You may not believe Scientists, yet John Oliver does…
John Oliver on election integrity
You may not believe Scientists, yet John Oliver does…
Category: National
Reminder, Cybersecurity will never be enough
States and the Federal Government are pumping millions into cybersecurity and new voting systems. That is all good, especially when the new systems are for Voter Marked Paper Ballots and Ballot Marking Devices for those with disabilities. Yet ultimately, it can provide a false sense of security. No matter how strong the cybersecurity and the quality of software, based on Turing’s Halting Problem, it is impossible to secure a computer system from errors and hacking. it is also impossible to secure systems from insiders and others with physical access.
Today’s stories at The Voting News provide a reminder of current vulnerabilities:
How state election officials are contributing to weak security in 2020 | Joseph Marks/The Washington Post
Cyber firm examines supply-chain challenge in securing election ecosystem | Charlie Mitchell/InsideCyberSecurity.com
Editorials: Cyber attacks threaten security of 2020 election | Ray Rothrock/San Jose Mercury-News
Arizona: Is Arizona doing enough to protect 2020 elections? Computer security experts weigh in | Andrew Oxford/Arizona Republic
Georgia: Check-in computers stolen in Atlanta hold statewide voter data | Mark Niesse and Arielle Kass/The Atlanta Journal-Constitution
(PS: Instead stealing these computers they could have hacked them or the voting machines.)
Louisiana: New Louisiana election, same old voting machines | Melinda DeSlatte/Associated Press
New Jersey: Activists press for federal support to upgrade New Jersey’s vulnerable voting machines | Briana Vannozzi/NJTV News
North Carolina: Experts Warn of Voting Machine Vulnerabilities in North Carolina | Nancy McLaughlin/Greensboro News & Record
North Carolina: Voting equipment approval didn’t follow law | Jordan Wilkie/Carolina Public Press
Pennsylvania: Elections officials touted new electronic poll books. Now the city says they don’t work right. | Jonathan Lai/Philadelphia Inquirer
States and the Federal Government are pumping millions into cybersecurity and new voting systems. That is all good, especially when the new systems are for Voter Marked Paper Ballots and Ballot Marking Devices for those with disabilities. Yet ultimately, it can provide a false sense of security. No matter how strong the cybersecurity and the quality of software, based on Turing’s Halting Problem, it is impossible to secure a computer system from errors and hacking. it is also impossible to secure systems from insiders and others with physical access.
That is why we need:
- Voter Marked Paper Ballots that can be audited and recounted to verify the machine results
- Strong physical security and chain-of-custody for ballots
- Best is publicly scanned and reported machine totals compared to the physical ballots
Op-Ed: Election Security Isn’t That Hard
Op-Ed in Politico by two former secretaries of state, one D and one R: Election Security Isn’t That Hard
First, we need to dispel one misconception. Many people (including many election officials) believe that if a voting system or scanner is never connected to the internet, it will always be safe. Alas, that’s not the case…
What this means is that while we must make our election infrastructure as secure as possible, we need to accept that it is essentially impossible to make those systems completely secure.
Overall, we agree as far as this op-ed goes. Yet, Risk Limiting Tabulation Audits alone are not sufficient. We need additional audits to check the rest of the process, “process audits” e.g. chain-of-custody/ballot security audits, check-in process audits (appropriate voters allowed or excluded from voting?), accuracy of the voter registration database and lists etc. Like many officials the authors focus on cyber attack, yet we must also protect our systems from insider attack. Connecticut has a way to go to meet these standards. We do have voter marked paper ballots and air-gaped systems. Yet we have insufficient protection of those paper ballots and insufficient election audits.
Op-Ed in Politico by two former secretaries of state, one D and one R: Election Security Isn’t That Hard <read>
That’s not to say that it’s easy, particularly given the decentralized nature of our election administration system. Most states administer elections locally and only a few states have uniform equipment in each locality. For many years, election administration has been woefully underfunded, leading to wide variability in capacity and resources. But, as long as the equipment incorporates a voter-marked paper ballot, officials can adjust existing processes to instill confidence in elections, regardless of the equipment in place.
First, we need to dispel one misconception. Many people (including many election officials) believe that if a voting system or scanner is never connected to the internet, it will always be safe. Alas, that’s not the case…
What this means is that while we must make our election infrastructure as secure as possible, we need to accept that it is essentially impossible to make those systems completely secure.
We completely agree. Its important to take strong security measures to protect election systems – voting systems, registration systems – yet that can never be sufficient. We need systems, manual, and computer that are not dependent of electronics. Paper voter lists at every polling place to backup electronic pollbooks and online voter databases. Paper ballots to vote on when the systems fail or the power goes out. Independent audits and recounts of the paper to detect problems and to recover from errors, fraud, and disasters.
The three parts work together. Voter-verifiable paper ballots are required as a check on the computers that tabulate the ballots. The strong chain of custody prevents ballot box stuffing, as well as the theft or alteration of voted ballots. And ballot audits, known as Risk-Limiting Audits (RLAs), make it possible to recover from an attack, or even from malware or unintended mistakes, by randomly selecting ballots and using them to check the accuracy and correctness of the scanner.
It’s not enough to just have paper ballots – it’s also important that they be checked by voters. If a voter makes a mistake while marking her ballot or if a machine that marks a paper ballot for the voter misrecords the voter’s selections, then the voter’s choices will not be correctly counted. This is an important step to raise confidence in the validity of any system. A strong chain of custody also increases confidence.
Overall, we agree as far as this goes. Yet, Risk Limiting Tabulation Audits alone are not sufficient. We need additional audits to check the rest of the process, “process audits” e.g. chain-of-custody/ballot security audits, check-in process audits (appropriate voters allowed or excluded from voting?), accuracy of the voter registration database and lists etc. Like many officials the authors focus on cyber attack, yet we must also protect our systems from insider attack.
Connecticut has a way to go to meet these standards. We do have voter marked paper ballots and air-gaped systems. Yet we have insufficient protection of those paper ballots and insufficient election audits.
Verified Voting’s Policy on DREs and BMDs
This week Verified Voting released a Policy on DREs and BMDs. It is consistent with our views.
But it’s not enough for a voting system to “check the box” on paper – to print paper records that voters may not even notice or examine. To be trustworthy, elections need to be based on voter-marked paper ballots. Whether these ballots are marked by hand or by device, for them to be considered voter-marked, voters should know what they say!
As they say: “We have had some long and sometimes difficult conversations about these topics, and we look forward to more.”
This week Verified Voting released a Policy on DREs and BMDs <read>. It is consistent with our views <The Case Against Trusting Democracy to BMDs>
From the summary:
But it’s not enough for a voting system to “check the box” on paper – to print paper records that voters may not even notice or examine. To be trustworthy, elections need to be based on voter-marked paper ballots. Whether these ballots are marked by hand or by device, for them to be considered voter-marked, voters should know what they say!
For Ballot Marking Devices (BMDs), that means the systems, and the procedures around them, should demonstrably support voter verification. They should ensure that voters deliberately and intentionally check their printed ballots carefully enough to detect, correct, and report any errors. It also means that pollworkers should be trained to follow specific protocols if BMDs are not recording voters’ intent accurately during voting.
It is far from clear that any currently available BMD meets a high standard of voter verification in practice. Published research is scanty, but it suggests that many voters may barely look at their ballots – let alone look closely enough to notice any changes. This is a usability defect that threatens election integrity. If voters are unable to use voting systems and election procedures safely, the systems and procedures must change to protect our elections. Now is the time to revisit those procedures and adapt them to optimize the use of new technology…
Given present knowledge, we think the best approach has some basic elements:
-
- Select BMDs that are easiest for voters to verify. Avoid BMDs with radical flaws such as being able to add, change, or destroy votes on ballots after voters cast them.
- Allow in-person voters to choose between hand-marking ballots and using BMDs. When a polling place has one or two BMDs, a variety of voters should be encouraged to use them.
- Make sure contingency plans are in place for everything that could go wrong with BMDs, from isolated malfunctions through massive subversion. Such plans include having emergency paper ballots on hand in precincts that use BMDs for all voters.
- Systematically study best system designs and procedures to ensure that votes are verified and protected. Support continuous improvement in systems and procedures.
As they say: “We have had some long and sometimes difficult conversations about these topics, and we look forward to more.”
Presidential Assault on Military and Overseas Voters
Costs to mail ballots may skyrocket for civilians, military living overseas
Election officials are growing increasingly concerned that the Trump administration’s trade war with China could make it more difficult and expensive for overseas voters — including those in the military — to cast ballots in the 2019 and 2020 local, state and federal elections…
The deadline for his state and most others to send out absentee ballots for the fall elections, Dearing said, falls a few days before a Sept. 24-25…That makes it difficult to provide voters with guidance about how to return their ballots.
The bottom lines:
- Election officials are approaching a deadline and have no idea what to tell Military and Overseas voters.
- Maybe, there will be relatively easy options for Military voters, yet the Military has done a poor job of serving Military voters, especially in training Voting Assistance Officers in the current stable laws.
- Overseas voters like expats, state department employees, military contractors, and corporate employees overseas, will be hit hardest, with the highest costs, highest hurdles, and likely the least information.
Costs to mail ballots may skyrocket for civilians, military living overseas <read>
Election officials are growing increasingly concerned that the Trump administration’s trade war with China could make it more difficult and expensive for overseas voters — including those in the military — to cast ballots in the 2019 and 2020 local, state and federal elections.
The issue is the pending withdrawal in October by the U.S. from the Universal Postal Union, a group of 192 nations that has governed international postal service and rates for 145 years.
The deadline for his state and most others to send out absentee ballots for the fall elections, Dearing said, falls a few days before a Sept. 24-25…That makes it difficult to provide voters with guidance about how to return their ballots.
If the United States ends up withdrawing from the UPU, overseas citizens may not be able to return their ballots using regular mail service and could have to pay upward of $60 to use one of the commercial shipping services, Dearing said…
Even if there is a disruption in international mail service, overseas military members and their dependents will be able to vote using military delivery channels, she said.
And some overseas citizens can vote electronically, although 19 states do not allow electronic return of ballots, according to the National Council of State Legislatures.
Another option for overseas voters, Kerr said, would be to drop off their ballots at a U.S. embassy or consulate, where U.S. postal rates will apply.
The bottom lines:
- Election officials are approaching a deadline and have no idea what to tell Military and Overseas voters.
- Maybe, there will be relatively easy options for Military voters, yet the Military has done a poor job of serving Military voters, especially in training Voting Assistance Officers in the current stable laws.
- Overseas voters like expats, state department employees, military contractors, and corporate employees overseas, will be hit hardest, with the highest costs, highest hurdles, and likely the least information.
Senate Intelligence Committee provides report on Russian Hacking
A highly redacted 67 page report: Russian Active Measures Campaigns and Interference in the 2016 Election. Volume I Russian Efforts Against Election Infrastructure With Additional Views
The threat is real. Lack of investigation and exaggeration does not help make the case. The science is clear. Senator Wyden is correct. We need voter marked paper ballots, strong security for those ballots, with sufficient audits and recounts.
A highly redacted 67 page report: Russian Active Measures Campaigns and Interference in the 2016 Election. Volume I Russian Efforts Against Election Infrastructure With Additional Views<read>
Overall I agree with most of the report’s conclusions, yet more so with the minority views of Senator Wyden (page 62). Some of the report’s claims are exaggerated.
Many headlines say that all 50 states were attacked. That is an exaggeration of what the report says. All 50 states may have been pinged or public websites read, yet the report says even that only as speculation. Much of the data in the report does not name states. Actually only Illinois is named.
As I commented on several posts on Facebook: “Several areas where I agree: Paper Ballots need to be protected, effective tabulation audits, and avoid online voting. All of Senator Wyden’s minority report, especially: No real evidence that votes were not changed, Federal standards are in order, we should primarily use voter marked paper ballots and (especially CT) should audit and improve paper Ballot security. Worst of all they all ignore the lack of investigation of the potential NC ePollbook hack.”
Editorial
The threat is real. Lack of investigation and exaggeration does not help make the case. The science is clear. Senator Wyden is correct. We need voter marked paper ballots, strong security for those ballots, with sufficient audits and recounts.
How Democracy Lost In NYC
After a very close race in NYC there was a recount. As this NYTimes editorial points out most people would think the people’s choice lost because of overly strict laws and incompetent poll workers: One Lesson From the Katz-Cabán Recount
After a very close race in NYC there was a recount. As this NYTimes editorial points out most people would think the people’s choice lost because of overly strict laws and incompetent poll workers: One Lesson From the Katz-Cabán Recount <read>
Tiffany Cabán, a public defender, declared victory on election night, June 25, with a margin of some 1,100 votes. But several days later, after election officials reviewed the roughly 6,300 paper ballots cast, Borough President Melinda Katz was ahead by 20 votes.
On Friday, Ms. Katz’s margin was reduced to 16, after the Cabán campaign successfully lobbied to restore six paper ballots — five cast for Ms. Cabán and one for Ms. Katz — that election officials had thrown out.
Of some 2,816 affidavit ballots, election officials determined just 487 to be valid. In many cases, the ballots they threw out were cast by people who weren’t registered Queens Democrats, and therefore weren’t eligible to vote. But, according to city election officials, some 114 ballots were invalidated because the voters didn’t write the word “Democrat” on their ballot — a technicality that shouldn’t disenfranchise eligible voters, or change the outcome of any election.
A paper ballot can also be disqualified if it was cast at a polling station other than where the voter is registered. That’s not only a pointless technicality but also unfair, since poll workers should know where the voter should vote, and since polling sites are often changed
On these points we agree.
Jimmy Carter says a full investigation would show Trump lost in 2016, we are not so sure.
Former President Jimmy Carter questioned the legitimacy of Donald Trump’s presidency on Thursday, saying he would likely not be in the White House if the Russians did not interfere in the 2016 presidential election.
“I think a full investigation would show that Trump didn’t actually win the election in 2016. He lost the election, and he was put into office because the Russians interfered on his behalf,”
I have the greatest respect for President Carter, especially after his presidency, including his work for election integrity across the Globe. Yet we need actual actions not speculation.
From Politico <read>
Former President Jimmy Carter questioned the legitimacy of Donald Trump’s presidency on Thursday, saying he would likely not be in the White House if the Russians did not interfere in the 2016 presidential election.
“I think a full investigation would show that Trump didn’t actually win the election in 2016. He lost the election, and he was put into office because the Russians interfered on his behalf,”
I am not sure what such an investigation would show. All we know for sure is that there wasn’t a sufficient investigation, before or after the election, thru two administrations. Lots more to investigate in addition to foreign interference.
While its quite possible a though investigation would prove that. There is a lot of question if anything close to enough votes were changed in states that mattered. It might be too late for an investigation to prove anything like that.
More important would have been credible recounts in MI, PA, and WI which were thwarted by election officials and archaic laws intended to protect those same officials. More useful at this point and then would have been a call for investigation and for voter marked paper ballots everywhere.
I am one who believes it is likely that voter suppression small, large, legal and not clearly would have changed the result for Hillary as they would have for Kerry in 2004 and Gore in 2000.
I have the greatest respect for President Carter, especially after his presidency, including his work for election integrity across the Globe. Yet we need actual actions not speculation.
The Cyber War? We will all be victims.
NYTimes, David Sanger: U.S. Escalates Online Attacks on Russia’s Power Grid
To me, the basic story is a ho hum. Russia and China are lurking in our power grid and its been known for sometime we are in Russia’s. I would be concerned if we weren’t attempting to match them. All of that is covered in Sanger’s book, The Perfect Weapon, which I am reading right now.
There are two things that are scary in all this:
NYTimes, David Sanger: U.S. Escalates Online Attacks on Russia’s Power Grid <read>
Not sure the headline is accurate, to use the word ‘attacks’. The article points to our increasing cyber presence in the Russian grid, but no claims of actual attack. This in the same week as large, as yet, unattributed outages in South America. And yesterday’s rumors that the Trump Administration may be planning on bombing Iran.
To me, the basic story is a ho hum. Russia and China are lurking in our power grid and its been known for sometime we are in Russia’s. I would be concerned if we weren’t attempting to match them. All of that is covered in Sanger’s book, The Perfect Weapon, which I am reading right now. If you buy it, get the recently released paperback update.
There are two things that are scary in all this:
First, there is lots apparently withheld from our President, from the article:
Two administration officials said they believed Mr. Trump had not been briefed in any detail about the steps to place “implants” — software code that can be used for surveillance or attack — inside the Russian grid.
Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction — and the possibility that he might countermand it or discuss it with foreign officials, as he did in 2017 when he mentioned a sensitive operation in Syria to the Russian foreign minister.
There are indications that the plans to bomb Iran are also being created without telling the President. While I am worried about John Bolton and the risk of him starting a war, I am just as concerned with the risks inherent in our President and understand why some keep things from him. Itt is all scary.
Second, the next war will be a cyber war. If we start by bombing a specific facility in Iran, we will likely attempt to kill their power and communications grids. If not, its likely Russia will go after ours. In a couple escalations the World will likely be powered down.
In an all-out cyber war, we will be likely victims. If our power grid is successfully attacked it will be out for months, with transformers, power plants, etc. destroyed. In short, no power, no communications, no transportation, no food, and most of us without water, medicine and healthcare. It would make what happened and continues in Puerto Rico seem minor.
PS: Our election infrastructure is much less protected than our power grid. Worse, the goal of Russia is likely to disrupt our elections, bring our elections and thus our democracy into question.
Beware: The Gospel of Internet Voting
LA Times article features the entrepreneur behind Internet voting pilots vs. Science: The vote-by-phone tech trend is scaring the life out of security experts <read>
With their playbook for pushing government boundaries as a guide, some Silicon Valley investors are nudging election officials toward an innovation that prominent coders and cryptographers warn is downright dangerous for democracy…
As seasoned disruptors of the status quo, tech pioneers have proven persuasive in selling the idea, even as the National Academies of Science, Engineering and Medicine specifically warn against any such experiment…Tusk is certain participation in elections would surge if the technology were widely permitted, even though studies in some of the few places around the world that have tried the method revealed no big turnout boost
Crusade, Gospel, Genie seem appropriate to describe entrepreneur Tusk. Its a blind disregard for evidence, science, and the scientists, including yours truly, warning of the risks of Internet voting
LA Times article features the entrepreneur behind Internet voting pilots vs. Science: The vote-by-phone tech trend is scaring the life out of security experts <read>
With their playbook for pushing government boundaries as a guide, some Silicon Valley investors are nudging election officials toward an innovation that prominent coders and cryptographers warn is downright dangerous for democracy…
As seasoned disruptors of the status quo, tech pioneers have proven persuasive in selling the idea, even as the National Academies of Science, Engineering and Medicine specifically warn against any such experiment.
The fight over mobile voting pits technologists who warn about the risks of entrusting voting to apps and cellphones against others who see internet voting as the only hope for getting most Americans to consistently participate on election day…
Bradley Tusk is using the same tactics in this personal crusade that he used to advance tech startups. He has bet a significant share of the fortune he built off his equity stake in Uber that the gospel of mobile voting will spread so fast that most Americans will have the option of casting their ballots for president by phone as soon as 2028.
He has already persuaded the state of West Virginia and the City of Denver to start tinkering with voting by phone, and hopes to move quickly from there.
“What we learned at Uber is once the genie is out of the bottle, it can’t be put it back in,”…
Tusk is certain participation in elections would surge if the technology were widely permitted, even though studies in some of the few places around the world that have tried the method revealed no big turnout boost
Crusade, Gospel, Genie seem appropriate to describe Tusk. It is a blind disregard for evidence, science, and the scientists, including yours truly, warning of Internet voting:
The entrepreneur frames the fight as one pitting reformers against special interests invested in a low turnout that makes lawmakers unaccountable and easy to corrupt. He talks of the security concerns as if they are a sideshow. Sure, the scholars raising them are earnest, he said, but their approach to the challenge bewilders him. He likens them to people whose only solution to making a swimming pool safer is to fill it with concrete.That prospect alarms some of the nation’s most prominent election-security thinkers, who see in Tusk a formidable adversary with an intimidating public relations tool kit. They say he and other promoters for the projects are misleading election officials about how secure the systems are.
“There is wide agreement among computer security experts that this is problematic,” said David Dill, a professor emeritus in computer science at Stanford. “It disturbs me that officials are getting enthusiastic about this voting technology without talking to the people who have the expertise to evaluate its security.”
The National Academies report warns that the risks of this and other forms of internet voting are “more significant than the benefits.”
Read the full article for more details behind Tusk’s quest and the warnings from scientists.