Last month, when Congress authorized three hundred and eighty million dollars to help states protect their voting systems from hacking, it was a public acknowledgement that, seven months out from the midterm elections, those systems remain vulnerable to attack.
Texas counties have doled out millions of dollars in recent months to replace thousands of old touch-screen voting machines that lack a paper record – a weakness security experts warn could allow Russians or other hackers to rig U.S. elections without detection.
The problem is, many of the new machines have the same vulnerability. So do similar machines in more than a dozen states across the country.
A pair of senators from each party is introducing legislation meant to deter foreign governments from interfering in future American elections.
The bill represents the latest push on Capitol Hill to address Russia’s meddling in the 2016 presidential election and counter potential threats ahead of the 2018 midterms.
A bipartisan group of six senators has introduced legislation that would take a huge step toward securing elections in the United States. Called the Secure Elections Act, the bill aims to eliminate insecure paperless voting machines from American elections while promoting routine audits that would dramatically reduce the danger of interference from foreign governments.
The U.S. Senate should enthusiastically pass the Graham-Klobuchar amendment to H.R. 2810, the National Defense Authorization Act for fiscal 2018.
The amendment would enormously strengthen defenses against cyber attacks that could compromise the integrity of elections in the United States and undermine legitimacy of government. Public confidence in the reliability of elections is a cornerstone of national security—the willingness of the people to fight and die for their country.
“They’re coming after America,” former FBI director James B. Comey told the Senate intelligence committee this month. “They will be back.” In a highly politicized hearing, this bold statement drew strikingly little partisan disagreement. Senators on both sides of the aisle have seemingly reached consensus that foreign agents did try to tamper with the 2016 election and that they are extremely likely to do so again.
The question is: What do we do about it?
It’s not really all that hard to hack American democracy.
That fact should be driven home by a recent article from The Intercept detailing the contents of a highly classified NSA report that found evidence of a massive Russian cyberattack on voting software and against over 100 election officials. While the NSA concluded the attack was carried out by the most sophisticated of hackers—the Russian military—their entry methods were relatively vanilla.
Russia's military intelligence agency launched an attack days before Election Day on a U.S. company that provides election services and systems, including voter registration, according to a top-secret report posted Monday by The Intercept.
The news site published a report, with redactions, by the National Security Agency that described the Russian spear-phishing scheme, one it described as perpetrated by the same intelligence agency — the GRU — that the Obama administration imposed sanctions on for the 2016 cyber mischief.
Good news: Most Americans still have at least some degree of confidence in our voting system. We have not devolved to the level of a third-world banana republic — yet.
But Americans' faith in elections has diminished considerably, and I believe justifiably. Now, only four in 10 citizens have "strong confidence" that their votes are counted as cast. Among Republicans, the proportion of people with faith in voting has fallen to just about a third.
If there is anything positive to say about the 2016 elections, it's that they have finally forced an end to the official denial of computerized election rigging. In the past month, the fact that our voting technology is a hacker's paradise has been validated by no less than all the major TV news networks: NBC, ABC, CBS, Reuters, The Washington Post, The New York Times, The Boston Globe, The Atlantic, USA Today,The Hill, The Guardian, Mother Jones, Politico, and a dozen other outlets.
Internet voting conceals all four essential steps of transparent elections.
It therefore alters our form of government, violating our inalienable rights and transferring power to insiders; government and vendors.
Internet voting “security” cannot possibly be assured to the public.
It conceals all the essential steps listed above, including who’s voting remotely.
by David Jefferson, Computer Scientist, Lawrence Livermore National Laboratory 1 ], member, Verified Voting Foundation Board, Board of Directors, California Voter Foundation
There is widespread pressure around the country today for the introduction of some form of Internet voting in public elections that would allow people to vote online, all electronically, from their own personal computers or mobile devices. Proponents argue that Internet voting would offer greater speed and convenience, particularly for overseas and military voters and, in fact, any voters allowed to vote that way. However, computer and network security experts are virtually unanimous in pointing out that online voting is an exceedingly dangerous threat to the integrity of U.S. elections.
There is no way to guarantee that the security, privacy, and transparency requirements for elections can all be met with any practical technology in the foreseeable future. Anyone from a disaffected misfit individual to a national intelligence agency can remotely attack an online election, modifying or filtering ballots in ways that are undetectable and uncorrectable, or just disrupting the election and creating havoc. There are a host of such attacks that can be used singly or in combination. In the cyber security world today almost all of the advantages are with attackers, and any of these attacks can result in the wrong persons being elected, or initiatives wrongly passed or rejected.
There is no way to guarantee that the security, privacy, and transparency requirements for elections can all be met with any practical technology in the foreseeable future
Nonetheless, the proponents point to the fact that millions of people regularly bank and shop online every day without apparent problems. They note that an online voting transaction resembles an ecommerce transaction, at least superficially. You connect your browser to the appropriate site, authenticate yourself, make your choices with the mouse, click on a final confirmation button, and you are done! All of the potential attacks alluded to above apply equally to shopping and banking services, so what is the difference? People ask, quite naturally, “If it is safe to do my banking and shopping online, why can’t I vote online?” This is a very fair question, and it deserves a careful, thorough answer because the reasons are not obvious. The answer requires substantial development to explain fully, but in brief, in can be summarized:
1. It is not actually “safe” to conduct ecommerce transactions online. It is in fact very risky, and more so every day. Essentially all those risks apply equally to online voting transactions.
2. The technical security, privacy, and transparency requirements for voting are structurally different from, and actually much more stringent than, those for ecommerce transactions. Even if ecommerce transactions were safe, the security technology underpinning them would not suffice for voting. In particular, the voting security and privacy requirements are unique and in tension in a way that has no analog in the ecommerce world.
Why do security experts say that ecommerce transactions are not safe when millions of people do them every day, mostly without problems? The question needs to be refined: “Safe for whom?” and “What degree of safety is required”? E-Commerce transactions may be relatively safe for consumers, but they certainly are not safe for financial institutions or merchants.2 Banks, credit card companies, and online merchants lose billions of dollars a year in online transaction fraud despite huge investments in fraud prevention and recovery. People have the illusion that ecommerce transactions are safe because merchants and banks don’t hold consumers financially responsible for fraudulent transactions that they are the innocent victims of. Instead the businesses absorb and redistribute the losses silently, passing them on in the invisible forms of higher prices, fees, and interest rates. Businesses know that if consumers had to accept those losses personally most online commerce would collapse. Instead, they routinely hide the losses, keeping the magnitude secret so the public is generally unaware. It’s a good business strategy.
By Greg Gordon - McClatchy Washington Bureau
Introducing himself as a former Oregon state elections official, online voting industry lobbyist Donald DeFord vouched authoritatively to a Washington state legislative panel in late January as to the merits of statewide internet voting.
Oregon, he testified, ultimately came to the “same solution” offered by a bill before the Washington state House that would allow everybody to cast their election ballots by email or fax – an option that top cyber security experts warn would expose elections to hackers.
“First in a special congressional election and then statewide, we made our accessible online ballot delivery and return system available to any voter who was not able to use a paper ballot,” DeFord, who previously led Oregon’s program under the federal Help America Vote Act, told the committee.
There was a big problem, however, with the testimony he gave in his current job as a regional sales director for San Diego-based Everyone Counts.
Oregon doesn’t allow voters to send in marked ballots electronically, except for troops and citizens living abroad who have been prevented from mailing their absentee ballots due to an emergency or other extenuating circumstances.
DeFord now says he “misspoke.”
“There was a little bit of confusion about language in there. I probably could have been more clear about it,” he said in phone and email exchanges. “... I did not intend to imply that Oregon has expanded electronic ballot return to all voters.”
By Greg Gordon - McClatchy Washington Bureau
A Pentagon official sat before a committee of the Washington State Legislature in January and declared that the U.S. military supported a bill that would allow voters in the state to cast election ballots via email or fax without having to certify their identities.
Military liaison Mark San Souci’s brief testimony was stunning because it directly contradicted the Pentagon’s previously stated position on online voting:
It’s against it.
Along with Congress, the Defense Department has heeded warnings over the past decade from cybersecurity experts that no Internet voting system can effectively block hackers from tampering with election results.
And email and fax transmissions are the most vulnerable of all, according to experts, including officials at the National Institute of Standards and Technology, which is part of the Commerce Department.
San Souci declined to comment. A Pentagon spokesman, Lt. Cmdr. Nathan Christensen, said the Defense Department “does not advocate for the electronic transmission of any voted ballot, whether it be by fax, email or via the Internet.”
The Washington state legislation is dead for this year. But the episode provides a window into how the voting industry, with an occasional boost from the Pentagon, is succeeding in selling state and local officials on the new technology, despite predictions of likely security breaches.
It’s also put state lawmakers and election officials at odds with their counterparts in the other Washington: the nation’s capital.
Internet voting, a technology often cited as a solution to the United States' problematic voting machines, received failing security and accessibility grades in the latest in-depth audit conducted by the City of Toronto. Two of the three vendors audited by the city currently have contracts with over a dozen U.S. jurisdictions for similar technologies.
The accessibility report, prepared by researchers at the Inclusive Design Research Centre at OCAD University, and the security report, prepared by researchers at Concordia and Western universities, were obtained by Al Jazeera America through a Freedom of Information Act request.
Proponents of Internet voting, largely disabilities groups and advocates for military voters overseas, point to the apparent ease-of-use of other Internet-based activities, such as banking, and claim the technology would lead to higher turnout rates.
The reports highlight the difficulty in creating a voting system that isn't more susceptible to corruption than existing voting technology and that is easy enough to use for voters with a variety of personal computer setups, including those with disabilities who often use alternatives to traditional mice, keyboards and screens.
Thirty-one states in the U.S. allow overseas and military voters to print and deliver ballots electronically. A Pentagon unit, the Federal Voting Assistance Program (FVAP) has largely spearheaded the effort by funding state programs providing assistance to overseas troops and others. A nonprofit watchdog group, the Electronic Privacy Information Center, sued FVAP last month to force them to disclose their own audits of Internet voting conducted three years ago. In 2012 the program told Congress it would release the records to the public by the middle of 2013.
Other countries including Germany and the Netherlands have banned all forms of electronic voting, including Internet voting. Norway experimented with Internet voting in 2011 and 2013 for a select subset of voters. A recent government-commissioned report on the trial found that it did not increase voter turnout nor did it mobilize smaller demographic groups. Officials noted that increasing turnout was not an intended or expected outcome and it confirmed previous findings that voting was easier for some, but those with disabilities had issues with error messages, text contrast and other elements.
Written by Susannah Goodman, Pamela Smith
Twenty-three states and the District of Columbia allow military and overseas voters (not domestic voters) to return voted ballots by email, facsimile and/or other Internet transmission; six allowInternet return for military members in “hostile fire” zones, and one – Alaska -- allows it for all absentee voters. But Internet voting is very insecure; ballots returned this way are at risk for manipulation, loss or deletion.
According to the National Institute for Standards and Technology, the agency charged with reviewing the security of Internet voting systems, even the most sophisticated cyber security protections cannot secure voted ballots sent over the Internet and secure Internet voting is not feasible at this time. The integrity and reliable delivery of ballots returned electronically over online balloting systems – even those that employ security tools such as encryption or virtual private networks -- can’t be guaranteed.
Just as important, ballots sent by electronic transmission cannot be kept private. Most States which accept electronically transmitted ballots require voters to sign a waiver forfeiting the right to a secret ballot. In some cases, this waiver conflicts with state law or constitutional provisions which guarantee the right to a secret ballot.
In light of these facts, cybersecurity experts at the Department of Homeland Security have advised against sending marked ballots back via email or Internet portal. Moreover, the Department of Defense’s Federal Voting Assistance Program (FVAP) has advised that postal return of voted ballots is the most responsible method of ballot return.
Fundamental security problems aren’t solved, computing experts warn.
By David Talbot
A decade and a half into the Web revolution, we do much of our banking and shopping online. So why can’t we vote over the Internet? The answer is that voting presents specific kinds of very hard problems.
Even though some countries do it and there have been trial runs in some precincts in the United States, computer security experts at a Princeton symposium last week made clear that online voting cannot be verifiably secure, and invites disaster in a close, contentious race.
“Vendors may come and they may say they’ve solved the Internet voting problem for you, but I think that, by and large, they are misleading you, and misleading themselves as well,” Ron Rivest, the MIT computer scientist and cryptography pioneer, said at the symposium. “If they’ve really solved the Internet security and cybersecurity problem, what are they doing implementing voting systems? They should be working with the Department of Defense or financial industry. These are not solved problems there.”
The unsolved problems include the ability of malicious actors to intercept Internet communications, log in as someone else, and hack into servers to rewrite or corrupt code. While these are also big problems in e-commerce, if a hacker steals money, the theft can soon be discovered. A bank or store can decide whether any losses are an acceptable cost of doing business.
Voting is a different and harder problem. Lost votes aren’t acceptable. And a voting system is supposed to protect the anonymity of a person’s vote—quite unlike a banking or e-commerce transaction—while at the same time validating that it was cast accurately, in a manner that maintains records that a losing candidate will accept as valid and verified.
Given the well-understood vulnerabilities of networked computer systems, the problem is far from solved, says David Dill, a Stanford computer scientist. “Basically, it relies on the user’s computer being trustworthy. If a virus can intercept a vote at keyboard or screen, there is basically no defense,” Dill says. “There are really fundamental problems. Perhaps a system could be tightened so some particular hack won’t work. But overall, systems tend to be vulnerable.”
This year, the U.S. Department of Defense canceled plans to allow Internet voting by military personnel overseas after a security team audited a $22 million system developed by Accenture and found it vulnerable to cyberattacks.
Your information will not be shared.
The National Election Defense Coalition (NEDC) has built the only bipartisan movement in defense of election security. We are educating, mobilizing, and moving the agenda for significant policy reform.
Please click on the donation button to help us defend every American’s right to have their vote counted.
