Electronic Vulnerability

Do you need a blockchain? (Probably not!)

Blockchains are the latest technology to enter the mainstream.  A blockchain powers and makes BitCoin possible. Many are treating blockchains as the next big breakthrough in technology. There is even a Blockchain Caucus in Congress.

Do not get your hopes up or bet your retirement savings on blockchains, they are definitely not the next Internet or Hula Hoop.  Most importantly they will not transform elections or solve the challenges of online voting.

From IEEE Do You Need a Blockchain?

“I find myself debunking a blockchain voting effort about every few weeks,” says Josh Benaloh, the senior cryptographer at Microsoft Research. “It feels like a very good fit for voting, until you dig a couple millimeters below the surface.”

“Does your vote count?” Glastonbury MLK Conversation

Last Wednesday evening, I was one of five speakers and a moderator at a Community Conversation held by the Glastonbury Martin Luther King Community Initiative. There were about 60 to 75 in attendance. We addressed “Does your vote count? An examination of the Issues” I addressed issues in two areas: How could you know if your vote was counted? And what I would recommend to expand democracy in Connecticut, without risking election integrity. Here are my prepared remarks:

We cannot trust computers, communications, or officials with elections

Recently two serious structural flaws in computer chips have been disclosed (they were discovered several months ago). So far, the understanding is that one will be difficult to fix and the other impossible, without a new computer architecture.  See:  The World Grapples with Critical Computer Flaws <read>

We cannot say it enough, “Ultimately, computers cannot be protected from fraud and error.” We also cannot trust officials to operate flawlessly. Fortunately, there are solutions.

What’s the matter with Wisconsin (and almost every state?)

Recent Headlines:

Wisconsin: Walker makes it harder for candidates to get a recount in close races

Former Trump Advisor: Scott Walker Has ‘Rigged’ 5 Elections 

Editorial: What is wrong with this picture? 

Samantha Bee: The Matrix has your vote

Election hacking, especially the risks in Georgia explained to Samantha Bee.

Just a step in the right direction: Merrill meets with Homeland Security

“Yesterday, along with representatives from the state’s information technology and public safety departments, I met with regional officials from the United States Department of Homeland Security to discuss how we can work together to ensure that Connecticut elections are safe from outside interference or manipulation. We had a productive meeting and I look forward to working together in the months and years to come to protect our elections, the bedrock of our democracy.” – Denise Merrill, Connecticut Secretary of the State

We applaud this step in the right direction.  Last year as leader of the National Association of Secretaries of State, Merrill opposed the designation of elections as critical infrastructure, leading in expressing the concern for a Federal take-over of elections. We were critical of that stand then and remain so.

In our opinion this is just a step. There are several aspects to election security/integrity that should be addressed,. This  step may assist in those that are under direct control of the of the the State, yet less so those under local control.

RoundUp: Spy vs Spy, while Officials and Voters lose

Almost every day lately there is news on the potential of future and past hacking, including election hacking. Today we suggest three recent articles and a report.

The N.S.A. bans its analysts from using Kaspersky antivirus at the agency, in large part because the agency has exploited antivirus software for its own foreign hacking operations and knows the same technique is used by its adversaries.

If Russia can attack our election, so can others: Iran, North Korea, ISIS, or even criminal or extremist groups.

Exactly a year after U.S. intelligence issued a stern warning about Russian interference in the 2016 presidential election, the Trump administration has failed to fill key homeland security posts responsible for preventing another Kremlin assault on the voting system…

It sounds like science fiction, or at least “Ocean’s 11,” but cybersecurity experts are frantically waving their hands, trying to get Americans to see that in foreign capitals, the American voting system just looks like easy opportunity.

Skepticism now, Skepticism tomorrow, Skepticism forever

Recent events are a reminder that we must be eternally skeptical. We need to be especially skeptical of the mainstream media as well as other sources.

Today we add the most recent flurry about the “21 states hacked by Russia before the 2016 election”, and more.  The story continues to fall apart, bit by bit. Yet, we suspect the truth is far from common knowledge.

And an Intercept story by Kim Zetter reviewing a report by Kaspersky Lab Masquerading Hackers Are Forcing a Rethink of How Attacks Are Traced. The title pretty much says it all.  Attribution is difficult, yet often possible.

We need recounts for more than fair elections, for more than Russian risks.

CNN:  For fair elections … can we get a recount?

We should not ignore calls for audits, recounts, and paper ballots just because the motivator for those calls may be simplistic.  There are a multitude  of risks beyond Russians, beyond foreigners, beyond skullduggery. Its not just fairness, it is accuracy and democracy.

States (and foreign governments) moving half way toward verifiable election results

From Governing:  After 2016 Election Hacks, Some States Return to Paper Ballots

The Independent, via VerifiedVoting: Norway: Votes to be counted manually in fear of election hacking

We applaud these developments. Yet, what is needed beyond paper ballots are effective post-election audits, those that verify result and can lead to changing incorrect initial outcomes.  Audits that also verify the accumulation of results across jurisdictions;  Audits that check other aspects of the process as checkin, checkin to ballots counts, and ballot security.

Page 1 of 2312345...1020...Last »