Brazil: Newspaper asks for probe of threats to election reporter | Associated Press

Brazil’s biggest newspaper said Wednesday that it has asked federal police to investigate threats against a journalist whose story alleged backers of the front-running presidential candidate bankrolled a fake news campaign. The request comes amid an increasingly heated atmosphere ahead of Sunday’s runoff between far-right candidate Jair Bolsonaro, who leads in opinion polls, and his leftist opponent, Fernando Haddad. The newspaper Folha de S. Paulo last week ran a report by Patricia Campos Mello saying businessmen linked to right-wing candidate Jair Bolsonaro had paid to spread fake news on the WhatsApp messaging service to benefit his candidacy. It said a blast message campaign also was planned for this week. Bolsonaro denied the report. Haddad called on Brazil’s electoral court to investigate.

Canada: Election night glitch points to the ‘wild west’ of online voting, says cybersecurity expert | Ottawa Citizen

Online voters in 51 Ontario municipalities had either a few more hours or an extra day to vote after a 90-minute computer portal slowdown on election night. Affected municipalities in Eastern Ontario included Renfrew, Laurentian Valley, Pembroke, Petawawa, Whitewater, Belleville and Kingston — all clients of Colorado-based Dominion Voting. Dominion is one of four companies that supplied Ontario municipalities with services in this municipal election. On Monday night, Dominion posted a statement saying the glitch was the result of a Toronto co-location provider that placed an unauthorized limit on incoming voting traffic of about one-tenth of the system’s designated bandwidth. The company was unaware of the glitch until it was alerted by the municipalities that are its customers. In those 90 minutes, voters experienced slow response time and system timeouts. This points to problems with the “wild west” of online voting in Canada, said a cybersecurity expert.

Congo: As Congo rolls toward election, voting machines a flashpoint | Associated Press

A deadly Ebola outbreak grows. Rebels kill civilians in the streets. And yet the arrival of voting machines in this troubled corner of Congo has some especially worried as a long-delayed presidential election promises further upheaval. The machines now arriving by the thousands in this Central African nation are of such concern that the U.N. Security Council has come calling, the United States has issued warnings and opposition supporters on Friday plan a national protest. As Congo faces what could be its first peaceful, democratic transfer of power, fears are high that the more than 100,000 voting machines will be ripe for manipulation. They also could pose a technical nightmare in a sprawling nation of more than 40 million voters where infrastructure is dodgy — just 9 percent of Congo has electricity — and dozens of rebel groups are active. “We cannot accept people inventing stories that trample our constitution,” said Clovis Mutsuva, a Beni resident with the LUCHA activist organization, which has tweaked the French term “machines a voter” into “machines a voler,” or “machines to steal.”

Mozambique: Opposition party suspends peace process over election dispute | AFP

The main opposition party in Mozambique, the Democratic Renewal of Mozambique also called Renamo, has announced suspension of its participation in peace negotiations initiated by the government to end recurrent violence in the country. Spokesman for Renamo, Andre Magibire said the party will now concentrate on electoral conflict. The moves follows several weeks of threat by the opposition and comes after the publication of local election results held on October 10. The results had announced the Frelimo ruling party as having won forty four municipalities, a decision contested by the opposition party which has also denounced fraud.

United Kingdom: Pencil and paper voting has thwarted Russian meddling – minister | The Guardian

It is “undoubtedly true” that there have been efforts by the Russian state to influence British elections, the culture secretary has told a committee of MPs, but the government has not seen evidence that those attempts have been successful. Speaking to the digital, culture, media and sport (DCMS) select committee, Jeremy Wright, the secretary of state at the department, said that the UK was defended against direct electoral interference by the simple fact that the UK uses pencils and paper to vote. “There are two types [of interference] you might attempt: one is with the process of the election itself, in other words, influencing the outcome of the election by means of interfering with voting machines etc, but we can’t do that here, we don’t have voting machines of that kind.

National: Voting machines are totally hackable. But who’s going to pay to fix them? | NPR

The midterm elections are here. Early voting is already happening in some places. We’re spending the rest of the week on election security and technology, starting with voting machines. Candice Hoke, founding co-director of the Center for Cybersecurity and Privacy Protection at the Cleveland-Marshall College of Law, believes insecure voting machines are the biggest security threat to the midterm elections. And they’re definitely insecure. Last summer at the DefCon hacking conference, security experts hacked and whacked at a variety of voting machines and came away saying the machines were hopelessly vulnerable to even the most basic hacking, like the kind where the default password is still “password.” And lots of them don’t even create paper receipts to ensure the votes were counted correctly. “We have not required voting systems vendors to operate under the same kinds of rules as, say, pharmaceuticals as to the safe and effectiveness of their products,” Hoke said. “So safety, privacy, auditability, transparency, whatever word you want to use, these are all marketing terms in the voting systems arena rather than reflective of some kind of standards that are actually being enforced.”

National: Paper and the Case for Going Low-Tech in the Voting Booth | WIRED

In September 2017, barely two months before Virginians went to the polls to pick a new governor, the state’s board of elections convened an emergency session. The crisis at hand? Touchscreen voting machines. They’d been bought back in the early aughts, when districts across the country, desperate to avoid a repeat of the 2000 “hanging chads” fiasco, decided to go digital. But the new machines were a nightmare, prone to crashes and—worse—hacking. By 2015, Virginia had banned one of the dodgiest models, but others were still in use across the state. Now, with the gubernatorial election looming, officials were concerned that those leftover machines were vulnerable.

They had good reason. Evidence of Russian interference in the US democratic process was mounting. And at the DefCon security conference that summer, whitehat hackers had broken into every electronic voting machine they tried, some in a matter of minutes. (One model had as its hard-coded password “abcde.”) “That really triggered us to action,” recalls Edgardo Cortés, at the time Virginia’s top elections official. So, at the emergency session, he and his colleagues instituted a blanket ban on touchscreen machines. But what next? Virginia officials needed a superior voting technology. They settled on paper. When considered as a form of tech, paper has a killer feature set: It’s intuitive, it doesn’t crash, and it doesn’t need a power source. You can tally ballots rapidly using low-tech scanners, and if it’s necessary to double-check the results (as was the case with several down-ticket contests in Virginia), you can do a manual recount. Paper isn’t perfect, but it’s better than the alternative.

National: Officials prepare for potential false claims of election interference | The Hill

State and federal officials say they are well prepared for the possibility of a cyberattack on American election systems Nov. 6, but experts warn that even a false claim of interference by foreign actors on Election Day could undermine the public’s faith in the voting process. The top cyber official at the Department of Homeland Security (DHS) said it’s a very real possibility that groups will announce they successfully hacked certain election results. That would require swift action from federal authorities to decisively refute any unsubstantiated declarations of election meddling, analysts say. “I could absolutely envision a scenario where someone claims to have had access or claims to have hacked” an election, Christopher Krebs, the undersecretary of the National Protection and Programs Directorate (NPPD), told reporters last week.

National: New study scrutinizes time and effort it takes to vote in each state |

Wide variations among the 50 states when it comes to the ease of casting a ballot are impacting the quality of democracy in the United States, a new study shows. Forget voter fraud. States are influencing who votes by making it easier or harder to cast a ballot, and that’s likely shaping election results, said study lead author Scot Schraufnagel, chair of the Department of Political Science at Northern Illinois University. He worked on the study with co-authors Michael J. Pomante II and Quan Li. Pomante II earned his doctorate from NIU in 2016 and works as a professor at Jacksonville University in Florida, while Li is a professor at Wuhan University in China. They created a “Cost of Voting Index”—using what is described in the study as “the largest assemblage of state election laws”—to rank each state according to the time and effort it took to vote in each presidential election year from 1996 through 2016. They analyzed the impact of 33 different variables dealing with registration and voting laws, with differences in registration deadlines carrying the most weight.

National: U.S. Begins First Cyberoperation Against Russia Aimed at Protecting Elections | The New York Times

The United States Cyber Command is targeting individual Russian operatives to try to deter them from spreading disinformation to interfere in elections, telling them that American operatives have identified them and are tracking their work, according to officials briefed on the operation. The campaign, which includes missions undertaken in recent days, is the first known overseas cyberoperation to protect American elections, including the November midterms. The operations come as the Justice Department outlined on Friday a campaign of “information warfare” by Russians aimed at influencing the midterm elections, highlighting the broad threat the American government sees from Moscow’s influence campaign.

National: Google steps up security efforts as most campaigns use its email services | The Washington Post

Google has been stepping up its efforts to protect political campaigns against phishing attacks — one of the most pressing threats facing candidates as hackers continue to target them via email. U.S. political campaigns overwhelmingly use Google as their email provider, according to data collected by anti-phishing start-up Area1 Security. Of the 1,460 candidates the company is tracking who are running for the Senate, House of Representatives or governor, 65 percent use Google as their email provider. The 2018 midterms will be the first test of the security measures Google and other tech companies have adopted since Russian hackers successfully spear phished Hillary Clinton campaign chair John Podesta. Hackers stole more than 50,000 of his emails after a click on a “change password” button on an email disguised as a security alert from Google.

Editorials: Voter-Suppression Tactics in the Age of Trump | Jelani Cobb/The New Yorker

Decades ago, amid the most overt privations of Jim Crow, African-Americans used to tell a joke about a black Harvard professor who moves to the Deep South and tries to register to vote. A white clerk tells him that he will first have to read aloud a paragraph from the Constitution. When he easily does so, the clerk says that he will also have to read and translate a section written in Spanish. Again he complies. The clerk then demands that he read sections in French, German, and Russian, all of which he happens to speak fluently. Finally, the clerk shows him a passage in Arabic. The professor looks at it and says, “My Arabic is rusty, but I believe this translates to ‘Negroes cannot vote in this county.’ ” Old jokes have lately been finding renewed salience. Literacy tests, poll taxes, and grandfather clauses, once the most common mechanisms for disadvantaging minority voters, have been consigned to the history books, but one need look no further than the governor’s race in Georgia to see their modern equivalents in action. 

Editorials: Is the Assault on Voting Rights Getting Worse, or Are We Just Noticing It More? | Richard Hasen/

Over the weekend, President Donald Trump threatened prosecutions against nonexistent voter fraud, a message likely aimed at intimidating voters and stopping some from voting. With Trump’s heightened rhetoric and a seemingly increasing number of stories about voter suppression around the country, it is worth asking: Has voter suppression actually gotten worse in the 2018 midterm election season? Or are we just hearing about it more thanks to the hyperpolarized political environment? The truth depends on which state you are talking about. In many parts of the U.S., even in many Republican states, registering to vote and voting is becoming easier. But in some key Republican states, Supreme Court decisions have allowed states to put up new hurdles for voting. Just ask Native Americans in North Dakota, black voters in Georgia, or Latinos in Dodge City, Kansas. Whether or not these hurdles actually affect election outcomes, they are outrageous, unjustified, and a drain on state resources.

California: FBI investigating cyberattacks targeting California Democrat: report | The Hill

The FBI has opened up an investigation into cyberattacks that targeted a California Democrat who eventually lost a tight House primary race earlier this year, according to Rolling Stone, citing a source close to the campaign. The inquiry centers on distributed denial of service (DDoS) attacks against the campaign website for Bryan Caforio, who finished third in the June primary. He was running in California’s 25th Congressional District, which is represented by Republican Rep. Steve Knight and is considered a seat that Democrats could flip in November. The attacks involved creating artificially heavy traffic on his website that forced the hosting company to block access to four times before the primary, including during a crucial debate and in the week before the primary. No website data was accessed from the site during the attacks.

Missouri: Judge clarifies voter ID ruling ahead of key Senate contest | PBS

A Missouri judge on Tuesday made clear that local election workers cannot enforce a core requirement in a new voter photo identification law, taking away the teeth of the law in advance of a marquee U.S. Senate election on Nov. 6. At issue is a new law that had directed voters to present a valid photo ID or sign a sworn statement and present some other form of identification in order to cast a regular ballot. Senior Cole County Circuit Judge Richard Callahan earlier this month struck down the requirement that voters without proper photo ID sign a sworn statement. But Republican Secretary of State Jay Ashcroft, who supports a photo ID law, said the ruling caused “mass confusion” just weeks before the pivotal election between Democratic Sen. Claire McCaskill and her Republican rival, Attorney General Josh Hawley.

New Hampshire: ‘It’s a poll tax’: how New Hampshire became a battlefield for voting rights | The Guardian

Among the symmetrically mown lawns and grand homes of suburban New Hampshire, Garrett Muscatel was knocking on doors to talk about a subject that took many by surprise: voter suppression. At just 20 years old, this student at Dartmouth College is vying to become the youngest member of the state’s 400-person house of representatives in November’s midterm elections. But, so he told potential voters in this precinct, what is at stake was not just the beginning of his political career but the future of democracy in the Granite state. “Hi, my name is Garrett,” he told one woman in her 60s, tending to her barking dog. “I’m a student here at Dartmouth and I’m running for office. Did you know much about laws Republicans have passed that make it harder for people like me to vote?” She hadn’t heard much. But agreed that turning up to vote, even in a heavily Democratic precinct like this one, was important in the Trump era.

North Dakota: Voter ID Law Could Keep Rural Native Americans From Voting | WBUR

The Supreme Court declined this month to overturn a North Dakota law that requires voters to present an ID listing their residential address at the polls. The decision could have a negative impact on tens of thousands of rural voters — many of them Native Americans who live on one of the states five reservations, where residents are not required to have a street address. Native Americans have long faced unique challenges relating to voter suppression. They were the last to gain suffrage in 1924 and couldn’t vote in states like Arizona, New Mexico and Utah until 1948.

Texas: Students sue Waller County, allege voting rights violations | Associated Press

A group of students from a historically black university have filed a lawsuit alleging a southeast Texas county is suppressing the voting rights of its black residents. In a lawsuit filed in federal court in Houston on Monday, five Prairie View A&M University students allege Waller County election officials are violating the civil rights of black students and residents in Prairie View — which is predominantly African-American — by not providing any early voting locations on campus or anywhere in the city during the first week of early voting, which started Monday. In the second week of early voting, the county is providing five days in Prairie View, but two of them are off-campus and at a site that is not easily accessible to many students who lack transportation, according to the lawsuit.

Vermont: Secretary Of State: Hacking Attempt ‘That Said Russian Federation’ Raised Concerns | WBUR

The Vermont Secretary of State told On Point that in late August hackers used three different methods to attempt to access Vermont’s online voter registration database. One of the attempts came from Russia. “We experienced scans,” Vermont Secretary of State Jim Condos said. “Our logs of the system showed where they were coming from. The one that raised our attention, if you want to call it, was the one that said ‘Russian Federation,’ and we forwarded that on to Department of Homeland Security.” None of the attacks were successful. The attempts were first reported by NBC News. Condos revealed the Russian attempt to On Point. The Department of Homeland Security said in an intelligence assessment obtained by NBC News that it’s aware of growing “cyberactivity targeting election infrastructure in 2018. … Numerous actors are regularly targeting election infrastructure, likely for different purposes, including to cause disruptive effects, steal sensitive data and undermine confidence in the election.”

Afghanistan: Officials vow to probe chaotic legislative vote | AFP

Embattled Afghan election officials on Monday vowed to investigate the mishandling of the weekend’s problem-plagued legislative ballot, as voters prepare to wait weeks for the results. Initial figures show around four million voted in the long-delayed election that was extended by a day after many polling centres opened late or not at all due to glitches with biometric verification devices and missing or incomplete voter rolls. That is less than half of the nearly nine million voters who had registered to participate in the parliamentary election, though many suspect that a significant number of those were based on fake identification documents that fraudsters hoped to use to stuff ballot boxes. The turnout figure does not include those who voted on Sunday, the Independent Election Commission (IEC) said.

Australia: ​Electoral Commission seeks advice on overhauling 30-year-old systems | ZDNet

The Australian Electoral Commission (AEC) wants to overhaul its election systems, but it doesn’t exactly know how such overhaul will look, or what it will comprise of. The AEC published a request for information (RFI) this week, seeking specifically “innovative” ideas and approaches to designing and delivering an Election Systems Modernisation Program, asking the market for guidance on everything from procurement constraints to the end result. The core software platforms currently in place at the AEC have been in use for almost 30 years, the RFI revealed, with the AEC’s systems environment consisting of approximately 93 systems and supporting sub-systems. The 90-plus systems deliver services to citizens and political parties, support the work of the AEC, and provide integration and interface services, the AEC explained.

Canada: Online voting causes headaches in 51 Ontario cities and towns | The Toronto Star

Glitches with a private online voting company impacted local elections in 51 cities and towns across the province on election day, causing at least six to extend voting hours until Tuesday in an example one expert says highlights the wild west of internet voting. Dominion Voting blamed the “slow traffic” that voters experienced just after 6 p.m. Monday on a third-party Toronto-based data centre placing an “unauthorized limit on incoming voting traffic,” in a press release sent to affected municipalities. … Aleksander Essex, an assistant professor of software engineering at Western University, in London, Ont., said Dominion Voting is essentially “blaming it on their subcontractor,” adding it’s not clear why the entire website appeared to shut down temporarily. But the incident highlights bigger concerns with online voting, the use of which has been steadily growing in Ontario.  “Wild west is exactly the term I’ve been using,” he said. “It absolutely is dangerous for democracy.”

Congo: Controversial voting machines start arriving | Reuters

Congo’s deputy prime minister said on Saturday that tablet-like voting machines for December’s election had been made to order and will finish arriving this month, despite suspicions by diplomats and the opposition that they may enable fraud. President Joseph Kabila is due to step down after 17 years in power after a long-delayed vote scheduled for Dec. 23 to choose his successor. The election, which was meant to happen before Kabila’s mandate expired in 2016, had been delayed for so long that many doubted it would happen. If it goes ahead, it will be Democratic Republic of Congo’s first peaceful transition of power since independence from Belgium in 1960. This year, crucial milestones of the calendar — such as candidate registration — have been passed on time.

National: Blockchain Might Make Voting Worse — Not Better: Crypto Researchers | CCN

Three researchers with the Initiative for CryptoCurrencies and Contracts (IC3) are questioning whether, as some proponents claim, blockchain technology will be able to change the internet voting sector for the better. In an article published by Business Insider, the scholars argue that while blockchain technology might serve to revolutionize other industries, internet voting might be a sector that doesn’t benefit from the technology at all, and could potentially even be harmed by it. The researchers start off by acknowledging that they understand why blockchain technology is being considered as an option to optimize internet voting. There is little doubt in the fact that the cryptocurrency world has attracted billions of dollars for legitimate reasons and that it has clear potential to revolutionize everything from the global payments sector, to logistics, to retail, to land ownership rights, among other sectors.

National: Experts say latest Russia case exposes US election vulnerabilities | The Hill

The indictment of a Russian national accused of trying to interfere in U.S. elections shows that not enough has been done to stop the country from launching a multimillion-dollar effort to influence American voters, experts say. Both officials and experts have been warning for months that Russia is trying to influence voters after the country successfully launched a cyber and disinformation campaign in the 2016 election. They say Friday’s indictment of a Russian national, revealing details of the alleged attempts to sway the public, combined with a U.S. intelligence warning of ongoing influence campaigns, is arguably the strongest message to date that the U.S.’s penalties against the country haven’t been enough to shut down the campaigns.

National: Pros to government: If your defenses fail, think pen and paper | The Washington Post

After a cyberattack forced a local Alaska government to disconnect its computer systems from the Internet this summer, employees were ready with a Plan B. They picked up pens and paper — and even resorted to typewriters — so that the government could continue its daily work, from collecting property taxes to checking out books at public libraries. They had practiced for this kind of scenario, which helped ensure the multipronged malware attack did not grind public business to a halt, said Eric Wyatt, the Matanuska-Susitna Borough IT director. “Having these plans and being able to go to paper and pen and manual methods was very helpful,” he said. “We could keep our doors open and continue to provide service to our citizens.” The focus of government cybersecurity has largely centered on developing cutting-edge solutions — and shoring up basic vulnerabilities — to prevent attacks on IT systems. But as more and more government business moves online, there’s a growing call among security pros and government officials for a different, albeit slightly more fatalistic, approach. Public agencies, this cohort says, should just assume they will be hacked — and practice how to carry out essential functions without Internet access or even computers in some cases.

National: 5 Risks We Face with E-Voting Technology | Techspective

Technology brings with it a number of conveniences, but it also opens up opportunities for scammers and hackers to take advantage of people through tech fraud. That crime involves using technology in a variety of possible ways to mislead people, steal data, shut down systems and more. Increasingly over the past several years, tech fraud has influenced voter fraud, which also manifests in many ways. People may use fake information at the polls, try to vote more than once or otherwise wrongfully attempt to swing votes in a certain direction. Unfortunately, e-voting could facilitate both tech fraud and election fraud if the platforms aren’t sufficiently locked down.

National: The AI Threat to Democracy | ExtremeTech

Strolling the leafy suburbs of Austin, Texas, one could be forgiven for thinking democracy is in a robust state of health. The trees are changing color and the world appears largely in order, the outcome of inevitable forces leading to ever greater levels of comfort, luxury, and efficiency. But as the historians are fond of reminding us, there’s nothing inevitable about democracy. Other, less equitable systems of government have historically been far more representational of human affairs. And the democratic liberal order has never been more fragile. Democracies have always had their opponents, but for the first time in history, the principal threat to it comes from shifting technological sands rather than power-hungry despots. As some of more perceptive among us have begun shouting from the rooftops, the rise of strong artificial intelligence could well send the spool of democracy unraveling across the floor.

National: McAfee CTO raises concerns about election cyber security | Computer Weekly

Cyber security concerns around voting should be around the processes involved rather than just the electronic equipment used, according to Steve Grobman, senior vice-president and chief technology officer at security firm McAfee. Underlining this issue, he discussed a recent discovery by McAfee of a “big gap” in the security of the way US local jurisdictions communicate with their constituencies. Because US elections are decentralised, being run at a state and local level rather than at a federal level, with every state and locality choosing how to do things, there is very little uniformity. “We have found two big issues with the way local jurisdiction communicate with their constituencies,” said Grobman. Although these issues are US-specific, he told Computer Weekly that the issue is likely to be global given that the failings in the US are underpinned by a lack of cyber security skills, which is a challenge facing most countries around the world.