Category: Blockchain

Block Chain Fantasy…Chained for good!

We told you so.  And now it is final, from the Hartford Courant: With $400M Fintech Village apparently dead, West Hartford Town Council prepares to move on; 

Aug 2019:  West Hartford Scam Playing Out As We Predicted 

We told you so.  And now it is final, from the Hartford Courant: With $400M Fintech Village apparently dead, West Hartford Town Council prepares to move on; <read>

With the plan to convert the former UConn West Hartford campus into the $400 million Fintech Village tech hub essentially dead, West Hartford is going to take another look at buying the 58-acre parcel in the Bishop’s Corner neighborhood.

The town reached an agreement with Ideanomics, Fintech Village’s parent company, have reached a deal that gives West Hartford the right of first refusal on an sales deal. The town will also examine buying the property.

Ideanomics said earlier this year and repeated in a Securities and Exchange Commission filing Tuesday that its much ballyhooed West Hartford project is a “non-core asset” and that it is looking to divest it

Aug 2019:  West Hartford Scam Playing Out As We Predicted <read>

Beware: The Gospel of Internet Voting

LA Times article features the entrepreneur behind Internet voting pilots vs. Science: The vote-by-phone tech trend is scaring the life out of security experts <read>

With their playbook for pushing government boundaries as a guide, some Silicon Valley investors are nudging election officials toward an innovation that prominent coders and cryptographers warn is downright dangerous for democracy…
As seasoned disruptors of the status quo, tech pioneers have proven persuasive in selling the idea, even as the National Academies of Science, Engineering and Medicine specifically warn against any such experiment…

Tusk is certain participation in elections would surge if the technology were widely permitted, even though studies in some of the few places around the world that have tried the method revealed no big turnout boost

Crusade, Gospel, Genie seem appropriate to describe entrepreneur Tusk. Its a blind disregard for evidence, science, and the scientists, including yours truly, warning of the risks of Internet voting

LA Times article features the entrepreneur behind Internet voting pilots vs. Science: The vote-by-phone tech trend is scaring the life out of security experts <read>

With their playbook for pushing government boundaries as a guide, some Silicon Valley investors are nudging election officials toward an innovation that prominent coders and cryptographers warn is downright dangerous for democracy…
As seasoned disruptors of the status quo, tech pioneers have proven persuasive in selling the idea, even as the National Academies of Science, Engineering and Medicine specifically warn against any such experiment.
The fight over mobile voting pits technologists who warn about the risks of entrusting voting to apps and cellphones against others who see internet voting as the only hope for getting most Americans to consistently participate on election day…
Bradley Tusk is using the same tactics in this personal crusade that he used to advance tech startups. He has bet a significant share of the fortune he built off his equity stake in Uber that the gospel of mobile voting will spread so fast that most Americans will have the option of casting their ballots for president by phone as soon as 2028.
He has already persuaded the state of West Virginia and the City of Denver to start tinkering with voting by phone, and hopes to move quickly from there.
“What we learned at Uber is once the genie is out of the bottle, it can’t be put it back in,”
Tusk is certain participation in elections would surge if the technology were widely permitted, even though studies in some of the few places around the world that have tried the method revealed no big turnout boost

Crusade, Gospel, Genie seem appropriate to describe Tusk. It is a blind disregard for evidence, science, and the scientists, including yours truly, warning of Internet voting:

The entrepreneur frames the fight as one pitting reformers against special interests invested in a low turnout that makes lawmakers unaccountable and easy to corrupt. He talks of the security concerns as if they are a sideshow. Sure, the scholars raising them are earnest, he said, but their approach to the challenge bewilders him. He likens them to people whose only solution to making a swimming pool safer is to fill it with concrete.That prospect alarms some of the nation’s most prominent election-security thinkers, who see in Tusk a formidable adversary with an intimidating public relations tool kit. They say he and other promoters for the projects are misleading election officials about how secure the systems are.
“There is wide agreement among computer security experts that this is problematic,” said David Dill, a professor emeritus in computer science at Stanford. “It disturbs me that officials are getting enthusiastic about this voting technology without talking to the people who have the expertise to evaluate its security.”
The National Academies report warns that the risks of this and other forms of internet voting are “more significant than the benefits.”

Read the full article for more details behind Tusk’s quest and the warnings from scientists.

 

 

Book Review: Bad Blood, Fantasyland, (and Blockchains)

I recently read Bad Blood by John Carreyrou. I could not put it down. Not surprising since it has been on the NYTimes best seller list for months and its the only book I have noticed on Amazon with a full five star rating – with currently just over two-thousand reviews. But for me it was more than that.  It brought back memories of a good portion of my career in the eighties and nineties, along with my last fifteen years concerned with electronic voting.

All reminiscent of Kurt Andersen’s book: Fantasyland: How America Went Haywire: A 500-Year History. To me, just like the California Gold Rush, minus the gold.

I recently read Bad Blood by John Carreyrou. I could not put it down. Not surprising since it has been on the NYTimes best seller list for months and its the only book I have noticed on Amazon with a full five star rating – with currently just over two-thousand reviews. But for me it was more than that.  It brought back memories of a good portion of my career in the eighties and nineties, along with my last fifteen years concerned with electronic voting.

It details the creation, life, and death of Silicon Valley startup Theranos. Theranos was started by Stamford drop-out Elizabeth Holmes. She had an idea for a blood test that would take only a drop of blood and quickly provide an analysis that conventionally took much more blood and much more time. It was a great idea, yet science said it was impossible and she never was able to develop a solution. What she did develop was a large following of famous board members a huge kitty of venture capitol, two large losing customers. A large, harmful group-delusion. Along the way she created a phony test that likely killed people. All reminiscent of Kurt Andersen’s book: Fantasyland: How America Went Haywire: A 500-Year History. To me, just like the California Gold Rush, minus the gold.

The read brought back memories. As I said earlier this year in testimony on a bill in the Connecticut General Assembly to propose a Task Force to study blockchains to solve an undefined problem with our voter registration system:

I have a 35-year career building, evaluating, purchasing and implementing computer systems and new technology.For 9of those years I was a Director of Strategic Planning for the Travelers Computer Science Division and for 8 years worked for two start-ups, designing, developing, and marketing data communications software to large enterprises and government agencies.I keep up with election technology and security issues, daily exchanging ideas with nationally recognized experts in computer science and computer security.

This is bill represents a classic mistake – a “hot” technology solution in search of an undefined problem. This proposal defines no problem and limits the solution to one over-hyped technology. Better to have the problem clearly defined and then solicit proposals to solve the problem – solutions technical and otherwise.

The way to solve problems is to define the problem, create a team of experts on the subject matter, with technical problem solvers, and experts who have solved similar problems for other states and nations – then let them brainstorm, evaluate and propose effective solutions.

If there is a problem to be solved, it is likely there is a solution – if so, it almost certainly does not depend on blockchains, and likely does not need any “hot” technology.

The amazing thing is people, smart people, keep falling for the same old things. As Carreyrou points out many smart people hired by Theranos had questions from the start. Many quit along the way. Some paid a high price for exposing the company, others dared not take the risk. At least initially Holmes was likely deluded herself.

I worked for a similar, much smaller, startup in 1997. A product that hardly worked – likely all but impossible to create – impossible with the minimal skills of those developing it. I had some doubts the day I walked in the door – I was an expert in the problem and its value, yet I said “maybe they know something I don’t.” I needed a job.  Most, if not all of the rest of the fifty or so employees were not so knowledgeable. The founder was as he described it a “serial entrepreneur”. His actual M.O. was taking venture capitol, failing, and saying in the ashes he had discovered a better idea and attracted more venture capitol. I left after eleven sad, ridiculous months. Sad because so many in the company were hurt – fortunately no customers lost much. The boss, said lack of sales was our fault as we needed to find more sophisticated customers who would appreciate the value of our cumbersome product.

Believe me Blockchains are another over-hyped technology with little if any value. Scientists I trust say that <read>. I have studied it enough to agree with them. And based on all my experience the hype smells just like many things I have seen before. The bill is still alive in the General Assembly, lets hope it dies or at least the Task Force sees through the hype.

Its all the same as that Theranos Bad Blood. Just another journey in Fantasyland. Both good reads and cautionary tales.

National Academy of Sciences study: Blockchain may make voting more vulnerable

While the General Assembly contemplates how Blockchain might solve some undefined problem in our voter registration system, we point to a National Academy of Sciences study Securing the Vote, Protecting American Democracy:

The blockchain abstraction, once implemented, provides added points of attack for malicious actors…Furthermore, blockchain protocols generally yield results that are a consensus of the miners/stakeholders. This consensus may not represent the consensus of the voting public. Miners/stakeholders with sufficient power might also cause confusion and uncertainty about the state of a blockchain by raising doubts about whether a consensus has been reached.

While the General Assembly contemplates how Blockchain might solve some undefined problem in our voter registration system, we point to a National Academy of Sciences study Securing the Vote, Protecting American Democracy <view> starting on page 103:

While the notion of using a blockchain as an immutable ballot box may seem promising, blockchain technology does little to solve the fundamental security issues of elections, and indeed, blockchains introduce additional security vulnerabilities. In particular, if malware on a voter’s device alters a vote before it ever reaches a blockchain, the immutability of the blockchain fails to provide the desired integrity, and the voter may never know of the alteration. Blockchains are decentralized, but elections are inherently centralized. Although blockchains can be effective for decentralized applications, public elections are inherently centralized—requiring election administrators define the contents of ballots, identify the list of eligible voters, and establish the duration of voting…

As they point out lists of eligible voters is also a central function, subject to the same limitations to “to solve the fundamental security of elections.

While it is true that blockchains offer observability and immutability, in a centralized election scenario, observability and immutability maybe achieved more simply by other means. Election officials need only, for example, post digitally signed versions of relevant election-related reports for public observation and download. Ballots stored on a blockchain are electronic. While paper ballots are directly verifiable by voters, electronic ballots (i.e., ballots on a blockchain)
can be more difficult to verify. Software is required to examine postings on blockchain. If such software is corrupted, then verifiability may be illusory. Software independence is not, therefore, achieved through posting ballots on a blockchain…

The blockchain abstraction, once implemented, provides added points of attack for malicious actors…Furthermore, blockchain protocols generally yield results that are a consensus of the miners/stakeholders. This consensus may not represent the consensus of the voting public. Miners/stakeholders with sufficient power might also cause confusion and uncertainty about the state of a blockchain by raising doubts about whether a consensus has been reached…

Blockchains do not provide the anonymity often ascribed to them. In the particular context of elections, voters need to be authorized as eligible to vote and as not having cast more than one ballot in the particular election. Blockchains do not offer means for providing the necessary authorization. Blockchains do not provide ballot secrecy.

 

Four pieces of testimony on five bills, including Blockchain and RCV

On Wednesday the GAE Committee held testimony on another raft if bills.

The bills, and links to my testimony, in priority order: (Take a look at all the testimony <here>, best to look by bill number than date)

H.B.5417 A proposed study to use blockchain to solve some undefined problem in voter registration. I opposed, perhaps the only one in the room who is a computer scientist. In summary, if someone wants to sell you or asks you to invest in blockchain – Run. Run fast and keep your eye on your wallet and passwords! …

On Wednesday the GAE Committee held testimony on another raft if bills.

The bills, and links to my testimony, in priority order: (Take a look at all the testimony  <here>, best to look by bill number than date)

H.B.5417 A proposed study to use blockchain to solve some undefined problem in voter registration.  I opposed, perhaps the only one in the room who is a computer scientist.  In summary, if someone wants to sell you or asks you to invest in blockchain – Run. Run fast and keep your eye on your wallet and passwords!  In addition to my own testimony on how to solve problems (i.e. define the problem then look at all cures), I provided an article by a true expert.

H.B.5820 A proposed study to evaluate Ranked Choice Voting. I opposed unless the bill is corrected and the study is broadened. I provided a laundry list of items that should be considered by a Task Force.

S.B.156 and S.B.195  Two proposals to no linger require signatures on absentee ballot applications.  Opposed based on Connecticut’s history of absentee ballot votING fraud, by political operatives and insiders. Those signatures are a key component of proving fraud.

H.B.6876 To cut the onerous cost of scanning public records by cell phones and other meetings. Supported, along with every other person supporting Freedom of Information. Opposed by officials who gain revenue from the fees. copying a single document costs $20.

 

Three Experts on Blockchains

Do you need a public blockchain? The answer is almost certainly no. A blockchain probably doesn’t solve the security problems you think it solves. The security problems it solves are probably not the ones you have. …A false trust in blockchain can itself be a security risk. The inefficiencies, especially in scaling, are probably not worth it. I have looked at many blockchain applications, and all of them could achieve the same security properties without using a blockchain—of course, then they wouldn’t have the cool name.

There are two bills submitted to the General Assembly this year to research Blockchain technology. One to solve a sketchily defined, possible problem with our voter registration system, and another to use Blockchain technology for online voting. We will have more to say about the bills and those specific problems later, but let us start with three experts opinions of Blockchain technology itself.

Bruce Schneier article at Wired  There’s No Good Reason to Trust Blockchain Technology  <read>

Bruce Schneier is a highly respected security expert from Harvard University often a guest on the PBS Newshour. Private Blockchains are the type used in West Virginia in prototyping a system for electronic voting – a system hidden from public scrutiny and testing, Probably what would be considered for both of those systems in Connecticut. Schneier says:

Private blockchains are completely uninteresting. … In general, they have some external limitation on who can interact with the blockchain and its features. These are not anything new; they’re distributed append-only data structures with a list of individuals authorized to add to it. Consensus protocols have been studied in distributed systems for more than 60 years. Append-only data structures have been similarly well covered. They’re blockchains in name only, and—as far as I can tell—the only reason to operate one is to ride on the blockchain hype…

A public Blockchain is what most cryptocurrencies like Bitcoin use, Schneier says:

Do you need a public blockchain? The answer is almost certainly no. A blockchain probably doesn’t solve the security problems you think it solves. The security problems it solves are probably not the ones you have. (Manipulating audit data is probably not your major security risk.) A false trust in blockchain can itself be a security risk. The inefficiencies, especially in scaling, are probably not worth it. I have looked at many blockchain applications, and all of them could achieve the same security properties without using a blockchain—of course, then they wouldn’t have the cool name.

Vinton Cerf is one of the Fathers of the Internet. Schneier quotes him in a simple summary of Cerf’s views of Blockchains:

Bill Black On The Real News  Cryptocurrency Firms Regularly Lose Codes and Money <watch> Less technical but clearly undermines the claim that even for cryptocurrency, Blockchains do not solve every problem and are over hyped.

****Update 4/29/2019 Moody’s agrees with Schneier:  Bond Rating Agency Moody’s Warns on Risks of Private Blockchains <read>

 

 

Blockchain a technology with great claims, without documented success

Blockchain has been wildly mis-sold, but underneath it is a database with performance and scalability issues and a lot of baggage. Any claim made for blockchain could be made for databases, or simply publishing contractual or transactional data gathered in another form.

A new study finds no actual successes behind claims, also a lack of transparency:  Blockchain study finds 0.00% success rate and vendors don’t call back when asked for evidence <read>

Though Blockchain has been touted as the answer to everything, a study of 43 solutions advanced in the international development sector has found exactly no evidence of success…

Blockchain vendors were keen to puff the merits of the technology, but when the three asked for proof of success in the field, it all went very quiet…

Blockchain has been wildly mis-sold, but underneath it is a database with performance and scalability issues and a lot of baggage. Any claim made for blockchain could be made for databases, or simply publishing contractual or transactional data gathered in another form.

Its adoption by non-technical advocates is faith-based, with vendors’ and consultants’ claims being taken at face value…

As with every bubble, whether it’s Tulip Mania or the Californian Gold Rush, most investors lose their shirts while a fortune is being made by associated services – the advisors and marketeers can bank their cash, even if there’s no gold in the river.

Well maybe those advisors and marketeers are successful.  As they say “Where are the users’ yachts”.

 

the Myth of “Secure” Blockchain Voting

From David Jefferson at Verified Voting: Verified Voting Blog: The Myth of “Secure” Blockchain Voting <read>

Internet voting has been studied by computer security researchers for over twenty years. Cyber security experts universally agree that no technology, including blockchains, can adequately secure an online public election. Elections have unique security and privacy requirements fundamentally different from and much more stringent than those in other applications, such as e-commerce. They are uniquely vulnerable because anyone on Earth can attack them, and a successful cyberattack might go completely undetected, resulting in the wrong people elected with no evidence that anything was amiss….

Election security is a matter of national security. Blockchains, despite all the hype surrounding them, offer no defense against any of these well-known threats to which all online elections are vulnerable.

From David Jefferson at Verified Voting: Verified Voting Blog: The Myth of “Secure” Blockchain Voting <read>

Several startup companies have recently begun to promote Internet voting systems, but with a new twist – using a blockchain as the container for voted ballots transmitted over the Internet from the voter’s private device. Blockchains are a relatively new system category a little akin to a distributed database. Proponents of blockchain voting promote it as a revolutionary innovation providing strong security guarantees that enable truly secure online elections. Unfortunately, these claims are false. Blockchains do not offer any real election security at all.

Internet voting has been studied by computer security researchers for over twenty years. Cyber security experts universally agree that no technology, including blockchains, can adequately secure an online public election. Elections have unique security and privacy requirements fundamentally different from and much more stringent than those in other applications, such as e-commerce. They are uniquely vulnerable because anyone on Earth can attack them, and a successful cyberattack might go completely undetected, resulting in the wrong people elected with no evidence that anything was amiss.

There are many foundational computer security problems that must be solved before we can safely conduct elections online, and we are not close to solving any of them. The use of blockchains does not even address these problems. Here are just a few:

  • No reliable voter identification: There is no foolproof way of determining exactly who is trying to vote remotely through the Internet. All known and proposed methods have grave weaknesses, and blockchains do not address the issue at all.
  • Malware: The voter’s device may be infected by a virus or counterfeit app that could change votes even before they are even transmitted, or it may silently discard the ballot, or send the voter’s name and vote choices to a third party, thereby enabling coercion, retaliation, vote buying and selling, or pre-counting of votes, all undetectably. Blockchains cannot address malware.
  • Denial of service attacks: A server can be overwhelmed with fake traffic from a botnet so that real ballots cannot get through. Blockchains as proposed for elections use multiple redundant servers, but they offer no additional protection against denial of service attacks beyond what is achievable with a conventional system having the same aggregate communication capacity.
  • Penetration attacks: No servers, including blockchain servers, are immune to remote penetration and surreptitious takeover by determined sophisticated attackers. Even though blockchains use multiple servers, if attackers can disable or gain control of more than 1/3 of them they can totally disrupt or control the outcome of the election.
  • Nonauditability: Online voting systems, including blockchain systems, do not allow for the kind of true, voter-verified paper ballot backup that is necessary for a meaningful recount, audit, or statistical spot check. Thus, the most powerful and common-sense tools we have for protection against cyberattack are unavailable.

Election security is a matter of national security. Blockchains, despite all the hype surrounding them, offer no defense against any of these well-known threats to which all online elections are vulnerable. National rivals like Russia have demonstrated a capacity and willingness to interfere with our electoral processes and would have no difficulty disrupting or undermining a blockchain election. In this era of ubiquitous cyber threats, it is reckless and irresponsible to introduce any kind of online voting in the U.S.

We emphasize that these are just a few of the problems. We especially note that any online voting system must be subject to a comprehensive, truly independent security review followed by sufficient open public testing. The current proposed system in West Virginia is touted publicly, yet its details and alleged security review are secret. Unlike Bitcoin that itself has proven vulnerable, the West Virginia system is apparently not open to the public to participate in holding the blockchain.

It’s Impossible to Know (how) Your Internet Vote Counted

As West Virginia plans, once again, to allow Internet voting for military voters, it is a good time to remind everyone that Internet voting (web page, web application, email, fax voting etc.) are all unsafe for democracy. And that block-chains cannot solve those problems.

One of those problems is that there is no guarantee that your laptop or smart phone has not been hacked in a way that  alters your vote. Another challenge is the, so called, Secret Ballot.

As West Virginia plans, once again, to allow Internet voting for military voters, it is a good time to remind everyone that Internet voting (web page, web application, email, fax voting etc.) are all unsafe for democracy. And that block-chains cannot solve that.

West Virginia’s new scheme involves block-chains which entrepreneurs bent on profit claim will make Internet voting safe <read>, Several years ago Secretary of the State, Denise Merrill, held a Symposium on Internet Voting including three experts and the Secretary of State of West Virginia. The problem is that block-chains fail to solve the major unsolved problems remaining preventing trusted Internet voting.

One of those problems is that there is no guarantee that your laptop or smart phone has not been hacked in a way that  alters your vote, such that what you see is not what is presented and recorded by the actual voting system. A hack could fool you, the voting system, or both.

How easy is it to hack your laptop or smart phone? Check out this recent story by a computer expert, Micah Lee: It’s Impossible to Prove Your Laptop Hasn’t Been Hacked. I Spent Two Years Finding Out. <read> Do you understand the article?  Lee, an expert, could not guarantee his own laptop was not hacked.  Do you check your laptop  to the level that Lee did for an experiment?  Block-chains do not solve this.

Another challenge is the, so called, Secret Ballot – which requires that nobody can associate your vote with you. And that you cannot prove how you voted to anyone. There are Internet voting systems that let you check that your ballot was recorded properly, yet they cannot allow you to prove that to anyone else. Block-chains do not solve this.

Block-chains do provide assurance, that without a central authority, the vote sent to the voting system is not changed after it was recorded. Yet, that is unnecessary given that there is a central voting authority.

Do you need a blockchain? (Probably not!)

Blockchains are the latest technology to enter the mainstream.  A blockchain powers and makes BitCoin possible. Many are treating blockchains as the next big breakthrough in technology. There is even a Blockchain Caucus in Congress.

Do not get your hopes up or bet your retirement savings on blockchains, they are definitely not the next Internet or Hula Hoop.  Most importantly they will not transform elections or solve the challenges of online voting.

From IEEE Do You Need a Blockchain?

“I find myself debunking a blockchain voting effort about every few weeks,” says Josh Benaloh, the senior cryptographer at Microsoft Research. “It feels like a very good fit for voting, until you dig a couple millimeters below the surface.”

Blockchains are the latest technology to enter the mainstream.  A blockchain powers and makes BitCoin possible. Many are treating blockchains as the next big breakthrough in technology. There is even a Blockchain Caucus in Congress.

Do not get your hopes up or bet your retirement savings on blockchains, they are definitely not the next Internet or Hula Hoop.  Most importantly they will not transform elections or solve the challenges of online voting.

From IEEE Do You Need a Blockchain? <read>

Blockchain technology is, in essence, a novel way to manage data. As such, it competes with the data-management systems we already have. Relational databases…suffer from one major constraint: They put the task of storing and updating entries in the hands of one or a few entities, whom you have to trust won’t mess with the data or get hacked.

Blockchains, as an alternative, improve upon this architecture in one specific way—by removing the need for a trusted authority. With public blockchains…, a group of anonymous strangers (and their computers) can work together to store, curate, and secure a perpetually growing set of data without anyone having to trust anyone else. Because blockchains are replicated across a peer-to-peer network, the information they contain is very difficult to corrupt or extinguish.

This feature alone is enough to justify using a blockchain if the intended service is the kind that attracts censors…

However, removing the need for trust comes with limitations. Public blockchains are slower and less private than traditional databases, precisely because they have to coordinate the resources of multiple unaffiliated participants. To import data onto them, users often pay transaction fees in amounts that are constantly changing and therefore difficult to predict. And the long-term status of the software is unpredictable as well. Just as no one person or company manages the data on a public blockchain, no one entity updates the software. Rather, a whole community of developers contributes to the open-source code in a process that, in Bitcoin at least, lacks formal governance…

“If you don’t mind putting someone in charge of a database…then there’s no point using a blockchain, because [the blockchain] is just a more inefficient version of what you would otherwise do,” says Gideon Greenspan, the CEO of Coin Sciences, a company that builds technologies on top of both public and permissioned blockchains.

With this one rule, you can mow down quite a few blockchain fantasies. Online voting, for example, has inspired many well-intentioned blockchain developers, but it probably does not stand to gain much from the technology.

“I find myself debunking a blockchain voting effort about every few weeks,” says Josh Benaloh, the senior cryptographer at Microsoft Research. “It feels like a very good fit for voting, until you dig a couple millimeters below the surface.”

Benaloh points out that tallying votes on a blockchain doesn’t obviate the need for a central authority. Election officials will still take the role of creating ballots and authenticating voters. And if you trust them to do that, there’s no reason why they shouldn’t also record votes.

In my early days of advocacy, my congressman at a forum claimed that there would be no problems with electronic voting because of a magic new technology, “encryption”. It has not worked out that way.  Like encryption, blockchains cannot protect against corruption of the computer itself – a laptop or smartphone used for online voting, an optical scanner or touch-screen voting machine, or the central server collecting and reporting results.