Verified Voting Blog: How not to measure security

This article was originally posted at Freedom to Tinker on August 10, 2015. It is reposted here with permission of the author.

A recent paper published by Smartmatic, a vendor of voting systems, caught my attention. The first thing is that it’s published by Springer, which typically publishes peer-reviewed articles – which this is not. This is a marketing piece. It’s disturbing that a respected imprint like Springer would get into the business of publishing vendor white papers. There’s no disclaimer that it’s not a peer-reviewed piece, or any other indication that it doesn’t follow Springer’s historical standards. The second, and more important issue, is that the article could not possibly have passed peer review, given some of its claims. I won’t go into the controversies around voting systems (a nice summary of some of those issues can be found on the OSET blog), but rather focus on some of the security metrics claims.

The article states, “Well-designed, special-purpose [voting] systems reduce the possibility of results tampering and eliminate fraud. Security is increased by 10-1,000 times, depending on the level of automation.”

That would be nice. However, we have no agreed-upon way of measuring security of systems (other than cryptographic algorithms, within limits). So the only way this is meaningful is if it’s qualified and explained – which it isn’t. Other studies, such as one I participated in (Applying a Reusable Election Threat Model at the County Level), have tried to quantify the risk to voting systems – our study measured risk in terms of the number of people required to carry out the attack. So is Smartmatic’s study claiming that they can make an attack require 10 to 1000 more people, 10 to 1000 times more money, 10 to 1000 times more expertise (however that would be measured!), or something entirely different?

Florida: As redistricting heats up, Central Florida at heart of battle | Orlando Sentinel

Central Florida’s congressional districts are essentially caught in a virtual tug-of-war between state lawmakers and the Florida Supreme Court. That was clear from the deliberations of lawmakers in a special redistricting session Tuesday, as several legislators bashed the court’s decision to throw out the previous maps and mandate the current Congressional District 5 running from Jacksonville to Orlando instead run horizontally from Jacksonville to Tallahassee. Republican legislators took particular issue with the court ordering the east-west district, which was favored by Democratic groups and the League of Women Voters, which brought the redistricting lawsuit. “If the Florida Supreme Court is basically drawng a map and they know that the map is drawn by partisan Democratic operatives . . how are the justices who do that complying with the constitution?” said Sen. Rob Bradley, R-Fleming Island.

Maryland: Hogan announces redistricting committee | Southern Maryland News

Gov. Larry Hogan announced Thursday that he has issued an executive order to create a commission to study redistricting reform in Maryland. “Maryland is home to some of the most gerrymandered districts in the country, a distinction that we should not be proud of,” Hogan (R) said. According to the governor’s office, the commission will look at fully reforming Maryland’s redistricting process and giving the authority to an independent, nonpartisan commission. It also will give recommendations for congressional district reform. Maryland last redistricted in 2010, with the maps taking effect in 2012, according to the Maryland Department of Planning. Like all states, Maryland redistricts every 10 years.

Minnesota: Ranked Choice Voting to Appear on November Ballot | KQDS

An organization, called Fair Vote Minnesota, has petitioned throughout Duluth and received more than 1,600 signatures, which was the magic number, and now puts the question of ranked choice voting on the ballot this November. Councilor Joel Sipress believes the term ‘ranked choice voting’ encompasses two different voting systems. The first is called ‘instant runoff voting’ and is the method used in races electing one person, like the Mayor or district councilors. The second, is called ‘single transferable voting,’ a system designed for races electing multiple people at the same time, like the at–large city councilors.

New Hampshire: A federal judge just struck down New Hampshire’s ban on ballot selfies | Boston Globe

New Hampshire primary voters rejoice! You may once again take “ballot selfies.” A federal judge Monday repealed the Granite State’s law banning photos of filled-out election ballots, ruling that it violated the First Amendment. U.S. District Court Judge Paul Barbadoro said the law was unconstitutional, because it did not meet the standards necessary for the state to restrict political free speech. “Here, the law at issue is a content-based restriction on speech that deprives voters of one of their most powerful means of letting the world know how they voted,” Barbadoro wrote in his decision.

Ohio: Ohio voting laws discriminate, lawsuit says | Associated Press

Recently passed Ohio voting laws create hurdles for minority voters casting absentee and provisional ballots, advocates argued in an updated federal lawsuit filed on Monday. The laws and similar orders by the secretary of state unconstitutionally permit absentee votes to be thrown out for ID errors, according to the lawsuit. Those mistakes could include putting down the wrong birth month on the absentee envelope even when a voter supplied the correct information when requesting the ballot, the lawsuit said. The laws also removed protection for voters casting provisional ballots by failing to provide the chance for voters to be notified of errors that could cause the ballot to be rejected, according to the lawsuit.

Virginia: Democrats target Virginia as they push to break down voting restrictions | The Washington Post

After Tracey Bell tried to register to vote in Virginia last year, she got a letter in the mail saying her citizenship was in doubt and she would have to pay $10 to prove it. Confused and annoyed, Bell ranted on Facebook. It was the rare Facebook rant that actually led to government action. A friend put her in touch with the Virginia Democratic Party, which connected her to a lawyer who explained that she had forgotten to check a box confirming her citizenship. She fixed it — and a year later, Gov. Terry McAuliffe (D) is pushing to have the box requirement eliminated.

Washington: Yakima Urges High Court to Overturn Election District Makeup | Spokane Public Radio

The City of Yakima has latched onto the coat tails of a Texas lawsuit before the nation’s highest court seeking to limit the principle of “one person – one vote.” Last February, a Spokane federal judge ordered the city to elect council representatives by district, rather than at large, reasoning that Latino candidates could not gain a political foothold under the at-large system.

Wisconsin: As John Doe probe is halted, legal maneuvering continues | Milwaukee Journal-Sentinel

The investigation into conservative groups and Gov. Scott Walker’s campaign may be halted, but the legal machinations surrounding it appear far from over. In the latest development, attorneys who beat back the probe are seeking to have a third party oversee prosecutors as they return evidence they gathered during the investigation. Their request to the state Supreme Court would also affect the treatment of material gathered in an earlier investigation that resulted in six convictions, according to the judge who oversaw that first investigation. Details are sketchy because the high court has sealed the filings until it determines whether they can be released. But the flurry of court activity shows that a fight over the investigation will continue as Walker pursues the Republican nomination for president.

Canada: Why B.C. candidate’s campaign video is bursting with dragons, robots, lasers: ‘People don’t have attention spans’ | National Post

It’s easily the 2015 campaign’s most computer graphics-filled video: Dragons, a giant Canada goose and a towering space robot. And according to independent candidate Wyatt Scott, it all started with a solemn vow to defy the alleged “shenanigans” of the local Liberal Party. “Obviously, people don’t have attention spans nowadays, so we figured what can we do to draw attention?” said Scott, who put together the video for less than $1,000 after recruiting student filmmakers through Craigslist. The one-minute video entitled “I’m running for Parliament!” features the B.C. candidate riding a Canada goose and stabbing a dragon in the head with a broadsword. “University is too damn expensive!” he says, while catching a man in drag falling from the sky.

Editorials: Direct Elections Won’t Help Russia’s Opposition | Vladimir Ryzhkov/The Moscow Times

One of the few things the mass protests in the winter of 2011-12 achieved was the return of direct elections for State Duma deputies representing single-member districts. They will be held in September 2016, and half of the parliamentary deputies (225) will, for the first time in 13 years, be elected by specific cities and regions. The winners in each of these 225 districts will be the candidates who receive more votes than any of their opponents. Parliamentary parties, non-parliamentary opposition groups and the Kremlin are already hard at work in preparation for these elections. A foundation with ties to the Kremlin, the Institute for Socio-Economic and Political Research (ISEPR), recently released its forecast for the elections, working from the current composition of the Duma. This ISEPR report (“Acting State Duma Deputies in their Districts — 2016”) is important and noteworthy, not only as an expert study, but as a formative one.

United Kingdom: Labour leadership contest: campaign teams summoned over ballot concerns | The Guardian

Labour has hauled in its four leadership campaign teams for a meeting at party headquarters in an attempt to put a stop to complaints from some of the camps about the credibility of the contest. The party called in representatives of Jeremy Corbyn, Andy Burnham, Yvette Cooper and Liz Kendall on Tuesday, as it sought to clear up confusion about the process and reassure them that no “entryists” from other parties would successfully infiltrate the competition. At the meeting, called by Iain McNicol, the party secretary, and attended by chief whip Rosie Winterton, the campaign teams were told that at least 1,200 members or supporters of other parties have now been excluded and at least another 800 are under investigation. But despite the party’s attempts to stress the robustness of its verification process, the Guardian has been told by sources present that the meeting raised more questions than it answered, and at least three of the camps are in touch with each other to discuss their concerns about the running of the contest.

National: Inside John Roberts’ Decades-Long Crusade Against the Voting Rights Act | Politico

John Glover Roberts, a 25-year-old graduate of Harvard Law School, arrived in Washington in early 1980. Harvard Law professor Morton Horwitz described Roberts as “a conservative looking for a conservative ideology in American history,” and he found that ideology in the nation’s capital, first as a clerk for Supreme Court Justice William Rehnquist and then as an influential aide in Ronald Reagan’s Justice Department. At the time, Rehnquist and the Reagan administration were at the vanguard of a new conservative counterrevolution in the law—a legal backlash against the historic and liberal-leaning civil rights laws of the 1960s.

Arizona: 9th Circuit Endorses Arizona Ballot Form | Courthouse News Service

Arizona may continue to use a ballot registration form that lists only the two largest political parties in the state, the Ninth Circuit ruled Friday. The Arizona Libertarian and Green parties, and three of their members, sued then-Secretary of State Ken Bennett in 2011 after the state legislature decided that only the two largest political parties would be listed by name on voter registration forms. The plaintiffs in the lawsuit filed in Tucson Federal Court claimed the statute discriminated against Green and Libertarian voters, who now had to write out their party affiliation in a small box, forcing them to “abbreviate, and run the risk that their abbreviation is illegible or misread.”

Florida: Lawmakers reluctantly convene for another redistricting session | Tampa Bay Times

It was 101 degrees in the shade Monday afternoon when Florida legislators gaveled open a two-week special session to redraw — for the third time — the state’s congressional districts and, within minutes, it became apparent that hardly anyone wanted to be there. The governor and his family had jetted off to Paris for a vacation. The Florida Supreme Court, which ordered lawmakers to redraw the map that forced the special session, was on its summer break. At least 10 of the state’s 40 senators and 17 of the 120 House members received permission to skip out for the session. House and Senate leaders announced that they disagreed with the court ruling that said the Republican-led redistricting process was “tainted” by illegal partisan intent but vowed to fix it as part of the “remedial” process laid out by the court. “We continue to believe that we drew a constitutional map in 2012 and again in 2014,” said House Speaker Steve Crisafulli, R-Merritt Island, addressing the chamber in a 20-minute opening session. “Unfortunately, we are here today because the Supreme Court disagreed and ordered that eight districts be redrawn.”

Florida: Randolph Calls on DOJ Probe into Florida’s Voter Registration System | WMFE

Susanna Randolph, one of the candidates running for Alan Grayson’s 9th district congressional seat, sent a letter today asking Attorney General Loretta Lynch to launch a Department of Justice probe into the state’s voter system. The request comes less than one month after an independent report by the state auditor general found flaws with the nine-year-old registration database. The audit found the system at risk of a security breach, citing unauthorized access to voter data by Department of State employees. It also labeled the system overdue for upgrades and a disaster recovery plan evaluation

Kansas: Lawmakers question Kobach’s effort to purge ‘suspense’ voter list | Lawrence Journal World

Four Kansas Lawmakers went on record Monday opposing Secretary of State Kris Kobach’s proposal to cancel voter registration applications after 90 days if those voters do not submit proof of citizenship or other required information. Those statements came during a meeting of the Legislature’s Joint Committee on Administrative Rules and Regulations, which reviews proposed regulations, but which does not have authority to veto them. “I want to record my opposition to this arbitrary and capricious 90-day rule,” said Rep. Jim Ward, D-Wichita, who also raised new questions about whether the state’s proof-of-citizenship requirement is constitutional, in light of a recent federal appeals court opinion.

Kentucky: Online Voter Registration Could Be Coming to Kentucky | WKMS

If a legislative committee signs off on a new regulation later this month, Kentuckians will soon be able to register to vote online. Twenty-one states allow voters to register online, which Democratic Secretary of State Alison Lundergan Grimes has advocated for during her tenure. Kentucky already allows members of the military and overseas voters to register on the web. In a statement, Grimes said that program has been a “tremendous success,” and she hopes expanding online registration to all Kentuckians would lead to greater participation.

Louisiana: Baldone seeks to be a Democrat and Republican on fall ballot | Daily Comet

A Houma attorney seeking to return to the state House wants to be listed as both Democrat and Republican on the ballot this fall. Damon Baldone filed a petition today in state court seeking to force the Terrebonne Parish Registrar of Voters to allow the dual registration. “By working with both parties you have a voice,” he said. “By going independent, you just kind of lose that voice and I believe my political beliefs fall within the spectrum of both the Democrat and Republican parties. That hasn’t changed and won’t change.”

Ohio: Election rights advocates allege new voter ID violations | Associated Press

Recently passed Ohio voting laws create new hurdles for minority voters casting absentee and provisional ballots, election rights advocates argued in an updated federal lawsuit filed Monday. The laws and similar orders by the state’s elections chief unconstitutionally permit absentee votes to be thrown out for ID errors, according to the lawsuit. Those mistakes could include putting down the wrong birth month on the absentee envelope even when a voter supplied the correct information when requesting the ballot, the lawsuit said. The laws also removed protection for voters casting provisional ballots by failing to provide the chance for voters to be notified of errors that could cause the ballot to be rejected, according to the lawsuit.

Utah: New by-mail voting could mean election night mystery: Who won? | The Salt Lake Tribune

Waiting up late to see who wins on election night may be frustrating Tuesday. More municipal primary races than usual may remain undecided — for up to two weeks — because many ballots will still be in the mail. Most major Utah cities switched this year to voting primarily by mail, including seven of the eight Salt Lake County cities holding primaries Tuesday. Fourteen of the 16 cities in Utah’s largest county will also vote by mail in the Nov. 3 general election — all but Taylorsville and West Valley City. By-mail ballots must be postmarked by Monday, the day before the election. So they may trickle in over several days. State law prohibits updating vote counts publicly between election night and the final official vote canvasses by city councils — which must be held between seven and 14 days after the election.

Canada: Is it fair to ban expats from voting? | BBC

Canada’s election to choose a new government has begun but new rules will restrict the right of ex-pats to vote. Is that fair? William Affleck-Asch-Lowe moved to the US 22 years ago, but the Canadian expatriate says he never lost touch with his roots. The University of Washington student keeps on top of news from home and is regularly in touch with Canadian friends online. Affleck-Asch-Lowe grew up in British Columbia and went on to serve in the Canadian army for seven years. When he finishes his PhD programme, he plans to come home and teach engineering. “Once a Canadian, always a Canadian,” he told the BBC. And yet, living outside his country has cost William Affleck-Asch-Lowe his right to vote.

Haiti: OAS: Irregularities did not disrupt overall Haiti elections | Associated Press

An international mission that monitored legislative elections in Haiti said Monday that there were scattered problems with violence and other disruptions during Sunday’s first round but not enough to disrupt the legitimacy of the overall vote. The Organization of American States had 28 observers monitoring Sunday elections that saw Haitians choose lawmakers for the next Parliament in a contest that was delayed for nearly four years. They visited 171 of more than 1,500 voting centers across the country of 10 million people.

Haiti: Two dead in Haiti election violence: parties | AFP

Two people were killed during Haiti’s long-delayed legislative elections, political parties said Monday, amid violence that forced some polling stations to close early. The elections, held on Sunday after a four-year delay, were meant to be a stride toward restoring consitutional order in the destitute Caribbean country. Turnout was reported to be low. Several Port-au-Prince polling stations were vandalized in the morning and 26 shut down early because of violence.

Russia: Russian Opposition Blocked From Standing in Local Elections | Newsweek

Russia’s joint Democratic Coalition, led by renowned anti-corruption activist Alexei Navalny and the supporters of the late opposition leader Boris Nemtsov, have been refused the right to run for election across all the regions where they opted to campaign on the grounds of irregularities in their applications, Russian national daily Kommersant reports. Local council elections in Russia will be held in September and the Democratic Coalition, which is made up of several of the biggest opposition movements to Russian president Vladimir Putin’s regime, was due to contest four constituencies.

Turkey: Erdoğan’s ‘election war’ | Politico

Turkey sustained an unprecedented slew of militant attacks Monday, the product of a controversial “war on terror” instigated by an interim government under the guidance of President Recep Tayyip Erdoğan. In recent weeks the Turkish military has carried out hundreds of air strikes while police have arrested more than a thousand suspects linked to ISIS, the Kurdish militant group the PKK, and far-leftist groups including the DHKP-C. Almost all suspects in Monday’s attacks belonged to the latter two groups. In total, six security personnel were killed in attacks carried out in Istanbul and the Kurdish southeastern region, raising concerns about Turkey launching anti-terror operations at a time when it has no elected government and is facing likely snap elections in November amid continuing regional unrest.

Editorials: Happy birthday to the Voting Rights Act | The Washington Post

Just two years ago, it seemed possible the Voting Rights Act would not make it to its 50th birthday. It did Thursday, and on the eve of the anniversary one court handed down a promising decision: Texas’s voter identification legislation violated the 1965 act by discriminating against minorities and the poor. So insidious a law never should have gone into effect. In June 2013, the Supreme Court struck down one of the Voting Rights Act’s most powerful provisions, a requirement that states with records of discrimination — states such as Texas — submit proposed changes in electoral procedure to the Justice Department for review (known as “preclearance”). Texas began enforcing its law the very same day. The legislation looks like bills passed in many other states since the Supreme Court’s decision: It restricts the voting pool to those who present government-issued photo ID at the polls. Those least likely to have the documentation are the state’s poor and minority residents.

California: Voting Rights Restored to 60,000 Ex-Felons | Mother Jones

Yesterday, about 60,000 former felony offenders in California were officially granted the right to vote. Earlier this week, California Secretary of State Alex Padilla announced that the state would settle litigation over laws that had barred low-level felony offenders under community supervision from voting. In 2011, California lawmakers passed bills to reduce overcrowding in state prisons by diverting low-level felony offenders to county jails and community supervision, in which recently released prisoners are monitored by county agencies. Then-Secretary of State Debra Bowen told election officials in December 2011 to extend the state’s ban on felon enfranchisement to those offenders, noting that being under community supervision was “functionally equivalent” to parole. Civil rights groups filed a lawsuit last year to challenge Bowen’s directive.

Connecticut: Advocates Call On Democratic Party To Drop Lawsuit, Comply With Subpoena | CT News Junkie

Common Cause of Connecticut on Wednesday called upon the Connecticut Democratic Party to drop its challenge of the state’s clean election laws. The lawsuit served Tuesday is the second since the start of the 10-month investigation into mailings the party did on behalf of Democratic Gov. Dannel P. Malloy during the 2014 election cycle. The Democratic Party believes federal law trumps state law when it comes to the mailings, but the State Elections Enforcement Commission told the Federal Elections Commission in October 2014 that it would be wrong for federal regulators to assume they have jurisdiction over the mailing because it “glibly” includes “a stray get-out-the-vote message.” However, a draft decision by the FEC shows that it was poised in October to rule against the Connecticut Democratic Party. But the party withdrew its request for the ruling before it could be issued and went ahead and sent the mailings to prospective voters anyway shortly before the election.