Interesting People mailing list archives
American elections are too easy to hack. We must take action now
From: "Dave Farber" <farber () gmail com>
Date: Thu, 19 Apr 2018 07:19:16 -0400
Distinguished Professor Keio University Japan Co-Director Cyber Civilization Research Center at Keio University Tokyo Japan Begin forwarded message:
From: Dewayne Hendricks <dewayne () warpspeed com> Date: April 19, 2018 at 5:26:32 AM EDT To: Multiple recipients of Dewayne-Net <dewayne-net () warpspeed com> Subject: [Dewayne-Net] American elections are too easy to hack. We must take action now Reply-To: dewayne-net () warpspeed com American elections are too easy to hack. We must take action now The computers we use in the voting process are vulnerable at every level. We need a system resilient to threats – and in many cases, that means paper By Bruce Schneier Apr 18 2018 <https://www.theguardian.com/commentisfree/2018/apr/18/american-elections-hack-bruce-scheier> Elections serve two purposes. The first, and obvious, purpose is to accurately choose the winner. But the second is equally important: to convince the loser. To the extent that an election system is not transparently and auditably accurate, it fails in that second purpose. Our election systems are failing, and we need to fix them. Today, we conduct our elections on computers. Our registration lists are in computer databases. We vote on computerized voting machines. And our tabulation and reporting is done on computers. We do this for a lot of good reasons, but a side effect is that elections now have all the insecurities inherent in computers. The only way to reliably protect elections from both malice and accident is to use something that is not hackable or unreliable at scale; the best way to do that is to back up as much of the system as possible with paper. Recently, there have been two graphic demonstrations of how bad our computerized voting system is. In 2007, the states of California and Ohio conducted audits of their electronic voting machines. Expert review teams found exploitable vulnerabilities in almost every component they examined. The researchers were able to undetectably alter vote tallies, erase audit logs, and load malware on to the systems. Some of their attacks could be implemented by a single individual with no greater access than a normal poll worker; others could be done remotely. Last year, the Defcon hackers’ conference sponsored a Voting Village. Organizers collected 25 pieces of voting equipment, including voting machines and electronic poll books. By the end of the weekend, conference attendees had found ways to compromise every piece of test equipment: to load malicious software, compromise vote tallies and audit logs, or cause equipment to fail. It’s important to understand that these were not well-funded nation-state attackers. These were not even academics who had been studying the problem for weeks. These were bored hackers, with no experience with voting machines, playing around between parties one weekend. It shouldn’t be any surprise that voting equipment, including voting machines, voter registration databases, and vote tabulation systems, are that hackable. They’re computers – often ancient computers running operating systems no longer supported by the manufacturers – and they don’t have any magical security technology that the rest of the industry isn’t privy to. If anything, they’re less secure than the computers we generally use, because their manufacturers hide any flaws behind the proprietary nature of their equipment. We’re not just worried about altering the vote. Sometimes causing widespread failures, or even just sowing mistrust in the system, is enough. And an election whose results are not trusted or believed is a failed election. Voting systems have another requirement that makes security even harder to achieve: the requirement for a secret ballot. Because we have to securely separate the election-roll system that determines who can vote from the system that collects and tabulates the votes, we can’t use the security systems available to banking and other high-value applications. We can securely bank online, but can’t securely vote online. If we could do away with anonymity – if everyone could check that their vote was counted correctly – then it would be easy to secure the vote. But that would lead to other problems. Before the US had the secret ballot, voter coercion and vote-buying were widespread. We can’t, so we need to accept that our voting systems are insecure. We need an election system that is resilient to the threats. And for many parts of the system, that means paper. Let’s start with the voter rolls. We know they’ve already been targeted. In 2016, someone changed the party affiliation of hundreds of voters before the Republican primary. That’s just one possibility. A well-executed attack that deletes, for example, one in five voters at random – or changes their addresses – would cause chaos on election day. [snip] Dewayne-Net RSS Feed: http://dewaynenet.wordpress.com/feed/ Twitter: https://twitter.com/wa8dzp
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-4ac2c253 Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-a538de84&post_id=20180419071924:81B1FD7E-43C3-11E8-9F19-9A299384DA3A Powered by Listbox: http://www.listbox.com
Current thread:
- American elections are too easy to hack. We must take action now Dave Farber (Apr 19)