More on Election Security

Andrew Appel has a good two-part essay on securing elections.

And three organizations -- Verified Voting, EPIC, and Common Cause -- have published a report on the risks of Internet voting. The report is primarily concerned with privacy, and the threats to a secret ballot.

Posted on August 19, 2016 at 5:15 AM • 16 Comments

Comments

phred14August 19, 2016 7:03 AM

This is what's scary about the current elections. I'd like to think I'm not being paranoid about this, but I don't believe that TPTB want the election to be secure. I fear that they want to be able to either control the results, or case doubts on the election process, in case they lose.

I fear that the day after election day in November, nobody is going to trust the result, no matter what it is. Regardless of who is elected the next President will not be considered legitimate because the voting process will be considered to have been hacked. Sadly, that it's being left open to that seems to be deliberate.

Voter-Blockchain-OrganizatorAugust 19, 2016 7:34 AM

What do you think about the idea of the election 3step verification system? Voters could make a public and anonymous blockchain transaction in a local election office (it could be implemented directly into the bitcoin if necessary). Voters and election organization would work in similar way like nowadays (mainly for identification issues) and internet-blockchain could be just a veryfication tool for voters proving that their votes are really included in the final results.

jaysonAugust 19, 2016 8:34 AM

@phred14
Never fear, elections have been hacked long before there were computers and results were doubtful then as now.

@Voter-Blockchain-Organizer
This is exactly what I was thinking when I read the essay...a public ledger with anonymous input. And yes, an identification method to slow down those who have a key (or set of keys) that isn't theirs to vote.

Of course, none of this solves the problems of vote quality and the tyrannical majority.

StuddoAugust 19, 2016 10:42 AM

FriendFace knows a lot about billions of people by now. Obviously this is another problem that social media can solve!

Consider the scenario:
Your last political action reflected you favored candidate X when you Liked a post a Friend shared. The [meta]data gathered and compiled on you prior to the election supports this. Clearly you intended to vote for candidate X so consider your vote cast! On another note, the IRS has taken an interest in your past several years of filings. Please be advised this has nothing to do with your vote running counter to the current administration's plans for 4 more years, which it will have anyway. FF has also been named a new fourth branch of government by E.O. (which will go unchallenged) that makes it slightly more equal than the rest of the branches.

"Just think about love and companionship and everything's fine."

I'd prefer this not be where things go. But I could at the same time see it happen, because it's so easy for so many people to suddenly contribute(?) to the election process. "Privacy? What's that and why should I care?"

DaveAugust 19, 2016 12:40 PM

I have read some of Andrew Appel and Ed Feltens research over the years. The problem I see is most research is based on the voting machines, software on the machines, or the memory cards that are used in the machines. If you are going to hack an election this leaves a lot of evidence. Why not attack the chokepoint the central tabulation Software?

I mean for one thing all the central tabulation software runs on windows xp computers. Now Windows Xp has not had a security update since April of 2014. (What can go wrong) I mean how hard would it really be to find all those XP boxes on the internet using Shodan? Then it would be as simple as using a flip and switch program to ensure that a "preferred candidate" got the most votes and you would still end up with the same amount of votes cast. (if an audit was ordered) I mean with this method targeting maybe 5-10% of central tabulation computers would swing ANY election.

phred14August 19, 2016 1:13 PM

@jayson

I can agree with you on that. The difference is that in this election cycle we apparently have a hostile power hacking one of the major parties, as well as showing clear favoritism toward the other candidate. Then we also have that candidate hyping the fact that he feels that the other candidate is already rigging the election.

So it's already in the mainstream media that our electoral process is suspect, before the election. We've had dead Chicago voters and Florida chads before, the current noise has risen to a qualitatively new scale.

I'm not seeing this as a technical problem significantly greater than any other year. I'm seeing it as a perceptual problem.

phred14August 19, 2016 2:16 PM

@vas pup
That diagram makes me wonder if the nooscope is simply an e-meter as invented by a Russian instead of Scientologists.

k15August 19, 2016 2:54 PM

When there's an obvious security flaw, simple to fix, but the company ignores reports about it, where do you report it to?

GaryAugust 19, 2016 6:10 PM

How are the privacy issues different from mail-in ballots? Can't we just use internet votes for a direct substitute for paper mail-in ballots?

DroneAugust 20, 2016 5:18 AM

Vote by Homing Pigeon or vote by quantum entanglement - it doesn't matter how you do it. A vote for Trump is a Vote for Hillary, and there's nothing you can do about it!

Little Guy U.S.August 20, 2016 1:35 PM

@Gary

Clearly internet communications have a vastly different threat surface against privacy than snail mail. One of the larger dynamics of the modern age is how things that were always possible in limited scale before comp tech now are possible at maximum scale.

However aside from that, you are certainly correct that mail-in ballots used as more than a method of last recourse, are absolutely a real and long understood threat to the voting system. With a secret ballot, the criminal trying to extort your vote has to believe that you cooperated in the voting booth. With a mail in ballot, they can record you filling out the form, putting it in the mailbox, and then submit the video to their cappo.

But I'm sure the gubernment has that organized crime thing well under control, after all you don't see more than the occasional once a year perp walk or 50 year old cold case story in the news now do you?

Subjugation ItselfAugust 20, 2016 1:39 PM

@phred

"I fear that the day after election day in November, nobody is going to trust the result, no matter what it is."

I imagine there were/are more than a few non-white-males in the U.S. that for the span of the first 43 white-male election winners, didn't really trust the result, no matter which white man won the vote.

It's a big picture, that's all I'm tryin' to say

DaveAugust 21, 2016 11:26 AM

@K15

If you want to report an exploit, first see if the company has a bug bounty program. (always nice to get paid)Then you disclose it to the company. It’s never good form to disclose a security vulnerability without giving the company a window to fix the problem.

Now if you are in security research and looking to make money, well then the best thing to do is find an exploit broker. A broker is going to need a Proof of Concept. This just proves that the exploit works. I would also get a feel for what things are selling for on the open market; most companies keep this very quiet but look at the ZERODIUM price list. I have herd brokers usually get 15% but probably depends on the broker. In this case money well spent because you want to keep a comfortable distance from the powers that be. (If you are not on a list better to keep it that way)

Joonas PietiläAugust 26, 2016 11:27 AM

Out of curiosity, go to hillaryclinton.com, and check the source code of the page... that comment on the top? Interesting to say the least.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.