If elections can be protected at no cost, what about the electric grid?

Tongue in cheek, we note that this may be a major redundancy in effort and expense by utility regulators, since the Legislature has mandated that the Secretary of the State and the Military Department come up with a plan to provide secure electronic voting to the military by October 1st. The Secretary is also mandated in that bill to not only come up with the plan but to implement it without any expenditure!

When we see everybody from the CIA to Lockheed Martin and the Bank of America being hacked, along with concerns for our grid from our utility regulators, it’s pure hubris to think that our elections could not be compromised.

An article in the Courant last week highlights the risks to our electric grid and the plans slowly moving forward to enhance its security: State Plan For Cyber Threats To Electric Grid Taking Shape – Utilities Cooperating With Regulators On Plan <read>

Dan Esty, the state’s energy commissioner, sat across a conference table from Art House, Connecticut’s head utility regulator, in the bunker of the State Armory in Hartford last July for a drill that simulated a statewide response to a major hurricane.

Esty, with other state officials and utility executives nearby, asked whether House remembered exercises like these from his days doing intelligence work for the federal government.

“There are two kinds of drills I’ve done in Washington,” House said. There’s the predictable type of emergency, like hurricanes and ice storms, that the state needs to be ready for. And then there’s the unpredictable.

“I worry more about unforeseen type, like a cyber attack,” he said.

That conversation, the two officials said, seeded a quickening and serious discussion of the state’s liability to hackers that would aim to control or damage critical facilities, like the electric grid. House, chairman of the state’s Public Utilities Regulatory Authority, is drafting a plan with utilities on how to prepare for, address and respond to cyber attacks.

“Cyber probes are a fact of life,” House said in an interview this week. “Connecticut needs to look at it in terms of defense. Are we doing everything we can?”…

Federal security officials warn that electronic attacks on these critical facilities could create “the potential for large-scale power outages or man-made environmental disasters” and cause “physical damage, loss of life and other cascading effects that could disrupt services,” the Department of Homeland Security’s deputy inspector general, Charles Edwards, said in a congressional testimony last month…

In Connecticut, House plans for a rough draft of the state’s cybersecurity plan to be finished by Labor Day, with a final version completed by January 2014. It will examine how state utilities could build up their electronic defenses against cyber attacks as well as how private and municipal emergency managers should be prepared in the event of such an attack.

A major piece of the state’s cybersecurity efforts will lean on the federal intelligence and security resources that track and investigate cyber attacks, said House, adding that his previous work for the U.S. National Geospatial-Intelligence Agency will aid in the state’s efforts. “Cyber defense is not a matter of geography. It’s a matter of national defense. It goes across state line and across industries.”

Joel Gordes, president of West Hartford energy consultancy Environmental Energy Solutions, has long called for attention to the cyber security issue. He cites testimonies attached to names like Defense Secretary Chuck Hagel, Former Defense Secretary Robert Gates and Former CIA Director Leon Panetta that raised concerns about the issue, concluding that it’s about time Connecticut takes a clear-eyed look at cyber security.

“When we see everybody from the CIA to Lockheed Martin and the Bank of America being hacked, it’s pure hubris to think that our electric grid could not be compromised,” he said…

Data sharing was one of inspector general Edwards’ concerns. He said that the Department of Homeland Security’s cyber security office needs to consolidate its information sharing efforts with other agencies and the private sector to “ensure that these stakeholders are provided with potential [industrial control systems] threats.”

A group of energy companies and public and private groups expressed concerns about the timeliness of federal assessments on cyber threats, specifically noting that they feel that “a great deal of time might elapse until stakeholders were made aware of the same of similar incident that could affect their systems.”

Tongue in cheek, we note that this may be a major redundancy in effort and expense by utility regulators, since the Legislature has mandated that the Secretary of the State and the Military Department come up with a plan to provide secure electronic voting to the military by October 1st. The Secretary is also mandated in that bill to not only come up with the plan but to implement it without any expenditure!

For the utilities “A major piece of the state’s cybersecurity efforts will lean on the federal intelligence and security resources that track and investigate cyber attacks”, however, we doubt that support would do much good since experts at Homeland Security and NIST claim that Internet voting cannot be made save.

For more details on the feats to be accomplished by the Secretary of the State and Military department, see our recent post: Governor Malloy: Please Veto Internet Voting Bill

To paraphrase Mr.House,

When we see everybody from the CIA to Lockheed Martin and the Bank of America being hacked, along with concerns for our grid from  our utility regulators, it’s pure hubris to think that our elections could not be compromised.

Governor Malloy: Please Veto Internet Voting BIll

Earlier this week we sent a letter to Governor Malloy requesting that he veto Senate Bill 647, now Public Act 13-185. It is now up to the Governor to protect voting integrity, uphold the Connecticut Constitution, and remain steadfast to the principles articulated to his veto message last year for a similar bill.

Earlier this week we sent a letter to Governor Malloy requesting that he veto Senate Bill 647, now Public Act 13-185. It is now up to the Governor to protect voting integrity, uphold the Connecticut Constitution, and  remain steadfast to the principles articulated to his veto message last year for a similar bill. <full letter>

Here is the summary from the letter articulating why a veto is appropriate:

  • This bill is a threat to the security, accuracy, and secrecy of the votes of our military members and their dependents, and thus to the certified outcomes of our elections.
  • It is unconstitutional since it violates the Connecticut Constitution, which states: “The right of secret voting shall be preserved.”
  • It requires the Secretary of the State and the Connecticut Military Department to develop a system for secure and private online voting by October 1st. A task that security experts, computer scientists, and experts at Homeland Security, and NIST (The National Institutes of Standards and Technology) believe is technically impossible.
  • It is further complicated by provisions for voting by deployed military dependents. It also is not restricted to deployed military, not even restricted to military actually on duty.
  • It sets a requirement for guaranteed receipt within four hours in each voter’s municipality. This cannot be accomplished by either fax or email return.
  • While online voting through a web page might be developed to meet the guaranteed return requirement, it is also insecure, risks the secret vote, and would be very expensive.
  • All known methods of Internet voting would likely violate Connecticut’s Voter Verified Paper Records law established in 2005.

U.S. says it will not export tools to interfere in politics

Even the cicadas must know by now that the U.S. is engaged in massive collection of data on phone calls, emails, web access, and banking transactions. Those who a week ago were criticized as ‘conspiracy theorists’ for claiming the Government had such massive secret spying programs will now be criticized as ‘naive’ for not knowing this was going on all along. What more can we say? What can we add that has relevance to elections and election integrity?

Even the cicadas must know by now that the U.S. is engaged in massive collection of data on phone calls, emails, web access, and banking transactions. Those who a week ago were criticized as ‘conspiracy theorists’ for claiming the Government had such massive secret spying programs will now be criticized as  ‘naive’ for not knowing this was going on all along. What more can we say? What can we add that has relevance to elections and election integrity?

Today, there are two articles, an op-ed, and an engaging cartoon in the New York Times:

U.S. Helps Allies Trying To Battle Iranian Hackers <read>
How The U.S. Delved Deeper Via Technology <read>
Your Smartphone is Watching You <read>
The Strip: Secret Agent Smartphone <read>

Restating the Obvious

Internet voting is unsafe and not guaranteed to be secret. Our voting is most vulnerable to insiders.

  • Iranian, Chinese, or Al Qaeda hackers attempting to compromize a U.S. election have a more difficult job changing votes.
  • Foreign and outsider efforts are likely to be detected if they change votes or disrupt a Federal election – detected and reversed or mitigated.
  • I really don’t care if foreign governments or terrorists know who I voted for, not sure they care, few would be intimidated by their potential to find out.
  • But insiders are are another matter. They have an easier job. Their legitimate access and sanctioned unconstitutional or illegal access is less likely to be detected or prosecuted.

We can only suggest that anyone who trusts politicians and other insiders to never use every tool available, or trusts that Internet voting is somehow immune from compromise has a serious case of cognitive dissonance. Unfortunately, when it comes to Internet voting that virus has infected our entire state Legislature. While we are pleased that Connecticut’s entire Congressional Delegation have expressed concerns with the NSA spying, we doubt that they are convinced that Internet voting is unsafe.

Thanks For Small Assurances

In the 1st article, we learn:

Officials pledge that computer hardware and software eventually provided to allied nations will be evaluated to avoid providing the type of defensive systems that also can be used for domestic surveillance or to punish political opponents.

We find nothing particularly surprising in this statement. Yet, for ‘naive’ readers, let me regain the skeptical mantle of ‘conspiracy theorist’ by pointing out:

  • This assurance is presumably given by some of those same “officials” who until a few days ago claimed that the U.S. does not have these secret spying programs, that now claim that they are not a big deal, yet hid their existence and still hide the questionable legal justifications.
  • I’d love to see how systems that allow foreign surveillance can be released that cannot be used for domestic surveillance. For the technically challenged, consider that Saudi Arabia could ‘rendition’ its domestic spying or political manipulation to Japan or South Korea in return for a bit of oil.
  • Are we saving the software that allows domestic surveillance and punishing opponents for our own domestic use?
  • Since it is not mentioned, are we exporting software that could manipulate election results?
  • Would a country that would work to overthrow foreign leaders through a coup, and openly work to change election results, hesitate to punish foreign politicians, or manipulate foreign election results? (Hint e.g.: Google “Chavez Coup CIA”)
  • Would insiders from top leaders, to individuals with  the keys to the kingdom, hesitate to manipulate U.S. elections?

Once again, those who would call this farfetched have little knowledge of U.S. History and the fallibility of human nature. Our Democracy was designed to defeat human nature with checks and balances, with the bill of rights, including transparency, individual privacy, and a subsidized free press.

What Can They Know And How Can They Use It?

The op-ed provides a chilling summary, including:

 It is at least possible to participate in online culture while limiting this horizontal, peer – to – peer exposure. But it is practically impossible to protect your privacy vertically — from the service providers and social media networks and now security agencies that have access to your every click and text and e – mail. Even the powerful can’t cover their tracks, as David Petraeus discovered. In the surveillance state, everybody know s you’re a dog.

And every looming technological breakthrough, from Google Glass to driverless cars, promises to make our every move and download a little easier to track. Already, Silicon Valley big shots tend to talk about privacy in roughly the same paternalist language favored by government spokesmen. “If you have something that you don’t want anyone to know,” Google’s Eric Schmidt told an interviewer in 2009, “maybe you shouldn’t be doing it in the first place.”

The problem is that we have only one ma jor point of reference when we debate what these trends might mean: the 20th – century totalitarian police state, whose every intrusion on privacy was in the service of tyrannical one – party rule. That model is useful for teasing out how authoritarian regimes will try to harness the Internet’s surveillance capabilities, but America isn’t about to turn into East Germany with Facebook pages.

For us, the age of surveillance is more likely to drift toward what Alexis de Tocqueville described as “soft despotism” o r what the Forbes columnist James Poulos has dubbed “the pink police state.” Our government will enjoy extraordinary, potentially tyrannical powers, but most citizens will be monitored without feeling persecuted or coerced.

So instead of a climate of pervasive fear, there will be a chilling effect at the margins of political discourse, mostly affecting groups and opinions considered disreputable already. Instead of a top – down program of political repression, there will be a more haphazard pattern of politically motivated, Big Data – enabled abuses. (Think of the recent I.R.S. scandals, but with damaging personal information being leaked instead of donor lists.) In this atmosphere, radicalism and protest will seem riskier..

The second article some chilling details:

Accompanying that explosive growth has been rapid progress in the ability to sift through the information. When separate streams of data are integrated into large databases — matching, for example, time and location data from cellphones with credit card purchases or E – ZPass use — intelligence analysts are given a mosaic of a person’s life that would never be available from simply listening to their conversations. Just four data points about the location and time of a mobile phone call, a study published in Nature found, make it possible to identify the caller 95 percent of the time…

Industry experts say that intelligence and law enforcement agencies also use a new technology, known as trilaterization, that allows tracking of an individual’s location, moment to moment. The data, obtained from cellphone towers, can track the altitude of a person, down to the specific floor in a building. There is even software that exploits the cellphone data seeking to predict a person’s most likely route. “It is extreme Big Brother,” said Alex Fielding, an expert in networking and data centers…

So,

  • They can find every candidate we have contributed to. Every email  we have sent. Pretty much every event, protest, or meeting we have attended.
  • Every ‘conspiracy theory’ we have believed or investigated along with ‘naive’ views we have held, every contradictory statement, and link us to others with all sorts of views we may or may not agree with.
  • Every donation, medical condition, every mistake, or misstatement we have ever made.
  • Bad enough that they will know every Facebook post and every (sort of) public statement, but also anything  written or said candidly, casually, or unthinkingly.
  • Are we sure that potential employers or potential friends or allies will not find this information or  be given that information to  harm us or them?

Since it is safe to send cash in the mail, why shouldn’t we vote by mail?

Many people despite the evidence keep insisting that mail or absentee voting is safe. But would you really send cash in the mail? If not why would you send your vote that way, unless it was absolutely necessary?

Prosecutor: ‘Absentee voting is the source of all voter fraud’

We are always asked “Since we can bank safely by Internet, why can’t we vote by Internet”. The answer is that banking is safe only because banks save more in operations than the billions they lose each year in online banking. And they are two different applications, there is no receipt for your vote – we are even talking about voting by email – most people otherwise know that  email is not safe.

Many people, despite the evidence keep, insisting that mail or absentee voting is safe. But would you really send cash in the mail? If not why would you send your vote that way unless it was absolutely necessary?

Today an update on the Miami-Dade apparent absentee vote fraud from Brad Friedman: Partial Answers Emerge in FL’s Fraudulent Absentee Ballot Request Cyberhack Mysteries (Prosecutor: ‘Absentee voting is the source of all voter fraud’…) <read>

As we detailed at that time, some 2,500 absentee ballots were fraudulently requested online for three different 2012 primary elections in Miami-Dade, FL. One race involved requests for Democratic absentee ballots in a U.S. House primary, the other two involved requests for Republican ballots in two different Florida State House primary races. All of the fraudulent “phantom” ballot requests are said to have been flagged as such at the Supervisor of Election’s office and, therefore, never fulfilled.

Late last year, a grand jury and federal prosecutors [PDF] were unable to identify the person or persons behind the failed attempts, as well as why they were actually made, since the ballots, had the fraudulent requests not been flagged and prevented, were set to go to the actual addresses of real voters whose online identities had been fraudulently used to make the requests online.

One of the reasons that prosecutors were originally unable to identify those behind the attempted July 2012 cyberhack was because the Internet Protocol (IP) addresses used for most of the requests were masked by proxy IP addresses from overseas. It was not until excellent investigative reporting from The Miami-Herald discovered that a number of the requests came from IP addresses located in the Miami-Dade area. For reasons currently chalked up to administrative confusion, the Elections Division never gave those Miami area IP addresses to the grand jury.

Armed with the new information offered by the Miami-Dade IP addresses, it now appears that prosecutors are closing in on suspects believed to be behind at least one of those sets of cyberhacks — the ones involving the Democratic U.S. House primary. Over the weekend the investigation led to the resignation of the Chief of Staff of the Democratic Congressman who eventually won the primary in question, as well as last November’s general election…

The Congressman says his Chief of Staff took responsibility for the plot after the homes of two other staffers — Communications Director Giancarlo Sopo and Campaign Manager John Estes — were raided by the Miami-Dade state attorney’s office in search of computers and other electronic devices thought to have been used in the phantom ballot requests. None of the three men, Chief of Staff Garcia, Sopo or Estes, have offered public comment yet.

Miami Herald reports that “466 of 472 phantom requests in Congressional District 26 targeted Democrats. In House District 103, 864 of 871 requests targeted Republicans, as did 1,184 of 1,191 requests in House District 112.”…

So, it is Democrats for sure, but also likely Republicans. And what about the possible insider collusion or coverup by the elections office?

The “winning” Candidate provides about as lame an excuse or questionable explanation as could possibly be imagined:

At a press conference on Saturday, an “angry” Rep. Garcia described the plot as “ill-conceived”, but added: “I think it was a well-intentioned attempt to maximize voter turnout.”

Of course, many will likely claim despite the evidence that “Miami-Dade is so far away noting like this would happen in New England and especially here in the Constitution State, maybe just in places like Florida and California.

Political Disclosure: Sausage making is clearer and cleaner

This year the disclosure bill was back with full public hearings and some of the objections mitigated, heading for a legitimate debate and vote. Yet, it has been marred again with at least three additional concepts added. At minimum these concepts/bills deserve individual debate and up and down votes. The only concept that should be adopted is a good disclosure bill.

Last year the political disclosure bill was marred by the last minute inclusion of email and fax voting and provisions crafted behind closed doors in an “emergency bill”. Drawing the Governor’s veto based partially on the risks of the Internet and the unconstitutionality of an individual waiving the secret vote <read> As we pointed out earlier this week, this year there is an even stranger Internet voting bill.

This year the disclosure bill was back with full public hearings and some of the objections mitigated, heading for a legitimate debate and vote <read>

But once again that bill is apparently being stuffed with other, unrelated, and additional controversial items. A grab-bag of items only insider politicians would love, CTNewsJunkie:  Despite Latest Evidence of Corruption, Lawmakers Consider Giving More Money to Parties, PACs <read>

Behind closed-doors Tuesday, lawmakers were crafting legislation that would help them funnel more money to political party committees, legislative leadership committees, and political action committees.

According to Rep. Ed Jutila, who co-chairs the General Administration and Elections Committee, the “essence” of the bill is an attempt to address the Citizens’ United decision that allowed unlimited amounts of money to be spent by Super PACs either for or against candidates — even if those candidates participated in the public campaign finance system. Close to $700,000 in independent expenditures from Super PACs was spent in the 2012 election cycle.

“It’s one way to try and even the playing field,” Jutila said Tuesday.

Jutila said the amount of money individuals can give to the candidates participating in the Citizens’ Election Program will not change under the omnibus campaign finance bill, but the amount of money individuals can give to the two major parties, leadership PACs, and town committees will increase under the proposal.

The proposal comes just one week after a federal corruption trial demonstrated exactly how much sway money has over Connecticut politics and policymaking. During that trial, a cooperating witness detailed how he was able to use the donations to former House Speaker Chris Donovan’s failed congressional campaign and three Republican leadership PACs controlled by House Minority Leader Lawrence Cafero in an effort to kill legislation detrimental to the interests of smoke shop owners…

The bill is an aggregation of a number of the concepts from four pieces of legislation introduced earlier this year by the General Administration and Elections Committee.

One of those bills would increase the amount of money an individual could donate to a State Central Committee from $5,000 to $10,000. The amount a town committee or leadership committee could receive from an individual would go from $1,000 to $2,000, and all other PAC limits would increase from $750 to $1,000.

It would also allow State Central Committees for the Democratic and Republican Parties to sell ad books as another way to raise money. The ability to sell advertising space in booklets handed out at public events was removed from the parties in 2005 when the Citizens’ Election Program was created.

Another bill, which has been lumped into the campaign finance package, would lift a ban on donations from state contractors and would allow them to give up to $1,000 to their local town committee. The 2005 law prohibited anyone doing business with the state from donating money.

In addition, the bill would include Sen. President Donald Williams’ ban on cross-endorsements by third parties. It would also prohibit the use of certain words such as “Independent” from the names of political parties in the state.

So a bill designed to counter some of the effects Citizens United will actually increase the money flowing from state contractors into elections. Worse it would end cross-endorsements and make the name of an existing political party illegal. The cross-endorsement bill was the subject of almost uniform opposing testimony and statements from Committee members who then voted for that bill.

At minimum these concepts/bills deserve individual debate and up and down votes. The only concept that should be adopted is a good disclosure bill.

CT Senate’s Magical Mystery Military Voting Tour

In summary the bill requires the Secretary of the State, Military Department, and Local Officials to defy science and economics, performing at least two miracles!

Just in time for Memorial Day, the Connecticut Senate has passed unanimously, an amended version of S.B. 647, An Act Concerning Voting By Members Of The Military Serving Overseas – To permit voters who are members of the armed forces and serving overseas to return ballots by electronic means

Just in time for Memorial Day, the Connecticut Senate has passed unanimously,  an amended version of S.B. 647, An Act Concerning Voting By Members Of The Military Serving Overseas – To permit voters who are members of the armed forces and serving overseas to return ballots by electronic means <amended version>

In summary the bill requires the Secretary of the State, Military Department, and Local Officials to defy science and economics, performing at least two miracles!

The previous version directed that the Secretary and the Military department develop a method for safe electronic voting and produce a report outlining needed changes in the law by next January. This bill requires them to develop that method by October 1st this year and that it be implemented in 2014, apparently regardless of their success in developing such a method and their success in passing such legislation.

The Requirements of the Bill
[Our comments in brackets]

  • On or before October 1,  2013, the Secretary of the State, in consultation with the Military Department, shall select a method for use in any election or primary held after September 1, 2014 [After the August 2014 Primary]

  • may be used by any elector or applicant for ad ission as an elector who is a  member of the armed forces and expects to be living or traveling outside the several states of the United States and the District of Columbia before and on election day, [So any travel or living change applies, duty related or not, so, a National Guard member not deployed but on vacation or a business trip could presumably vote under this act]

  • or such member’s spouse or dependent if living where such member is stationed, [It includes spouses and dependents but not those on vacation, at college, or on business trips]

  • due consideration to the interests of maintaining the security of such ballot and the privacy of information contained on such ballot, [We assume ‘due consideration’ should include assuring the Constitutional requirement of a secret vote be strictly maintained]

  •  and…ensures receipt, prior to the closing of the polls on the day of the election or primary, of such ballot by the municipality in which the member or member’s spouse or dependent is enrolled or has applied for admission as an elector, if such method is properly utilized by such  member or such member’s spouse or dependent prior to the closing of  the polls on the day of the election or primary. [So, within 4 hours of voting by 8:00pm EST, it must be guaranteed to be received by some official, inbox, or machine in the appropriate municipality. 8:00pm EST could be almost any hour of the 24 hours in a day, depending on the deployment, business, or vacation location]

  • Not later than January 1, 2014, the Secretary of the State shall submit a report, in accordance  with section 11-4a of the general statutes, to the joint standing committees of the General Assembly having cognizance of matters relating to elections and veterans’ and military affairs describing such  method and any legislative changes necessary for its implementation.

Lets look at the three known options: Email, Fax, and Online Voting

  • Email is (1) of course, not secure with the NSA listening in, interceptable by bad external actors, and directly accessible by insiders such as email vendors, insiders at data centers all along the way from personal computers or military computers, state computers, local town computers, and every stop along the way. (2) Email cannot meet the mandated four hour delivery requirement – often emails take much longer to traverse the Internet, presumably especially from remote locations the military must protect (3) Email frequently is not delivered at all. Several times a year I become aware of emails sent to me that never arrived. (4) Email schemes we have seen all require that an individual along the way receive and print the “ballot” for counting – a clear violation of the secret vote. (5) Email would have to cover personal computers for spouses and dependents, not military computers. And the military member might be on vacation or business in an area where no military computer access is available.
  • Fax, (1) like email is subject to interception in transmission (2) and like mail is subject to an individuals in town hall or state government viewing the fax as it is received. (3) subject to viewing and potential viewing by multiple members of the military as it is passed up the chain-of-command and to the Voting Assistance Officer as articulated by Rep Alexander. (4) We cannot expect the chain-of-command to pass votes and wake Voting Assistance Officers to pass votes along at all hours and within four hours, nor to provide services to dependents – did we mention they also have a war to fight and enemies that might not avoid attacks during that critical four hour period.
  • Online Voting – By online voting we mean some interactive means of voting on a web page or sending a .pdf ballot under the control of a webpage, not via email. (1) Online voting can be more secure that email or fax voting, yet is still not secure as confirmed by NIST and Homeland Security. And no online voting system has proven secure by sufficient evaluation and testing – in fact, the only system subject to some public testing failed spectacularly and another was broken by an average citizen, while vendors refuse to open their systems to scrutiny.   (2) Online voting may be difficult to administer and use, when the system is too hard to use they blame the voters. (3) Online voting is expensive! Will the state  and local officials do better than highly funded vendors or turn to their ineffective solutions? It would have cost just Edmonton Alberta $400,000. (4) Online systems entail emailing or paper mailing IDs to the voters – email can be compromised, and avoiding especially outgoing mail is the whole motivation for this bill.  Which brings us to an additional miracle. (5) Once again, it cannot be restricted to military computers.

Another Miracle for the Secretary, Military Department, and Local Officials

The Legislature requires that the the report, voting implemented, and run at no cost! It was passed with a note from the Office of Fiscal Analysis: “NO FISCAL IMPACT”. Or as articulated in more detailed note for the committee approved bill:

State Impact: None

Municipal Impact: None

Explanation

The bill, which requires the Secretary of the State to develop and report on a method for returning the ballot of a military member stationed overseas, has no fiscal impact.

The Out Years

State Impact: None

Municipal Impact: None

We doubt anything close to claiming some level of security or privacy can be done at no cost. An online system would be in the hundreds of thousands, a credible study and report on fax and email would require extensive expertise and time.

An interesting comparison is with a somewhat similar but much easier and feasible requirement in another bill passed by the same committee this year, and also analyses with a note from the Office Fiscal Analysis. The bill allows municipalities to use, at their option, electronic check-in. It requires, probably in response to our testimony, that the Secretary provide a list of acceptable electronic check-in equipment, much less a task:

State Impact:

Agency Affected Fund-Effect FY 14 $ FY 15 $
Secretary of the State GF – Cost 150,000 10,000

 Municipal Impact:

Municipalities Effect FY 14 $ FY 15 $
Various Municipalities Potential Cost Less than 20,000 Less than 20,000

 Explanation

The bill would allow registrars of voters to use electronic systems that are approved by the Secretary of the State (SOTS) to check in voters. The bill would also require SOTS to create and maintain a list of electronic devices that municipalities may use for electronic checking in of voters.

The SOTS is anticipated to incur a cost of $150,000 in FY 14 to review, approve, and create a list of approved electronic devices for use in the voter check in process. The SOTS is anticipated to incur on-going costs of $10,000 per year beginning in FY 15 to maintain and update the list of approved electronic devices. Given the technical nature of device approval it is expected that the costs identified for SOTS will support a contracted consultant.

To the extent that municipalities decide to utilize electronic resources to check in voters, there is a potential cost to municipalities arising from their purchase of such devices. The cost potentially incurred by municipalities is dependent upon the type of equipment utilized and number of polling stations in a municipality. Such costs are not anticipated to exceed $20,000 for municipalities that decide to utilize this type of equipment.

The Out Years

The annualized ongoing fiscal impact for SOTS identified above would continue into the future subject to inflation. Municipal costs in the out years would be dependent upon the lifecycle of the equipment utilized.

What is Secretary Merrill to Do?
(If this bill passes the House and is not vetoed again by the Governor)

We presume the Secretary is expected to obey the law, and that Secretary Merrill maintains her past opposition to electronic voting as expressed in her testimony on this bill and on S.B 283, stated by experts in her Online Voting Symposium, and confirmed by the Governor’s veto last year.

Normally, we presume Connecticut has a government of men (and women), of a Constitution, and not of miracles! We do not believe the Constitution requires that any official perform miracles. If it did then it would be easy to command the Governor to solve all our budget, tax, and funding problems in a similar manner.

While her response is up to the Secretary, we would suggest she insist that the report include:

  • Even experts at Homeland Security and the National Institute of Standards and Technology agree with the vast majority of computer scientists and security experts that the Internet is not safe and cannot be made safe for voting.
  • That while we have a dedicated state Military Department and legendary state and local Information Technology Departments, it is unlikely that they can defy science to do better than the U.S. Military, and large financial institutions which are regularly hacked.
  • That she and the Military Department cannot meet the requirements of the law that secrecy and security be protected.
  • That any requirements not include directives to the U.S. Military, which has shown a lack of enthusiasm and compliance with directives regarding military voting from the U.S. Congress.
  • At minimum the Constitution would need to be amended to eliminate or adjust the requirement of a secret vote, and this law amended to eliminate the requirement for ‘due consideration’ of security and privacy.
  • That the Office of Fiscal Analysis incorrectly stated the costs of study, implementation, and operation.
  • Any system should be subject to extensive independent, contracted security evaluation and testing along with well notified extensive public testing, and public comment, to guarantee its security and secrecy. Such testing should include random unannounced testing using typical equipment in the typical environments to be used by the military members and their dependents. Our voters and our military are worth this and deserve it!

Rational reasons against the National Popular Vote

Jason Paul joins a group of distinguished, prominent, and thoughtful democrats who have warned of the risks of the Compact: Former Wesleyan Professor and U.S. Senator Daniel Patrick Moynihan, Former Secretary of the State Susan Bysiewicz, Former State University Chancellor William Cibes, and Minnesota Secretary of State Mark Ritchie.

CTNewsJunkie hosted dueling op-eds for and against the National Popular Vote Compact:  Procedural Problems Plague National Popular Vote Compact Bill <Jason Paul against> <Andrea Levien against>

Jason echoes some of the same concerns we have expressed in our earlier op-ed at CTNewsJunkie and our testimony to the General Assembly.

Unfortunately, too much of the discussion and debate has revolved around the normative question: Would it be better to have a national popular vote or an Electoral College process? This is an interesting discussion and I am honestly quite torn on the question. From a normative perspective, I would probably pick the National Popular Vote.

Too many people are answering the normative question, however, and then ending the inquiry. When it comes to this bill that simply cannot be where the discussion stops. The practicalities and the details of running elections matter immensely. Shortcuts are problematic.

Under the current system, the Presidential election is decided based on the outcomes in 56 districts (50 states, plus D.C. and five congressional districts in two states that give a vote to the winner of their Congressional districts). These are all separate election contests, administered by 51 different state bodies (the 50 states, plus D.C.] Each of these 51 bodies has different rules, different guidelines, and different standards. This is fine because each body’s rules only affect the result in its own state or district. Federal laws cover the most egregious potential voting abuses; beyond that, states administer their own elections. That would change if we adopted a National Popular Vote Compact. Instead of giving them control of their own territory, these 51 different bodies would have a degree of control over the entire election system. This poses serious problems.

Here’s one example. A national recount could be a nightmare under any system. Consider that for the 2012 election, revised vote totals were still coming in all the way into February 2013, with new votes in the tens of thousands and the margin of victory changing by the thousands. The margins were large enough that each state was able to declare a winner in time for the electoral college. The late tallies didn’t matter to the outcome — this time. Under the National Popular Vote Compact, the problems would be even worse, and potentially unresolvable.

Currently, in case of a very close election in a state, there is a well-established procedure for conducting a recount according to that state’s rules. Under the compact, because there is no national system, there is no mechanism for conducting a nationwide recount. What is worse, there is no way to force states to participate in a national recount. Because the compact need only be among states with a total of more than 270 electoral votes and not all states, there will be some states that will quite rightfully take the position that they are still in the old system of 51 differing bodies. They will feel no obligation to even consider the impact of the new system. The compact-participating states won’t be able to do anything about it. States can’t force each other to do things. This would make it incredibly difficult to even have a nationwide recount.

If we are going to go from one system (sum of state outcomes) to another, (national popular vote), we need to have an understanding of how the procedural problems will be worked out. Otherwise, it is easy to conceive of a nearly endless number of problems, which would mean lots of trips to court. I would contend it is bad for elections to be decided in court. It might be possible to work out these problems under a compact system, but right now, I do not think they are even reasonably addressed. Until it is possible to answer basic questions — such as how to conduct a national recount — the idea is too flawed to implement. We should not chose the normative value over practical considerations, because it puts the credibility of our electoral system at risk. The proponents need to work out the bugs.

Paul provides a very articulate description of the problems. In the 1st comment on the op-ed we have extended his concerns with a summary our op-ed and testimony.

Jason Paul joins a group of distinguished, prominent, and thoughtful democrats who have warned of the risks of the Compact: Former Wesleyan Professor and U.S. Senator Daniel Patrick Moynihan, Former Secretary of the State Susan Bysiewicz, Former State University Chancellor William Cibes, and Minnesota Secretary of State Mark Ritchie. Jason Paul is a “Connecticut Democratic political operative from West Hartford and a University of Connecticut Law School student.”

Andrea Levien is a “Researh Fellow at FairVote”, one of the well-financed national groups working toward the National Popular Vote agreement. Her arguments seem to have more to do with money than voting integrity. While these are among many considerations, to us, they do not stack up against the added risks of a national popular vote without a uniform trusted national election system.

I have lived and voted in three cities since I turned 18: New Haven, New York City, and Washington, D.C.

While I have been extremely proud to call each of these unique cities my home, they all have one big disadvantage for a young voter who cares about presidential politics: none of these cities are located in swing states, the only states that ever receive any attention in presidential elections.

Barack Obama and Mitt Romney spent 99.6 percent of their television advertising money in the general election targeting voters in just 10 states, including the usual focus on Ohio and Florida. Neither candidate held a single campaign event outside those 10 states after the party conventions. The 2008 election wasn’t much different, with only a few more states receiving any attention at all.

I am not so sure that any Connecticut voter would be more informed by a candidate rally or visit to Bridgeport than a similar rally reported from Philadelphia. It would be great for the media moguls out of state who would get the bulk of profits from advertising in the Courant or on Comcast.

Levien also points to a study by a Ph.D.  candidate which demonstrates that Presidential administrations distribute grants based on political considerations <read>. We certainly do not dispute that. Yet, the national popular vote would be a deck chair move in return for a ticket on the Titanic. It would change the distribution criteria based on alternative political considerations from swing states to areas that would be considered ripe for raising or decreasing votes for and against candidates.

GMO Danger: CALEA II (Government Modified Operating system)

Last week a group of computer security experts issued a warning about a proposed expansion of government spying know as CALEA II (Communications Assistance For Law Enforcement Assistance) being considered for “wire” tap expansion.

The report if anything understates the risks. Further, if you believe that, in general, government can be incompetent, that makes this plan even less effective and more risky.

Last week a group of computer security experts issued a warning about a proposed expansion of government spying know as CALEA II (Communications Assistance For Law Enforcement Assistance) being considered for “wire” tap expansion: CALEA II: Risks of Wiretap Modifications to Endpoints <read>

Abstract: The U.S. government is proposing to expand wiretap design laws broadly to Internet services , including voice over Internet protocol (VoIP) services and other peer – to – peer tools that allow communications in real – time directly between individuals. This report explains how mandating wiretap capabilities in endpoints poses serious security risks. Requiring software vendors to build intercept functionality into their products is unwise and will be ineffective, with the result being serious consequences for the economic well – being and national security of the United States

This is serious.  The report if anything understates the risks. To me, this crux of the problem is summarized by the dangers to operating system end points:

All networks, software , and communication tools that support “lawful intercept” include features that are designed to breach the confidentiality of communications without detection by any party involved in the communication . When parties communicate using services with such features , there is a n increased likelihood that an unauthorized and/or malicious adversary with the right technical knowledge and access to the system could capture communications contents without detection. The general nature of CALEA – style mandates and the necessarily clandestine nature of intercept mechanisms increase security risks further.

The cleverest and most dangerous cyber – attackers are those who are able to not only compromise a system but also to evade detection. T hat is also precisely the objective of a government surveillance solution: to compromise communications without detection. W e know that communications networks and services are increasingly the subject of exploitation , often because of unintended and not very well – hidden vulnerabilities . Wiretap capabilities can be uniquely dangerous precisely because they are developed to be hidden, both in design and in application. Wiretaps are designed to be kept secret from both the parties involved in the communication and also from anyone else that does not have a “need to know” in order to execute the tap (including employees of the service provider who are on the alert for system compromises) .  This requirement for obscurity increases the security risks further because it increases the possibility that a malicious communications intercept could be effectuated with low risk of discovery…

Furthermore, for the many products that are open source, it will be trivial for someone to build and redistribute software without the monitoring capability. This sort of “fork” is not exceptional, but rather common. The nature of Open Source software is that people take it, make small modifications, and redistribute. To provide two especially relevant examples, Iron is a fork of Google Chrome that focuses on improved privacy , and the Tor Project maintains its own version of Firefox that is designed to allow private anonymous communications on the Internet under extremely adversarial conditions, such as dissident users in Iran or China. If U.S. software vendors are forced to introduce wiretap capability , it seems certain that there will be non – U.S. forks of popular7open source communications packages that do not allow such access. Moreover, this likelihood of non – compliant forks being developed is not limited to open source software, but also potentially relevant to proprietary, closed – source products , albeit with more effort by the fork’s developers . For instance, just as it is possible to “jailbreak” proprietary phone operating system software by downloading a program that “tweaks” the software, disabling monitoring capability in wiretap – modified software may be as easy as clicking a link and running a small program that can disable intercept functionality.

It is important to understand that because these systems are built on open standards, modified software without lawful intercept capability will be able to interoperate with systems with the intercept capability and with unmodified systems. To take an extreme example, say that all U.S. – made Web browsers support CALEA II, thus allowing wiretapping of any WebRTC session. Two users who desire unmonitorable communications need only download secure foreign – made versions of one of the major browsers and they can make secure calls using exactly the same infrastructure as those that must use compliant versions . We should expect that any user who is concerned about monitoring — including many potential monitoring targets — would obtain and use a n unmonitorable version of a given product or service . Ironically, then, potential terrorists may easily be able to u se stronger security than the U.S. government, which is less likely to install non – U.S. forks of these programs.

So,

  • The bad guys and all of us good guys can easily find ways of defeating the risk of compromise.
  • But how many of us can be sure those safe versions actually are safe? They could block the government and open up our communications to others instead. Or maybe its just another trick version from the U.S.
  • But the government and perhaps most businesses regulated by business would likely be required to not protective actions
  • This would be a great tool for interfering with the electric grid, nuclear power plants, the communications grid, etc.
  • How about insider trading? A great tool for learning all sorts of information which will effect interest rates, stock, or commodity prices.

If you believe that, in general, government can be  incompetent, that makes this plan even less effective and more risky.

LA: Two campigns debate absentee ballot fraud. Meanwhile in Hartford and New Haven plans to prove early voting works.

In La, apparently there is evidence and no disagreement that fraud occurred. The issue is which campaign did it. Maybe it is both? Absentee voting is a convenience, not just for voters, it really helps fraudsters as well.

Cash strapped New Haven would be a bad place to test early voting in 2013. It is the first competitive election in New Haven in 20 years. Turnout is all but guaranteed to increase – early voting or not – we can predict that early voting would get the credit.

Apparently there is evidence and no disagreement that fraud occurred. The issue is which campaign did it. Maybe it is both? Absentee voting is a convenience, not just for voters, it really helps fraudsters as well.

Brad Friedman reviews the story and reflects the same concerns with mail voting that we have: Absentee Ballot Fraud Allegations in L.A. Underscore (Again) Dangers of Vote-By-Mail <read>

The BRAD BLOG has long detailed the dangers of Vote-by-Mail and absentee balloting, describing the practice as “terrible for democracy,” for a number of reasons. Among those reasons are the ease by which absentee ballots can be undetectably gamed, bought or sold, used for intimidation (“Show me that you voted this particular way or you will be fired/beaten, etc.”) or otherwise lost in the mail, never added to the optically-scanned computer tally, etc., just to name a few.

Usually when we point these matters out, we’ll get some amount of push back, most notably from someone from Oregon, where many voters love their all Vote-by-Mail elections (despite all the dangers, as demonstrated once again by the recent stories out of the state where, in one, a man was convicted of fraud after offering $20 for blank, unvoted ballots prior to the 2012 election, and another where an election official was charged with fraud after it was discovered she was filling in unvoted races in favor of Republicans while processing incoming mailed ballots.)

Those allegations in Oregon are new to us. It just confirms that claims that everything is fine with their all mail-in system are not justified.

Meanwhile in LA, from the LA Times as quoted by Brad:

Prosecutors are investigating allegations of voter fraud in Little Armenia, part of a Los Angeles City Council district where two candidates are waging a bitter battle for an open seat.

According to a spokeswoman for L.A. County Dist. Atty. Jackie Lacey, prosecutors are trying to determine whether backers of one candidate illegally filled out mail-in ballots for dozens of voters in the Armenian enclave in East Hollywood. The May 21 election will decide who succeeds Eric Garcetti, who is running for mayor…

The complaint alleges that O’Farrell campaign workers filled out voters’ ballots for their candidate while telling them they were voting for Sam Kbushyan, a candidate of Armenian descent who ran and lost during the primary election.

Kbushyan and many of his former campaign volunteers are now working on behalf of O’Farrell.

The O’Farrell campaign rebuts the allegations, saying it was [opposition candidate John] Choi workers who filled out and took ballots from voters. “These are Choi people who are doing this,” O’Farrell spokeswoman Renee Nahum said.

Meanwhile, in Connecticut, for  Hartford Courant Editorial Board, anything goes, it supports the safer option in-person early voting and unlimited absentee voting : Early Voting Options May Be Premature <read>

Changes that might be in the offing could include early voting in all its manifestations: no-excuse absentee voting, voting before Election Day at the precinct or a voting center, voting by mail and so forth.

As it stands now, the Connecticut Constitution forbids early voting in statewide elections except for voters casting absentee ballots under very strict circumstances such as illness, infirmity, religious proscriptions or being absent from the state on Election Day. This narrow early-voting rule could be scrapped by the legislature if the constitutional amendment is approved by voters.

As for the early-voting pilot program in this year’s municipal elections being pushed by three New Haven representatives: Lawmakers need to ask state Attorney General George Jepsen for an opinion on its legality.

As for the early-voting pilot program in this year’s municipal elections being pushed by three New Haven representatives: Lawmakers need to ask state Attorney General George Jepsen for an opinion on its legality…

The state constitution doesn’t speak specifically to the question of voting early in municipal elections. Neither did then-Attorney General Richard Blumenthal specifically address local elections in a 2009 informal opinion to lawmakers saying a constitutional amendment would be required to permit no-excuse absentee voting in Connecticut.

The pilot might pass constitutional muster — or it might not.

Early voting will spur turnout in elections for local office. Far too few voters go to the polls to choose mayors, selectmen and members of boards of education and finance. Low turnout drains the life from municipal government, the level of government closest to the people.

We agree that the Constitutionality should be evaluated. Where we also disagree is the claim that forms of early voting increases turnout. They increase convenience, yet are proven by the best science available to actually decrease turnout.

Cash strapped New Haven would be a bad place to test early voting in 2013. It is the first competitive election in New Haven in 20 years. Turnout is all but guaranteed to increase – early voting or not – we can predict that early voting would get the credit.

 

 

Online voting system names winners in Canada

As the Connecticut General Assembly contemplates online voting, we should contemplate r the implications of the recent Liberal Party online vote. In this case it was a landslide. What if it was very very close? Or there were polls saying the other candidate should have won by a comfortable or small margin?

Bonus: 2,904 reasons in New York City alone, that Internet banking and Internet voting can be costly.

As the Connecticut General Assembly contemplates online voting, we should contemplate the implications of the recent Liberal Party online vote. In this case it was a landslide. What if it was very very close? Or there were polls saying the other candidate should have won by a comfortable or even a small margin? Would we trust the result? Should we?

Canada’s Liberal Party Holds Online Primaries While Security Experts Scowl <read>

Canada’s Liberal party elected a new leader last week. And for the first time in the party’s history, the voting took place online. Justin Trudeau, the telegenic son of the late Pierre Trudeau, Canada’s most famous prime minister, won in a landslide with over 80 per cent of the vote. But online voting critics say that despite the decisive results, the Internet remains an unsafe place to cast your vote.

Impossible to ensure security and anonymity

“If the Conservative party want to select the next Liberal party leader, this provides them with the perfect opportunity,” says Dr. Barbara Simons, an online voting expert, and co-author (with Douglas Jones) of Broken Ballots: Will Your Vote Count? “I am not saying the Conservatives would do this — I’m just saying this is a very foolish and irresponsible thing for Liberals to be doing, because they open themselves up to vote-rigging that would be almost untraceable, and impossible to prove.”

Simons draws parallels between the risks involved in voting and banking online. She points to viruses like ZeuS (“It’s my favorite virus, because it is incredibly smart,”) which has been used by criminals to steal millions of dollars from online bank accounts, leaving its victims none the wiser.

“I think many people feel that what they see on their screen is what goes out on the Internet,” says Simons. “They don’t appreciate the fact that these are different components, and there is software in between that can change the results – they can vote for candidate A, and a virus can change their vote to candidate B, and they wouldn’t know.”

Actually online voting is more risky that online banking because there is no receipt or audit available to determine if votes were counted for the correct candidate. But as Dr. Simons says, banking is risky even with bank owned ATM’s.

For those doubters here are 2,904 reasons in New York City alone, that Internet banking and Internet voting can be costly:

In Hours, Thieves Took $45 Million in A.T.M. Scheme <read>

It was a brazen bank heist, but a 21st-century version in which the criminals never wore ski masks, threatened a teller or set foot in a vault.

In two precision operations that involved people in more than two dozen countries acting in close coordination and with surgical precision, thieves stole $45 million from thousands of A.T.M.’s in a matter of hours.

In New York City alone, the thieves responsible for A.T.M. withdrawals struck 2,904 machines over 10 hours starting on Feb. 19, withdrawing $2.4 million.

The operation included sophisticated computer experts operating in the shadowy world of Internet hacking, manipulating financial information with the stroke of a few keys, as well as common street criminals, who used that information to loot the automated teller machines.

Editor’s Note: We seem to repeatedly harp on some subjects over and over, like the risks of mail-in voting and all forms of Internet voting. Yet, it also seems that the message never quite makes it that both are very vulnerable in theory and in practice. We will keep at it, working for rational discussion and evaluation.