National: Defcon Voting Village report: bug in one system could “flip Electoral College” | Ars Technica

Today, six prominent information-security experts who took part in DEF CON’s Voting Village in Las Vegas last month issued a report on vulnerabilities they had discovered in voting equipment and related computer systems. One vulnerability they discovered—in a high-speed vote-tabulating system used to count votes for entire counties in 23 states—could allow an attacker to remotely hijack the system over a network and alter the vote count, changing results for large blocks of voters. “Hacking just one of these machines could enable an attacker to flip the Electoral College and determine the outcome of a presidential election,” the authors of the report warned.

Iraq: Voting begins to elect new parliament in Iraq’s Kurdistan | AFP

Iraqi Kurds voted on Sunday for a new parliament in their autonomous region, which is mired in an economic crisis a year after an independence referendum that infuriated Baghdad. Almost 3.1 million voters were eligible to cast ballots across three provinces in the northern region, where 673 candidates from 29 political movements contested seats in the 111-member parliament. Polling closed as scheduled at 1500 GMT and the results are expected within 72 hours. The vote passed off with only minor incidents such as gunmen trying to vote without the necessary papers. The electoral commission gave an official turnout of 58 percent of registered voters in Arbil, the regional capital and one of the three provinces which make up Iraqi Kurdistan.

National: DEF CON hackers’ dossier on US voting machine security is just as grim as feared | The Register

Hackers probing America’s electronic voting systems have painted an astonishing picture of the state of US election security, less than six weeks before the November midterms. The full 50-page report [PDF], released Thursday during a presentation in Washington DC, was put together by the organizers of the DEF CON hacking conference’s Voting Village. It recaps the findings of that village, during which attendees uncovered ways resourceful miscreants could compromise electoral computer systems and change vote tallies. In short, the dossier outlines shortcomings in the electronic voting systems many US districts will use later this year for the midterm elections. The report focuses on vulnerabilities exploitable by scumbags with physical access to the hardware. “The problems outlined in this report are not simply election administration flaws that need to be fixed for efficiency’s sake, but rather serious risks to our critical infrastructure and thus national security,” the report stated. “As our nation’s security is the responsibility of the federal government, Congress needs to codify basic security standards like those developed by local election officials.”

National: Hackers warn about election security ahead of midterms | CNN

The vulnerabilities in America’s voting systems are “staggering,” a group representing hackers warned lawmakers on Capitol Hill on Thursday — just over a month before the midterm elections. The findings are based on a project at the Voting Village at the Def Con hacking conference held in Las Vegas last month, where hackers were invited to attempt to break into voting machines and other equipment used in elections across the country. The hacking group claims they were able to break into some voting machines in two minutes and that they had the ability to wirelessly reprogram an electronic card used by millions of Americans to activate a voting terminal to cast their ballot. “This vulnerability could be exploited to take over the voting machine on which they vote and cast as many votes as the voter wanted,” the group claims in the report.

National: Questions on Pompeo’s certainty about secure midterms | Politico

Secretary of State Mike Pompeo on Wednesday said there was “no question” the U.S. midterm elections would be safe from foreign interference, a level of certitude that is … shall we say, not widely shared? “That’s a dangerous level of confidence for someone in that position to have,” Alex Halderman, a University of Michigan computer science professor at the forefront of the election security debate, told MC. Halderman said that perhaps intelligence sources might not see any indications of foreign planning to further disrupt elections, but “frankly, you don’t know what you don’t know.” Democratic Rep. Mike Quigley said this about Pompeo: “I wish I could be so confident.” Robert Johnston, credited with discovering the DNC hack while working at CrowdStrike and now CEO of Adlumin, told MC there are already signs Russia has interfered in the 2018 races. Some of the suspect incidents have surfaced in California’s congressional races and the U.S. Senate.

California: Los Angeles County Supervisors Approve Investigation For Voter Registration ‘Errors’ | KHTS

The board unanimously approved a motion by Supervisor Kathryn Barger calling for an investigation into voter registration errors as a result of the new “motor voter” program managed by the California Department of Motor Vehicles. Created by the Motor Voter Act of 2015 and implemented in April 2018, the program automatically registers any eligible voters who apply for a driver’s license or identification card and transmits this data to the county where that person lives unless the individual specifically declines to participate. The state reported that 23,000 instances of voter registration errors occurred between mid-April and early August. The “motor voter” program has experienced other implementation issues as well, with 77,000 voter records allegedly being misreported in May by the DMV, according to officials.

Mississippi: Hackers attempt cyber attacks on state voting system | WMC

How safe is the ballot you will be casting during the November 6 election? Secretary of State Delbert Hosemann maintains that your ballot will be safe from hackers, but he reveals that there are thousands of attempts each month to try to penetrate the Statewide Election Management System. In the past few weeks, the agency that oversees elections reports that hackers have attempted to get into the systems of circuit clerks and election commissioners. “They are sending out emails to my circuit clerks and my election commissioners telling them to open this invoice from a former employee who’s no longer employed here,” said Hosemann. “So I will tell you that’s the level of attempts we have going on.”

Missouri: Testimony ends in voter ID lawsuit | New Tribune

Closing arguments will be Monday in the lawsuit challenging Missouri’s current voter ID law, after the state presented its final witness Wednesday. Cole County Senior Judge Richard Callahan is being asked to rule on the plaintiffs’ claim that Missouri’s new voter ID law conflicts with existing constitutional language that says people who are properly registered to vote “are entitled” to vote at all elections. The new law went into effect July 1, 2017, after voters in November 2016 added language to the state Constitution saying lawmakers could pass a law specifying the kinds of identification a voter would need to show at the polls before casting a vote.

Virginia: House panel backs GOP redistricting bill on party-line vote | Richmond Times-Dispatch

An attempt to find a bipartisan compromise on political redistricting culminated Thursday in a pair of party-line votes by a House of Delegates committee. It endorsed a new Republican plan, while killing a bill proposed by Democrats in a battle for control of the closely divided chamber before elections next year. The House Privileges and Elections Committee voted 12-10 to endorse a bill that Del. Chris Jones, R-Suffolk, introduced a day earlier, with a promise of some Democratic support. Jones said it was an effort to break an impasse in finding a legislative solution after a federal court found that 11 House districts were racially gerrymandered. Del. Kelly Convirs-Fowler, D-Virginia Beach, one of six Democrats whom Jones said he had approached for support, voted against the bill. She also voted against a move by the Republican-controlled panel to kill the Democratic redistricting plan that Del. Lamont Bagby, D-Henrico, had introduced on Aug. 30.

Wisconsin: Studies find that photo ID is tied to lower turnout in Wisconsin | Wisconsin Gazette

With all of her necessary documentation, University of Wisconsin-Madison student Brooke Evans arrived at her polling place on Nov. 8, 2016, for the presidential election. For her, voting that day meant not only casting a ballot for the first female presidential candidate with a real shot of winning, but having a voice in a society in which homeless people such as herself were marginalized. The law requires Wisconsin residents to present certain forms of photo identification to vote but does not require that the ID have the voter’s current address. Such voters must provide proof of their current address — and that is where Evans ran into trouble. She eventually was able to cast a ballot using a campus address she herself had advocated for to help homeless students. Not only did Evans, as a college student, face increased obstacles under the voter ID law, her homelessness was another barrier — one that almost prevented her from exercising a fundamental right of citizenship. “I was just really surprised at the hassle I was given,” Evans said.

Afghanistan: Election campaigning kicks off amid violence, fraud claims | AFP

Campaigning for Afghanistan’s long-delayed parliamentary elections kicks off Friday (Sep 28), as a crescendo of deadly violence and claims of widespread fraud fuel debate over whether the vote will go ahead. More than 2,500 candidates will contest the Oct 20 poll, which is seen as a test run for next year’s presidential vote and a key milestone ahead of a UN meeting in Geneva where Afghanistan is under pressure to show progress on “democratic processes”. But preparations for the ballot, which is more than three years late, have been in turmoil for months, despite UN-led efforts to keep Afghan organisers on track.

Canada: Elections Canada preps for spring vote as MPs set deadline for new law | iPolitics

Canada’s Chief Electoral Officer has revealed that the federal elections agency intends to be ready for an election by next April, five months before the fixed election date for 2019. Chief Electoral Officer Stéphane Perrault outlined the timetable as he informed a Commons committee this week that a sweeping bill to overhaul the Canada Elections Act and upgrade cybersecurity would have to clear Parliament by December to give his office time to prepare. “For the next election, given the environment, I very much look forward to having this legislation passed,” Perrault told the Commons Standing Committee on Procedure and House Affairs, which began reviewing Bill C-76 last May.

Congo: Leader Vows Elections to Proceed on Schedule in December | Bloomberg

Democratic Republic of Congo President Joseph Kabila vowed delayed elections to select his successor will take place as planned this year. Presidential and parliamentary votes have been delayed since 2016, after the electoral commission failed to organize them on time. The central African nation, which is the world’s largest cobalt producer, hasn’t had a peaceful transition of power since it gained independence from Belgium in 1960. “I reaffirm the irreversible character of holding the elections planned for the end of this year,” Kabila told the United Nations General Assembly on Tuesday. “Everything will be implemented in order to guarantee the peaceful and credible character of these polls.”

Iraq: After failed independence bid, disillusioned Iraqi Kurds vote for parliament | MEO

A year after a failed bid for independence, Iraq’s Kurds will be voting again on Sunday, this time in a parliamentary election that could disrupt the delicate balance of power in their semi-autonomous region. With opposition parties weak, the Kurdistan Democratic Party (KDP) and Patriotic Union of Kurdistan (PUK) are likely to extend their almost three decades of sharing power. But splits within the PUK present the possibility that Masoud Barzani’s KDP will take a dominant position in Kurdish politics, both in the regional capital Erbil and in the difficult formation of a federal government in Baghdad. The contentious referendum on independence in 2017, led by Barzani, promised to set Iraq’s Kurds on a path to a homeland.

Latvia: How do you Russia-proof an election? Educate your voters, says Latvian official | CBC

Countering attempts by Russia and other actors to meddle in the democracies of other countries requires more than just stronger cyber defences and better election monitoring, Latvia’s deputy minister of defence said Thursday. It also demands stronger societies and better-informed citizens able to withstand an onslaught of disinformation, rumours and outright fabrications, said Janis Garisons in an interview Thursday with CBC News. Latvia, which has faced cyber attacks on its infrastructure and frequent disinformation campaigns for years, has learned a lot about how to protect itself, said Garisons. “Without general resilience in the long term, I think it will be very difficult to resist,” he said.

Macedonia: President Urges Boycott Of Name Referendum | RFE/RL

President Gjorge Ivanov has called for voters to boycott an upcoming referendum on Macedonia’s name change, saying the country was being asked to commit “historical suicide.” “Voting in a referendum is a right, not an obligation,” Ivanov said on September 27 in a speech at the United Nations General Assembly. Macedonians are due to go to the polls on September 30 to vote on an agreement its new Socialist government led by Prime Minister Zoran Zaev reached with Greece this year to change the country’s name to North Macedonia. The name dispute between Skopje and Athens dates back to 1991, when Macedonia peacefully broke away from Yugoslavia, declaring its independence under the name Republic of Macedonia.

Nigeria: Opposition cries foul in Nigeria governorship runoff vote | AFP

Nigerian opposition parties cried foul late Thursday as the country’s electoral commission failed to publish official results for runoff governorship elections in the southwestern Osun state. The vote is the final major test before Nigerians elect a new president, parliament, governors, and state legislatures in February and March next year. Forty-eight candidates from different political parties contested the election last Saturday. But the leading candidates were Gboyega Oyetola from President Muhammadu Buhari’s ruling All Progressives Congress (APC) and Ademola Adeleke of the main opposition Peoples Democratic Party (PDP).

National: Widely Used Election Systems Are Vulnerable to Attack, Report Finds | Wall Street Journal

Election machines used in more than half of U.S. states carry a flaw disclosed more than a decade ago that makes them vulnerable to a cyberattack, according to a report to be delivered Thursday on Capitol Hill. The issue was found in the widely used Model 650 high-speed ballot-counting machine made by Election Systems & Software LLC, the nation’s leading manufacturer of election equipment. It is one of about seven security problems in several models of voting equipment described in the report, which is based on research conducted last month at the Def Con hacker conference. The flaw in the ES&S machine stood out because it was detailed in a security report commissioned by Ohio’s secretary of state in 2007, said Harri Hursti, an election-security researcher who co-wrote both the Ohio and Def Con reports. “There has been more than plenty of time to fix it,” he said.

National: The dark web is where hackers buy the tools to subvert elections | CBS

Voter data and the digital weapons hackers use to subvert elections are bought and sold daily on a corner of the internet known as the dark web. It is a network of websites that is tough to access but functions much like the internet we use every day. You can buy everything from guns and drugs to botnets and ransomware. And cyber-criminals can purchase voter records and hacking tools.The dark web is not accessible using typical web browsers like Chrome or Safari. Instead, you are required to log on using a virtual private network, or VPN, and the Tor web browser. Tor is an acronym for “the onion router.” Every computer has an identifying IP address, and the Tor browser can help shield your machine’s location by sending info through several layers of servers.

National: FEC data shows candidates hit snooze button on hacker threat, saying defending cyberattacks is hard | McClatchy

With some 40 days remaining to the crucial midterm elections, signs of digital meddling in campaigns are mounting. But most candidates have spent little or nothing on cybersecurity, and say it’s too hard and expensive to focus on hacking threats with all the other demands of running for office. Only six candidates for U.S. House and Senate spent more than $1,000 on cybersecurity through the most recent Federal Election Commission filing period. Yet those who monitor intrusions and digital mayhem say hackers are active. And various reports cite at least three candidates still in races or ousted in primaries were suffering attempted breaches of their campaigns. “We get things literally every day to my team … to investigate everything from phishing attacks to ‘We think our data was breached’ to ‘We think there was a denial of service attack’ to ‘Someone’s listening on our cell phones.’ So we get, like, the whole range of things every single day,” said Raffi Krikorian, chief technology officer for the Democratic National Committee, the party’s governing body.

National: Native Americans Fight Back at the Ballot Box | Stateline

Tara Benally and her 16-year-old son Delaney After Buffalo set up a plastic table alongside the last dusty highway intersection before the Arizona state line. Here in Monument Valley, in the shadows of the towering red rock monoliths sacred among the Navajo, the two are doing something that’s rarely been done in this part of Utah: conducting a voter registration drive for local Native Americans. For the first time, Navajo and Utes living here have a chance at being fully represented at the local level when they vote in November. Even though Native Americans are the majority in this 14,750-person county, slightly edging out whites, county commissioner and school board district lines were gerrymandered to give white voters disproportionate power for more than three decades.

National: Without offering evidence, Trump accuses China of interfering in U.S. midterm elections | The Washington Post

President Trump on Wednesday directly accused China of interfering in the U.S. midterm elections this fall in retaliation for the ongoing trade war between Washington and Beijing, marking a new front in the deepening hostilities that have threatened to upend bilateral relations. The president made the allegation during his opening remarks at a U.N. Security Council meeting on nonproliferation, asserting that China “has been attempting to interfere in our upcoming 2018 election, coming up in November, against my administration. They do not want me or us to win because I am the first president to ever challenge ­China on trade, and we are winning on trade — we are winning on every level. We don’t want them to meddle or interfere in our upcoming election.”

Arizona: Election day issues detailed in contractor report, emails | Arizona Republic

When technicians descended upon Maricopa County on Aug. 27 to set up equipment for the August primary election, they found a plethora of issues. Locked polling places. Broken check-in machines. Printers with no toner. Out-of-date software. No wireless internet. And the list went on from there, according to Tempe-based information technology contractor Insight. The Maricopa County Recorder’s Office hired Insight to assist with technology set-up the day before the primary and provide technical support on election day. 

Illinois: Cook County Board approves new election equipment contract, despite rival firm’s lawsuit | Chicago Sun Times

Residents in suburban Cook County could be the first voters to use new election equipment next year. The Cook County Board of Commissioners on Wednesday awarded a 10-year contract for nearly $31 million to Dominion Voting Systems, Inc., which would mean an update for the county’s equipment, some of which is at least a decade old. The older technology could open the county up to threats to election security. The contract first came before the County Board in March, but two bid protests by Election Systems & Software, which has provided election equipment for the county in the past, delayed the vote. The roll out of the new equipment is still in question. Cook County Clerk David Orr said it’s too late to begin testing the equipment and training poll workers for the November election, but he hopes that testing can begin in suburban Cook during the February and April elections. Orr called the unanimous vote “a plus for many, but especially for voters.”

Illinois: ES&S Takes Aim at Cook County Contract | Courthouse News

A supplier of election equipment brought a federal complaint in protest of the more than $30 million contract that Cook County, Illinois, is set to iron out Wednesday with another vendor. One of the voting machines offered by Election Systems & Software, which brought a federal complaint against Cook County, Illinois, on Sept. 25, 2018. As alleged by Nebraska-based Election Systems & Software, the state should not even have allowed Dominion Voting Systems to bid on the contract because the Illinois Board of Elections has not certified the latter’s system. Represented by the firm Vedder Price, Election Systems & Software filed its suit Tuesday in Chicago. ESS, as the plaintiff abbreviates its name in the complaint, notes that Cook County put out the request for proposals early last year with an eye toward purchasing or leasing a blended voting system that would feature both pen-marking and touch-screen ballot technology.

Maryland: Questions arise about Russian connection to Maryland election system | WBMA

With the midterm elections just over a month away, there is heightened concern about the security of America’s voting process, following recent revelations by the FBI that a software company — which runs part of Maryland’s voter registration system — was purchased by Russian oligarch Vladimir Potanin, believed to have close ties to President Vladimir Putin. “So, the fact that one of his friends, one of his business, wealthy friends, is buying up (a) company that does business with our Board of Election(s) is a matter of major security interest here,” said Sen. Ben Cardin, D-Md. The company, Bytegrid, is responsible for voter registration, online ballot delivery and unofficial election night results, and while there’s been no evidence of wrongdoing, Cardin says change is needed now.

Missouri: Lawsuit against Missouri’s voter ID law enters second day in court | Missourinet

A second day of arguments in a lawsuit challenging Missouri’s photo voter ID law took place Tuesday at the Cole County Court House in Jefferson City. The parties bringing the litigation are Priorities USA, a national progressive organization that promotes voting rights, and 71-one-year-old Mildred Gutierrez, a Lee’s Summit resident. Gutierrez was allowed to vote in the November 2017 election only after signing a sworn statement under penalty of perjury because she did not have a valid photo ID. University of Wisconsin Political Scientist Kenneth Mayer offered expert testimony for Priorities USA. He called the sworn statement, also known as an affidavit, that Gutierrez had to sign in order to cast a ballot completely incomprehensible.

Ohio: Groups seek expanded voting opportunities | The Toledo Blade

With Ohio facing a rare general election these days without major litigation hanging over the ballot process, voting rights groups on Wednesday staked out their hopes for future changes to make voting easier. The Ohio Voter Rights Coalition, consisting of groups like the League of Women Voters of Ohio and the new All Voting is Local, called for automatic voter registration for those eligible to vote, expanded early voting hours and days, and improvements in online voter registration. “When a quarter of those who are eligible are not registered and we have even worse turnout rates, we understand that the system is clearly not working,” League Executive Director Jen Miller said. While none of these proposed changes could happen in time to affect the Nov. 6 election, these discussions have been incorporated into the debate over who will succeed Secretary of State Jon Husted. The next secretary of state will be either state Sen. Frank LaRose (R., Hudson) or state Rep. Kathleen Clyde (D., Kent).

Pennsylvania: ‘A Relative Bargain’: Election Security Group Urges Funding for $125M Upgrade to Pennsylvania Voting Machines | NBC

A group examining election security in Pennsylvania urged Congress and state lawmakers Tuesday to speed up the funding required to replace voting machines, noting most lack a paper record needed to check for fraud and errors. The Blue Ribbon Commission on Pennsylvania’s Election Security released interim recommendations and said the estimated $125 million to replace all machines statewide was “a relative bargain.” “Pennsylvania’s elections are at risk,” the interim report said. “And one of the biggest risks is one that we can control — properly funding our election security, including by procuring voting machines that use voter-marked paper ballots.”

Bangladesh: Cybercrimes through social media to influence upcoming polls | Dhaka Tribune

Citing cybercrimes as a threat in the upcoming national polls, the ruling party apprehends that there may be violent consequences due to use of information technology in the country. Criminals may use social media to demoralize country’s democratic atmosphere. Cyberwar can be a crucial issue during the poll time period, as anti-democratic forces, militant groups and religious fundamentalists may misuse the social media to operate cyber war, warned law enforcement agencies. Dhaka Metropolitan Police (DMP) high officials also said militant groups may use social media and online platforms to obstruct the 11th parliamentary election, scheduled at the end of 2018.