Congress has failed to pass any legislation to secure U.S. voting systems in the two years since Russia interfered in the 2016 election, a troubling setback with the midterms less than six weeks away. Lawmakers have repeatedly demanded agencies step up their efforts to prevent election meddling but in the end struggled to act themselves, raising questions about whether the U.S. has done enough to protect future elections. A key GOP senator predicted to The Hill last week that a bipartisan election security bill, seen as Congress’s best chance of passing legislation on the issue, wouldn’t pass before the midterms. And on Friday, House lawmakers left town for the campaign trail, ending any chance of clearing the legislation ahead of November. Lawmakers have openly expressed frustration they were not able to act before the 2018 elections.
The ability to vote for local, state, and federal representatives is the cornerstone of democracy in America. With mid-term congressional elections looming in early November, many voices have raised concerns that the voting infrastructure used by states across the Union might be suspect, unreliable, or potentially vulnerable to attacks. As Congress considers measures critical to consumer rights and the functioning of technology (net neutrality, data privacy, biometric identification, and surveillance), ensuring the integrity of elections has emerged as a matter of crucial importance. On the one hand, the right to vote may not be guaranteed for many people across the country. Historically, access to the ballot has been hard fought, from the Revolution and the Civil War to the movement for civil rights that compelled the Voting Rights Act (VRA). But recent restrictions on voting rights that have proliferated since the Supreme Court struck down the VRA’s pre-clearance provisions in 2013. Coupled with procedural impediments to voting, unresolved problems continue to plague the security of the technology that many voting precincts use in elections. With mid-term elections in just two months, Secretaries of State should be pressed to do their jobs and increase security before voters cast their ballots.
National: Def Con researchers came to Washington to poke holes in voting machine security | The Washington Post
Not long ago, lawmakers might have been wary about showcasing the work of hackers who specialize in penetrating voting equipment. But on Thursday, organizers from the Def Con Voting Village — a collection of security researchers who hack election systems in hopes of making them more secure — received a warm welcome on Capitol Hill. The organizers were in town to unveil a new report identifying vulnerabilities in several widely used voting machines they tested during the Def Con hacking conference in Las Vegas over the summer, including a flaw in a vote tabulator that could allow a malicious actor to hack it remotely. They presented their findings in a meeting hosted by Rep. Jackie Speier (D-Calif.) and attended by staffers from the offices of Sen. Amy Klobuchar (D-Minn.), who is sponsoring an election security bill, and several other Democrats. The event highlights how the cybersecurity experts behind the Voting Village, which is only in its second year, are reaching beyond the niche and often apolitical community of Def Con in hopes of influencing the debate over how to secure the country’s election systems. The issue has received a wave of new attention since the 2016 election, when Russian hackers probed election administration systems in 21 states.
While Russian interference operations in the 2016 US presidential elections focused on misinformation and targeted hacking, officials have scrambled ever since to shore up the nation’s vulnerable election infrastructure. New research, though, shows they haven’t done nearly enough, particularly when it comes to voting machines. The report details vulnerabilities in seven models of voting machines and vote counters, found during the DefCon security conference’s Voting Village event. All of the models are in active use around the US, and the vulnerabilities—from weak password protections to elaborate avenues for remote access—number in the dozens. The findings also connect to larger efforts to safeguard US elections, including initiatives to expand oversight of voting machine vendors and efforts to fund state and local election security upgrades.
Dr. J. Alex Halderman inserted a memory card infected with malicious software into an electronic voting machine. It wasn’t an actual case of election hacking, but Halderman’s demonstration served a purpose: To show two members of Congress, including U.S. Rep. John Katko, what can happen if hackers gain access to voting machines. Halderman, director of the University of Michigan’s Center for Computer Security and Society, invited Katko, R-Camillus, and U.S. Rep. Mike Quigley, an Illinois Democrat, to cast votes using the Diebold AccuVote TS voting machine. Halderman programmed a mock election: A presidential race between George Washington and Benedict Arnold. There were two votes cast for Washington and one for Arnold. But the receipt printed from the voting machine revealed the effect of the malicious software. The paper showed Arnold received two votes and Washington netted one.
Two years ago, “spearphishing attacks” -emails targeted towards specific individuals with the intent to steal data for malicious purposes- flooded the inboxes of election officials in several Florida counties. This year, as Florida prepares for the general elections in November, issues around voting security have been front and center. In August, Sen. Bill Nelson claimed Russian hackers had gained access to valuable data on state voters. There has been no evidence found that Florida’s voting system was compromised in 2016, but the attempts to breach systems have led to the state receiving $19 million in federal money for election security.
Attorneys representing a group of Native Americans challenging North Dakota’s voter identification laws filed an emergency appeal to the U.S. Supreme Court Thursday, Sept. 27. This week, a federal appeals court halted part of a lower court ruling that said the state must accept IDs and supplemental documentation with a current mailing address. The appellate court said that could lead to voters casting a ballot in the wrong precinct if they use a post office box as a mailing address. The Native American Rights Fund, which represents the tribal members, said in a news release the ruling means “several thousand” qualified North Dakota voters “will be unable to vote in this year’s election simply because they do not have a residential address or because they lack the documentation and/or funds to obtain the required voter identification.”
Texas: Paper Ballots Could Ease Election-Hacking Fears, But Computers Will Always Be Part Of Counting Votes | Texas Standard
There’s a question that moves in parallel with the increased use of computerized voting machines – can your vote be hacked? It’s a question that was put to the test in the 2016 presidential election cycle, when Russia was found to be influencing voters in the election, but not the voting machines themselves. Some say the risk of vote-hacking could be reduced by using paper ballots in addition to electronic vote-counters. Hovav Shacham is a professor of computer science at the University of Texas at Austin. He has specialized in computer security and the voter security for over a decade. “I think the question we need to ask is not just how vulnerable the actual systems are, but how much confidence can voters have that their vote really is recorded and counted just as they cast it,” Shacham says.
Crystal Mason, the woman who became the poster child for voter suppression when she was sentenced to five years for casting a ballot in Texas, has gone into federal prison at the start of her ordeal. Mason, 43, surrendered voluntarily on Thursday to authorities and was taken into federal prison in Fort Worth, Texas. She left her three children behind. In her final Facebook post before she went inside, she wrote: “This fight is not over, I’m glad God choose me for this journey. I’m walking in there no tears and head hung high …” Mason’s crime was to cast a ballot in the 2016 presidential election. An African American woman, she had been encouraged by her mother to do her civic duty and vote, in her case on behalf of Hillary Clinton. When she turned up to the polling station her name was not on the register, so she cast a provisional ballot that was never counted. She did not read the small print of the form that said that anyone who has been convicted of a felony – as she had, having previously been convicted of tax fraud – was prohibited from voting under Texas law.
Wisconsin officials were praised Friday by election-security advocates for expanding the state’s use of post-election audits. The Wisconsin Elections Commission announced that it voted unanimously Tuesday to require audits in 5 percent of precincts throughout the state after every vote, beginning with the Nov. 6 general election. The decision is evidence that the clock has not run out yet on states seeking to improve their ballot-security procedures before Election Day, said representatives of Verified Voting, which advocates for paper-based voting systems and Public Citizen, a consumers’ rights group. Under Wisconsin’s new system, election officials will randomly select at least 183, or 5 percent, of the state’s 3,660 precincts to review voting equipment. The audit sample will include at least one precinct from each of the state’s 72 counties, but no more than two precincts from any single municipality.
Campaigning has started in Afghanistan for next month’s parliamentary elections amid concerns that the much-delayed vote could be postponed again due to the uncertainty over new technology. The vote for the lower house of parliament has been scheduled for October 20 – delayed by more than three years – and is seen as a test for the presidential elections that will take place in April. New government measures hope to put an end to the previous issues they have faced. With election fraud now being a criminal offence, voting stations will be placed in public buildings and monitored. Additionally, a new advanced voting system will be used.
The two major political parties in Iraq’s autonomous Kurdistan region are crying fraud after Sunday’s parliamentary election, with one saying it will refuse to accept the results. Nearly 800 candidates were vying for 111 seats. Turnout is reported to have been modest even as Iraqi Kurds try to reassert their autonomy after a crackdown from Baghdad. The Patriotic Union of Kurdistan (PUK), one of the major political parties, tells VOA it will not accept the results of Sunday’s vote. PUK spokesman Saadi Ahmed Pira charges the party’s chief political rival, the Kurdistan Democratic Party (KDP), of election fraud in two provinces under KDP control. Pira did not give specifics but said the PUK is demanding an investigation.
A referendum on changing Macedonia’s name as part of a deal that would pave the way for NATO membership won overwhelming support Sunday, but low voter turnout highlighted the hurdles that still remain for the Balkan country to join the alliance. Prime Minister Zoran Zaev had hoped for a strong show of support in the referendum on whether to accept a June deal with Greece changing the country’s name to North Macedonia. That would help him with the next step of winning parliamentary support for the required constitutional amendments.
The Maldives’ election commission on Saturday officially endorsed thevictory of the opposition candidate Ibrahim Mohamed Solih in last week’s presidential polls amid concerns that Maldives outgoing President Abdulla Yameen is trying to hold on to power. Salah Rasheed, the election commission’s secretary general, said Solih’s Maldivian Democratic Party won the polls with 58.4 percent of the ballot. Although election monitors had warned of rigging by the incumbent, Yameen could secure only 41.6 percent. Solih was backed by four opposition parties, three of which supported Yameen in a controversial 2013 runoff that the country’s first democratically elected president, Mohamed Nasheed, lost narrowly. Solih is expected to be sworn in on November 17 when Yameen’s term comes to a close.
Plans to allow online voting in next year’s councils elections have run into a wall of opposition from technology experts, who say internet voting can’t be secure. Local Government New Zealand will issue a tender for an online system that would be used in nine council elections, including in Auckland, Hamilton and Wellington, alongside postal voting. The decision to shop for an online voting system comes amid growing international concern about election interference by foreign powers in the wake of the United States 2016 presidential election and Britain’s Brexit vote. … James Valentine, chief technology officer of Wellington IT company Fronde, was among dozens of technologists who took to social media to oppose the local government plan, tweeting there were “lots of concerns” including security and ballot secrecy.