Viewing entries in
Risk

Comment

Straight Talk About Election Security Plain Talk

On June 21st the House Administration Committee held a Markup Session for HR 2722 the SAFE Act. We monitor as much of these proceedings as we can. And this one in particular compelled our CTO John Sebes to not only produce a Paper clarifying or correcting several assertions made by a House Member during that proceeding, but also led to a 7-part “plain talk” series on election security posted on our TrustTheVote Project blog. In this post here, John explains why…

Comment

Comment

New Cybersecurity Threats Require New Thinking on Testing and Certification

Ms. Voting Matters offers a summation of internal leadership discussion on the imperative topic of evolving election technology security; a longer article, but we think worth the read.

On an almost daily basis, there is mounting evidence that the scope of “election security” is wider than might appear at first blush. While much attention has been paid to “voting machines” and “voting systems” that capture and tabulate votes, there is growing awareness that other types of election-related software infrastructure are even more vulnerable by virtue of being network-connected: specifically, voter registration (VR) systems and Election Night Reporting (ENR) systems (which display results over the web, but which do not tabulate votes) have been found to be especially vulnerable. The question is how can cybersecurity testing and certification adapt?

Comment

Comment

Will Foreign Adversaries Attack U.S. Midterm Elections or Elsewhere?

Most experts believe that Russia through the GRU, the intelligence arm of Russia's armed forces, will continue to interfere in U.S. elections on some level(s).  Others are raising concerns about China and even Iran. There are many prognostications, but before commenting on any one theory, let’s review the multiple paths a malicious actor could use to compromise the 2018 American Midterms and upcoming elections in Europe…..

Comment

Comment

The Race to Secure our Elections: How Far Have we Come?

This article is the 1st of a two-part series on the state of America’s election infrastructure security with less than 4-months left to 2018 midterm election. Here I discuss the current situation and progress, and in the next post I will evaluate preparedness for the upcoming midterm in 110 days…

Comment

Comment

Election Vulnerabilities: No Exploit Too Small; No Impact Too Large

The American public is currently in the midst of a rude awakening as increasing numbers of reports diagnose the state of American cybersecurity, especially as it pertains to elections. The nature of attacks isn’t limited to election administration equipment. Lots of havoc can be wreaked just attacking voter services web site…

Comment

Comment

Recounting Cyberscoop's SF CyberTalks Election Security Panel

Our CTO John Sebes was a featured speaker at Cyberscoop’s recent San Francisco CyberTalks held last week in downtown San Francisco. A huge success, SF CyberTalks was a TED-like conference for the cyber-security leadership community that brought together top influential leaders from the cyber-security community, technology industry and the government. We recap the Election Security Panel discussion John participated on, including recaps of his comments and answers to the moderator’s questions.

Comment

Comment

Another Look at the CAP Briefing on Solving Election Security

We want to give credit to the great points the Center for American Progress recently made in their Briefing about election integrity. While we have some strategic differences, we generally endorse CAP’s tactical steps for improving election integrity in the near term.  The CAP Briefing was well researched and brought together many points that are widely agreed upon by the election integrity community including the OSET Institute.  Given Greg’s desire to limit the length of his response recently, and focus on the structural issue we’re so concerned about, we decided I would post a list here of the points we agree with and those we differ on...

Comment

Comment

Another Proposed Solution Set to Protect U.S. Elections

Danielle Root and Liz Kennedy at the Center for American Progress (“CAP”) published an important Briefing today highlighting nine solutions to secure America’s elections. The Briefing is well researched and offers a keen assessment of our current public elections’ average level of integrity.  I want to say right up front, this is good and important work.  What we offer as a review and comment here is intended to catalyze an intellectually honest conversation, and not to serve as some critique of their good work.

Comment

Comment

Reviewing the Brennan Center Study on Election Security—Part 2

Our commentary in the last segment on the Brennan Election Security Report might seem nit-picky, but the OSET Institute believes that in order to properly design a solution for a specific problem you need to be able to identify it precisely.  We’re going to make a bold assertion: Many of the solutions in the Brennan Report, while undoubtedly helpful, fail to do enough to increase the security of our elections. The recommendations fall short of properly addressing the problem as we described it in Part 1. These solutions are actually incremental steps that try to improve a system that needs to be fundamentally re-invented. ...

Comment

Comment

Reviewing the Brennan Center Study on Election Security—Part 1

The Brennan Center for Justice recently released a fairly thorough, well done report on the security needs and vulnerabilities of the U.S. election system—a topic of considerable attention here at the Institute.  It’s a vital element of the current debate and discussion of democracy administration and national security.  This is the first of a three-part series examining the Brennan Report on election security.

Comment

Comment

One Last iVoting Consideration: Blockchain

One last item for this series on iVoting that I’m adding by popular inquiry is this new bright shiny object called “Blockchain.” If you’re involved in election technology or computer science in general you’ve probably heard of Blockchain.....

Comment

Comment

The Technical Challenges Facing iVoting

iVoting faces several technological challenges before it can begin to be implemented.  Most election officials and experts in the field are hesitant or skeptical about implementing iVoting with current Internet and Web technology.  Even when we view iVoting as simply returning a digital absentee ballot or the digital equivalent of voting by mail, as I explain in this installment of my series, there are still substantial innovations required....

Comment

Comment

The Challenges of iVoting Implementation

When we last left this discussion, I had laid out a basis for our interest in technologies just over the horizon or "ready next" and in particular the growing interest in smartphone voting. I am essentially carving up a technology backgrounder white paper for easy reading here. Today I help us dive in with a survey of the challenge areas to "Pajama Voting" (I love that phrase)...

Comment

Comment

Is Foreign State Hacking of an Election An Act of War?

A couple of days ago Benjamin Dynkin, Barry Dynkin & Daniel Garrie, published an intriguing article in the New York Law Journal, “Hacking Elections: An Act of War?” (Subscription required.)  The article is well heeled; Benjamin Dynkin is a law clerk at Grauman Law Group. Barry Dynkin is of counsel at the firm, where he heads the cyber security practice. Daniel Garrie is the editor-in-chief of the Journal of Law and Cyber Warfare and a partner at Zeichner Ellman & Krause.  And its worth summarizing here food for thought (inasmuch as possibly some intellectual navel-gazing ;-)

Comment

Comment

Finally, Gov Starts Talking About Critical Democracy Infrastructure

This week the Government started earnest discussions about election infrastructure as possibly rising to the level of critical infrastructure.  Like us, we think they're sensing that this coming general election is ripe for disruption, both from foreign operator but potentially even domestic actors.  We think this is a great idea, but not without the required action to make it really happen.  Designations are start, but there is a bunch of work to be done...

Comment

Comment

I Totally Just Voted!

Ms. Voting Matters here, and I'm going to start spending more time sharing things with our readers here who couldn't care less about code (although it does cause change ;) but who, like myself, really care a bunch more about how we preserve our right to be a part of our democracy.  And for us, that means more easily and conveniently casting our ballot and knowing our ballots are counted as cast, right?  So for you, my thought today is about something that makes total sense on the one hand, and totally doesn't on the other... the voter selfie.  I went back and forth on this for days, reading various views from Vogue to the NY Times, and here is where I come down on this.  I hope you'll think about it, and reach a similar conclusion...

Comment