Bruce Schneier on How Insecure Electronic Voting Could Break the United States—and Surveillance Without Tyranny
Nobody is in favor of the power going down. Nobody is in favor of all cell phones not working. But an election? There are sides. Half of the country will want the result to stand and half the country will want the result overturned; they’ll decide on their course of action based on the result, not based on what’s right.
November 3 2020, 10:32PM: CNN, NBC, and FOX report that Donald Trump has narrowly won Florida, and with it, re-election.
November 3 2020, 11:46PM: The NY Times, Washington Post and Wall Street Journal report that some group has successfully hacked electronic voting systems across the country, including Florida. The malware has spread to tens of thousands of machines and deletes any record of its activity, so the returning officer of Florida concedes they actually have no idea who won the state—and don’t see how they can figure it out.
What on Earth happens next?
Today’s guest—world-renowned computer security expert Bruce Schneier—thinks this scenario is plausible, and the ensuing chaos would sow so much distrust that half the country would never accept the election result.
Unfortunately the US has no recovery system for a situation like this, unlike Parliamentary democracies, which can just rerun the election a few weeks later.
The constitution says the state legislature decides, and they can do so however they like; one tied local election in Texas was settled by playing a hand of poker.
Elections serve two purposes. The first is the obvious one: to pick a winner. The second, but equally important, is to convince the loser to go along with it—which is why hacks often focus on convincing the losing side that the election wasn’t fair.
Schneier thinks there’s a need to agree how this situation should be handled before something like it happens, and America falls into severe infighting as everyone tries to turn the situation to their political advantage.
And to fix our voting systems, we urgently need two things: a voter-verifiable paper ballot and risk-limiting audits.
He likes the system in Minnesota: you get a paper ballot with ovals you fill in, which are then fed into a computerised reader. The computer reads the ballot, and the paper falls into a locked box that’s available for recounts. That gives you the speed of electronic voting, with the security of a paper ballot.
On the back-end, he wants risk limiting audits that are automatically triggered based on the margin of victory. If there’s a large margin of victory, you need a small audit. For a small margin of victory, you need a large audit.
Those two things would do an enormous amount to improve voting security, and we should move to that as soon as possible.
According to Schneier, computer security experts look at current electronic voting machines and can barely believe their eyes. But voting machine designers never understand the security weakness of what they’re designing, because they have a bureaucrat’s rather than hacker’s mindset.
The ideal computer security expert walks into a shop and thinks, “You know, here’s how I would shoplift.” They automatically see where the cameras are, whether there are alarms, and where the security guards aren’t watching.
In this impassioned episode we discuss this hacker mindset, and how to use a career in security to protect democracy and guard dangerous secrets from people who shouldn’t have access to them.
We also cover:
- How can we have surveillance of dangerous actors, without falling back into authoritarianism?
- When if ever should information about weaknesses in society’s security be kept secret?
- How secure are nuclear weapons systems around the world?
- How worried should we be about deep-fakes?
- The similarities between hacking computers and hacking our biology in the future
- Schneier’s critiques of blockchain technology
- How technologists could be vital in shaping policy
- What are the most consequential computer security problems today?
- Could a career in information security be very useful for reducing global catastrophic risks?
- What are some of the most kind of widely-held but incorrect beliefs among computer security people?
- And more.