Tag: voting | Page 4

Why electronic voting is dying from lack of interest

March 27, 2022/in Internet Security

The back-end was stress tested and various penetration, information security and privacy assessments undertaken. There was a refreshing transparency to the whole process and the successful online survey saved taxpayers well more than $100 million.

Collecting information, surveying opinion and engaging citizens are core functions of a citizen-centric modern government. This is what makes the inability to transform the pencil and paper voting system into a repeatable electronic system very frustrating.

Tight time constraints

Electoral commissioners are fond of observing that elections are the largest and most complex logistical operations that a country undertakes in peacetime, typically engaging the entire adult population in a prescribed process implemented under tight time constraints.

And they are expensive too. The coming federal election will cost taxpayers about $430 million to administer – including the supply of 4 million pencils – and the NSW state elections cost $100 million-plus a pop. The same process is repeated every three to four years across the eight federal jurisdictions and hundreds of local council ballots.

For nearly a decade, the NSW Electoral Commission (NSWEC) had been a pioneer in the English-speaking world, offering online voting for disabled, elderly and remote electors using Spanish software developed for elections for Swiss cantons.

The iVote software had attracted the attention of security analysts who had led a campaign to have it ditched, claiming there was a “trap door” that could allow votes to be manipulated. The NSWEC admitted the code defect, but said the local implementation had physically isolated the issue, meaning it could not be used by cyber attackers.

It was not the first time defects had been found in the whole iVote system and Electoral Commissioner John Schmidt had made no secret of the urgent need for $22 million of funding to bring the Commission’s systems, including iVote, into cyber compliance. At parliamentary hearings, Schmidt had described his efforts to get funding as “Kafkaesque” and a “circle of hell”.

System capacity issue

In the end, it was not a security bug, but rather a system capacity issue that brought down…

Source…

Another way to protect voting rights: Hack-proof our elections

March 8, 2022/in Internet Security

In his State of the Union address, President Joe Biden made a pitch once again for his failed voting reform bill, the “Freedom to Vote Act [1].” But there was a conspicuous lack of attention on what’s arguably the most serious issue pertaining to elections: Protection against foreign cybersecurity threats.

From the Colonial Pipeline ransomware attack [2] to the SolarWinds hack [3], we have seen time and again that malicious cyber interference is a clear and present danger to our economic security. Increasingly, it’s also a danger to our election security.

In recent years, leading computer scientists and network security experts have found real vulnerabilities [4] in election technology that could allow even lower-tier hackers to pose threats. As this technology ages, dozens of states [5] are now in dire need of new equipment and support for managing security issues. Public reports from the Director of National Intelligence [6] and other cybersecurity experts [7] suggest that threats could come from Russia, Iran, China or North Korea, as well as non-state actors with radical agendas.

But all is not lost.

There is growing agreement across the political spectrum on how to improve election security: voter-verified paper ballots that create permanent, physical records of votes; risk-limiting audits that use robust statistical analysis to ensure accurate counts and ample, consistent funding for state and local election administrators in order to carry out trustworthy elections for years to come. There is also support for even stronger protection from hackers and foreign interference through improved federal oversight of voting machine vendors and by keeping voting and tabulation infrastructure off the internet.

None of these reforms create any partisan advantages, only increased confidence in the security in our elections. Perhaps that is why we have seen repeated bipartisan support for many of these ideas, from the PAPER Act of 2017 [8] to the Secure Elections Act of 2018 [9] to the Election Security Act of 2019 [10]. But while lawmakers have passed some meaningful funding [11] support in recent years, further action is needed.

This is why I recently…

Source…

US cybersecurity agency reviews hacking risk to Georgia voting system | Nation/World

February 11, 2022/in Computer Security

Source…

Judge to decide if report on voting machines can be public

February 1, 2022/in Computer Security

ATLANTA (AP) – Georgia’s secretary of state on Thursday (Feb. 2) called on a voting technology expert to ask a judge to release a report detailing alleged security vulnerabilities in the voting machines used by the state – something the expert had already done.

The report by J. Alex Halderman was filed under seal in July in federal court in Atlanta as part of a long-running lawsuit challenging Georgia’s voting machines. Halderman spent 12 weeks examining the Dominion Voting Systems machines used in Georgia and more than a dozen other states and identified “multiple severe security flaws” that would allow attackers to install malicious software, he wrote in a sworn declaration filed in the case.

Halderman, a voting technology specialist and director of the University of Michigan’s Center for Computer Security and Society, told The Associated Press in August that he’d seen no evidence the machines’ vulnerabilities were used to tamper with the 2020 election, but he said, “there remain serious risks that policymakers and the public need to be aware of.”

State and federal officials have repeatedly said there was no evidence of widespread voter fraud during the 2020 election.

The report was initially classified “attorneys’ eyes only.” That meant the actual parties to the case couldn’t see it, only their lawyers and experts could. In a declaration filed with the court in July, Halderman urged public disclosure of a redacted version of his findings.

In a press release Thursday, Secretary of State Brad Raffensperger called on Halderman “to ask the judge to publicly release his findings on Georgia’s election system and his pre-2020 election testimony. Halderman was given full access to Georgia’s election system by the judge, the equivalent of having the keys and alarm codes to a home then claiming he found a way to break in.“

Source…

Tag Archive for: voting

Tight time constraints

System capacity issue