VoteAllegheny presents a report by Carnegie-Mellon researchers on the vulnerabilities in a single county in a swing state. The biggest takeaway for us is understanding that a top-down analysis of vulnerabilities can yield the most cost-effective areas to focus on preventing election fraud. Where we spend our resources can make a difference in the results!
If you think it’s unfair to Hersh to reveal all his secrets in a review, don’t worry — this is not even 1/100 of what his book contains…
“Reporter” provides detailed explications of how Hersh has used these lessons [about investigated journalism], making it one of the most compelling and significant books ever written about American journalism. Almost every page will tell you something you’ve never heard before about life on earth. Sometimes it’s Hersh elaborating on what he’s already published; sometimes it’s new stories he felt he couldn’t write about when he first learned of them; and sometimes it’s the world’s most intriguing, peculiar gossip.
There is an excellent interview with Sy Hersh just released as an Intercepted podcast
Starting at about 10min in to the interview, Sy provides his take on the evidence that Russians accessed the DNC emails in the run-up to the Nov 2016 election…
Now I have your attention, we can discuss the NSA and Ed Snowden in a bit. Let’s start with an Editorial:
Protecting Against Russian Cyber Risks is Insufficient. The attention on Cybersecurity, election hacking and Russian interference is good. There are cyber risks and Russia is capable. We should improve our cybersecurity across the board, including elections. Every vote should be backed up by a, so called, voter verified paper ballot. Yet that is far from sufficient.
I testified in my capacity as Executive Director of the Connecticut Citizen Election Audit. I was the only member of the public providing testimony.
Why are post-election audits and paper ballots a critical component of protecting our elections? “[D}data protection involves prevention, detection, and recovery”. Cybersecurity and other measures protecting voting equipment and voting systems are primarily prevention measures and to a lesser degree detection measures. No matter how much effort we put into cybersecurity, software testing, and hardware maintenance there will always be a significant level of vulnerability.
Paper ballots, sufficient post-election audits, and recounts provide a primary means of detecting cyber, software, human, and hardware failures. They also provide a means of recovery. They provide for, so called, software independent verification of election results, resulting in justified public confidence.
Blockchains are the latest technology to enter the mainstream. A blockchain powers and makes BitCoin possible. Many are treating blockchains as the next big breakthrough in technology. There is even a Blockchain Caucus in Congress.
Do not get your hopes up or bet your retirement savings on blockchains, they are definitely not the next Internet or Hula Hoop. Most importantly they will not transform elections or solve the challenges of online voting.
From IEEE Do You Need a Blockchain?
“I find myself debunking a blockchain voting effort about every few weeks,” says Josh Benaloh, the senior cryptographer at Microsoft Research. “It feels like a very good fit for voting, until you dig a couple millimeters below the surface.”
American Progress Report: Election Security in All 50 States
The report gives every state grades based on some detailed criteria. Connecticut was graded ‘B’, which it shared with several other states as the highest grade awarded. Yet there are problems and limitations with such reports. We would give Connecticut lower grades in some areas, higher in others, and are uncomfortable with other grades.
The report is useful and provides directions for improvement in many areas in every state. Election officials, legislators, and voters should act to improve our voting systems and laws in the near term. We would give the authors A+ for effort and the report a grade of B.
Last Wednesday evening, I was one of five speakers and a moderator at a Community Conversation held by the Glastonbury Martin Luther King Community Initiative. There were about 60 to 75 in attendance. We addressed “Does your vote count? An examination of the Issues” I addressed issues in two areas: How could you know if your vote was counted? And what I would recommend to expand democracy in Connecticut, without risking election integrity. Here are my prepared remarks:
From Buzzfeed’s Cyber Security Correspondent, Kevin Collier: A Year After Trump’s Victory, Our Elections Aren’t Much More Secure
But the focus on how Facebook and Twitter were used to sow division in the US electorate has diverted attention from one of the weakest spots in the system: … a simple cyberattack can be effective against weak infrastructure and unprepared IT workers. Whether that can be fixed by 2018 or even 2020 is an open question…
“We’re not doing very well,” Alex Halderman, a renowned election security expert, told BuzzFeed News. “Most of the problems that existed in 2016 are as bad or worse now, and in fact unless there is some action at a national policy level, I don’t expect things will change very much before the 2018 election.”
“Yesterday, along with representatives from the state’s information technology and public safety departments, I met with regional officials from the United States Department of Homeland Security to discuss how we can work together to ensure that Connecticut elections are safe from outside interference or manipulation. We had a productive meeting and I look forward to working together in the months and years to come to protect our elections, the bedrock of our democracy.” – Denise Merrill, Connecticut Secretary of the State
We applaud this step in the right direction. Last year as leader of the National Association of Secretaries of State, Merrill opposed the designation of elections as critical infrastructure, leading in expressing the concern for a Federal take-over of elections. We were critical of that stand then and remain so.
In our opinion this is just a step. There are several aspects to election security/integrity that should be addressed,. This step may assist in those that are under direct control of the of the the State, yet less so those under local control.