Category: CT

Book Review: Bad Blood, Fantasyland, (and Blockchains)

I recently read Bad Blood by John Carreyrou. I could not put it down. Not surprising since it has been on the NYTimes best seller list for months and its the only book I have noticed on Amazon with a full five star rating – with currently just over two-thousand reviews. But for me it was more than that.  It brought back memories of a good portion of my career in the eighties and nineties, along with my last fifteen years concerned with electronic voting.

All reminiscent of Kurt Andersen’s book: Fantasyland: How America Went Haywire: A 500-Year History. To me, just like the California Gold Rush, minus the gold.

I recently read Bad Blood by John Carreyrou. I could not put it down. Not surprising since it has been on the NYTimes best seller list for months and its the only book I have noticed on Amazon with a full five star rating – with currently just over two-thousand reviews. But for me it was more than that.  It brought back memories of a good portion of my career in the eighties and nineties, along with my last fifteen years concerned with electronic voting.

It details the creation, life, and death of Silicon Valley startup Theranos. Theranos was started by Stamford drop-out Elizabeth Holmes. She had an idea for a blood test that would take only a drop of blood and quickly provide an analysis that conventionally took much more blood and much more time. It was a great idea, yet science said it was impossible and she never was able to develop a solution. What she did develop was a large following of famous board members a huge kitty of venture capitol, two large losing customers. A large, harmful group-delusion. Along the way she created a phony test that likely killed people. All reminiscent of Kurt Andersen’s book: Fantasyland: How America Went Haywire: A 500-Year History. To me, just like the California Gold Rush, minus the gold.

The read brought back memories. As I said earlier this year in testimony on a bill in the Connecticut General Assembly to propose a Task Force to study blockchains to solve an undefined problem with our voter registration system:

I have a 35-year career building, evaluating, purchasing and implementing computer systems and new technology.For 9of those years I was a Director of Strategic Planning for the Travelers Computer Science Division and for 8 years worked for two start-ups, designing, developing, and marketing data communications software to large enterprises and government agencies.I keep up with election technology and security issues, daily exchanging ideas with nationally recognized experts in computer science and computer security.

This is bill represents a classic mistake – a “hot” technology solution in search of an undefined problem. This proposal defines no problem and limits the solution to one over-hyped technology. Better to have the problem clearly defined and then solicit proposals to solve the problem – solutions technical and otherwise.

The way to solve problems is to define the problem, create a team of experts on the subject matter, with technical problem solvers, and experts who have solved similar problems for other states and nations – then let them brainstorm, evaluate and propose effective solutions.

If there is a problem to be solved, it is likely there is a solution – if so, it almost certainly does not depend on blockchains, and likely does not need any “hot” technology.

The amazing thing is people, smart people, keep falling for the same old things. As Carreyrou points out many smart people hired by Theranos had questions from the start. Many quit along the way. Some paid a high price for exposing the company, others dared not take the risk. At least initially Holmes was likely deluded herself.

I worked for a similar, much smaller, startup in 1997. A product that hardly worked – likely all but impossible to create – impossible with the minimal skills of those developing it. I had some doubts the day I walked in the door – I was an expert in the problem and its value, yet I said “maybe they know something I don’t.” I needed a job.  Most, if not all of the rest of the fifty or so employees were not so knowledgeable. The founder was as he described it a “serial entrepreneur”. His actual M.O. was taking venture capitol, failing, and saying in the ashes he had discovered a better idea and attracted more venture capitol. I left after eleven sad, ridiculous months. Sad because so many in the company were hurt – fortunately no customers lost much. The boss, said lack of sales was our fault as we needed to find more sophisticated customers who would appreciate the value of our cumbersome product.

Believe me Blockchains are another over-hyped technology with little if any value. Scientists I trust say that <read>. I have studied it enough to agree with them. And based on all my experience the hype smells just like many things I have seen before. The bill is still alive in the General Assembly, lets hope it dies or at least the Task Force sees through the hype.

Its all the same as that Theranos Bad Blood. Just another journey in Fantasyland. Both good reads and cautionary tales.

National Academy of Sciences study: Blockchain may make voting more vulnerable

While the General Assembly contemplates how Blockchain might solve some undefined problem in our voter registration system, we point to a National Academy of Sciences study Securing the Vote, Protecting American Democracy:

The blockchain abstraction, once implemented, provides added points of attack for malicious actors…Furthermore, blockchain protocols generally yield results that are a consensus of the miners/stakeholders. This consensus may not represent the consensus of the voting public. Miners/stakeholders with sufficient power might also cause confusion and uncertainty about the state of a blockchain by raising doubts about whether a consensus has been reached.

While the General Assembly contemplates how Blockchain might solve some undefined problem in our voter registration system, we point to a National Academy of Sciences study Securing the Vote, Protecting American Democracy <view> starting on page 103:

While the notion of using a blockchain as an immutable ballot box may seem promising, blockchain technology does little to solve the fundamental security issues of elections, and indeed, blockchains introduce additional security vulnerabilities. In particular, if malware on a voter’s device alters a vote before it ever reaches a blockchain, the immutability of the blockchain fails to provide the desired integrity, and the voter may never know of the alteration. Blockchains are decentralized, but elections are inherently centralized. Although blockchains can be effective for decentralized applications, public elections are inherently centralized—requiring election administrators define the contents of ballots, identify the list of eligible voters, and establish the duration of voting…

As they point out lists of eligible voters is also a central function, subject to the same limitations to “to solve the fundamental security of elections.

While it is true that blockchains offer observability and immutability, in a centralized election scenario, observability and immutability maybe achieved more simply by other means. Election officials need only, for example, post digitally signed versions of relevant election-related reports for public observation and download. Ballots stored on a blockchain are electronic. While paper ballots are directly verifiable by voters, electronic ballots (i.e., ballots on a blockchain)
can be more difficult to verify. Software is required to examine postings on blockchain. If such software is corrupted, then verifiability may be illusory. Software independence is not, therefore, achieved through posting ballots on a blockchain…

The blockchain abstraction, once implemented, provides added points of attack for malicious actors…Furthermore, blockchain protocols generally yield results that are a consensus of the miners/stakeholders. This consensus may not represent the consensus of the voting public. Miners/stakeholders with sufficient power might also cause confusion and uncertainty about the state of a blockchain by raising doubts about whether a consensus has been reached…

Blockchains do not provide the anonymity often ascribed to them. In the particular context of elections, voters need to be authorized as eligible to vote and as not having cast more than one ballot in the particular election. Blockchains do not offer means for providing the necessary authorization. Blockchains do not provide ballot secrecy.

 

Five pieces of testimony on six mostly ridiculous bills

Yesterday the GAE Committee is hearing testimony on another raft if bills. I spoke on four pieces of testimony on five bills. What brings them together is that they are all but ridiculous and unworkable given existing tried and true election law.

I was not going to testify orally on H.B.7392 as I thought it was so outrageous that everyone would testify against it. Apparently not. Many believe it was just like last year’s bills. It is much worse. In his testimony, Michael Brandi from the State Elections Enforcement Commission (SEEC) saw the same problems I saw – it precludes anyone but the Secretary of the State, Registrars and political operatives from seeing voter registration records, not even the SEEC or polling place officials, let alone voter integrity groups. Not surprisingly the media is getting it wrong too (E.g.), since most of the testimony has yet to be posted by the Committee.

Yesterday the GAE Committee is hearing testimony on another raft if bills. I spoke on four pieces of testimony on five bills.  What brings them together is that they are all but ridiculous and unworkable given existing tried and true election law.

I was not going to testify orally on H.B.7392 as I thought it was so outrageous that everyone would testify against it. Apparently not. Many believe it was just like last year’s bills. It is much worse. In his testimony, Michael Brandi from the State Elections Enforcement Commission (SEEC) saw the same problems I saw – it precludes anyone but the Secretary of the State, Registrars and political operatives from seeing voter registration records, not even the SEEC or polling place officials, let alone voter integrity groups. Not surprisingly the media is getting it wrong too (E.g.), since most of the testimony has yet to be posted by the Committee.

The bills, and links to my testimony, The first four are the ones I covered orally in my three minutes. (Take a look at all the testimony <here>, best to look by bill number than by date)

H.B.6063 A well-intended bill that would be a disaster for tracing absentee ballots and voting integrity.

S.B.268 and H.B. 6048 Inconsistent with EDR Law and A Wasteful Unfunded Mandate aimed at solving the mythical all but non-existent problem of votER fraud. Would all but kill EDR.

H.B.7160  Well-intended, but would provide for volunteer student election officials as young as 13.  Would they actually be held to account for following the law? On the other hand, includes the best EDR provisions yet!

H.B.7392 At best a poor public policy idea undermining confidence in our elections and democracy.

S.J.14 Yet another constitutional amendment for absentee voting.

Three pieces of testimony on six bills

On Wednesday the GAE Committee held testimony on another raft if bills. I was out of town but submitted testimony on several bills.

The bills, and links to my testimony, in priority order: (Take a look at all the testimony <here>, best to look by bill number than date)

H.R.161 and S.J.27 A good and a not-so-good bill on Early Voting

S.B.1046, S.B.1049, and H.B.6059 One good and a couple of not-so-good Election Day Registration bills. In addition to those previously heard.

S.B.1050 A slightly improved Rank Choice Voting Task Force bill.

On Wednesday the GAE Committee held testimony on another raft if bills. I was out of town but submitted testimony on several bills.

The bills, and links to my testimony, in priority order: (Take a look at all the testimony <here>, best to look by bill number than date)

H.R.161  and S.J.27 A good and a not-so-good bill on Early Voting

S.B.1046, S.B.1049, and H.B.6059 One good and a couple of not-so-good Election Day Registration bills. In addition to those previously heard.

S.B.1050 A slightly improved Rank Choice Voting Task Force bill.

Four pieces of testimony on five bills, including Blockchain and RCV

On Wednesday the GAE Committee held testimony on another raft if bills.

The bills, and links to my testimony, in priority order: (Take a look at all the testimony <here>, best to look by bill number than date)

H.B.5417 A proposed study to use blockchain to solve some undefined problem in voter registration. I opposed, perhaps the only one in the room who is a computer scientist. In summary, if someone wants to sell you or asks you to invest in blockchain – Run. Run fast and keep your eye on your wallet and passwords! …

On Wednesday the GAE Committee held testimony on another raft if bills.

The bills, and links to my testimony, in priority order: (Take a look at all the testimony  <here>, best to look by bill number than date)

H.B.5417 A proposed study to use blockchain to solve some undefined problem in voter registration.  I opposed, perhaps the only one in the room who is a computer scientist.  In summary, if someone wants to sell you or asks you to invest in blockchain – Run. Run fast and keep your eye on your wallet and passwords!  In addition to my own testimony on how to solve problems (i.e. define the problem then look at all cures), I provided an article by a true expert.

H.B.5820 A proposed study to evaluate Ranked Choice Voting. I opposed unless the bill is corrected and the study is broadened. I provided a laundry list of items that should be considered by a Task Force.

S.B.156 and S.B.195  Two proposals to no linger require signatures on absentee ballot applications.  Opposed based on Connecticut’s history of absentee ballot votING fraud, by political operatives and insiders. Those signatures are a key component of proving fraud.

H.B.6876 To cut the onerous cost of scanning public records by cell phones and other meetings. Supported, along with every other person supporting Freedom of Information. Opposed by officials who gain revenue from the fees. copying a single document costs $20.

 

We Must Do Better: Connecticut’s 2018 Post Election Audit

Citizens Audit Report:
We Must Do Better:
Independent Observation and Analysis of Connecticut’s 2018 Post Election Audit

From the Press Release:

Post-election vote audits of the November 2018 elections failed to meet basic audit standards. Audit should provide voters with justified confidence in elections. Instead, these audits reduce our confidence in election officials, concludes the non-partisan Connecticut Citizen Election Audit. Five percent of the State’s election districts were randomly chosen to be audited, as required by state law.

Among the Citizen Audit’s concerns:

  • The audits were not conducted and reported as required by law. The Secretary of the State’s Office continues to fail to take responsibility for that failure by local officials.
  • 39% of official audit reports submitted by town registrars were incomplete.
  • Human error was still considered an acceptable explanation of differences between machine and manual counts. This defeats the purpose of the audits.
  • Weaknesses in ballot chain-of-custody and security procedures.
  • Continued use of flawed electronic audit procedures that are not publicly verifiable.

The Citizen Audit was pleased with the following developments:

  • Fewer instances of write-in ballots not properly stored in separate envelopes.
  • Fewer instances of write-in ballots read into scanners multiple times on election night.
  • Electronic Audit equipment had few if any problems reading creased, folded, or mutilated ballots.

“We are frustrated with so little improvement after 20 statewide audits over 11 years,” Luther Weeks, Executive Director of the Citizen Audit said. “Citizens deserve better. If the Secretary of the State’s     Office acts to fix these problems and pursues publicly verifiable electronic audits, progress can be achieved in the near term.”

<Press Release .pdf> <Full Report pdf> <Detail data/municipal reports>

Citizens Audit Report:
We Must Do Better:
Independent Observation and Analysis of Connecticut’s 2018 Post Election Audit

From the Press Release:

Post-election vote audits of the November 2018 elections failed to meet basic audit standards. Audit should provide voters with justified confidence in elections. Instead, these audits reduce our confidence in election officials, concludes the non-partisan Connecticut Citizen Election Audit. Five percent of the State’s election districts were randomly chosen to be audited, as required by state law.

Among the Citizen Audit’s concerns:

  • The audits were not conducted and reported as required by law. The Secretary of the State’s Office continues to fail to take responsibility for that failure by local officials.
  • 39% of official audit reports submitted by town registrars were incomplete.
  • Human error was still considered an acceptable explanation of differences between machine and manual counts. This defeats the purpose of the audits.
  • Weaknesses in ballot chain-of-custody and security procedures.
  • Continued use of flawed electronic audit procedures that are not publicly verifiable.

The Citizen Audit was pleased with the following developments:

  • Fewer instances of write-in ballots not properly stored in separate envelopes.
  • Fewer instances of write-in ballots read into scanners multiple times on election night.
  • Electronic Audit equipment had few if any problems reading creased, folded, or mutilated ballots.

“We are frustrated with so little improvement after 20 statewide audits over 11 years,” Luther Weeks, Executive Director of the Citizen Audit said. “Citizens deserve better. If the Secretary of the State’s     Office acts to fix these problems and pursues publicly verifiable electronic audits, progress can be achieved in the near term.”

<Press Release .pdf> <Full Report pdf> <Detail data/municipal reports>

Five pieces of testimony on six bills

On Friday the GAE Committee held testimony on a raft if bills. This is just the first hearing, and first wave this year.

There is a risky trend in the last couple of years that bills are sketchy drafts at hearing stage. So there is no detailed text to comment on and correct details and improve. This means that advocates on all sides have little chance to help the General Assembly avoid errors. So, I find myself testifying more about potential improvements at a high level, while trying to anticipate important details to advise on. And I find others providing short general testimony in favor or against rather than detailed suggestions or critiques.

The bills, and links to my testimony:

On Friday the GAE Committee held testimony on a raft if bills. This is just the first hearing, and first wave this year.

There is a risky trend in the last couple of years that bills are sketchy drafts at hearing stage. So there is no detailed text to comment on and correct details and improve. This means that advocates on all sides have little chance to help the General Assembly avoid errors. So, I find myself testifying more about potential improvements at a high level, while trying to anticipate important details to advise on. And I find others providing short general testimony in favor or against rather than detailed suggestions or critiques.

The bills, and links to my testimony: (Take a look at all the testimony today <here>.)

H.B.6045 and H.B.5818 Election Day Registration. The bills propose fixing the civil rights violation in Election Day Registration caused by the Secretary of the State’s ruling that those in line have no right to register and vote. As usual I expect heavy opposition from the registrars of voters. I also emphasize a method that can accommodate their objections by providing 48 hours to count EDR votes submitted after 8:00pm. I don’ t think they will like that, yet in the end we should not continue violating civil rights. I also point out transparency and security flaws in our election laws that should be fixed, along with suggested fixes.

H.B.5817 Checker Announcing Voter ID for Unofficial Checkers. Expensive, useless concept. Might be well intended, yet will gum up the works for voters and officials.

H.B.6047 Multi-District Polling Places. This is aimed at addressing the problems with a multi-district polling place in Stratford last November. I support the mandate for different color ballots in such polling places for each district. My testimony asks for an exception for emergency ballot copies and recommends against other more drastic solutions.

S.B.265 Cut Moderator Certification in Half. I testify that we need more training, not less. This is an example of where I use one bill to make a bigger point in hopes of educating the members of the GAE, perhaps sooner of later leading to better legislation.

S.B.479 Election Day Holiday. In general I support this bill. I ask to make a school holiday mandatory and suggest its extension to primaries.

 

Three Experts on Blockchains

Do you need a public blockchain? The answer is almost certainly no. A blockchain probably doesn’t solve the security problems you think it solves. The security problems it solves are probably not the ones you have. …A false trust in blockchain can itself be a security risk. The inefficiencies, especially in scaling, are probably not worth it. I have looked at many blockchain applications, and all of them could achieve the same security properties without using a blockchain—of course, then they wouldn’t have the cool name.

There are two bills submitted to the General Assembly this year to research Blockchain technology. One to solve a sketchily defined, possible problem with our voter registration system, and another to use Blockchain technology for online voting. We will have more to say about the bills and those specific problems later, but let us start with three experts opinions of Blockchain technology itself.

Bruce Schneier article at Wired  There’s No Good Reason to Trust Blockchain Technology  <read>

Bruce Schneier is a highly respected security expert from Harvard University often a guest on the PBS Newshour. Private Blockchains are the type used in West Virginia in prototyping a system for electronic voting – a system hidden from public scrutiny and testing, Probably what would be considered for both of those systems in Connecticut. Schneier says:

Private blockchains are completely uninteresting. … In general, they have some external limitation on who can interact with the blockchain and its features. These are not anything new; they’re distributed append-only data structures with a list of individuals authorized to add to it. Consensus protocols have been studied in distributed systems for more than 60 years. Append-only data structures have been similarly well covered. They’re blockchains in name only, and—as far as I can tell—the only reason to operate one is to ride on the blockchain hype…

A public Blockchain is what most cryptocurrencies like Bitcoin use, Schneier says:

Do you need a public blockchain? The answer is almost certainly no. A blockchain probably doesn’t solve the security problems you think it solves. The security problems it solves are probably not the ones you have. (Manipulating audit data is probably not your major security risk.) A false trust in blockchain can itself be a security risk. The inefficiencies, especially in scaling, are probably not worth it. I have looked at many blockchain applications, and all of them could achieve the same security properties without using a blockchain—of course, then they wouldn’t have the cool name.

Vinton Cerf is one of the Fathers of the Internet. Schneier quotes him in a simple summary of Cerf’s views of Blockchains:

Bill Black On The Real News  Cryptocurrency Firms Regularly Lose Codes and Money <watch> Less technical but clearly undermines the claim that even for cryptocurrency, Blockchains do not solve every problem and are over hyped.

****Update 4/29/2019 Moody’s agrees with Schneier:  Bond Rating Agency Moody’s Warns on Risks of Private Blockchains <read>

 

 

Deadlocked Committee on Contested Elections passes ball to whole House

Yesterday, the Connecticut House Committee on Contested Elections concluded its work on the contested election in Stratford. They provided two options to the House: Leave the certified winner in office or hold a re-vote. You can read more at CTMirror: House committee deadlocks on disputed Stratford election  The CTMirror article includes the final report.

The crux of the issue is that after a recanvass the certified winner was ahead by 13 votes. 75 voters were given the wrong ballot, without that race. The votes counted in the pooling place district favored the loser, in fact if the 75 had voted as the rest of the district, on average the loser would have picked up 12.55 votes, thus on average, all but even odds for each candidate. The crux of the disagreement is around the issue of if that evidence brought the uncertainty of the election in question enough to justify a re-vote.

Yesterday, the Connecticut House Committee on Contested Elections concluded its work on the contested election in Stratford. They provided two options to the House: Leave the certified winner in office or hold a re-vote. You can read more at CTMirror: House committee deadlocks on disputed Stratford election  <read> The CTMirror article includes the final report.

The crux of the issue is that after a recanvass the certified winner was ahead by 13 votes. 75 voters were given the wrong ballot, without that race. The votes counted in the pooling place district favored the loser, in fact if the 75 had voted as the rest of the district, on average the loser would have picked up 12.55 votes, thus on average, all but even odds for each candidate. The crux of the disagreement is around the issue of if that evidence brought the uncertainty of the election in question enough to justify a re-vote.

Our context is the work of Edward B. Foley, recapped in his book Ballot Battles which covers how close elections have been decided in this country starting before the Constitution. Sadly the tradition is that, with only two exceptions, whenever a close election is turned over to a body to decide, the decision is the same as you would expect had the decisions been made politically. That is the case here. This does not mean that all decisions are wrong. It is likely that about 50% are correct. In this case, it is possible that all four representatives reached their conclusions without bias. The Committee members and ultimately all members of the House will be left with the political judgment of the voters on this matter.

I have attended all of the Committee meetings and found the whole process fascinating. You  might and might not. The videos are at CT-N: <Vidoes>

All the testimony is in the meetings on January 24th and 25th. There is a bombshell at the end of the meeting on the 24th, yet to appreciate it, you need to watch from the beginning. The debate between the members on the conclusions takes most of the meeting on February 1st.

VotING fraud via Absentee, this time in Stamford

When Connecticut passed public financing of elections a major part of the justification was a history of campaign finance scandals. Avoiding expanded mail-in voting can be justified by the similar pattern of AB abuse. We do favor a form of early voting for Connecticut we call in-person absentee voting – in-person at the municipal clerk’s office, where officials can be expected to easily detect a single person attempting to vote 14 times under different names!

From the Stamford Advocate: Former Stamford Dem Party boss charged with falsifying absentee ballots <read>

STAMFORD — John Mallozzi, the city’s former Democratic Party chief, was arrested Wednesday on charges of absentee ballot fraud in the 2015 municipal election. He allegedly forged ballots for relatives, Spanish-speaking residents and Albanian-Americans new to the election system, according to the State’s Attorney’s Office.

Mallozzi was charged with 14 counts each of filing false statements and second-degree forgery. He turned himself in to Stamford police on the charges, both Class D felonies punishable by up to five years in prison and/or a fine of up to $5,000 per count…

Hoti told investigators that on Election Day 2015 he was rejected at his District 8 polling place in the Cove by a monitor who told him the record showed he’d already voted by absentee ballot. Hoti said he had not. The monitor allowed Hoti to vote after Hoti filled out a form attesting that he did not vote by absentee…

On Jan. 10 a state forensic science analyst determined that signatures on 14 absentee ballots “share common authorship” with the handwriting samples provided by Mallozzi, according to the affidavit. None of the 14 voters whose names were on the ballots had requested them, the affidavit states.

Allegations, convictions, and enforcement penalties for AB fraud are regular occurrences in Connecticut. There are likely many more that are not discovered. Just lucky that one of these voters attempted to vote legally and through diligence of the election officials the fraud was discovered. If that one voter had not attempted to vote, if may never have been discovered and continued in subsequent elections.

Editorial

This is why we oppose expanded mail-in voting, such as no-excuse absentee voting. If might be safe in other states, yet Connecticut has an ongoing record of absentee votING fraud (as opposed to votER fraud) by insiders or candidate and party officials. This year and last we have cases in Hartford and Bridgeport as well.

When Connecticut passed public financing of elections a major part of the justification was a history of campaign finance scandals. Avoiding expanded mail-in voting can be justified by the similar pattern of AB abuse. We do favor a form of early voting for Connecticut we call in-person absentee voting – in-person at the municipal clerk’s office, where officials can be expected to easily detect a single person attempting to vote 14 times under different names!  See our testimony last year <read>