Viewing entries in
Critical Infrastructure

Comment

National Security and “Federal Control” of Elections

Previously, our CTO, John Sebes tried to unpack the regrettable misunderstanding that current attempts to strength U.S. elections nationwide are some form of Federal hijack of states’ responsibilities for elections.  And of course, he is not our corporate lawyer or anyone in Legal trying to sort this out.  But from a layperson’s view (at least to Constitutional law and all) this doesn’t seem overly complicated to John, and so here’s his view....

Comment

Comment

“The Federal government should not gain more control over state elections” — Exactly Right, and Missing the Point

While at DEFCON Voting Village this week, OSET Institute CTO John Sebes observed that there is clearly more energy, more concern, and a greater sense of patriotism about defense of democracy and securing our elections than he has yet to see.  And that has John thinking about how the federal government and states’ governments need to cooperate for the benefit of our democratic republic. John comments here, and in a follow-up post.

Comment

Comment

Microsoft Wades into Election Integrity & Security with New Open Source Software Tools

The primary short-term significance of the Microsoft announcement about ElectionGuard (similar to the recent DARPA SSITH open source trusted hardware project) is validation of a major point about election cyber-security that just wasn’t part of the national conversation a couple years ago: Major technology innovation is required to increase the verifiability, accuracy, and security of elections technology and (at least) U.S. elections. That’s probably just as important as the prospect that ElectionGuard might be included in future proprietary voting system products, or in open-source election technology offerings from OSET Institute’s TrustTheVote Project or others….

Comment

Comment

New Cybersecurity Threats Require New Thinking on Testing and Certification

Ms. Voting Matters offers a summation of internal leadership discussion on the imperative topic of evolving election technology security; a longer article, but we think worth the read.

On an almost daily basis, there is mounting evidence that the scope of “election security” is wider than might appear at first blush. While much attention has been paid to “voting machines” and “voting systems” that capture and tabulate votes, there is growing awareness that other types of election-related software infrastructure are even more vulnerable by virtue of being network-connected: specifically, voter registration (VR) systems and Election Night Reporting (ENR) systems (which display results over the web, but which do not tabulate votes) have been found to be especially vulnerable. The question is how can cybersecurity testing and certification adapt?

Comment

Comment

Perspectives from the U.S. Elections Assistance Commission Public Hearing in Memphis

On April 10, 2019, at the historic Peabody Hotel in Memphis, TN, Eddie Perez, our Director of Technology Development, had the privilege of presenting public testimony on behalf of the OSET Institute at a Public Hearing of the United States Election Assistance Commission (EAC). The topic was the latest version (still pending) of federal voting system standards: the Voluntary Voting System Guidelines (VVSG), Version 2.0. Here are Eddie Perez’s observations about themes that emerged from the Public Hearing:

Comment

Comment

A Major Breakthrough Development in the Innovation of Election Technology

On Thursday March 14th it was announced that the Defense Department Advanced Research Projects Agency (DARPA) System Security Integration Through Hardware and Firmware (SSITH) Program has selected Galois, a premier computer science company and a security engineering partner of the OSET Institute, to develop a public prototype voting system in order to demonstrate the Program’s advancements in hardware and system security. This is an enormously pivotal piece of news in the mission to innovate election technology infrastructure to be Verifiable, Accurate, Secure, and Transparent (the “VAST mandate'“)…

Comment

Comment

Examining the Georgia State Voting System Cost Projection

The OSET Institute closely follows all developments in election technology infrastructure, because it’s essential to the defense of democracy.  Lately, one topic that has garnered more public attention is the process by which state and local jurisdictions assess, select, and procure voting technology. One in particular, Georgia, has garnered much attention, and rightly so. There are some very unusual cost justifications underway; and the math is not adding up. Not. Even. Close. The OSET Institute took a measured examination of what the costing should really look like. Something is not right in Georgia.

Comment

5 Comments

A 116th Opportunity: New Congress to Offer Ambitious Election Reform Bill to Defend Democracy

We’ve said it many times and it bears worth repeating: foreign interference in U.S. elections is a threat to our democracy.  The security of critical election infrastructure is the focal point of the OSET Institute’s mission.  So, OSET leadership was pleased to learn that on January 3, 2019, the opening day of the 116th session of Congress, the newly elected House Democratic majority, led by Speaker-designate Rep. Nancy Pelosi (D-CA-12), will have its first order of legislative business—House Resolution #1 (“H.R.1”), a comprehensive election reform bill.  The question is will H.R.1 become law, and be the change-agent needed to better defend democracy?

5 Comments

Comment

The Race to Secure our Elections: How Far Have we Come?

This article is the 1st of a two-part series on the state of America’s election infrastructure security with less than 4-months left to 2018 midterm election. Here I discuss the current situation and progress, and in the next post I will evaluate preparedness for the upcoming midterm in 110 days…

Comment

Comment

Shifting the Conversation from “Shoring-up” to “Re-engineering”

This afternoon a bipartisan group of authorities on election administration and cybersecurity presented a Congressional Briefing on current election security challenges facing federal and state policymakers. While it was a worthy discussion, I keep having this sinking feeling that we’re simply re-arranging furniture on the deck of a large cruise ship steaming toward an icebreaker in the dark…

Comment

Comment

Election Vulnerabilities: No Exploit Too Small; No Impact Too Large

The American public is currently in the midst of a rude awakening as increasing numbers of reports diagnose the state of American cybersecurity, especially as it pertains to elections. The nature of attacks isn’t limited to election administration equipment. Lots of havoc can be wreaked just attacking voter services web site…

Comment

Comment

Recounting Cyberscoop's SF CyberTalks Election Security Panel

Our CTO John Sebes was a featured speaker at Cyberscoop’s recent San Francisco CyberTalks held last week in downtown San Francisco. A huge success, SF CyberTalks was a TED-like conference for the cyber-security leadership community that brought together top influential leaders from the cyber-security community, technology industry and the government. We recap the Election Security Panel discussion John participated on, including recaps of his comments and answers to the moderator’s questions.

Comment

Comment

Critical Democracy Infrastructure: Our Briefing Launches

We are pleased to announce the release of the OSET Institute’s Critical Democracy Infrastructure (CDI) Briefing.  It’s been over a year in development.  Early review by several in Government, Media, and Advisors tell us this may be the most important publication on the issue of election infrastructure yet.  We humbly hope so. This Briefing provides a thorough review of the technology infrastructure of election administration and operation.  We address its critical nature and what is required for it to be treated as such, and assess the challenges of official designation, as well as the immediate and longer-term challenges to protecting this vital aspect of our democracy...

Comment

Comment

Recapping Our 4 CAP Briefing Posts

You may wonder why we spent 4 blog posts reviewing and discussing the CAP Briefing.  Here’s briefly why. This Briefing is the kind of substantive consideration and conversation America (e.g., election officials, U.S. security officials, policy strategists, policy makers, and other stakeholders) needs to be having right now. Any set of recommendations deserves fair, intellectually honest, and open consideration and debate...

Comment

Comment

Another Look at the CAP Briefing on Solving Election Security

We want to give credit to the great points the Center for American Progress recently made in their Briefing about election integrity. While we have some strategic differences, we generally endorse CAP’s tactical steps for improving election integrity in the near term.  The CAP Briefing was well researched and brought together many points that are widely agreed upon by the election integrity community including the OSET Institute.  Given Greg’s desire to limit the length of his response recently, and focus on the structural issue we’re so concerned about, we decided I would post a list here of the points we agree with and those we differ on...

Comment

Comment

Another Proposed Solution Set to Protect U.S. Elections

Danielle Root and Liz Kennedy at the Center for American Progress (“CAP”) published an important Briefing today highlighting nine solutions to secure America’s elections. The Briefing is well researched and offers a keen assessment of our current public elections’ average level of integrity.  I want to say right up front, this is good and important work.  What we offer as a review and comment here is intended to catalyze an intellectually honest conversation, and not to serve as some critique of their good work.

Comment