[Durham INC] Election Security

Tue Nov 15 08:31:21 EST 2016

The "Crosscheck" voter roll purges in NC were sufficient to have thrown the state to Trump. Crosscheck probably also was key to electing Tillis. Democrats will not protest this obvious fraud, though, as usual, since they also enjoy rigging and gerrymandering in their turn. If they had run a clean primary Sanders would be on his way to the White House today.
There has been ample evidence for decades of hacking and vote suppression. Where is the outrage?  

    On Tuesday, November 15, 2016 7:17 AM, Pat Carstensen <pats1717 at hotmail.com> wrote:

This may not be the best time to share an article on hacking the polls, but this makes a good case for dealing with the issue now.  From Bruce Schneier, an expert on trust and and security.

** *** ***** ******* *********** *************

      Election Security

It's over. The voting went smoothly. As of the time of writing, there 
are no serious fraud allegations, nor credible evidence that anyone 
tampered with voting rolls or voting machines. And most important, the 
results are not in doubt.

While we may breathe a collective sigh of relief about that, we can't 
ignore the issue until the next election. The risks remain.

As computer security experts have been saying for years, our newly 
computerized voting systems are vulnerable to attack by both individual 
hackers and government-sponsored cyberwarriors. It is only a matter of 
time before such an attack happens.

Electronic voting machines can be hacked, and those machines that do not 
include a paper ballot that can verify each voter's choice can be hacked 
undetectably. Voting rolls are also vulnerable; they are all 
computerized databases whose entries can be deleted or changed to sow 
chaos on Election Day.

The largely ad hoc system in states for collecting and tabulating 
individual voting results is vulnerable as well. While the difference 
between theoretical if demonstrable vulnerabilities and an actual attack 
on Election Day is considerable, we got lucky this year. Not just 
presidential elections are at risk, but state and local elections, too.

To be very clear, this is not about voter fraud. The risks of ineligible 
people voting, or people voting twice, have been repeatedly shown to be 
virtually nonexistent, and "solutions" to this problem are largely 
voter-suppression measures. Election fraud, however, is both far more 
feasible and much more worrisome.

Here's my worry. On the day after an election, someone claims that a 
result was hacked. Maybe one of the candidates points to a wide 
discrepancy between the most recent polls and the actual results. Maybe 
an anonymous person announces that he hacked a particular brand of 
voting machine, describing in detail how. Or maybe it's a system failure 
during Election Day: voting machines recording significantly fewer votes 
than there were voters, or zero votes for one candidate or another. 
(These are not theoretical occurrences; they have both happened in the 
United States before, though because of error, not malice.)

We have no procedures for how to proceed if any of these things happen. 
There's no manual, no national panel of experts, no regulatory body to 
steer us through this crisis. How do we figure out if someone hacked the 
vote? Can we recover the true votes, or are they lost? What do we do 
then?

First, we need to do more to secure our elections system. We should 
declare our voting systems to be critical national infrastructure. This 
is largely symbolic, but it demonstrates a commitment to secure 
elections and makes funding and other resources available to states.

We need national security standards for voting machines, and funding for 
states to procure machines that comply with those standards. 
Voting-security experts can deal with the technical details, but such 
machines must include a paper ballot that provides a record verifiable 
by voters. The simplest and most reliable way to do that is already 
practiced in 37 states: optical-scan paper ballots, marked by the 
voters, counted by computer but recountable by hand. And we need a 
system of pre-election and postelection security audits to increase 
confidence in the system.

Second, election tampering, either by a foreign power or by a domestic 
actor, is inevitable, so we need detailed procedures to follow -- both 
technical procedures to figure out what happened, and legal procedures 
to figure out what to do -- that will efficiently get us to a fair and 
equitable election resolution. There should be a board of independent 
computer-security experts to unravel what happened, and a board of 
independent election officials, either at the Federal Election 
Commission or elsewhere, empowered to determine and put in place an 
appropriate response.

In the absence of such impartial measures, people rush to defend their 
candidate and their party. Florida in 2000 was a perfect example. What 
could have been a purely technical issue of determining the intent of 
every voter became a battle for who would win the presidency. The 
debates about hanging chads and spoiled ballots and how broad the 
recount should be were contested by people angling for a particular 
outcome. In the same way, after a hacked election, partisan politics 
will place tremendous pressure on officials to make decisions that 
override fairness and accuracy.

That is why we need to agree on policies to deal with future election 
fraud. We need procedures to evaluate claims of voting-machine hacking. 
We need a fair and robust vote-auditing process. And we need all of this 
in place before an election is hacked and battle lines are drawn.

In response to Florida, the Help America Vote Act of 2002 required each 
state to publish its own guidelines on what constitutes a vote. Some 
states -- Indiana, in particular -- set up a "war room" of public and 
private cybersecurity experts ready to help if anything did occur. While 
the Department of Homeland Security is assisting some states with 
election security, and the F.B.I. and the Justice Department made some 
preparations this year, the approach is too piecemeal.

Elections serve two purposes. First, and most obvious, they are how we 
choose a winner. But second, and equally important, they convince the 
loser -- and all the supporters -- that he or she lost. To achieve the 
first purpose, the voting system must be fair and accurate. To achieve 
the second one, it must be *shown* to be fair and accurate.

We need to have these conversations before something happens, when 
everyone can be calm and rational about the issues. The integrity of our 
elections is at stake, which means our democracy is at stake.

This essay previously appeared in the New York Times.
http://www.nytimes.com/2016/11/09/opinion/american-elections-will-be-hacked.html
|  | American Elections Will Be Hackedwww.nytimes.comOur voting systems are vulnerable to cyberattack. This year, we got lucky. Next time, maybe we won’t. Here’s what we need to do. |

Election-machine vulnerabilities:
https://www.washingtonpost.com/posteverything/wp/2016/07/27/by-november-russian-hackers-could-target-voting-machines/
|  | By November, Russian hackers could target voting machines ...www.washingtonpost.comIf Russia really is responsible, there's no reason political interference would end with the DNC emails. |

Elections are hard to rig:
https://www.washingtonpost.com/news/the-fix/wp/2016/08/03/one-reason-to-doubt-the-presidential-election-will-be-rigged-its-a-lot-harder-than-it-seems/
|  | Rigging an election is a lot harder than you might think ...www.washingtonpost.comUpdate: On Sunday, Donald Trump suggested on Twitter that the 2016 presidential election is being rigged "at many polling places" -- despite early voting being in ... |

Voting systems as critical infrastructure:
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2852461
| Making Democracy Harder to Hack: Should Elections Be ...papers.ssrn.comWith the Russian government hack of the Democratic National Convention email servers, and further leaks expected over the coming months that could influence an ... |

Voting machine security:
https://www.verifiedvoting.org/
| Verified Votingwww.verifiedvoting.orgVerified Voting’s mission is safeguarding elections in the digital age. As a non-partisan organization working for accuracy, integrity and verifiability of ... |

http://votingmachines.procon.org/view.answers.php?questionID=000291
| - Voting Machines - ProCon.orgvotingmachines.procon.orgRead pros, cons, and expert responses in the debate. |

http://votingmachines.procon.org/view.answers.php?questionID=000291

Election-defense preparations for 2016:
http://www.usatoday.com/story/tech/news/2016/11/05/election-2016-cyber-hack-issues-homeland-security-indiana-pennsylvania-election-protection-verified-voter/93262960/
http://www.nbcnews.com/storyline/2016-election-day/all-hands-deck-protect-election-hack-say-officials-n679271

** *** ***** ******* *********** *************

_______________________________________________
Durham INC Mailing List
inc-list at lists.deltaforce.net
http://lists.deltaforce.net/mailman/listinfo/inc-list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.deltaforce.net/pipermail/inc-list/attachments/20161115/30eb30ab/attachment.html>