Hack the politicians?
The only thing that will persuade the congressmen and senators to vote for better election security is to find their own sites have been hacked.
Last year, the hackers at DEF CON showed how shockingly easy it was to crack into voting machine software and hardware. Next week, the 2018 conference's Vote Hacking Village will let kids have a shot at subverting democracy. Beginning on Friday, August 10, teams in three age ranges, 8-11, 12-14 and 15-16, will be let loose on …
The only thing that will persuade the congressmen and senators to vote for better election security is to find their own sites have been hacked.
...or, to find themselves out of a job because the election has been hacked. Course, by that time, it will be too late, and the replacement, who won as a result of the hack, will be unmotivated to change anything....
Gee, I wonder how that might work in real life?
A step further.. what if the election was hacked and they lost. Too late for those morons. But the winner certainly won't support any additional funding either.
The 3 abstentions is strange... like either they got in due some hanky-panky or there were some outside pressures for them not vote. There's also the factor of the geezers-in-charge not knowing enough to make a decision.
The best thing might just be to sit back and watch the resulting chaos from any hacking. I'm bringing popcorn and probably a nice red wine.
ISTR that there's usually a small handful of unnoticed joke candidates on the bill - not the semi-serious third party candidates, like the EDS guy a few years back, but Lord Buckethead types. What's needed is for patriotic US hackers to take one for the team and lay themselves open to a long time in the big house by hacking the vote to show "Buckethead, L. (Captain Paxo Party)" sweeping to a landslide victory.
Besides, they might try to respect the vote. It would certainly liven up the State of the Union address.
Just not by the Russians.
Some of the voting machines even had an explicit screen for "Adjusting" vote tallies if the election official thought they might be wrong.
If you wanted to stop hacking of the computers, you would just get rid of them, and use auditable paper ballots, which are also cheaper.
There is, incidentally absolutely no evidence that the Russians "hacked" the election in any meaningful way. Putting up a few dubious Facebook ads is hardly "hacking" in the normal sense of the word.
I blame Obama. He had the senate and congress and did nothing. He should have known that the Republicans are far, far better at hacking than the democrats. When know you are beaten at a game, change the rules.
> He had the senate and congress
The senate is one half of Congress. The other half is the House of Representatives, or just the House, for short. You could just say "he has Congress" or "he has the House and the Senate." If you're an American then shame on you for not knowing this.
And if you're a Brit, I'm guessing you probably don't say "he (or she) has the House of Lords and Parliament." Although I'd be willing to grant that these days Parliament might really only mean the House of Commons. I'm not British and I really don't know what role HoL has these days.
It could just as easily be that the loser hacked and tried to rig elections, thought they had it in the bag, but turns out they didn't rig them well enough, and that's one reason they're so irrationally angry. Something got past the high level selection process that occurs before we peons get to choose from the pre-decided acceptable choices. Not saying it was - just sayin' it could have been. A quickly terminated investigation into some rigging in the US points to the fact it might have been when a district voted more than 100% for what turned out to be the losing side...honest mistake, I'm sure
The Republicans are essentially being asked to vote to close off their current advantage.
Fat chance.
They will want better security as soon as the Chinese rig the election to make them lose and stave off a trade war.
At that point the Democrats will be strangely less concerned about the whole issue.
And so it goes on.
The UK system works amazingly (if you don't think about it) well. There were 27 allegations of voter impersonation last year.
There are attacks on our pencil-and-paper, human tabulators system, but they don't scale. Electronic voting is now and always has been a barmy idea, as those who remember the Diebold Wars of 15-20 years ago will remember.
There is no "national democratic infrastructure" for US elections. Anyone who thinks there is, is simply wrong. There is a hodgepodge of 50 state secretaries of state, hundreds of county or other regional boards of election, and probably several dozen commercial vendors of equipment and software used to record and count votes, record voter registrations and maintain voter registration information, and assist in management of election day precinct operations. Some of the software involved might well have been developed by state or local government IT personnel with varying skills operating under management of varying quality. The 51 top-level election officials (assuming the District of Columbia, although not a state, also has one) vary in their management skills and understanding of the IT and other issues involved, may or may not have capable advice from their staffs, and may just possibly be affected by political considerations, since the great majority of them are statewide elected officials.
The time for panic, as well as the time for providing resources to firm up security of this rather messy infrastructure, so called, is long past. At this point, three months before election day, it is too late to make more than minor changes to either the equipment and software or the procedures to be used for the upcoming election. All in all, it is a bit of a mess.
The good news, if any, is that in many places, perhaps most, no more than minor changes are necessary to ensure relatively smooth operation, and there probably is time to make them without a lot of additional public expense. For instance:
Isolate registration data to be used for official purposes from the Internet as much as possible; back it up early and often, not to the cloud; and guard it well. Use printed copies for precinct level voter verification (essentially eliminating the risk that programs used for the purpose are corrupted).
Monitor Internet connected services for unauthorized activity. Solicit, and hopefully obtain, monitoring by the federal government to augment local monitoring.
Insist on hand or courier delivery of firmware/software updates for equipment used in connection with election operations, and on appropriate checksums, manually verified after delivery by election officials representing several political parties.
Control and establish a manual audit trail of all access to equipment and software used in election management and operations. As a minimum requirement, cover access ports with serial numbered seals that cannot be removed without destruction whenever they are not in use, and maintain a manual paper audit record of the serial numbers used for each system, either by or witnessed by several officials not all of whom are of the same political party. Removal and replacement of seals for authorized port access to be similarly witnessed and placement of new seals similarly recorded with each access to a port. Optionally, dispense with such seals and disable ports not required for operation or maintenance by relatively permanent means like filling them with epoxy filler.
Double down on warnings to all election personnel about social engineering (and hope against the available evidence that they pay attention and act appropriately).
None of these is very costly to implement and many of them probably already are used in various places. Collectively, they would go quite a ways toward mitigating the undeniable vulnerabilities of existing election systems. For now, discussion of major changes to election systems, and provision of the necessary funding, should be directed at the election cycle of 2020, which begins in under two years..
"... the Republican caucus in Congress shot down an amendment ... that would have allocated $250m to US states to be used for hardening election systems against attack."
Bizarre, non? If the known multitude of attempts, principally by Russia, to swing US elections had been aimed at helping the Democrats instead of the Republicans, do you suppose these cretins would have voted differently?
And have they ever scraped up enough of their dregs of conscience to wonder why Vladimir Putin's Russia, America's most dangerous and consistent enemy, is in favour of a Republican president and Republican candidates?
Beyond all the nonsense about "No collusion" that's now weaselled into "Even if we colluded, it isn't a crime", is it possible that even someone as stupid as Trump hasn't asked himself why an enemy state would like to see him as president? (Yes, the question may be inflammatory: but it's based on facts and principals' statements, of impeccable public record.)
—"... for if it prosper, none dare call it treason"
... the thing that seems oddest is the attitude of the American voter.
Judging from from posts here and on comp.risks it appears that the average US voter is commendably keen to do his civic duty and vote but, having voted, has not the slightest interest in what happens after that: he's done his bit for Democracy, so vote counting, verification and associated security is not his job, and hence of no interest whatever. If this impression is wrong, why is there no pressure within the US for securing their voting systems?
Voters in other countries seem much more concerned about the security of the ballot system and the way its operated. There must be an explanation for this, but I'm damned if I can see one.
well, its not a Democracy, its a democratically (voting) elected Republic, but that doesn't matter.
All elections above local (and some local) are rigged, both by controlling who runs for office (by black listing people from media coverage - pay for an advertisement and with the same payment keep your opponent from advertising with that source) and election fraud (voting systems, counting). Its not a who will we pick, it's what two are picked that the criminals/shadow government, corporations want. They don't care which one of the two you vote for, as they wouldn't be on the ballot unless they were both in the pocket.
With crap like this going on: https://freebeacon.com/issues/city-alexandria-stonewalling-investigation-illegally-registered-voters/
Russia spending money with targeted adds or people hacking around the edges is laughable in comparison.
And before anyone just dismiss that story above, note that they only caught the numbers they did because people fessed to not being citizens when they renewed their licenses!! In other words these are only the really stupid people that got caught; never mind the people actively working against getting caught. Not that it's hard to do since everything is laughably based on the honor system. For something that's so important we should be freaked out over hackers? Give me a break.
It doesn't matter what hacking is done until PHOTO voter ID is universal just like India and Mexico. Buss loads of voters can be moved from location to location and totally screw real honest voting results. Tuesday night results can be challenged with ease but actual votes at individual polling locations are much harder to dispute unless people are stupid enough to openly admit double voting.
If these kids can find the issues then have the Sec of State for each state put bounties out for rewards on each state's systems. Probably cost a lot less than the $250M.
Another old one here. The thing is, there's a particular side of the false-dichotomy partisan business that benefits from illegals voting, and they are dead set against voter ID (not that you can live life without one anyway, at least easily) claiming it discriminates...against who I'm not sure other than illegals and people so dumb we should probably not allow them to vote anyway.
Pretty hard to have a bank account, drive, or do much of anything with any tie to money or legality - make a contract - without a good ID. Yet somehow those who don't have one are good to vote.
The cognitive dissonance is strong with anti-ID people. Or they are dishonest. Both?
It's simple. The anti-ID people counter with two words: "Papers, Please!" The basic problem is that it's a dual-use part-and-parcel problem. The very thing you need to prove your identity for such things as voting and benefits can also (and inseparably) be used to prove your identity against your will when (not if) the State should turn against you.
IOW, the biggest risk about the ability to be identified...is the ability to be identified.
"On Wednesday, the Republican caucus in Congress shot down an amendment to an appropriations bill proposed by Senator Patrick Leahy (D-VT) that would have allocated $250m to US states to be used for hardening election systems against attack."
If the $250M did get approved, they'd blow it on a massive program to overhaul election security that eventually balloons to $5B and then accomplishes exactly nothing useful. Meanwhile, our national security apparatus detects hacking of US elections systems by North Korea, Russia, China, and Syria. After numerous warnings and bludgeoning the UN Security Council into compliance, we'll be forced to stage a "shock and awe" invasion and regime change mission in New Zealand.
By putting the Youngsters to this task, they are just going to get apathy early and breed a generation of "why vote, whats the point, someone will hack it anyway"
None of this inspiring American Dream Rhetoric.
The whole hanging chad problem lead to the push for electronic voting, buts whats more simple than putting a cross in a box with a pencil?