National: Feds Seek To Up Their Cybersecurity Game | Forbes

The idea that the U.S. federal government could play a dominant and effective role in protecting the nation from malicious cyberattacks on everything from Internet of Things (IoT) devices to critical infrastructure to election voting systems might strike some people as absurd. Its catastrophic security failures are well known.

- The Office of Personnel Management (OPM) couldn’t protect the personally identifiable information (PII) of more than 22 million current and former federal employees.

- The National Security Agency (NSA) couldn’t protect its own stash of so-called zero-day vulnerabilities that it hoped to use to spy on, or attack, hostile nation states or terrorist groups. Instead, the stash ended up in the hands of Wikileaks.

National: Senate Democrats push to match House’s ethics and election reforms | The Washington Post

Responding to action in the House, Senate Democrats unveiled their own version of a sweeping election and ethics reform bill Wednesday — one that Senate Majority Leader Mitch McConnell has vowed never to bring to a vote. Dubbed, like the House bill, the For the People Act, the Senate legislation includes a vast suite of proposals — including measures meant to expand voting, provisions aimed at unmasking and diluting the power of moneyed interests, new ethical strictures for federal officials and a new public financing system for congressional campaigns. The bill, according to its lead author, Sen. Tom Udall (D-N.M.), has the support of all 47 senators in the Democratic caucus. The House bill passed 234 to 193 this month with unanimous Democratic support, meaning every congressional Democrat is on record in support of the bill. “Today we are seizing their momentum and the momentum of the American people,” Udall said at a news conference Wednesday. “Now the ball is in Senator McConnell’s court. . . . This should not be about Democrats versus Republicans, this is about people versus special interests.”

National: Voting-machine vendors have some serious questions to answer, senators say | CyberScoop

While the security of the 2020 election remains a prominent topic in Washington, a group of Democratic senators is raising alarms about longer-term issues that will resonate after voters are done choosing a president about 20 months from now. The three companies that make most of the voting technology used in the U.S. must be more transparent about their plans to improve their products to meet current expectations about security and performance, says a letter Wednesday by Sen. Amy Klobuchar of Minnesota and three other top Democrats. In particular, the senators say every machine should reliably produce paper records, and the companies should do far more to upgrade their products. “The integrity of our elections is directly tied to the machines we vote on — the products that you make,” says the letter from Klobuchar, Mark Warner of Virginia, Jack Reed of Rhode Island and Gary Peters of Michigan. “Despite shouldering such a massive responsibility, there has been a lack of meaningful innovation in the election vendor industry and our democracy is paying the price.”

National: Former CIA leaders give ‘briefing book’ to 2020 candidates to counteract ‘fake news’ and ‘foreign election interference’ | The Washington Post

Two former top CIA officials have compiled an unclassified report on the major national security challenges facing the United States, which they are distributing to every candidate running for president. The report, which former acting CIA directors Michael Morell and John McLaughlin call a “briefing book,” is modeled on the classified oral briefing that the intelligence community provides to the nominees of each major political party running for president, usually after the nominating conventions. The former officials said they’re distributing their briefing now, more than a year before nominees are selected, in response to “the recent rise and abundance of fake news and foreign election interference,” according to a copy reviewed by The Washington Post. The 37-page document, which has not been previously reported, was sent this month to nearly every announced candidate and will soon be sent to President Trump, the former officials said. Intelligence agencies have usually viewed their discussions with nominees as a chance to prepare a potential president for the kinds of issues that he or she will have to grapple with, and to give them a sense of the kind of capabilities and expertise that the U.S. government can bring to bear.

Editorials: Fixing US Elections Is Easier—and Harder—Than You’d Think | Max Eddy/PCMag

When I flew out to San Francisco for the RSA Convention (RSAC) in early March, I planned to attend all the election security talks I could fit into my schedule. It's an obvious choice. While the 2018 midterms concluded without much controversy, we're still fighting over the 2016 presidential election, and we're halfway to the next one. That's in addition to the US system of casting and counting votes being, at best, a barely functional shambles. I expected the usual doom-and-gloom about election security, with researchers bemoaning the sorry state of voting machines in the US. I was even looking forward to it, because you have to be a little masochistic to be in this industry. There was a bit of the usual misery, but I wasn't prepared for a double whammy of optimism and despair. I left convinced that we've actually sorted out the most pressing of the technological problems with voting. What has us stumped is the other stuff. And that's a lot of stuff.

Georgia: Georgia likely to plow ahead with buying insecure voting machines | Politico

Georgia Gov. Brian Kemp is poised to sign a bill to overhaul the state’s voting system with machines that are widely considered vulnerable to hacking. The new equipment would replace the state’s paperless, electronic machines — technology so risky that a federal judge said last year that its continued use threatened Georgians’ “constitutional interests.” But security researchers say similar risks exist in the new electronic machines that the GOP-led legislature has chosen, which would embed the voter’s choice in a barcode on a slip of paper. The warnings from cybersecurity experts, election integrity advocates and Georgia Democrats are especially troubling given the abundant warnings from U.S. intelligence leaders that Russia will once again attempt to undermine the presidential election in 2020. “The bill’s sponsors made false and misleading statements during the entire legislative session in hearings leading up to the vote, often flatly contradicting objective evidence or mischaracterizing scientific writing,” said Georgia Institute of Technology computer science professor Rich DeMillo, who testified throughout the process.

New Jersey: New Jersey was going to have paper-based voting machines more than a decade ago. Will it happen by 2020? | Philadelphia Inquirer

New Jersey was once poised to become a national leader in election and voting security. Instead, it now lags most states — including Pennsylvania and Delaware — by relying on aging, paperless machines that experts say are vulnerable to attack and can’t be properly audited. There are no statewide plans to buy new machines; nor is the state urging counties to buy new systems, in contrast to Pennsylvania, where Gov. Tom Wolf has ordered all 67 counties to have new machines by next year’s primary election. “We are doing what we can with the funding that we have and the situation that we’re in,” said Robert Giles, who heads the state’s Division of Elections. The challenge, he said, is funding. Counties are left to their own initiatives. But the current machines are nearing death. The money will have to come from somewhere, said Jesse Burns, head of the League of Women Voters of New Jersey. “Time, it has run out. So there’s no more kicking it down the road,” she said.

Pennsylvania: Questions abound over new voting machines in Luzerne County | Citizens’ Voice

It looks like Luzerne County voters will not use new voting machines until next year, thanks in part to uncertainties over state funding. Also, it is not clear when officials will release information about investigations into county elections director Marisa Crispell’s ties to county vendor Election Systems & Software — one of the prospective vendors for the new machines. The county plans to purchase an electronic voting system that provides added security via a “paper trail” for each vote cast, to comply with a directive state officials issued last year. When county officials first discussed the planned purchase, with an estimated price tag of $4 million, they said the new machines might be in place for this year’s November election. That does not look likely now, though it’s not impossible, according to county Manager David Pedri. “We would still like to get them in for November,” Pedri said Thursday. “The question is when we can get them.”

Australia: Committee pushes ‘cyber taskforce’ for security of Australia’s election system | ZDNet

The Joint Standing Committee on Electoral Matters is tasked with overseeing the Australian electoral system, specifically the activities of the Australian Electoral Commission (AEC). Its Status Report [PDF], released on Friday, follows the November publication of the Report on the conduct of the 2016 federal election and matters related thereto [PDF], which made 31 recommendations to the AEC regarding cybersecurity, in particular where the manipulation of elections was concerned. One of the recommendations made by the committee was that the Australian government establish a permanent taskforce to "prevent and combat cyber manipulation in Australia's democratic process" and to "provide transparent, post-election findings regarding any pertinent incidents". Specifically, the taskforce, the committee wrote, would focus on "systemic privacy breaches". In its latest report, the committee again recommended the taskforce be established.

Canada: Officials worry that foreign actors are trying to meddle in 2019 election | The Toronto Star

Canadian intelligence agencies have identified persistent foreign state-backed cyber campaigns against government and civilian targets that have some officials worried efforts to interfere with this year’s federal election have already begun. Two intelligence sources with direct knowledge of efforts to safeguard Canada’s 2019 election say the rate of cyber attacks against federal institutions, political parties and private companies has been steadily increasing. Between 2013 and 2015, an average of 2,500 state-sponsored “cyber activities” against government networks were detected each year. The rate of success of those activities declined over that period, from six per cent in 2013 to two per cent in 2015 — but that still works out to one successful attack per week. The government officials, who requested anonymity to speak about ongoing national security matters, said just because a hostile state have political and government systems targets does not necessarily mean they intend to disrupt the election. But others are treating it as a foregone conclusion.

Finland: Russia’s Neighbor Finland Mounts Defenses Against Election Meddling | Bloomberg

The country that shares a bigger border with Russia than the rest of the European Union combined is ramping up its defenses against the threat of foreign meddling in its April 14 election. Finland has always had a love-hate relationship with its much bigger neighbor. A history of tension and bloody confrontations has given way to a strong trading partnership, and the country’s diplomatic role as a bridge between Russia and the West is one reason why its capital was picked for last year’s summit between Donald Trump and Vladimir Putin. But with evidence of Russian interference in Western politics mounting, the euro area’s northernmost member state remains on high alert. Social media influence campaigns or direct cyber attacks are already thought to have impacted key votes such as the U.S. election in 2016 and the U.K’s Brexit referendum.

Thailand: Election Observers Call Still-Partial Thai Vote Count Flawed | Associated Press

A group of international observers criticized vote counting in Thailand's first election since a 2014 military coup, saying Tuesday that the "tabulation and consolidation of ballots were deeply flawed" though it had no reason to believe the issues affected overall results. The Asian Network for Free Elections said the announcement of some preliminary results that were "wildly inaccurate" damaged the "perceived integrity of the general election." The group, also known by its acronym Anfrel, is one of several observer groups that have raised concerns about Sunday's vote, which in part pitted a party allied with the ruling junta against the party that led the government it ousted. Thailand's Election Commission, appointed by the junta's hand-picked legislature, has already defended its count, which is still in its preliminary stages. It blamed any issues on the failure of the media to keep up with the raw data. After delaying the release of the full vote count on election night and then again on Monday, the commission has now said it will release its final preliminary results on Friday. Official results are not expected until May.

Ukraine: Intelligence Service elaborates on Russia’s election meddling plans | Reuters

The Foreign Intelligence Service of Ukraine (SZRU) has released a report on the features of Russia’s approaches to affecting the course and results of Ukraine elections. Russia’s main action plan on Ukraine in the short and medium term envisages further provoking extensive destabilization to facilitate the revenge of pro-Russian forces following the 2019 election, the Information Resistance OSINT Group wrote citing the SZRU report published on its website Wednesday, March 27. This will include systemic and versatile measures for influencing the course of the election process and the vote count during the presidential and parliamentary elections, the report says. In this context, the main areas where Russia is most likely to intensify its efforts is destabilization, including on the contact line in Donetsk and Luhansk regions, incitement of military-political confrontation with elements of economic influence; propaganda campaigns in the Ukrainian media and using instruments for cyber interference; measures to provide electoral support to individual candidates; and discrediting the electoral process in the international media space and through Kremlin’s positions in international organizations, as well as Western political and expert circles.

National: States Need Way More Money to Fix Crumbling Voting Machines | WIRED

THE 2018 MIDTERM elections were hardly a glowing reflection on the state of America’s voting technology. Even after Congress set aside millions of dollars for state election infrastructure last year, voters across the country still waited in hours-long lines to cast their ballots on their precincts’ finicky, outdated voting machines. Now, a new report published by New York University’s Brennan Center for Justice finds that unless state governments and Congress come up with additional funding this year, the situation may not be much better when millions more Americans cast their vote for president in 2020. In a survey that the center disseminated across the country this winter, 121 election officials in 31 states said they need to upgrade their voting machines before 2020—but only about a third of them have enough money to do so. That's a considerable threat to election security given that 40 states are using machines that are at least a decade old, and 45 states are using equipment that’s not even manufactured anymore. This creates security vulnerabilities that can't be patched and leads to machines breaking down when the pressure's on. The faultier these machines are, the more voters are potentially disenfranchised by prohibitively long lines on election day. “We are driving the same car in 2019 that we were driving in 2004, and the maintenance costs are mounting up,” one South Carolina election official told the Brennan Center’s researchers, noting that he feels “lucky” to be able to find spare parts.

National: Senate Democrats investigate cybersecurity of election machines, introduce version of H.R. 1 | InsideCyberSecurity.com

A group of senior Senate Democrats is seeking information on what the three largest manufacturers of U.S. voting machines are doing to secure the systems ahead of the 2020 elections, while the entire Democratic Caucus on Wednesday signed on to sponsor the Senate version of House-passed H.R. 1, the “For the People Act,” which includes language on securing election machines. A letter -- signed by Senate Rules ranking member Amy Klobuchar (D-MN), Intelligence ranking member Mark Warner (D-VA), Homeland Security and Governmental Affairs ranking member Gary Peters (D-MI), and Armed Services ranking member Jack Reed (D-RI) -- was sent Tuesday to voting machine vendors Hart InterCivic, Dominion Voting Systems, and Election Systems and Software, or ES&S. “Despite the progress that has been made, election security experts and federal and state government officials continue to warn that more must be done to fortify our election systems,” the senators wrote. “Of particular concern is the fact that many of the machines that Americans use to vote have not been meaningfully updated in nearly two decades. Although each of your companies has a combination of older legacy machines and newer systems, vulnerabilities in each present a problem for the security of our democracy and they must be addressed.” The senators posed questions on steps the companies are taking to secure their machines ahead of 2020, and how Congress can assist in these efforts; what the plans are for updating “legacy” voting machines; whether the companies would support legislation requiring “expanded use of post-election audits”; if the companies have vulnerability disclosure programs; and if they employ full-time cybersecurity experts.

New Jersey: New voting machines being tried in districts across the state | NorthJersey.com

A decade after New Jersey voters were promised more secure voting machines, some districts will receive new machines through a federally funded pilot program. Voters in Gloucester, Union and Essex counties have already seen new machines, and Passaic County intends to join the pilot this year. Meanwhile, Bergen County officials are taking a wait-and-see approach. Robert Giles, director of the state Division of Elections, wrote to county election officials in September to explain one of the initiatives: the Voter Verified Paper Audit Trail pilot. “This pilot program will afford counties the opportunity to purchase and test new VVPAT voting machines,” Giles wrote. “The goal of this pilot program is to assist counties to begin the process of transitioning from their current paperless voting systems to the new voting systems that produce a voter-verifiable paper record of each vote cast.” The program rolls out in a climate of heightened concern over ballot security. “It’s a step forward; there are better ways to do it and worse ways to do it,” Professor Andrew Appel of Princeton University said about the upcoming replacements.

National: Wyden lambastes voting machine makers as ‘accountable to nobody’ | Politico

Sen. Ron Wyden (D-Ore.) on Thursday attacked the small but powerful group of companies that controls the production of most voting equipment used in the U.S. “The maintenance of our constitutional rights should not depend on the sketchy ethics of these well-connected corporations that stonewall the Congress, lie to public officials, and have repeatedly gouged taxpayers, in my view, selling all of this stuff,” Wyden said during the Election Verification Network conference, a gathering of voting integrity advocates and election security experts in Washington. Wyden has been a leading voice among lawmakers who have criticized the voting machine industry as too opaque and not subject to enough oversight from Washington, especially as concerns grow among U.S. intelligence officials that elections will once again be a prime hacking target in 2020. “We’re up against some really entrenched, powerful interests, who have really just figured out a way to be above the law,” he said. “There is no other way to characterize it.” Furthermore, Wyden said, voting machine vendors have “been able to hotwire the political system in certain parts of the country.” He noted that newly elected Georgia Gov. Brian Kemp picked the top lobbyist for the voting giant Election Systems & Software as his deputy chief of staff. The companies, he said, “are accountable to nobody.”

Switzerland: Second flaw found in Swiss election system could change ‘valid votes into nonsense,’ researchers say | CyberScoop

Researchers have uncovered a second security flaw in the electronic voting system employed by the Swiss government. The vulnerability involves a problem with the implementation of a cryptographic protocol used to generate decryption proofs, a weakness that could be leveraged “to change valid votes into nonsense that could not be counted,” researchers Sarah Jamie Lewis, Olivier Pereira and Vanessa Teague wrote in a paper published Monday. This disclosure comes weeks after the same team of researchers announced they had uncovered a flaw in the e-voting system that could allow hackers to replace legitimate votes with fraudulent ones. Swiss Post, the country’s national postal service, which developed the system along with Spanish technology maker Scytl, said earlier this month that first vulnerability had been resolved. Researchers said at the time that the vulnerability demonstrated what can go wrong when governments shift to electronic voting with no alternative plan. The security and integrity of electronic voting systems vary by country, and the vulnerabilities outlined in this research are specific to Switzerland, but other areas of the world increasingly are moving toward a voting infrastructure where it could soon be impossible to verify whether vote tampering has occurred. Christopher Krebs, head of the U.S. Cybersecurity and Infrastructure Agency told Congress last month election officials must have the ability to audit election results.

National: Election security in 2020 means a focus on county officials, DHS says | CNET

As special counsel Robert Mueller's investigation on Russian hacking and collusion with the Trump campaign ends, the Department of Homeland Security is gearing up to prevent a repeat for the 2020 US presidential election. The federal agency, which formed the Cybersecurity and Infrastructure Security Agency last November, said that it's "doubling down" on its efforts, calling election security for 2020 a top priority. It hopes to do that by focusing on local election officials, Matt Masterson, a DHS senior adviser on election security, said in an interview with CNET. The emphasis on local represents a new tact as the DHS tries to shut down foreign interference in the US elections. While the agency worked with all 50 states during the 2018 midterm elections, security experts said the outreach needs to zoom in on a county level. There are about 8,800 county election officials across the US, and they are the people responsible for your voting machines, your polling place's security and handling vote auditing.

National: What Will Mueller’s Russia Report Mean For Election Security In 2020? | WMOT

The release of special counsel Robert Mueller's report may provide Americans with the best playbook yet on how to defend democracy in the lead-up to the 2020 presidential election. In the days since Attorney General William Barr's letter to Congress, much of the focus has boiled down to one line from President Trump: "No Collusion, No Obstruction." But judging by Barr's language and the details that have come to light through indictments filed by Mueller's team over the past two years, the report may also reveal more about how Russia attacked the 2016 U.S. presidential election. The report's first section, according to Barr, focuses on Russian "computer hacking operations," which included the theft of emails from the Democratic National Committee and Hillary Clinton's campaign, as well as agitation online to try to exacerbate divisions among Americans. Barr's summary didn't address an aspect of the interference that Mueller has described elsewhere, including the cyberattacks that targeted state elections infrastructure.

National: ‘Russian playbook’ remains after Mueller report wraps up | Associated Press

The collusion question now answered, another one looms ahead of 2020: Will U.S. elections be secure from more Russian interference? The 22-month-long special counsel investigation underscored how vulnerable the U.S. was to a foreign adversary seeking to sow discord on social media, spread misinformation and exploit security gaps in state election systems. With the presidential primaries less than a year away, security experts and elected officials wonder whether the federal government and the states have done enough since 2016 to fend off another attack by Russia or other hostile foreign actors. "Although we believe that Russia didn't succeed in changing any vote totals, the Russian playbook is out there for other adversaries to use," said Virginia Sen. Mark Warner, a Democrat and vice chairman of the Senate Committee on Intelligence. "As we head towards the 2020 presidential elections, we've got to be more proactive in protecting our democratic process." Special counsel Robert Mueller detailed the sweeping conspiracy by the Kremlin to meddle in the 2016 election in an indictment last year, charging 12 Russian military intelligence officers with hacking the email accounts of Clinton campaign officials and breaching the networks of the Democratic Party. The indictment also included allegations the Russians conspired to hack state election systems and stole information on about 500,000 voters from one state board of elections' computers.

Illinois: Cook County rolling out new voting machines in west suburbs, expects countywide use by 2020 primaries | Chicago Tribune

New voting machines are coming to three west suburban Cook County townships for next week’s consolidated elections in preparation for a countywide rollout next year. The Cook County clerk’s office will test machines in 147 precincts in Oak Park, River Forest and Proviso townships, and hopes to have the new voting machines in every suburban Cook County precinct by the 2020 presidential primary election. “Our current equipment has served us well for a decade, but these new machines have the latest technology,” county Clerk Karen Yarbrough said at a Tuesday morning news conference. “The touch screens are more intuitive and accessible for voters with disabilities, and every single voter will get to review their ballot with paper in their hands before their vote is cast,” Yarbrough said. Each machine can accommodate three voters at one time, with two touch screens and a paper ballot. A voter will use the touch screen as a ballot marker, then print the ballot to review it, according to a demonstration by the clerk’s election director, Tonya Rice. The voter will then hand the ballot in a privacy sleeve to an election judge, who will initial it and place it in the scanner. The scanner accepts the paper ballot and creates an image of the ballot. Because it’s the same machine, the paper ballot and touch screen ballots are automatically consolidated, according to information provided by the clerk’s office. One touch screen is lower to accommodate voters who use wheelchairs, and voters will be able to change the text size and color contrast if they need. An audio ballot is available in English, Spanish, Hindi and Chinese.

Verified Voting Blog: Statement on Maryland HB706/SB919 Online Delivery and Marking of Absentee Ballots

To download the PDF click here.

Verified Voting supports Maryland House Bill 706 (Senate Bill 919) as an immediate, short-term mitigation to reduce risks inherent in Maryland’s current online absentee ballot system by limiting its use to only those who would otherwise be unable to vote. Going forward, substantial changes are necessary to provide Maryland’s voters with secure, reliable, accessible means of voting absentee.

Verified Voting supports the objective of helping voters to obtain their ballots and cast their votes, but any technology used for this purpose must be carefully evaluated. Regrettably, computer scientists and others have found that Maryland’s system has several grave shortcomings.

Because Maryland does not check signatures on returned absentee ballots, there is no way to distinguish legitimate from illegitimate ballots. Using information that is widely available, an attacker could readily request, electronically receive (at multiple fake email addresses), and cast any number of absentee ballots.[1.This information includes personal identifiers that in principle are private, but in practice can be inexpensively purchased in bulk.] Even if the attacker did not cast the ballots, any voters purported to have requested absentee ballots would be required to cast provisional ballots, creating chaos and suspicion and increasing the likelihood that the voter will be disenfranchised.

Michigan: Secretary Benson forms Election Security Commission | UPMatters

Secretary of State Jocelyn Benson today announced an Election Security Commission to recommend reforms and strategies for ensuring the security of elections in Michigan. The first-of-its-kind effort brings together 18 local and national experts on cybersecurity and elections to secure elections and protect the integrity of every vote. Together they will advise the secretary of state and Bureau of Elections on best practices. … The commission will convene in early April to begin its review and assessment of election security in Michigan. It later will host hearings throughout the state and invite citizen and expert input on election problems and security. The commission will deliver a set of recommended reforms and actions to the secretary of state by the end of 2019. Its work is funded through a federal grant for election security. Benson has named David Becker, executive director of the nonprofit Center for Election Innovation & Research, and J. Alex Halderman, professor of computer science and engineering at the University of Michigan, as co-chairs of the commission. It will be staffed and facilitated by designated secretary of state employees.

Pennsylvania: Cyber security expert urges Pennsylvania to find the money for new voting machines | WITF

A national cyber security expert says the state legislature must find the money to upgrade Pennsylvania's voting system ahead of the 2020 election. Anthony Shaffer is a retired Army Lieutenant Colonel and intelligence officer who now works for a conservative think tank. At a state capitol news conference Tuesday, he warned Pennsylvania, as a swing state, is a target for foreign agents looking to sow doubt in the next election. But he noted adversaries typically look for easy prey. "So, if Russia, if China sees the state of Pennsylvania is doing something, they're probably going to go to another state and take another target which they perceive as less able to defend itself or less prepared," Shaffer said. He added the legislature needs the proper funding, technology, and perception to protect the state's voting system.

Editorials: Texas Bill promises better election security. Let’s be sure to get it right. | Dan Wallach/Austin American-Statesman

Election security experts in Texas and nationwide have been pushing for the use of paper ballots in elections to defend against cyber attacks and bolster public confidence in election results. The Texas Legislature has finally taken notice. This week, the Senate heard testimony on Sen. Bryan Hughes’s election security bill, which would require a paper record of every vote and implement post-election audits of every election. This change is long overdue—but the details matter. As a cybersecurity and elections security expert, I know those details well. In fact, my colleagues from across Texas are joining me in pushing for an even stronger bill. Legislators must recognize that paper ballots are the means to a much more important end: ensuring the final results are correct, even when sophisticated adversaries try to interfere. This requires implementing “risk limiting” post-election audits, where auditors randomly sample paper ballots to make sure they match up with the digital records. Discussion about “paper trails” and “voter-verified paper audit trails” can seem complicated. Unfortunately, not all paper trails are created equal. When it comes to elections, “paper” can mean three things: paper ballots filled out (“marked”) by hand, paper ballots marked by a machine (a “ballot-marking device”), or a paper receipt of some kind printed by an electronic voting machine. What makes a good paper ballot? It must be human-readable (not a bar code or other non-English symbols) and auditable (by human auditors, not just machine scanners). Voters must be able detect errors on machine-marked paper ballots and have opportunity to correct them (e.g., “spoil” the ballot and start over), as they can with hand-marked ballots.

Tennessee: Counties eye vote paper trail; state stays neutral | Associated Press

Amid growing national concerns about election security, Tennessee's three largest counties plan to begin using voting machines that produce a verifiable paper trail in time for the presidential primaries in March 2020, whether the Republican-led state requires it or not. Tennessee is one of only 14 states without a statutory requirement of a paper record of all ballots — regarded by most election security experts as crucial to ensuring accurate vote-counting. But election officials in the three Tennessee counties switching to paper-trail machines say they aren't worried about the paperless technology. bRather, they just want to be sure voters trust the process. "Now, you've got an issue of voter confidence and public perception, factors which cannot be ignored, at least by election commissions," said Elections Administrator Clifford Rodgers in Knox County, one of the Tennessee local governments looking to switch. He said he's doing so "reluctantly" and predicted problems with printers and scanners. The others are Shelby County, anchored by Memphis, and Davidson County, encompassed by Nashville. Knox, Shelby and Davidson account for 1.3 million of Tennessee's 4.16 million registered voters.

Australia: Fury as online voting system crashes on NSW election day | Australian Associated Press

Some New South Wales voters have had trouble casting their ballot as issues plaguing the state’s electronic voting system ran into election day. Technical issues began on Friday night but continued Saturday morning as thousands flooded iVote to register and cast their ballot. Frustrated voters then turned to the telephone registration system, which itself was then overloaded, with some told to call back later. Some New South Wales voters have had trouble casting their ballot as issues plaguing the state’s electronic voting system ran into election day. Technical issues began on Friday night but continued Saturday morning as thousands flooded iVote to register and cast their ballot.

Israel: Cybersecurity researchers find security flaws in Likud, Labor party Android apps | The Times of Israel

Researchers at Israeli cybersecurity firm Check Point Software Technologies Ltd. said Wednesday that they had found “serious security breaches” granting access to “highly sensitive personal information” in the Android phone apps of the Likud and Labor parties. “There has been much talk of impact attacks on social networks and we learn more and more about the offensive capabilities of various countries and entities in cyberspace. But we often ignore the factor that allows these attacks — access to sensitive information we share, sometimes without any intention of doing so,” Check Point said in a emailed statement. “Sensitive information such as political opinion, social contacts, demographic data, telephone numbers, and addresses of us and those close to us can be of great help to the various elements operating in cyberspace,” the statement said.

Ukraine: With elections just days away, Ukraine faces disinformation, cyber attacks and further Russian interference | Global Voices

UkraineUkrainians will head for the polls on Sunday 31 March in what will be the first regular national elections since the country's 2014 Euromaidan revolution. With its Crimean peninsula still occupied by Russian forces, an ongoing military conflict in eastern Ukraine, and rising activity of far-right groups, the country is a prime target for both domestic and external information influence operations. Ukraine has been in the crossfire of disinformation warfare since 2014, with multiple political actors attempting to disrupt its democratic development. The elections for both the office of the president and parliamentary seats will be a crucial test for Ukraine’s democracy and stability. Much of the action has taken place on Facebook, which is the country's most popular social network. Despite persistent efforts of civil society and media groups, Facebook has done relatively little to respond to Ukraine's disinformation problem in the past. But the company changed its tune in January, when it publicly announced that it had taken steps to counter some of these issues.