National: McAfee CTO raises concerns about election cyber security | Computer Weekly

Cyber security concerns around voting should be around the processes involved rather than just the electronic equipment used, according to Steve Grobman, senior vice-president and chief technology officer at security firm McAfee. Underlining this issue, he discussed a recent discovery by McAfee of a “big gap” in the security of the way US local jurisdictions communicate with their constituencies. Because US elections are decentralised, being run at a state and local level rather than at a federal level, with every state and locality choosing how to do things, there is very little uniformity. “We have found two big issues with the way local jurisdiction communicate with their constituencies,” said Grobman. Although these issues are US-specific, he told Computer Weekly that the issue is likely to be global given that the failings in the US are underpinned by a lack of cyber security skills, which is a challenge facing most countries around the world.

Alabama: Purge of voter rolls creates stir in Alabama congressional race | Anniston Star

Since John Merrill took office as secretary of state, Alabama has purged 658,000 voters from its rolls, Merrill said Monday. Most of those voters are dead, convicted of felonies or moved out of state, Merrill says. But one Democratic candidate for Congress says the number of purged voters is far higher than it should be. “We’re not going to take this lying down,” said Jacob Ray, campaign manager for Mallory Hagan. Hagan is running as a Democrat for Alabama’s 3rd District seat in Congress, now held by U.S. Rep. Mike Rogers, R-Saks. Last week, Hagan announced the creation of a “voter protection committee,” saying that 55,000 voters in the district had been disqualified or labeled inactive since February 2017.

Colorado: A Safe Place for Elections | State of Elections

Colorado is known for more than just picturesque mountain views and crystal-clear rivers. The Centennial State touts some of the best education, healthcare, and the best state economy in the nation. To add to this impressive list of achievements, Colorado has been christened as the safest state in the nation to host an election. Colorado’s impressive new title come from two different sources: The Washington Post and Homeland Security Secretary Kristjen Nielsen. Over the last decade, Colorado took several steps forward in election security to ensure the integrity of its elections. First, Colorado implemented a first-of-its-kind risk-limiting audit. In 2013, the Colorado legislature codified this new auditing technique (Colo. Rev. Stat. § 1-7-515 (2013)), which was required for the 2017 elections and all “primary, general, coordinated, or congressional vacancy elections thereafter.” A risk-limiting audit is a form of statistical analysis that requires officials to match certain paper ballots with the electronic voting machines’ interpretation of the ballots. This ensures that the machine read the ballot correctly.

Georgia: Thousands of voter registrations await processing in Georgia | Atlanta Journal-Constitution

More than 7,000 voter registration applications in metro Atlanta still hadn’t been processed as of Monday, nearly two weeks after the deadline to register to vote and one week since in-person early voting began.
County election officials said they expect the backlog to be cleared this week, but it takes time to review each voter registration form. New voters whose registrations haven’t been processed can cast provisional ballots that will be counted if their information is verified, or they can wait at early-voting sites for election officials to complete their registrations. Registration forms were awaiting processing Monday in Cobb, DeKalb and Fulton counties, according to ProGeorgia, a nonprofit organization focused on voter engagement and civic participation. Clayton and Gwinnett counties had processed all their voter registration forms.

Georgia: Voters Sue State So They Can Cast Ballots in Hot Governor’s Race | Bloomberg

Allegations that Georgia’s Republican-led election officials are unfairly throwing out mailed ballots over hyper-technical errors are set to go before a federal judge two weeks before Election Day. Hundreds — perhaps thousands — of ballots are being rejected because voters’ signatures don’t appear to match the ones on file, or because the voter oath is signed on the wrong line, two lawsuits claim. And would-be voters don’t get a chance to fix the errors or provide explanations, they say. The practice adopted by Georgia Secretary of State Brian Kemp has a lopsided impact on likely Democratic voters, according to the lawsuits — an allegation that carries extra significance because Kemp, a Republican, is running for governor on Nov. 6 in one of the nation’s most-watched races.

Minnesota: Cyber Security Experts say 2-Factor Authentication Crucial To Election Security | KSTP

Cyber security election experts say some Minnesota counties are not doing enough to protect their systems from hackers. A simple security measure of two-factor authentication used to protect emails, bank accounts and social media pages could help safeguard county computers from potential hacker stealing login information. Those experts say this is so important because this closely watched mid-term election is a prime target for hackers trying to disrupt the democratic process at all levels. “In 2016, we saw similar attacks and attempts to steal information log-in credentials and (that) might be valuable to someone who wants to influence the election,” said Reed Southard, a Harvard University researcher.

New Hampshire: Judge blocks SB 3 voting law, saying it imposes ‘unreasonable, discriminatory’ burdens | WBUR

The state has been blocked from using new voter registration forms and affidavits set out in the controversial 2017 law known as Senate Bill 3 in the upcoming election by a court ruling that called the law burdensome, confusing and likely to create long lines at voting places. Superior Court Judge Kenneth Brown on Monday issued a preliminary injunction halting the state from moving forward with the provisions of the law, which was challenged shortly after it was signed last year by Gov. Chris Sununu. Brown ruled that “the burdens imposed by SB 3 are unreasonable and discriminatory.” The ruling, which was issued 15 days before the midterm election, was in favor of the plaintiffs: the League of Women Voters, the New Hampshire Democratic Party and several voters. The court said the plaintiffs are likely to succeed on the merits after a full-blown trial, which is expected to be held next year.

New Jersey: Is your vote safe? Just 1 New Jersey county can back it up on paper | Asbury Park Press

Nearly all of New Jersey’s 11,000 voting machines are vulnerable to election hacking that could change the outcome of elections across the state, but that is not the worst part of the nightmare scenario feared by security experts. Because the computer-drive voting machines are paperless, no one would know for certain if votes had been changed, the experts say. A USA TODAY NETWORK New Jersey review found that election officials in all counties test the machines for a host of technical issues — do the voting machines turn on, do they correctly count test votes, for example — but there is no independent test that deems them hack-proof. The Network asked for simple proof that the machines were digitally secure: Did independent security experts certify the hardware and software as secure, much the same way a bank or business ensures its money transactions are protected from outsiders?

North Carolina: Court ruling in elections board case before 2018 midterms | News & Observer

The government board that oversees elections in North Carolina is unconstitutional, a panel of judges ruled on Tuesday — just weeks before Election Day in the 2018 midterms, and only a day before the start of early voting throughout the state. However, the judges recognized the timing and ruled that the N.C. Board of Elections and Ethics Enforcement can continue operating as-is, until after the elections are over and the votes are counted. The laws struck down as unconstitutional were put in place by the Republican-led General Assembly in 2017 and 2018 and limited the authority of Democratic Gov. Roy Cooper. The laws were passed to replace previous legislation passed in December 2016, a month after Cooper won the election, that was also struck down as unconstitutional. Prior to the legislative changes that have now been struck down, the governor’s political party was given a majority on the board.

South Carolina: Richland County says election running smoothly after equipment malfunction | WLTX

The Director of Richland County elections is telling voters not to worry after an electronic malfunction caused headaches earlier this month. As absentee votes are cast this month, they’re being cast on new personal electronic ballot (PEB) cards after a technical issue required all the cards to be replaced. Richland County Elections Director Rokey Suleman explained the problem. “We noticed a situation where we were putting our personal electronic ballots into the machines to activate the machines and the machines were shutting down,” Suleman explained on Monday. The cards tell the machines what elections to pull up for voters. Suleman said they are programed ahead of time and then inserted into the machines before elections. After discovering the issue, Richland County staff worked with the vendors for a few days to try and find a solution to the software issue.

Verified Voting in the News: The Campaign for Mobile-Phone Voting Is Getting a Midterm Test | The New Yorker

Bradley Tusk has a plan to fix American democracy. A former high-level staffer for Chuck Schumer and Michael Bloomberg, among others, Tusk has recently been using his political wits to help tech companies sidestep red tape and clear regulatory hurdles. As he recounts in his new book, “The Fixer: My Adventures Saving Startups from Death by Politics,” Tusk has—for better or for worse—convinced authorities across the country to let Uber operate in their cities, figured out how to get the San Jose City Council to allow on-demand home delivery for marijuana, and toppled regulations banning the sale of online homeowners and renters’ insurance. When Uber, the first tech client of his fledgling consulting firm, didn’t have enough cash to pay him, Tusk took half his compensation in equity. As a consequence, he said, “I just got more money than I ever expected to have.” …  On its face, voting by phone makes sense. Nearly ninety-five per cent of American adults own mobile phones, and rely on them for all sorts of secure transactions. Using them to cast a ballot would seem to be a natural extension, and one that removes many of the impediments that discourage people from voting, such as inconveniently located polling places, limited hours, and long lines. A survey of 3,649 voting-age Americans in 2016 found that about forty per cent would choose the option of Internet voting if it were offered. (Voting by phone app is a variant of Internet voting, since ballots are transmitted over the Internet.) But implementing a working system is not as simple as it may appear.

Afghanistan: Parliamentary Elections Marred by Technical Troubles and Insecurity | The Diplomat

On October 20, Afghanistan held its long overdue parliamentary elections. Delayed since 2015, the polls were only the third since the ousting of the extremist Islamist Taliban regime in the wake of the 9/11 attacks in 2001. While voter turnout in Kabul and other cities was reportedly high, the election was spoiled by technical and organizational problems at some of the 4,900 polling stations across the country. Contrary to large populations centers, where security was – for Afghan standards – relatively good, insurgent attacks severely hampered, if not prevented, voting in some more remote areas. These disruptions open the door even further for – justified or not – criticism of the results (preliminary results are scheduled to be announced on November 10). The Diplomat visited two polling centers in Kabul’s Shahr-i Naw, a neighborhood in the center of the Afghan capital only a few minutes’ walk away from heavily guarded ministries and embassies. Both opened as scheduled on the morning of October 20. Voters arrived alone or in small groups and entered the stations, which were – like many around the country – located in mosques guarded by a number of police officers. Across Afghanistan, reportedly 70,000 government forces were deployed to ensure the security of the elections.

Brazil: Authorities admit fake news struggle | ZDNet

Brazil’s Supreme Electoral Court (TSE) has conceded that it is struggling to deal with the overwhelming wave of fake news created and disseminated around the country’s presidential elections. In a press conference that took place yesterday (22) following the emergence of a WhatsApp mass messaging scandal involving leading presidential candidate Jair Bolsonaro , TSE minister Justice Rosa Weber said there was no failure regarding Brazil’s electoral justice around dealing with disinformation, but later admitted there is a problem. “We all know fake news is a worldwide phenomenon, which calls for reflection. We would like to have an immediate and effective solution, but we don’t,” Weber told journalists. “Whoever has the solution to fight disinformation, please show it to us. We haven’t discovered a miracle,” she added.

Cameroon: Paul Biya Gives a Master Class in Fake Democracy | Foreign Policy

It’s no accident that Paul Biya is the second-longest-ruling head of state in the world who isn’t a monarch. Nor that Cameroon’s constitutional council confirmed today that Biya, who has been in power for 36 years, has won a seventh term in office and is set to lead the country until 2025. By any objective standard, the Cameroonian election on Oct. 7 was a farce, according to outside observers. Voter turnout was marked by apathy, and in some regions, outright fear, with credible sources saying that less than 1 percent of voters cast ballots in some areas. In the country’s English-speaking regions, harsh crackdowns on an emerging secessionist movement kept many polling stations closed and left others mostly attended by soldiers. But the country’s state media want you to know that the elections went just fine, and they can cite “outside monitors” to prove it.

Canada: Voting times extended in several Ontario municipalities due to online voting glitches | Global News

Several municipalities in Ontario are extending online and in-person voting times after problems with their online voting systems. The glitch affected several municipalities that use the Dominion Voting System, which struggled to process the traffic on its website, according to Kingston city officials. “The City of Kingston is one of a number of municipalities that have been affected by online voting issues. Internet voting became inaccessible at approximately 5:45 p.m. this evening,” read a public notice from the City of Kingston, which added that in-person voting times would be extended by an hour and 15 minutes to 9:15 p.m.

Poland: Warsaw’s Mayoral Election and the Future of Populism | The Atlantic

On a chilly Friday evening in Poland’s capital, the mayoral candidate Patryk Jaki took the stage in Praga Park to make a final pitch to voters. The location had symbolic resonance: Warsaw’s Praga district is home to many low-income residents who feel stigmatized and left behind by their increasingly prosperous and cosmopolitan city. This, in turn, helps makes it friendly territory for Jaki’s Law and Justice (PiS), the right-wing Euroskeptic populist party currently in control of Poland. “People from the town hall keep humiliating and spitting on us,” Jaki said, as his supporters chanted to drown out a small group of protesters. “They don’t want us to take over the town hall, because they’re afraid of what we’ll find there.”

Editorials: America’s Elections Could Be Hacked. Go Vote Anyway. | The New York Times

Will November’s election be hacked? A quick sampling of news stories over the past couple of years offers little comfort. In the months before the 2016 presidential election, Russian hackers tried to infiltrate voting systems in dozens of states. They succeeded in at least one, gaining access to tens of thousands of voter-registration records in Illinois. In April, the nation’s top voting-machine manufacturer told Senator Ron Wyden, of Oregon, that it had installed remote-access software on election-management systems that it sold from 2000 to 2006. Senator Wyden called it “the worst decision for security short of leaving ballot boxes on a Moscow street corner.” At a hacking convention last summer, an 11-year-old boy broke into a replica of Florida’s state election website and altered the vote totals recorded there. It took him less than 10 minutes. All along, the nation’s top intelligence and law-enforcement officials have been sounding the alarm, warning that Russia is engaged in a “24-7 365-days-a-year” effort to disrupt the upcoming midterm elections and imploring Congress and the White House to take more decisive action.

National: Here’s How Russia May Have Already Hacked the 2018 Midterm Elections | Newsweek

It’s not easy to get in to see Diane Ellis-Marseglia, one of three commissioners who run Bucks County, Pennsylvania. Security is tight at the Government Administration Building on 55 East Court Street in Doylestown, a three-story brick structure with no windows, where she has an office. It also happens to be where officials retreat on election night to tally the votes recorded on the county’s 900 or so voting machines. Guards at the door X-ray bags and scan each visitor with a wand.Unfortunately, Russian hackers won’t need to come calling on Election Day. Cyberexperts warn that they could use more sophisticated means of changing the outcomes of close races or sowing confusion in an effort to throw the U.S. elections into disrepute. The 2018 midterms offer a compelling target: a patchwork of 3,000 or so county governments that administer elections, often on a shoestring budget, many of them with outdated electronic voting machines vulnerable to manipulation. With Democrats on track to take control of the U.S. House of Representatives and perhaps even the Senate, the ­political stakes are high. … The U.S. certainly hasn’t forced the Russians to look hard for places to strike. The midterm elections are rich in targets. Bucks County is ­hardly unique in relying on easily hacked voting machines, whose results could determine control of Congress or individual states. About 30 percent of America’s voting machines are as outdated and nearly unprotected as those in Bucks County, says Marian Schneider, a former Pennsylvania deputy secretary for elections and administration and now president of Verified Voting, a national election-­integrity advocacy group. Ballotpedia, a nonprofit website that tracks elections, lists nearly 400 congressional and top state official races this November as competitive enough to be considered battleground contests.

National: State election chiefs oversee vote while seeking higher office | McClatchy

In three states, the referee for the midterm elections is also on the field as a player. Elected secretaries of state in Georgia and Kansas — who in their official capacities oversee the elections in their states — are running for governor. Ohio’s secretary of state is running for lieutenant governor. All are Republicans. They have faced scattered calls to resign but have refused to do so. Election reformers say the situation underscores the conflict of interest when an official has responsibilities for an election while also running as a candidate. “There is just too much of a temptation if a political party is in a position to run the mechanics of an election to try to tilt it, and it’s a temptation we ought not to encourage,” said former U.S. Rep. Lee Hamilton, an Indiana Democrat who spent 34 years on Capitol Hill. “This is not nuclear physics.” While the three secretaries of state are Republican, concerns about inappropriate actions by partisans who hold the office transcend parties. An independent counsel earlier this month began investigating Kentucky’s Democratic secretary of state, Alison Lundergan Grimes, over allegations that her office accessed voter registration data to check the party affiliation of job applicants. Grimes may seek higher office next year.

National: Thousands in U.S. South may not be able to cast ballots in early voting | Reuters

Thousands of voters in Tennessee were at risk of being blocked from casting regular ballots when early voting opened this week, as officials struggled to process a surge of new registrations ahead of Nov. 6 elections to determine control of the U.S. Congress. The delay disproportionately affected the area around Memphis, a majority African-American city, leading activists to charge the Republican-controlled state government has not done enough to protect the rights of young and minority voters. State officials, however, said they were simply struggling to keep up with a surge in paperwork ahead of Election Day. But young and minority voters could very well tip the U.S. Senate election between Democratic former governor Phil Bredesen and Republican U.S. Representative Marsha Blackburn.

National: Security officials warn of foreign attempts to influence US election | USA Today

Foreign governments continue to try to influence U.S. elections, the director of national intelligence warned Friday in a joint statement from agencies, including the FBI and Justice Department. A Russian national was charged Friday in Virginia with allegedly trying to interfere with the 2018 election, authorities said. Elena Alekseevna Khusyaynova, 44, of St. Petersburg, Russia, was charged with playing a central role in Project Lakhta, which had an operating budget of $10 million from January through June, to provide “information warfare against the United States,” according to the indictment. But a top Department of Homeland Security official said Friday he isn’t aware of any hacking attempts against U.S. election systems this year, as happened in 2016. The continuing threat from Russia, China, Iran and others is to influence U.S. elections through misinformation, he said.

National: States Step Up Election Cybersecurity as Federal Efforts Stall | Bloomberg

States have taken it upon themselves to bolster cyber defenses for the midterm elections instead of waiting for Congress to act. “Cybersecurity is now our focus, it’s what keeps many of us as secretaries of states and local officials up at night,” said Jim Condos, president of the National Association of Secretaries of State and Vermont Secretary of State. Hacks of states’ voter registration systems, voting machines or vote reporting systems could lead to rigged vote counts, confusion at polling booths and public distrust of results, according to interviews with voting advocacy groups, former and current Department of Homeland Security officials, and state election officials. Two dozen states lack several of the strongest measures that could protect them against cyber attacks: mandating voting machines that leave a paper trail and requirements for a post-election audit to check for accuracy of the system.

National: Midterms: how the votes of vulnerable groups are being suppressed | The Guardian

With just over a month before the crucial midterm elections, Americans in some states will return to the polls two years after the election of Donald Trump to face new laws that could make it harder to vote. Since a landmark supreme court ruling in 2013, which repealed key provisions of the 1965 Voting Rights Act, over a dozen states, mostly Republican controlled, have imposed a swathe of laws that critics argue are intended to suppress the franchise among often vulnerable, Democratic leaning, groups. The measures range from complex voter ID laws to restrictive voter registration procedures as well as efforts to cut back on polling places and bids to exclude more former felons from casting a ballot.

National: Twitter Releases Tweets Showing Russian, Iranian Attempts to Influence US Politics | VoA News

On Wednesday, Twitter released a collection of more than 10 million tweets related to thousands of accounts affiliated with Russia’s Internet Research Agency propaganda organization, as well as hundreds more troll accounts, including many based in Iran. The data, analyzed and released in a report by The Atlantic Council’s Digital Forensic Research Lab, are made up of 3,841 accounts affiliated with the Russia-based Internet Research Agency, 770 other accounts potentially based in Iran as well as 10 million tweets and more than 2 million images, videos and other media. Russian trolls targeting U.S. politics took on personas from both the left and the right. Their primary goal appears to have been to sow discord, rather than promote any particular side, presumably with a goal of weakening the United States, the report said.

National: Security Seals Used to Protect Voting Machines Can Be Easily Opened With Shim Crafted from a Soda Can | Motherboard

Voting machine vendors and election officials have long insisted that no one can manipulate voting machines and ballots because tamper-evident seals used to secure them would prevent intruders from doing so without anyone noticing. But a security researcher in Michigan has shown in videos how he can defeat plastic security ties that counties across his state use to protect ballot bags, the cases that store voting machines and the ports that store the memory cards on optical-scan machines—electronic voting machines that record paper ballots scanned into them. He can do so without leaving evidence of tampering. If an intruder obtains physical access to the machines and this port, it’s possible to alter software in the machines using a rogue memory card—something that security researchers at Princeton University demonstrated in the past is possible. Matt Bernhard, a grad student at the University of Michigan and voting machine security expert, posted two videos online last week showing how he can open different types of plastic tamper-evident ties used in Michigan in just seconds, using a shim crafted from an aluminum Dr. Pepper can. By simply curling a small piece of the aluminum around a plastic zip tie and slipping it into the channel that encases the tie, he’s able to open the security device and re-close it, while leaving no marks or damage to indicate it was manipulated. He demonstrated the technique on smooth plastic ties as well as zip ties.

National: Justice Dept. charges Russian woman with interference in midterm elections | The Washington Post

The Justice Department announced Friday it had charged a Russian woman who prosecutors say conspired to interfere with the 2018 U.S. election, marking the first criminal case that accuses a foreign national of interfering in the upcoming midterms. Elena Khusyaynova, 44, was charged with conspiracy to defraud the United States. Prosecutors said she managed the finances of “Project Lakhta,” a foreign influence operation they said was designed “to sow discord in the U.S. political system” by pushing arguments and misinformation online about a host of divisive political issues, including immigration, the Confederate flag, gun control and National Football League protests during the national anthem. The charges against Khusyaynova came just as the Office of the Director of National Intelligence warned that it was concerned about “ongoing campaigns” by Russia, China and Iran to interfere with the upcoming midterm elections and the 2020 race — an ominous message just weeks before voters head to the polls.

Editorials: Voting Rights on Life Support in the Age of Trump | Andrew Cohen/Washington Spectator

Two events occurred in 2008 that help explain why we live today in a new age of voter suppression. Everyone talks about the second occurrence, the election of Barack Obama in November and the wave of explicit white racism that followed it, when explaining why so many Republican officials now are so eager deny their fellow citizens the ability to vote. Too few people ever talk about the first event that occurred in 2008 that led us to today’s desperate fight for voting rights: the Supreme Court’s decision in Crawford v. Marion County that upheld Indiana’s voter ID law. The Crawford decision was wrong the day it was decided. Wrong because it validated state lawmakers who had ginned up onerous new voting restrictions without offering any credible evidence that such restrictions were necessary. Wrong because widespread in-person voter fraud, then and now, is a myth fabricated by conservative ideologues who seek to use it as justification to disenfranchise millions of poor, elderly, or minority voters. Wrong, according to 7th U.S. Circuit Court Judge Richard Posner, the Reagan-nominated judge who wrote the appellate decision the Supreme Court upheld in Crawford. To his credit, Judge Posner determined years ago that he had made a terrible mistake and wasn’t afraid to say so.

Florida: Extended early voting, but no fax or email ballots for storm-ravaged counties | Florida Politics

Bay, Calhoun, Franklin, Gadsden, Gulf, Jackson, Liberty, and Washington counties are all still facing existential challenges regarding recovery from Hurricane Michael. On Thursday, Gov. Rick Scott rolled out an Executive Order outlining the way forward. Supervisors of elections in the affected counties can extend early voting, beginning next Monday. Poll watchers have until Oct. 26 to register, and vote-by-mail ballots can be forwarded to different addresses, an accommodation for displaced voters. The media release does rule out voting by fax or email. “In the hardest hit areas, communication via phone, fax and email remains challenging and would be an unreliable method for returning ballots. Additionally, past attempts by other states to allow voters impacted by natural disasters to fax or email ballots have been rife with issues.”