked the DNC? What me worry?

Did Russia hack the DNC, DCCC, and Hillary’s Campaign.  And does it only matter who the hackers are?

With little disclosed evidence, the prime story has been the question of who hacked the sites.  That is an important aspect of the news, yet there are other important issues obscured, perhaps intentionally by the focus on that one aspect of the hacks.

Online Voting Is Risky, Riskier than Online Banking

My letter to the Hartford Courant today.

To the Editor,

The article in the Sunday July, 10 Smarter Living Section, “Democracy in The Digital Age”, is a one-sided disservice to readers. The article, abbreviated from Consumer Reports original, provides a one-sided case for online voting.  The article quotes the CEO of a company selling online voting at a huge expense to governments around the world.  She touts the benefits without detailing the risks.  The system she touts as secure, has never been proven secure. It has never been subjected to a public security test.  Unlike the printed version, the original article at Consumer Reports details the risks of online voting…

If they fear Internet privacy and security, why would they vote that way?

A new government survey highlights the consequences of Internet insecurity.  From the Washington Post: Why a staggering number of Americans have stopped using the Internet the way they used to <read>

Nearly one in two Internet users say privacy and security concerns have now stopped them from doing basic things online — such as posting to social networks, expressing opinions in forums or even buying things from websites, according to a new government survey released Friday…

The research suggests some consumers are reaching a tipping point where they feel they can no longer trust using the Internet for everyday activities…

Connecticut Makes National Short List – Embarrassing

Yesterday the Connecticut Online Voter Registration System was down for the morning.  Reminiscent of last fall when the system was down for most of the last day local election officials had to print voter lists for polling places in the November election.

Last week Reuters covered a study of cybersecurity and Connecticut was cited as one of the weakest states. It also cited the U.S. Government as worse than most U.S. Corporations.

We sadly await the Election Day when the Connecticut voter registration system is down, especially with no contingency plan for Election Day Registration. Don’t say “Who Could Have Imagined”, we did.

Page 1 of 612345...Last »