National

A Year After, Our Elections Aren’t Much More Secure

From Buzzfeed’s Cyber Security Correspondent, Kevin Collier:  A Year After Trump’s Victory, Our Elections Aren’t Much More Secure

But the focus on how Facebook and Twitter were used to sow division in the US electorate has diverted attention from one of the weakest spots in the system: … a simple cyberattack can be effective against weak infrastructure and unprepared IT workers. Whether that can be fixed by 2018 or even 2020 is an open question…

“We’re not doing very well,” Alex Halderman, a renowned election security expert, told BuzzFeed News. “Most of the problems that existed in 2016 are as bad or worse now, and in fact unless there is some action at a national policy level, I don’t expect things will change very much before the 2018 election.”

Samantha Bee: The Matrix has your vote

Election hacking, especially the risks in Georgia explained to Samantha Bee.

Rhode Island poised to lead New England in Post-Election Audits

Press Release:  Rhode Island Takes Important Step to Secure Elections with Post-Election Audits – Adopts New Procedure to Check Election Results as Threats Increase

“Post-election audits are the best safeguard to making sure that votes are being counted as cast,” said Representative Edith Ajello (D-Providence), the House sponsor. “My community saw a simple administrative error almost turn into an incorrect election result,” added Senate sponsor, Senator James Sheehan (D-North Kingstown), “and this legislation will help assure voters that a system is in place to catch and correct future problems.”

The audits will begin as soon as September 2018. Rhode Island becomes the 32nd state to require post-election audits, and only the second state to require risk-limiting audits.

RoundUp: Spy vs Spy, while Officials and Voters lose

Almost every day lately there is news on the potential of future and past hacking, including election hacking. Today we suggest three recent articles and a report.

The N.S.A. bans its analysts from using Kaspersky antivirus at the agency, in large part because the agency has exploited antivirus software for its own foreign hacking operations and knows the same technique is used by its adversaries.

If Russia can attack our election, so can others: Iran, North Korea, ISIS, or even criminal or extremist groups.

Exactly a year after U.S. intelligence issued a stern warning about Russian interference in the 2016 presidential election, the Trump administration has failed to fill key homeland security posts responsible for preventing another Kremlin assault on the voting system…

It sounds like science fiction, or at least “Ocean’s 11,” but cybersecurity experts are frantically waving their hands, trying to get Americans to see that in foreign capitals, the American voting system just looks like easy opportunity.

Skepticism now, Skepticism tomorrow, Skepticism forever

Recent events are a reminder that we must be eternally skeptical. We need to be especially skeptical of the mainstream media as well as other sources.

Today we add the most recent flurry about the “21 states hacked by Russia before the 2016 election”, and more.  The story continues to fall apart, bit by bit. Yet, we suspect the truth is far from common knowledge.

And an Intercept story by Kim Zetter reviewing a report by Kaspersky Lab Masquerading Hackers Are Forcing a Rethink of How Attacks Are Traced. The title pretty much says it all.  Attribution is difficult, yet often possible.

We need recounts for more than fair elections, for more than Russian risks.

CNN:  For fair elections … can we get a recount?

We should not ignore calls for audits, recounts, and paper ballots just because the motivator for those calls may be simplistic.  There are a multitude  of risks beyond Russians, beyond foreigners, beyond skullduggery. Its not just fairness, it is accuracy and democracy.

Nonscience Nonsense, insults our intelligence and the Granite State

Coverage by Alternet: The GOP Is Plowing Ahead with an Audacious Effort to Hijack the Vote and Rig Elections   <read>

“Plowing” is apt. They are really piling it on.  It could be worse.  They may hide their emails, yet their agenda is transparent.  Instead they could have a hidden agenda and succeed in reducing voting rights by a thousand cuts.

The Republican Party’s efforts to disrupt voting and thwart representative government was on full display this past week, when despite ridicule in the press, the GOP’s leading proponents of undermining voters and rigging elections were unbowed and forged ahead.

States (and foreign governments) moving half way toward verifiable election results

From Governing:  After 2016 Election Hacks, Some States Return to Paper Ballots

The Independent, via VerifiedVoting: Norway: Votes to be counted manually in fear of election hacking

We applaud these developments. Yet, what is needed beyond paper ballots are effective post-election audits, those that verify result and can lead to changing incorrect initial outcomes.  Audits that also verify the accumulation of results across jurisdictions;  Audits that check other aspects of the process as checkin, checkin to ballots counts, and ballot security.

Beware the vendor/technologist offering a panacea

The general public, legislators, business people, and many technologists – all of us – often miss-estimate the potential and applicability of technologies.  I remember in 2004, my congressman, told an audience we did not have to worry about electronic voting because of encryption.

The latest “new” technology is Blockchains, the technology that underlies BitCoin.  It has some valuable applicability, yet I suspect  not that much.

Using blockchains for voting has been considered by academics for decades, but only as a thought experiment. If you ask any cryptographer who knows the basics of cryptocurrencies (remember, blockchains were invented by cryptographers) if elections should be conducted using blockchains, they would laugh and say, “Hell no, that doesn’t even make sense!”

See No Evil, Find No Monkey Business, ePollbook Edition

NPR All Things Considered Russian Cyberattack Targeted Elections Vendor Tied To Voting Day Disruptions

“Voters were going in and being told that they had already voted — and they hadn’t,” recalls Allison Riggs, an attorney with the Southern Coalition for Social Justice.

The electronic systems — known as poll books — also indicated that some voters had to show identification, even though they did not.

Timeline: Foreign Efforts To Hack State Election Systems And How Officials Responded
Investigators later discovered the company that provided those poll books had been the target of a Russian cyberattack…

Page 1 of 6012345...102030...Last »