The Security of Our Election Systems

Russia was behind the hacks into the Democratic National Committee's computer network that led to the release of thousands of internal emails just before the party's convention began, U.S. intelligence agencies have reportedly concluded.

The FBI is investigating. WikiLeaks promises there is more data to come. The political nature of this cyberattack means that Democrats and Republicans are trying to spin this as much as possible. Even so, we have to accept that someone is attacking our nation's computer systems in an apparent attempt to influence a presidential election. This kind of cyberattack targets the very core of our democratic process. And it points to the possibility of an even worse problem in November ­ that our election systems and our voting machines could be vulnerable to a similar attack.

If the intelligence community has indeed ascertained that Russia is to blame, our government needs to decide what to do in response. This is difficult because the attacks are politically partisan, but it is essential. If foreign governments learn that they can influence our elections with impunity, this opens the door for future manipulations, both document thefts and dumps like this one that we see and more subtle manipulations that we don't see.

Retaliation is politically fraught and could have serious consequences, but this is an attack against our democracy. We need to confront Russian President Vladimir Putin in some way ­ politically, economically or in cyberspace ­ and make it clear that we will not tolerate this kind of interference by any government. Regardless of your political leanings this time, there's no guarantee the next country that tries to manipulate our elections will share your preferred candidates.

Even more important, we need to secure our election systems before autumn. If Putin's government has already used a cyberattack to attempt to help Trump win, there's no reason to believe he won't do it again ­ especially now that Trump is inviting the "help."

Over the years, more and more states have moved to electronic voting machines and have flirted with Internet voting. These systems are insecure and vulnerable to attack.

But while computer security experts like me have sounded the alarm for many years, states have largely ignored the threat, and the machine manufacturers have thrown up enough obfuscating babble that election officials are largely mollified.

We no longer have time for that. We must ignore the machine manufacturers' spurious claims of security, create tiger teams to test the machines' and systems' resistance to attack, drastically increase their cyber-defenses and take them offline if we can't guarantee their security online.

Longer term, we need to return to election systems that are secure from manipulation. This means voting machines with voter-verified paper audit trails, and no Internet voting. I know it's slower and less convenient to stick to the old-fashioned way, but the security risks are simply too great.

There are other ways to attack our election system on the Internet besides hacking voting machines or changing vote tallies: deleting voter records, hijacking candidate or party websites, targeting and intimidating campaign workers or donors. There have already been multiple instances of political doxing ­ publishing personal information and documents about a person or organization ­ and we could easily see more of it in this election cycle. We need to take these risks much more seriously than before.

Government interference with foreign elections isn't new, and in fact, that's something the United States itself has repeatedly done in recent history. Using cyberattacks to influence elections is newer but has been done before, too ­ most notably in Latin America. Hacking of voting machines isn't new, either. But what is new is a foreign government interfering with a U.S. national election on a large scale. Our democracy cannot tolerate it, and we as citizens cannot accept it.

Last April, the Obama administration issued an executive order outlining how we as a nation respond to cyberattacks against our critical infrastructure. While our election technology was not explicitly mentioned, our political process is certainly critical. And while they're a hodgepodge of separate state-run systems, together their security affects every one of us. After everyone has voted, it is essential that both sides believe the election was fair and the results accurate. Otherwise, the election has no legitimacy.

Election security is now a national security issue; federal officials need to take the lead, and they need to do it quickly.

This essay originally appeared in the Washington Post.

Posted on July 29, 2016 at 6:29 AM • 102 Comments

Comments

JeffJuly 29, 2016 6:50 AM

I guess subverting ICT standards, stifling cryptography and insisting on backdoored products is looking like less of a good idea by the minute, isn't it FBI...

MarcelJuly 29, 2016 6:58 AM

Regarding the DNC hack, I wonder, why does a democratic election campaign have secrets in the first place? It's only needed for playing dirty and playing dirty is not (or should not) be a requirement for democratic elections.

Furthermore I'm skeptical that Russia (the state) was behind the hack. The interests in whether there is a Republican or Democratic president in the Whitehouse seem far greater domestically than abroad.

I totally agree that the actual election process should be as offline as possible and every attempt to do it electronically makes it more insecure.

Couldn'tPossiblyCommentJuly 29, 2016 7:18 AM

While I'm aware the Washington Post has a bias a mile wide and thus probably you'd never have got anything else past the editor, I'm a little disappointed that this post spins the US elections problem as 'OMG Russians influenced the US elections, we need to strike back'.

There wouldn't have been any influence if the political process was clean, straightforward and trustworthy, and articles like this serve to shift the focus from the politicians' dirty laundry to an outside actor who might be a very convenient scapegoat. Sometimes it seems that the US media is very happy to air certain politicians' laundry but not others. Can't imagine why.

Also, this confirmation is the same set of intelligence agencies that have had a wonderful track record in the privacy of Americans, keeping the Internet secure, avoiding any partisanship, and so on.

Perhaps the US needs to clean up its own act before pointing the finger. The thousands of protestors outside the DNC, the many delegates that walked out, that's not because of Russians. Whatever side (or not) one might be in the US elections, the system is visibly dirty to anyone looking in.

Genuinely curious as to the shift from 'the NSA needs to be broken up' and similar, to 'the federal government needs to solve all our woes'. The people that caused & benefit from the current situation need to fix it? Forgive me if I'm confused...

I can't disagree at all with the desire to switch to voting mechanisms that are provable secure - that at least is in line with the 'On Security' part of the blog.

NickJuly 29, 2016 7:27 AM

Make all the Emails public in the first place.

The only reason there is a problem is because of what people were doing.

Chris EtheridgeJuly 29, 2016 7:39 AM

Bruce, I really respect you for your knowledge of security and what you have brought to the security community. I agree that there are forces out there that hate America and will do whatever they can to disrupt our systems. No one doubts this and that is not really news. Is it all that shocking to think that someone, anyone would try to hack our election system? There was talk about it last year and I think everyone understands that these machines are probably way more vulnerable than we want them to be. I don't think that is in any way shocking to hear. We've been down this road, especially with Diebold. However, I hang my head in disappointment today that you are continuing the rhetoric and propaganda that the media has been portraying. It just shows that despite your vast knowledge of security, that no one is safe from the media and their driving of the political machine. This truly is the death of critical thinking. The fact that you are repeating and linking to a clearly spun article about Trump "inviting" Russian intervention is so disappointing. Everyone is running so scared of Trump and the media hangs on every word he says and tries to spin whatever story they want to instead of actually listening to what he says. If you listen to what he said, without the blinders that the media has put on it, he said that THE MEDIA, would probably pay gladly for Hillary's emails. Not him. Not the government. Not anyone else. There was no "invitation". He was pointing at the corruption of the media. Further, you can clearly understand that he was being "on the nose" and joking about the situation because he was mixing two different situations. The deleting of the email, and the hack of the DNC. Two completely separate issues brought into a single pointed absurd joke. You Bruce, of all people should know that they were two different issues. I guess that is what you can expect when you are employed by the very same corrupt media. I thought that hopefully you would bring a non-partisan viewpoint of security despite "being on the payroll" but I guess not. The brilliance of Trump, whether he has intended this or not, is that with his bold absurdity, he is forcing everyone to show their true colors. In this social media driven world, people can't seem to hide their true motivations anymore and Trump is forcing people draw a line in the sand since people feel the need to distance themselves from the non-politically correct for fear of the social mafia. Subterfuge exposed and you played into the trap perfectly.

MbJuly 29, 2016 7:46 AM

I have hard time getting worked up about this, just because they used a computer. Russia and the former Soviet Union tried to influence elections for decades. Sometimes hey were successful. Sometimes not. This time they used a computer, next time who knows. If our democracy is that fragile, we are doomed.

JimJuly 29, 2016 7:47 AM

I'll say it again - if you've got nothing to hide... Well, that's what they keep saying to us citizens.

OutlanderJuly 29, 2016 7:49 AM

The first question anyone should ask is why those mails were not encrypted. Why didn't they use OpenPGP or S/MIME? Clinton's computer illiteracy can't really explain why her tech guy was so ignorant as well.

ianfJuly 29, 2016 7:56 AM


@ Jim – suppose I've got nothing to hide
BUT the fact that I've got nothing to hide.

Does it now make me
a potential withholder
of secrets?

(bet you didn't thought of that!)

BardiJuly 29, 2016 8:02 AM

Perhaps I missed it but didn't Assange come right out and say he released the DNC emails for personal reasons? Trump could always have "hired" the hacker and had the info downloaded to Assange. It would be a lot cheaper than buying ads, that is for sure.

I am really bothered by electronic voting machines after I had a talk with someone big in the industry who said their biggest problem is to make the "winning" vote believable. The object was to get the vote as close to 50/50 as possible, then ensure the win is only by a couple of points.

Ugly business, this present day electoral process.

BruceJuly 29, 2016 8:05 AM

I don't see why everyone is kicking up such a fuss over the potential of a foreign government trying to influence our elections. We have a bigger problem with the DNC actually doing it.

WinterJuly 29, 2016 8:05 AM

@Nick
"Make all the Emails public in the first place. "

I do not think you have thought through how publishing internal emails of political parties during an election campaign would help democracy. It wouldn't.

JohnJuly 29, 2016 8:15 AM

But the hacking began over a year ago, before Trump even had single digits. And it was Wikileaks who decided when to release it, is it not more of Assange trying to get back at Clinton than Putin supporting Trump?

blablablagingerJuly 29, 2016 8:16 AM

I think the foreign powers that want to control the US electoral system just funnel dark money into the super-pacs like everyone else. It was citizens united that opened the gates, not any nefarious hacking.

Naum830July 29, 2016 8:17 AM

Long time reader of mr. Schneier's excellent blog and site. This is first time I have a need to comment. Please excuse my bad english.

1. First of all, it is really interesting how Obama, DNC, mass media and many other are trying to move the scope of the scandal to the leak itself, while ignoring content and wrongdoing exposed itself. Interesting behaviour - like a gang of gangsters is woried how they have been exposed, but not trying to prepare defence, alibi, statement or at least to erase the evidences.

2. Putin ... boogyman itself. Erdogan has Fetullah Gulen, Big Brother from Orwell's 1984 had Goldstein, and USA/EU has Putin - pathologic picture of the "eternal jew" who is guilty for everything from bad weather to financial crisis. I'm suprised how mr. Schneier verbatim forwards this article without some cautions. Specially if Washington Post is known for a very hard bias and articles which are divorced with facts and reality checks.

3. Elecrtronical voting: we can sort this in couple of categories:
- fully connected via internet to central place (no matter how secure undelying encryption is)
- stand alone machines connected only on voting place and in one big VPN
- stand alone machines whose data on the end of the day is transferred offline (USB sticks for example)
- stand alone machines which are printing results, and from that level everything is calculated manually
- fully manual process as in majority of the world and as 20-30 years ago

Election of the president of one superpower in country where constitution says it is fully presidential system is a really sensitive matter. Maybe as people of IT and security experts after so many practical and theoretical examples of hacking on every level and on really small attack vectors, we can honestly say only one answer: go with fully manual process as so many decades and centuries back ... it works for granted!


4. Many people are frightened to death on notion that silly Trump can become president of USA. Even non-political. Someone smart said: if we abstract silly sexisms, racisms, political incorectness and black humor, and read his SERIOUS sentences about political matters, we can conclude his is more or less centrist politician with not so bad agenda; much less extremist than Hillary "we came, we saw, he died" Clinton.

5. Hypotetical notions about foreign interference on USA elections: someone more a troll than a thinker noticed something with a bit of truth: if USA is so keen to intervene and manipulate politics of so many latin american, near east and the rest of countries on this world, maybe citizens of the whole world (or at least from involved countires) should be allowed to vote on US elections. :)

Summa Summarum: Information tehnology cannot be trusted is such sensible matters (yet).

Dirk PraetJuly 29, 2016 8:27 AM

@ Bruce

I'm afraid I'm having a bit of a Padme moment here: you're going down a path I cannot follow. If I didn't know any better, this could have been written by @Skeptical himself. It's the sort of language that reminds me of the early eighties, perhaps best reflected in "Russians are running the DHSS" from the 1983 album "Ranting at the Nation" by my old friend John Baine, better known as the British punk poet Attila The Stockbroker.

It first was a rumour dismissed as a lie
but then came the evidence none could deny:
a double page spread in the Sunday Express –
The Russians are running the DHSS
(*)

The scroungers and misfits have done it at last
The die of destruction is finally cast
The glue-sniffing Trotskyists’ final excess:
The Russians are running the DHSS

It must be the truth ‘cos it’s there in the news
A plot by the Kremlin, financed by the Jews
and set up by Scargill, has met with success –
The Russians are running the DHSS

So go down to your Jobcentre – I bet you’ll see
Albanian students get handouts for free
and drug-crazed punk rockers cavort and caress
In the interview booths in the DHSS…

They go to Majorca on taxpayers’ money
Hey, you there, stop laughing –I don’t think it’s funny
And scroungers and tramps eat smoked salmon and cress
Now the Russians are running the DHSS

We’ll catch that rat Scargill (**) with our red rat catcher
We’ll send him to dinner with Margaret Thatcher
And we’ll make him stay there until he’ll confess
That he put the Reds in the DHSS

Then we’ll hang ‘em and flog ‘em and hang ‘em again
And hang ‘em and flog ‘em and more of the same
We’ll gas all the dole queues and clear up the mess:
Get rid of the Reds – and the DHSS

* DHSS : UK Department of Health and Social Security
** Scargill : Arthur Scargill, socialist trade union leader

JimJuly 29, 2016 8:49 AM

@ianf - I think you're missing my point. The government (NSA, etc.) spies on us and the excuse given by them and their supporters is, "If you've got nothing to hide..." It's time we turned the tables. DNC - if you've got nothing to hide, then why are you so worried about hackers? Oh, that's right, you do have stuff to hide. So you're going to deflect the attention to the hackers who got your stuff rather than the content of the stuff. Gee, how about if you stop doing the stuff you're so worried about being made public? What a novel concept.

WinterJuly 29, 2016 8:51 AM

A short reminder about the polices of the Kremlin:

1: Russia has fought wars (and still is) in Moldavia, Georgia, and Ukraine. They are currently fighting for Assad in Syria

2: Russia has execute cyber attacks that caused severe damage in Estonia and Ukraine

3: Russia funds most anti-EU parties in Europe.

Putin is not your average bogey man. His people have downed large airliners and destroyed three countries.

TedJuly 29, 2016 8:59 AM

Blockchain: what it is, how it really can change the world
https://www.weforum.org/agenda/2016/06/the-blockchain

“Blockchain – the technology behind the bitcoin digital currency – is a decentralized public ledger of transactions that no one person or company owns or controls."

“But the blockchain ledger has uses far beyond simple monetary transactions."

“Like the Internet, the blockchain is an open, global infrastructure upon which other technologies and applications can be built."

“Some 50 big-name banks have announced blockchain initiatives. Investors have poured more than $1 billion in the past year into start-ups formed to exploit the blockchain for a wide range of businesses. Tech giants such as Microsoft, IBM and Google all have blockchain projects underway."

“Perhaps the most encouraging benefit of blockchain technology is the incentive it creates for participants to work honestly where rules apply equally to all. Bitcoin did lead to some famous abuses in trading of contraband, and some nefarious applications of blockchain technology are probably inevitable. The technology doesn’t make theft impossible, just harder."

“But as an infrastructure that improves society’s public records repository and reinforces representative and participatory legal and governance systems, blockchain technology has the potential to enhance privacy, security and freedom of conveyance of data—which surely ranks up there with life, liberty and the pursuit of happiness."

https://www.weforum.org/agenda/2016/06/blockchain-explained-simply

Video: World Economic Forum: What is blockchain? https://www.youtube.com/watch?v=6WG7D47tGb0 [~2min]

JonJuly 29, 2016 9:04 AM

Voting machines are ridiculously easy to create a trail of verification. One is keeping them off the Internet. That seems obvious. The second is that after you vote, they should print a paper receipt. You verify your vote and sign and deposit that in a lock box for a manual check. So you've got the electronic system, but you've also got the paper receipt as verification if needed. It's not a hard concept to manage.

But this is more about the DNC being shady or Russia trying to influence an election.

If character is what you do when you think nobody's watching, we just got a glimpse at the character of a lot of Democrats. If there had been nothing questionable there--like when Sarah Palin's email was hacked eight years ago--then there wouldn't be a story.

de La BoetieJuly 29, 2016 9:13 AM

The electoral system is already subverted by:

- lobbying and corporate funding

- Mainstream media bias

- Political Party corruption and elites

- social media manipulation by the well-resourced

- state funded & operated propaganda & selective/timed information release or suppression

- state funded & operated dirty tricks

By comparison, a pretty reliable electoral system can be had if you avoid technology, unless you're in a basket-case country.

JeffroiJuly 29, 2016 9:27 AM

This is not a problem solved by secure transmission of votes.

This is not a problem solved by validating transactions written to a central ledger.

This is not a problem solved by the pure actions of politicians.

This is a problem of accurately recording the intent of the individual and maintaining an audit trail of that intent, without exposing any information about the individual.

Electronic voting machines, as they are managed today, simply can not do that. They could be made secure, but the likelihood that they could be accomplished in the next three months to the satisfaction of the general public is slim. Is it so much to ask to wait a few hours for an accurate count of paper ballots that can be re-checked? Do that while we go back to the drawing board to establish truly secure standards for voting machines and we restore much of the lost trust in our voting system.

TL/DR: if it ain't broke, don't fix it.

Watch & LearnJuly 29, 2016 9:39 AM

This is a marketing tour de force.

Note the jump from "If..." to "We need to confront Russian President Vladimir Putin" and "the NEXT country that tries to manipulate our elections." A quote for the death merchants; a conditional so you can look at yourself in the mirror. Now that's the kind of pandering that gets you ink in the WaPo Glavlit. Extra points for piling on with the 50's red-baiting with Tail-Gunner Hillary.

And my highest compliments, keeping a straight face while saying "our democracy."

trustvote.org
http://trustvote.org/updates/first-election-ohio-election-integrity-lawsuit/
https://www.wsws.org/en/articles/2010/12/elec-d13.html

Wind up with the magic words:
"______ is now a national security issue."

And ka-ching!! Sincere best wishes for a billion-dollar MIPR for IBM so CIA can rig elections fair and square.

ianfJuly 29, 2016 9:48 AM


[electronic voting systems] if it ain't broke, don't fix it.

Therein lies the problem. If we quit evolving one system, soon we quit evolving others; this in turn leads to layoffs of programmers, others, recession; soon we're roaming the countryside looking for sticks of wood to lit our hearths with; one thing leads to another, and in a couple of Millennia, we're back in Stone Age. So I hope you realize what is it that you're a proponent of (hint: the butterfly effect theory, devolutionary version).

godfree robertsJuly 29, 2016 9:52 AM

Clickbait headlines like "Russia was behind the hacks into the Democratic National Committee's computer network that led to the release of thousands of internal emails just before the party's convention began, U.S. intelligence agencies have reportedly concluded" are misleading and unworthy of this blog – even if MSM runs them, too.
They're also irresponsible when you use them, Bruce, though they're OK by Roger Aisles standards.

George John Tenet July 29, 2016 9:54 AM

"U.S. intelligence agencies have reportedly concluded"

Spies lie as a professional vocation. Remember the "slam dunk" by the CIA director about nuclear weapons in Iraq. I'm surprised to see so much credulity on behalf of Mr. Schneier, echoing the claims of trained liars.

Julian Assange has stated: "Perhaps one day the source or sources will step forward and that might be an interesting moment some people may have egg on their faces"

The greatest threat of a breach in any I.T. system is from insiders (Ed Snowden, hello?). I guess Mr. Schneier has been asleep for the past few years. But the Democrats would rather distract us with tales of Russian espionage because it keeps attention away from their own internal treachery and corruption. Spies gleefully jump aboard the train in hopes of a larger budget.

And what of Mr. Schneier and his credulity...

Putin and Trump's LovechildJuly 29, 2016 10:06 AM

After years of Bruce warning us that cyber-war is a dangerous game and that America should opt not to play it, I can't help but to think this essay is nothing but political sour grapes. I believe that if this had been a dump of RNC files or some personal dirt on Trump, such an essay would not have appeared on this site.

In a broader sense, I find all of this wrangling over the DNC leak sort of hypocritical. America has interfered in the internal affairs of foreign nations for a century (rigged elections, CIA plots to overthrow leaders it didn't like, etc.) And in most cases these nations were not direct military threats in any way -- America did it because it gave us some financial advantage or regional hegemony (oil in recent times). Likewise, all kinds of foreign money has been involved in the American political system as long as I have been alive (and likely much longer). Sure, a few people complained and a few minor reforms were written in Congress, but ultimately not much changed and things have continued as business as usual. Suddenly, now, when Russia leaks a few DNC e-mails, it's time for Total War.

And all of this ignores the fact that the leaked e-mails did reveal misconduct -- something most of the press attempts to ignore by keeping the "Russian" angle in the news. By this logic, Snowden should have been tarred and feathered. After all, he broke rules by leaking classified documents that revealed just how massive the surveillance state has become (legalities of it aside). Many people (Bruce included) thought the content of his revelations were of such import that any felonies he may have committed or any "sources and methods" he revealed to hostile nations should be ignored or forgiven. Suddenly, today, after a few leaked DNC e-mails, it seems now we need to declare war on Russia for threatening our political process (and by extension our national security). Tell me how Russia's DNC leaks are any more a threat to national security than what Snowden did? The logic does not compute.

(BTW, I am pro-Snowden. I am also in favor of leaks of almost any kind, especially when it concerns politics. Leak them all -- RNC, DNC, Green party, I don't care. Let Russia report and us decide).

K15July 29, 2016 10:23 AM

And in other news, it's time browsers used a font that let you distinguish between lower case L and the digit 1.

ianfJuly 29, 2016 10:34 AM


@ Putin and Trump's Lovechild, who DEMANDS

[…] Tell me how Russia's DNC leaks are any more a threat to national security than what Snowden did? The logic does not compute.

Ah, well, you are forgetting the spirit of the American exceptionalism, which rests on an assumption that the USA (warts 'n all) is a force for the good, whereas any others that do not accept that viewpoint, or act in similar fashion, esp. the godless, imperialist and despotic Russia, are not.

And, to some extent it is true, as the openness and transparency of flawed-democracy USA is æons ahead of the autarchic—nothing to do with "chic," mind—traditions and tendencies of that Despotism with a Pimpless Face That is Russia (etc) today.

Anonymous CowardJuly 29, 2016 10:34 AM

In my limited probing of public websites, the security posture of ES&S (Election Systems & Software) was found to be abysmally bad. I would not at all be shocked if someone has been able to infiltrate their development network and exfiltrate the source code to their voting devices. If someone in either party or from another nation wanted to rig an election, that's what they'd do -- download the source code and search for buffer overflows and the like and craft tools specific to the vulnerabilities found in their code base. Also, the web-facing tools they sell to states for voter registration are shockingly bad. Anonymous has alleged that an SQLi was used to impact the Arizona Democratic primary in this very manner.

albertJuly 29, 2016 11:00 AM

@K15,

Lower case 'L' and upper case 'i'. Not '1'.

Touch of irony:
https://fontlibrary.org/en/font/cmu-sans-serif
Brilliant!

Sans serif fonts have a long history that predates computers.

Yeah, you can use context to differentiate, for example:

foobar.dll

dLL, diL, dLi, dii

:)

Just open the text in a hex editor, or paste it into a text editor, and viola!

I'm ready to stop being careful about my posts, as I use Courier in my editor:)

IoI.....L mean, LoL.
. .. . .. --- ....

David LeppikJuly 29, 2016 11:05 AM

@Chris Etheridge

Have I no friend will rid me of this living fear?
Shakespeare, Henry II


Who will rid me of this troublesome priest?

King Henry II (the real one, by popular attribution), about Thomas Becket


Conspiracies-- real ones, not conspiracy theories-- are built on plausible deniability.

Whether Trump literally invited Russia to use hacking to influence the election, and whether or not he was serious or joking, makes no difference. He nevertheless publicly condoned this behavior, which is far more disrespectful to democracy than what Nixon did. A public nudge-nudge, wink-wink is more explicit than the typical conspiracy.

Whether Trump was joking or not, and whether or not he's actually in cahoots with Russia, he made it clear that he doesn't mind if a foreign dictator undermines our democratic institutions. I don't think he could make it clearer that, if elected, he will not attempt to protect our Constitution and democracy.

Gerard van VoorenJuly 29, 2016 11:13 AM

@ Dirk Praet,

I am afraid that Bruce just discovered the taste of the US medicine, and it tasted not to well.

Me, I am slowly starting to realize that Bruce is a US citizen first, world citizen second, and I have to say I am questioning his loyalty. Btw, this is not the first post of Bruce that made me question his loyalty.

David LeppikJuly 29, 2016 11:14 AM

@jon writes:

Voting machines are ridiculously easy to create a trail of verification. One is keeping them off the Internet. That seems obvious. The second is that after you vote, they should print a paper receipt. You verify your vote and sign and deposit that in a lock box for a manual check. So you've got the electronic system, but you've also got the paper receipt as verification if needed. It's not a hard concept to manage.

Very easy, in principle. In practice, you've got 51 independent, usually underfunded organizations which appear only every other year and where most of the work is done by volunteers. Very little IT knowledge.

What happens if the paper and the screen don't agree? What happens if the machine jams or runs out of paper? What if someone in power wants a precinct to not have a paper trail? There's always room for plausible deniability.

But even that would be a huge step up from the present situation, which is underfunded, sometimes partisan organizations which currently don't care about paper trails.

CallMeLateForSupperJuly 29, 2016 11:27 AM

@Bruce
"Election security is now a national security issue; federal officials need to take the lead, and they need to do it quickly."

I would argue that election security is now and always has been a national security issue, though not necessarily in the sense of clear-and-present danger or existential threat.

As for fed taking the lead quickly, what does history tell us about the odds that fed actually does what should be done *and* does it quickly?
(Well, one might point to the Patriot Act, but that was a dumpster fire. This election cycle is a dumpster fire in its own right, so fed had best not pour gas on it.)

We have had sixteen years to fix this. We did not act on important lessons from the 2000 election - close race; recount; hanging chads; sore losers - so now we must chafe all over again. Talk about "crumbling infrastructure"!

SkepticalJuly 29, 2016 11:37 AM


Retaliation is politically fraught and could have serious consequences, but this is an attack against our democracy. We need to confront Russian President Vladimir Putin in some way ­ politically, economically or in cyberspace ­ and make it clear that we will not tolerate this kind of interference by any government.

What has struck me is the degree of vigorous agreement on that line of thought across nearly the entire political spectrum - Trump being a notable exception, and even he was contradicted, while still on stage, by his own running mate.

The objective of a retaliatory measure would be to exact a cost substantial enough to significantly outweigh the expected benefit of such an attack.

So there are two components: (1) increase the cost of an attack via punitive action, and (2) decrease the expected benefit of an attack by lowering the perception of its likelihood of success and what the success might ultimately achieve.

I think the near universal consensus on Russia's action, and the manner in which it has backfired so completely, has substantially accomplished (2), but that accomplishment could be ascribed by an adversary to factors particular to this case.

Therefore, retaliatory measures as a matter of policy, which will stand further apart from the varied features of future opportunities for such attacks, are needed.

First, the particular units and actors involved should, in their professional capacities, and via offensive but proportionate cyber operations, be targeted.

Second, certain forms of highly selective financial and economic sanctions should be levied on decision-makers.

Third, curtailment of Russian access to certain resources and routes on the internet can be threatened, and perhaps without giving away too much, partially achieved by way of warning.

Fourth, the US should increase funding for programs related to (i) the provision of tools to enable foreign dissidents to avoid censorship and (ii) the provision of alternative sources of news and information for the Russian population, including the active enabling of delivery mechanisms that avoid censorship.

The magnitude and duration of the above should be contingent upon how Russia responds, and the degree to which it appears to appreciate the line it has crossed.

albertJuly 29, 2016 11:38 AM

@David Leppik,

Your questions are irrelevant. There are -always- places in the chain where rigging can occur, on local, state, or national level. And there is always outright election fraud by states that prevent certain groups from voting at all.

If 'they' cared about free and fair elections, voting would be done at the -same time- on a Saturday or Sunday, with paper ballots.

Obviously, they don't, so that won't happen.

"...undermines our democratic institutions. I don't think he could make it clearer that, if elected, he will not attempt to protect our Constitution and democracy..."

What 'democratic institutions'?

What president protected 'our Constitution and democracy'?

Presidents protect The System. We never had a 'democracy', and the Constitution is simply a showpiece; an irrelevant impediment to the Elite and their government lapdogs.

Keep drink the Koolaid if it makes you feel better.

Sanders and Trump proved that populism is a powerful force, even in a totally rigged system. This was a close call for the Elite. Hopefully it'll be closer next time.

. .. . .. --- ....

rJuly 29, 2016 12:41 PM

@albert,

One of the ways that time-based stacking of the voting system enables manipulation is through **cough** mind-control.

Even if it's impossible to sway 95% of the population at once by spreading it out it allows them to "troll harder" based off feedback and exit polls in more ways than one.

@Skeptical,

You're working under the assumption that it's backfired or back-firing, without more information (as the public) about both cantidates and the aggressor[s] we just don't know.

Which is why we should DQ them both and or potentially execute one of them, let Obama stay for another year and sort this BS out (although this last suggestion in and of itself could lead to similar doxing incidents).

We don't know how far back the tampering goes with these bottles of aspirin honestly, assuming Russia had a prior interest with Trump (or Hillary for that matter (think Uranium Ore)) then neither one of them should be viable for office. If we shook the Chinese out of our pockets in the 90's don't you think that we should shake them off of our backs and ears too?

Even if we remove those two, can you comfortably say this isn't about Bernie?

This isn't a game, this is the "poster-child of the free world" someone is playing with. We might have problems at home but this could readily lead to more problems abroad than we already have (the question is problems for whom?). There are nuclear warheads at stake (not to mention some very maligned voters) and rational decisions to be made. If this is a foreign op it should be stopped in it's tracks immediately with the same cold hard calculation of the FSB.

I think you can assume, if the CIA has a black budget it's for a very real reason. I expect Russia and everyone else out there to keep ledger-free activities also, it's a competitive global market - those with the biggest budget can afford to make more blunders than an under-financed well thought out foe. My concern, is that this is a death-throw not a tantrum. We just had a minor coup in Turkey and now Russia is going to to be at both the Mediterranean and Black Seas? Estonia is asking England for safe-harbor of it's citizens data and deeds? I would fast-track that as I can't think of anything more trustworthy for someone to do than that.

"In the event of my demise,"

Call it Russophobia, call me a dimbulb, I don't think it's worth entertaining in the least.

TedJuly 29, 2016 12:41 PM

The Legal Regulation of Political Parties: Is There a Global Normative Standard?
Gauja Anika. Election Law Journal: Rules, Politics, and Policy. March 2016

“As one of the key organizational building blocks of representative democracy, political parties are central to democratic life in a diverse range of polities and at numerous levels of government. If democratic elections are conceived as those in which the conditions of inclusiveness, policy-directed voting, and effective aggregation are present (Birch 2012: 17), then political parties inherently shape the electoral contest—before, during, and after polling day. Several aspects of party organization illustrate this influence: the rules that parties use to select their leaders and candidates profoundly affect political competition and political access (Gallagher and Marsh 1998; Norris 1997; Hazan and Rahat 2010). Variations in organizational structures facilitate or hinder parties in building and mobilizing support bases, either helping to stabilize political competition or contributing to its volatility (Allern and Pedersen 2007). How parties are funded influences political competition and outcomes, determining whether a party has adequate resources to communicate its message and on whom the party must rely for its resources (van Biezen and Kopecky 2007; van Biezen 2008; Nassmacher 2009).“

“Consequently, in any given system, the organizational choices that political parties make influence the nature of electoral competition. However, these choices are in turn constrained by the body of laws, determinations, and regulations that govern parties' behavior as political actors. Derived from a diverse range of sources including international treaties, constitutions, administrative and electoral legislation, and case law, party laws regulate many aspects of party life, including freedoms of association, registration requirements, candidate selection, communication, and campaigning, as well as political finance. Furthermore, while party law is usually conceptualized in terms of publicly made law—whether statutory or judicial—there is also a considerable amount of partisan self-regulation that occurs, for example, contract law and the rights and obligations associated with party membership (Gauja 2015, 2010; Orr 2014; see also Su, “The Partisan Ordering of Candidacies,” in this Symposium). Together, these laws constitute a significant source of both internal and external pressure on the strategic decisions of parties and their constituent actors.”

jeffroiJuly 29, 2016 12:46 PM

@ianf

(hint: the butterfly effect theory, devolutionary version).

Good point. Correction: if it ain't broke, don't fix it. Do improve it without breaking it - as is clearly the case here.

siddJuly 29, 2016 1:07 PM

1) Agreed that US election mechanisms ought to be improved.

2) Evidence disclosed so far implicating Russia in DNC penetration does not convince. If our host has better evidence, say so and disclose or give reasons for silence; some here might trust him. The phrase: "If the intelligence community has indeed ascertained that Russia is to blame" indicates that he has seen no better evidence. But then why the exhortation: "We need to confront Russian President Vladimir Putin in some way ­ politically, economically or in cyberspace ..." Make a better case against Russia first, before calling for action against her.

3) Our host is historically more cautious, and slower to jump to conclusion. This post invites the deconstruction that he has been stampeded by trumpophobia, or, less forgivably, seduced by prospects of power. An appointment for him in a putative Clinton administration would strengthen the latter interpretation. Future political tone and tenor of this blog will be interesting to watch. As will his actions as a board member of Tor.

sidd

GeneJuly 29, 2016 1:09 PM

Hi, I'm new here and found this via a link.

I'm wondering, am I understanding Bruce correctly, America has dabbled in other countires affiars regarding elections and we as Americans won't tolerate others meddling in our own elections?

Maybe I'm misunderstaning.

Joe KJuly 29, 2016 1:50 PM

So the Clinton machine totally pwned the Democratic party's nominating process, but what we really need to talk about today is how to shoot the messenger.

Because it was a cyber message.

And, authorities* say, the messenger is totally Russia.

If foreign governments learn that they can influence our elections with impunity, this opens the door for future manipulations, both document thefts and dumps like this one that we see and more subtle manipulations that we don't see.

Totally hilarious. Would read again.

Is there a single foreign government on the planet that hasn't heard of AIPAC?

*These "authorities" notably do not include Director of National Intelligence James Clapper:
Intel chief: Americans need to calm down about DNC hack | Washington Examiner
http://www.washingtonexaminer.com/article/2598070

ianfJuly 29, 2016 1:55 PM


@ Gene: you are misunderestimating, and you know it.

That's an interpretation of Bruce's words, one among several, though not all of them as civil as yours. It sort-of reminds me of a nursery rhyme? or was it a Cautionary Moral Tale? of a Negro shepherd boy's explanation of his un-Christian morals—hence suitable to be christianized—to some missionary in deepest Africa a century ago:

    Ali's cow stolen bad
    Ali steal a cow good.

Apologies to all mammals bovine and nominally Sapiens for any offense I might have caused.

hubris or nemesisJuly 29, 2016 2:20 PM

Bruce, what do you make of DNI Clapper's statement that we don't know at this time who did the hack, and that it wasn't very difficult?

Hail to the Short-fingered VulgarianJuly 29, 2016 2:23 PM

Everybody here, with a few poignant exskeptions, could pwn both Hillary and the DNC after a sleepless night of boot and rally. Why then does it take comic gargoyle James Clapper to remind us that the USA is a pathetic cyber prison bitch with a "dox me" sticker taped to its back?

http://www.veteranstoday.com/2016/07/29/us-intel-head-calls-for-end-to-hyperventilation-over-russias-alleged-role-in-dnc-hack/

...and if Russia cared which impotent CIA-figurehead Prez they're going to humiliate next year, they would just wait ten seconds for the whole Internet to hack them, and peruse it on the web.

We didn't see these feckless tantrums when OPM gave up custom-tailored blackmail material on 22 million staff at all levels of government. So why the unmanly hysteria now? Even Hillary dupes are not stupid enough to think anyone is fooled, especially here. This commenter submits that most of the cyberdopes parroting the Russia-did-it line are traditional GOP ratfuckers. Their silly claims intensify the focus on the dox and their message: Hillary's corruption and unfitness for positions of trust, and the DNC's contempt for its electors. Manafort's playing you like a violin.

ianfJuly 29, 2016 2:25 PM


@ Joe K. asks “Is there a single foreign government on the planet that hasn't heard of AIPAC?

I take it you meant American Israel Public Affairs Committee, a bipartisan organization working for strengthening the ties between the USA and Israel (which apparently need strengthening). Their activities aren't exactly covert, though I could imagine that they do some lobbying behind closed doors as well. Still, even if so is the case, what interest is it to your foreign governments?

uh, MikeJuly 29, 2016 3:05 PM

It's likely that there's more going on than Russia hacked the DNC/DCCC.

Only Russia? Maybe others, too?

Maybe someone masquerading as Russia?

Rat droppings sometimes indicate only one rat. But it's not a good assumption that because you caught one rat, that you have solved the problem.

Joe KJuly 29, 2016 3:16 PM

@ianf

Yes, that is the organisation I was referring to. No, its activities are not especially covert, and many are quite generally public knowledge. I struggle to see how my post would make much sense at all to anyone who did not already know this.

Still, even if so is the case, what interest is it to your foreign governments?

Metonymy, my fellow passably literate world-citizen. Metonymy.

CitizenzeroJuly 29, 2016 3:30 PM

@Bruce

I'll preface by saying that you're spot on regarding the need to address the voting machine issue. My sincere thanks for all your efforts to bring attention to this important issue. Keep up the great work.

As for the rest...

"...we have to accept that someone is attacking our nation's computer systems in an apparent attempt to influence a presidential election. This kind of cyberattack targets the very core of our democratic process."

"If foreign governments learn that they can influence our elections with impunity, this opens the door for future manipulations, both document thefts and dumps like this one that we see and more subtle manipulations that we don't see. [etc.]"

If foreign governments can influence our elections by providing the American people transparency to their own political process - especially the unseen "manipulations" by powerful Americans to influence our elections with impunity - then those foreign governments should be enthusiastically encouraged and the American people should be asking why such a service is not already provided to them by their own institutions.

Also, the US government feigning such indignation at the possibility of a foreign government having the audacity to manipulate our sovereign elections is an act most humorous. I have a very hard time believing that the great Bruce Schneier has by this point not become aware of the very long history of US government manipulations - by propaganda, bribery, economics, covert subterfuge, and/or military might - of other countries' sovereign elections. As that would be quite the oversight, Bruce.

So instead of us getting all hot and bothered about the inevitable/business-as-usual attempts at election manipulations by foreign governments, we instead institute the badly needed reforms to our own political process that will make such manipulations less likely to succeed. The more transparent/regulated our political process becomes, the more readily the American people will be able to identify foreign attempts at manipulation.

WallyJuly 29, 2016 3:38 PM

My understanding is that this routine hacking. We do it to others and it's known that others do it to us. We even do it to allies. What is different in this case is the dump, using it against the victim. Tension will escalate but what can the US do but act in kind?

CitizenzeroJuly 29, 2016 3:43 PM

Previous comment edit:

*I have a very hard time believing that the great Bruce Schneier has by this point not become aware of the very long history of - and "large"ness of scale of - US government manipulations...

Ross SniderJuly 29, 2016 4:14 PM

We should create international norms around the issue, as US manipulation of elections abroad has wrought it a ton of criticism.

Mike BarnoJuly 29, 2016 4:19 PM

@ r,

We don't know how far back the tampering goes with these bottles of aspirin...

A better analogy, also timely in the news: "these bottles of urine."

ianfJuly 29, 2016 6:07 PM


@ Jim.
      thinks that I'm missing his point, which, roughly, is that “the government (NSA, etc.) spies on us with the excuse that, "If you've got nothing to hide..." It's time we turned the tables. DNC - if you've got nothing to hide, then why are you so worried about hackers?

Oh, really? (I missed the point?)

How about you missing the exit ramp off the Allegations Hwy that's leading nowhere?

1st of all, who's that "we," who have turned "the tables"? S.p.e.l.l  i.t.  o.u.t.

2nd, USG spies on you/ us all/ in clear breach of the laws that are supposed to protect you/ some of us/ from that govt's spying eyes. That's what that particular "table" is about… turning it would have involved "us" (a derivate of your "we") spying on the USG. Oh, I get it, a figure of speech, could it have been this ∞ one?

3rd. Whatever the DNC might have done, and I am sure that they have plenty of overzealous political machers who couldn't let any opportunity to meddle go astray, how does that even COMPARE with the immoral (allegedly omnidirectional blanket) wholesale spying that the USG is guilty of? Or am I still missing your point, which sounds like something unprintable in such a family broadsheet as this one.

4th. You mention "high time." Is that metonymy for money, only in higher than usual denominations? Given that time=money and all that.

5th. Do note these were all rhetorical questions, i.e. not requiring an answer—not least because attempting to answer them within the general realm of Aristotelian logic might have involved you needing to perform an anatomically impossible act on yourself, and I am always happy to die you another read.


@ jeffroi concedes the point:

Correction: if it ain't broke, don't fix it.

Wrong.

Right: If it ain't broke, what's for dinner?

[alt. the xckd version.]

GrauhutJuly 29, 2016 7:00 PM


@all: You are hyperventilating! :)

Not even Clapper is ready to put the blame on Russia.

"“We don’t know enough to ascribe motivation regardless of who it might have been,” Director of National Intelligence James Clapper said speaking at Aspen’s Security Forum in Colorado, when asked if the media was getting ahead of themselves in fingering the perpetrator of the hack. ...

Speaking on Thursday, Clapper said that Americans need to stop blaming Russia for the hack, telling the crowd that the US has been running in “reactionary mode” when it comes to the numerous cyber-attacks the nation is continuously facing.

“I’m somewhat taken aback by the hyperventilation on this,” Clapper said, as cited by the Washington Examiner.

“I’m shocked someone did some hacking,” he added sarcastically, “[as if] that’s never happened before.”"

VicenteJuly 29, 2016 7:25 PM

It's not enough that the voting system be secure: the public also need to understand it and consider it trustworthy. Saying "trust the computer scientists" isn't enough. There have been lots of neat cryptographic voting systems proposed, but a system that requires a PhD in computer security to understand is just not appropriate for a public election. (Unless, I suppose, the educational system provides sufficient education for free before people reach voting age. With paper ballots, any second-grader would be able to follow a recount.)

I think it would be great if we could use Cloneproof Schwartz Sequential Dropping for national elections, but it suffers from basically the same problem. People will think something's fishy if you need to draw a directed graph to explain the election result.

tzJuly 29, 2016 7:27 PM

In the Iowa Caucuses, Hillary won ALL 6 coin tosses. There was a high card used in Nevada, Hillary won ALL.

The US considers foreign elections rigged if the exit polls and the results differ over 2%. Where Electronic voting was used, there were I think 10 states where the discrepancy was larger, one or two in double digits.

NOTHING WILL EVER BE DONE ALTHOUGH WE ALREADY SEE THIS HAPPENED.

HILLARY'S EMAIL SERVER SHOULD HAVE RESULTED IN AN INDICTMENT BUT NOTHING HAPPENED

HER FOUNDATION IS A CORRUPT CRONY ORGANIZATION WHICH MAKES EVITA PERON LOOK LIKE AN AMATEUR.

So I'm not sure what the point of this article is, other than to predict Hillary will buy a landslide and be the next president.

MarkJuly 29, 2016 8:01 PM

I can't say that I have any sympathy for the ridiculous circus that is American politics.

What does it matter? Either way, you'll continue to answer to your corporate, neoliberal overloads; whether it's Clinton or Drumpf, it doesn't really matter. Remember that change that Barack was going to bring? Yeah...

Most Americans are too stupid to realise that they've simply traded masters with crowns for corrupt masters owned by corporations. You traded one elite family for another; the difference only lies in titles. The USA is a plutocracy "ruled" by an oligarchy; your "democracy" is a myth upheld by the government and right-wring media.

A two-party system? What a joke.

It's quite annoying when other countries meddle in your affairs, isn't it? Perhaps America should stop trying to enforce their values on the rest of the world, stop trying to remake other countries in their own image.

CitizenzeroJuly 29, 2016 9:21 PM

@Grauhut

"You are hyperventilating!"

Hopefully Bruce will take Clapper's words to heart. The first part of his article reads like it was written by Skeptical.

CitizenzeroJuly 29, 2016 10:04 PM

@Mark

As an American, I take great offense at your comment. The American political system serves as the singular shining beacon of true democracy in corrupt world of communists and despots. American exceptionalism, free-market global capitalism, and the justice and democracy they bring will grace all the world's people with freedom and be the instrument by which they will be lifted out of poverty. To criticize or suggest otherwise is the lowest form of Marxist bottom feeding....

...nah, jk. You're comment is spot on.

However, "Most Americans" aren't stupid. They've simply been duped by deliberately confusing, incessant, systemic propaganda that's been blasted at them from nearly every media/institutional orifice 24/7 since birth. It's that propaganda that tricks them into supporting ideas that are contrary their (and most people's) best interests and instead supporting ideas that are often solely in the best interests of a relatively small group of extremely powerful/moneyed individuals. Its not easy to see the Matrix when you're in it. And it's even harder to free your mind from it when everyone around you has been programmed to deny it's existence. But once seen, it cannot be unseen.

Know there are many Americans that make the same observations as you. They love their country and desperately want to steer it back on a more moral and just course. I hope you'll try to remember we exist and are doing what we're able against some overwhelming odds.

roverJuly 29, 2016 10:10 PM

Lets's run that up the flagpole and see who salutes. Or the opposite. Litmus tests.

I once bought an item advertized as solid brass on ebay. When I got it, a corner was chipped and I could see it was brass sputtered over cheap white metal. I raised the issue with the seller who said, "Can't prove nothin', you can't prove it's not brass...". I hadn't hired a metalurgist to test the item. In any case I know the results, however incontravertable, wouldn't have been accepted by the weasel who sold the item. Making outright acusations or revealing proof of Russian involvement has sensitive diplomatic repercussions, hence the hesitation, and unequivical attribution demands a prompt, robust and meaningful response. I expect the gov wants to keep it's options open and buy time.

Bruce has always been a privacy advocate first and foremost. It's the point of cryptography. This isn't about the DNC or HRC or email content or behind the scenes political mechanizations or the pot calling the kettle black. It isn't about the fairness of our election process. It is about the manipulation of the election process that ordinary citizens depend upon. I don't expect HRC to be any better about mass surveillance, encryption and backdoors than Obama or W, but Donald Trump as the only alternative is truly frightening.

I am certain the network security of local and state election boards is appalling. Someone has easily hacked the DNC, the DCCC , and now HRC's campaign networks. It isn't prudent to suppose that the election board's computers and voting machines or their internet facing reporting mechanisms haven't also been infiltrated. Any side calling for or cheering the hacking of our own election process, is calling for the further corruption of our imperfect system. The Trump partisans applauding the DNC hack are calling for lawlessness and believe any action is acceptable in securing their desired election result. So did Nixon.

@ianf -- Aristotelian logic is quaint, I prefer no bullshit 1st order predicate calculus: you don't have to memorize the hundreds of names of each variant of the syllogism.

CitizenzeroJuly 29, 2016 10:33 PM

@rover

I'll bite.

"Any side calling for or cheering the hacking of our own election process, is calling for the further corruption of our imperfect system."

I didn't get the impression anyone was cheering the hacking of our election process per se. More that they were cheering the transparency it provided into a corrupt political process that otherwise wouldn't have been revealed to them.

It's not a "Go Russian hacking!" or "Hacking elections good!" proposition. It's a "For the love of God, why the hell does it take a Russian hack to let the American electorate have any visibility into their democratic process". The problem here is that focusing on the Russians (if it even was the Russians) reeks of an attempt to distract from the wrong doing the hack exposed.

Besides, even Clapper was telling everyone to calm the hell down. The big boys hack each other. Get over it. This won't be the last election hack from either side. We need to concern ourselves with the integrity of our own political process and leave it to our IC to handle the Russians (God knows we're paying enough for the service).

roverJuly 29, 2016 11:11 PM

@Citizenzero

It seems like there was cheering by Trump no less and on the earlier thread, https://www.schneier.com/blog/archives/2016/07/russian_hack_of.html on this subject.

This is a one sided visibility, and private individuals and groups are entitled to privacy. Yes some abuse this privacy, but you have to decide privacy for all or privacy for none.

And I see both issues relevant, the hack and the exposed content. It's not ignore the hack, look at the content. The content may reveal backroom politics as usual, the DNC chatter favoring HRC over Bernie was ill advised and unfair, but I cannot call a scratch a laceration. The hacking of our electoral process is a lasceration and it is not simply just desserts for the DNC, it's a crime against ordinary voters. It is far more fundamental.

SusanJuly 30, 2016 4:01 AM

Didn't Hillary steal the nomination? I would say the DNC has affected or undermined the political process more than Putin. Didn't Hillary set up
An illegal and insecure server or network? Again, not Russia's fault and looks like another Hillary security issue. I think our broken system (politicians) needs to answer for this rather than Putin. I agree we need a old fashioned system that is reliable. I see that point, but blaming Putin and over looking the stealing of a nomination has far greater importance than the simple fact we can revert to old fashioned means of counting votes to ensure integrity. When the emails of our fraudulent leaders are hacked it's a clue that all is not just failing but failed. Fixing the tech issue seems easier than fixing our nation and it's political system.

Harmless DrudgeJuly 30, 2016 6:07 AM

Ireland bought eVoting machines and subsequently decided that they couldn't be trusted (which was, of course, already known). They were scrapped without ever having been used.

Schneier is right. Alas, it's only one if the serious problems facing American democracy. Citizens United and gerrymandering politicians choosing their voters already game the system.

Ireland (another republic) has an independent electoral commission that decides constituency boundaries based on population levels and there state funding for parties above 2% of the popular vote and controls on big money.

readerJuly 30, 2016 8:15 AM

The silver lining of the recent upheavals -- Turkey, DNC, etc. -- is that all the *assets* of the deep state have outed themselves.

Bruce's article is text book example that it is impossible to take action without side-channel leaking of information.

Thank you Bruce.

SomeoneJuly 30, 2016 12:08 PM

There's ONE thing that would secure up IT everywhere. Making security people judicial RESPONSIBLE for their actions. I.e. pay a fine or go to jail at a breach that hurt others.

It's that easy, and I'm surprised Bruce isn't suggesting it. Installing software (or hardware) where no one is responsible, is begging for cyber attacks. As soon as someone is held responsible, like the manufacturers of voting machines, or the people who paid for them with taxes, and such people risk having to pay fines or going to jail at a breach, all these problems would fix itself. It might actually lead to old school paper voting, because no one wants to take the responsibility for securing voting software, and that would not be bad either.

PerryDJuly 30, 2016 4:18 PM

@Winter
The whole notion of 'parties' controlling our election process is ridiculous; I would require them them by law to publish every single internal communication in an easily accessible format. In fact, I'd extend that to any elected official. Total transparency would reveal some of the disgusting, greedy actions taken by our representatives.

At second thought, I take that back...as long as Walmart is open and American Idol is still on, the vast majority of Americans wouldn't give a damn.

>>"Make all the Emails public in the first place. "
>
>I do not think you have thought through how publishing internal emails of political parties during an election campaign would >help democracy. It wouldn't.

yoshiiJuly 30, 2016 4:23 PM

A lot of people are pivoting their statements above on their premise that it WAS Russia at the source of the hacks. But this is not a small technical detail and it has NOT been proven to be Russia.

Furthermore, the general tendency of international hacks to be extremely nested in anonymizing proxies and other ID spoofing techniques makes it EXTREMELY IRRESPONSIBLE AND ILLOGICAL TO BLAME RUSSIA.

We should be talking about computer science security details and other science-bound aspects of general security and anonymity and privacy and cryptology. Not scapegoating Russians nor political groups.

Facts, people, get back to the facts... Bruce, you included, please.

Joe StalinJuly 30, 2016 6:19 PM

Yeah sure. I believe the NY Times & Obama & Bruce, it was the Rooskies.
Especially since now NATO that declares a hack = declaration of war.

http://bigstory.ap.org/article/b7a8330df0114498a1611257d4cb5d58/air-land-sea-cyber-nato-adds-cyber-operation-areas

Just like I believed NYT & Obama-Hillary about Libya & Khadafi.
Just like I believed NYT, Clinton I-Hillary-Obama about Haiti.
Just like I believed NYT & G.W. Bush about the "Weapons of Mass Destruction".
Just like I believed NYT & G.W. Bush 9/11 wasn't the Saudi's.
Just like I believed NYT & Clinton about Serbia.
Just like I believed NYT & Reagan about Nicaragua and Grenada.
Just like I believed NYT & Nixon about Laos/Cambodia.
Just like I believed NYT & LBJ about Gulf of Tonkin.

We know who is hacking our elections, removing 130,000+ from lists in Brooklyn primaries, lack of polling places in Las Vegas, California primary screw ups,
mass drop of vote names from state vote lists, restricting ID, short poll hours, buying computerized hackable systems, gerrymandering, absentee ballot
spoiling, not counting Florida votes.

It is the Democrats and Republicans and now Bruce.

roverJuly 30, 2016 7:02 PM

Can't prove it...Can't prove it...Can't prove nothin'

Can't prove John Gotti killed John Favara...

srhJuly 30, 2016 7:47 PM

Bruce, Voting machine security could fall under a federal testing standard, e.g. a NIST standard. It looks like one was proposed in 2009. It also is a topic one or more of the National Academies (engineering or science) should have strong recommendations on. It would be good to continue the push in the direction of a rigorous, objective review / testing standard.

@tz - There were many more than six coin tosses in Iowa. Six in a row of a binary random sequence has a pretty high expectation (see runs test). The parties do not run the elections, the states do. And the FBI director, appointed by GWB, concluded carelessness not malice behind HRC's email server, and what they found was not reasonably actionable.

AnonBloggerJuly 30, 2016 9:12 PM

If the hack reveals corruption, isn't what it reveals more important than the hack? Wouldn't it be considered whistleblowing?

Do whistleblower laws require you to be a citizen of the country you're exposing?

AnonBloggerJuly 30, 2016 9:22 PM

@srh

"And the FBI director, appointed by GWB, concluded carelessness not malice behind HRC's email server, and what they found was not reasonably actionable."


Except it is actionable, they simply chose to look the other way. Look, for instance at General Petreus.

Petreus brought classified information home to share with his girlfriend, a reporter. When they came to investigate he hid the documents in the insulation in his attic. He also lied to the FBI during the course of the investigation by filling out false reports.

Compare that with Hillary. She brought classified documents home on an unauthorised server. When they asked for the contents of the server she essentially hid it by deleting over 30k emails. Hillary also lied repeatedly to the FBI and the public by stating that she hadn't stored any classified information.

Petreus was punnished with probation, a $100K fine and stripped of his clearance. Hillary, had she been stripped of her clearance would not be able to be POTUS.

Also, history is full of examples of people being imprisoned on felony charges for destroying evidence and hindering an investigation.

So wether you like Hillary or not, you can't argue that she got substantially different treatment than other people in similar circumstances.

rJuly 30, 2016 10:08 PM

@AnonBlogger,

I don't believe the two should be linked through justification.

Both corruption and hacking are bad, remember that the term "corruption" is in reference to a particular viewpoint so probably arguments could be made both for and against either at times.

But yes, I believe whistleblower laws are specifically only enacted to protect those working towards a change from within.

Within what? where? when? Those in such a case define "Who2" and the protections may underscore "Why?". I'm not sure of the last one.

But! they don't protect from the outside, as those would fall under existing legal boundaries. They provide protection against discimination and retaliation, unfortunately civilians don't enjoy the same protections when our phones are smashed for recording police. We have the ACLU and other public entities to argue on our behoove then.

I hope I've been clear enough, I struggle sometimes but that's how I understand the situation to be.

lisaJuly 31, 2016 9:44 AM

There is more then one angle to this election security. There is the international money that is flowing into the election. There is really no need to manipulate the election if you can buy both candidates. https://www.facebook.com/lisa.treweek/posts/1247689495251161?comment_id=1247760741910703&reply_comment_id=1248642958489148¬if_t=feed_comment¬if_id=1469936774316307

I think the gross amounts of money in the election are actually a bigger risk the the cyber ones. I do care about both. But, I'm just saying... we bought and sold already. The election is window dressing.

fajensenJuly 31, 2016 11:29 AM

Election security is now a national security issue; federal officials need to take the lead, and they need to do it quickly.

You could make a good start by RICO'ing the Clinton Foundation. Lots of foreign interference with US policies right there, I Bet.

Given the US 50+++ years track record in blatant subversion of democracy and "regime change" wherever some corporate crony had a bit of investment interests, it is way more pathetic than funny to hear the level of whining when a tiny bit of what the CIA deals to the world comes back home!

If you lot can't take a bit of your own medicine, don't dish it out so liberally!

Dirk PraetJuly 31, 2016 12:16 PM

@ AnonBlogger

Do whistleblower laws require you to be a citizen of the country you're exposing?

In practice, you'll be tried for espionage as a foreigner and accused of treason if a local.

JardaJuly 31, 2016 4:49 PM

Nonsense. This is not an attack on your democracy, because you have no more democracy but since long just democracy theatre. Now you have two candidates, none of which I would touch with a barge pole and this attack was just an attempt to turn a tragedy into a tragicomedy.

rJuly 31, 2016 7:29 PM

@Grauhut,

Hold on now, the 'rage against supposed Russian hackers' in this instance needs to be separated from what the CIA and MIC do. The American people in general who, I will admit the truth is refreshing are the victims here - not the DNC DCCC or HRC. Some of us are outraged about what varying members of the MIC do, it's not like we have 100% of the civilians acting in retaliation over this. I expect Russia to target our military, I expect Israel to target our politicians but if Russia [or whoever] only wants to provide a one-sided dump that will slant public opinion we have a problem.

I'm not against the truth, but it's only PART of the truth is the problem.

MichaelAugust 1, 2016 12:51 AM

re: DNC hack investigation

Much like the cow calling the cattle black. It seizes to amuse me when spin doctors slant it with a bit of patriotic twist (aka. bringing the Russians in). In an election year, anything less would be uncivilized!

Heinz RainerAugust 1, 2016 5:16 AM

Bruce,

Read your comments on security of election machines. Remember what stanford professor David Dill said article dated in 2004

- https://web.stanford.edu/dept/news/news/2004/february18/aaas-dillsr-218.html -

As long as there are no hard copies, your votes mean little.
Anyone controlling the server can, with a little hack, change the whole concept of 'push button geometry'.

This I found very interesting, since meeting with a software developer from California, engaged in developing programs for gambling machines.
What have the two in common, probably nothing - or not. One needs to dig deeper into server setup and management.

Russia many have well been involved with the latest hack. However, what I consider a admission of lack of supervisors or key personnel, combined with a lack or absence of qualified engineers thwarting off these attacks are highly visible now.

What does this tell the average user ? : We all are vulnerable, very much so.

AFRICASIAEURO

Ollie JonesAugust 1, 2016 7:03 AM

I've had a little experience helping with get-out-the-vote campaigns, mostly in local elections.

We use lists of voters called strike lists. They're lists of people who we think are likely to vote for the candidate we serve. We sit next to the check in table at the polling place. When a voter says her name, we strike it off the list.

Then later, somebody collects the strike lists and we call the voters who haven't yet appeared to remind them to vote.

Simple, and remarkably effective.

But there are several possible cyber vulnerabilities, especially if we allow for the possibility of large-scale cracks.

1. The lists are printouts from a web site that nobody cares much about except during the week leading up to election day.

2. The lists combine public information (voter rolls) with hard-won opinion information. That sort of data could be exploited by cybercrooks.

3. The publicly available voter roll information is also distributed electronically, by municipal and state governments subject to low-bidder vendor selection rules.

4. etc.

The Romney campaign tried to do strike lists online in 2012 with their ORCA program, and successfully mounted a DDOS against themselves due to incompetence. http://ace.mu.nu/archives/334783.php . What if malicious actors attacked such a system?

Franko K.August 1, 2016 7:53 AM

You missed an easy hack potentially by millions - using false citizenship proof - so easy to lie when you just show your driver's license when registering:
Example from: "Judge: Kansas must count disputed state, local race votes"
excerpt
Federal law requires states to allow people to register at motor vehicle offices when they're obtaining or renewing driver's licenses. The federal judge ruled that people document their citizenship adequately for voting in federal races by signing a statement on the registration form, facing criminal penalties if it's not true.

Kobach, a conservative Republican, has championed the proof-of-citizenship requirement as an anti-fraud measure that keeps non-citizens from voting, including immigrants living in the U.S. illegally. He also argued that in complying with the federal judge's order, he's still required to enforce the proof-of-citizenship law as much as possible.

DDAugust 1, 2016 3:22 PM

@Cit0

Also, the US government feigning such indignation at the possibility of a foreign government having the audacity to manipulate our sovereign elections is an act most humorous. I have a very hard time believing that the great Bruce Schneier has by this point not become aware of the very long history of US government manipulations - by propaganda, bribery, economics, covert subterfuge, and/or military might - of other countries' sovereign elections. As that would be quite the oversight, Bruce.


So instead of us getting all hot and bothered about the inevitable/business-as-usual attempts at election manipulations by foreign governments, we instead institute the badly needed reforms to our own political process that will make such manipulations less likely to succeed. The more transparent/regulated our political process becomes, ...

Regulation ... Gerrymandering ...

Citizen IndependentAugust 1, 2016 4:01 PM

Retaliation is politically fraught and could have serious consequences, but this is an attack against our democracy. We need to confront Russian President Vladimir Putin in some way ­ politically, economically or in cyberspace ­ and make it clear that we will not tolerate this kind of interference by any government.

As others have said, how about we confront the machinery of our ship of state. I for one think it matters a whole lot precisely what form this incident took. There is a big difference between finding a wallet in the middle of the street and taking the cash and leaving the wallet, and breaking into someone's house to do the same. As one familiar with this website, I'm inclined to suspect this was more like the former. Hey NSA- this is what we get when you focus on offense instead of defense.

Likewise, in perspective, there is a spectrum that includes random government officials of foreign governments excercising their free speech to blog about how they hate trump. Is that criminal hate speech? Criminal foreign influence of our democracy? What if they donate money to journalistic organizations that 'dig up dirt' on candidates and publish it?

Democracy is going to be a bumpy ride as we enter the turbulent slipstream of the cyber age. Hold on tight kids.

mousecloneAugust 1, 2016 6:01 PM

Our government feeds us evidence that Russia is to blame. I'm not expert, but there are ways to frame anyone for this. I don't trust the government, and thus do not trust evidence that they put forward. This being said, it is not to the point of the article.

I live in GA. Here all of our voting machines are electronic. There is no paper trail of the process of the elections. It is impossible to verify that election fraud has not taken place. The system was broken before the DNC server hack.

As for the hack jeopardizing our democracy. I do not see where the lies that were revealed from this hack, or any other, has done any more harm to our democracy than back room deals have. The underhanded dealing of our politicians, and we re-elect them, have done more to kill democracy.

Also, if we are unable to handle democracy being hacked by foreign governments, maybe we shouldn't allow them to donate money to candidates. Why be pissed that someone gave us a taste of our own shenanigans.

America is falling and you have pointed out several reason why. From what I have read of the history of the US and its interventions in other governments, we are due to implode. The trust will not be regained for some time. And I dare say that it will not be regained with the current structure or in my life time.

A SquareAugust 2, 2016 3:34 PM

[T]his is an attack against our democracy.

That's rather dramatic. An attack on our democracy would be an attempt to impede the free exercise of the will of the American people. How is a better informed people less able to exercise its will?

MarkAugust 2, 2016 11:08 PM

@ A Square, "How is a better informed people less able to exercise its will?"

Apparently, it isn't "Whistleblowing" unless it's perpetrated by an American. Thus, DNC has successfully removed its "whistleblown" label, if and only if the public believe/buys the attribution, a rather high price tag.

STAugust 5, 2016 7:20 PM

What is your opinion on using block chain technology as a means of verifying votes and with respect to Internet voting? (https://bitcoinmagazine.com/articles/blockchain-technology-key-secure-online-voting-1435443899). I agree that as it stands we currently have no secure method of enabling online voting on a massive scale but I really believe that the only way to get our abysmally low voter turnout to be higher is to make it as convenient as possible for people and block chain technology seems to offer a reasonable way of doing that.

rAugust 12, 2016 12:57 AM

@Wael,

Interesting application of technology, I'd be interested in seeing a simplified blockchain selected and developed just for that purpose.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.