Editorials: Scientific evidence and securing the vote: Verdict is in, now we need the funds | Michael D. Fernandez/The Hill

The Senate Intelligence Committee recently released its much-anticipated report on election security and Russian interference in the 2016 presidential election. Alongside the alarming insights regarding Russian interference, there are critical recommendations based on scientific evidence regarding the security of our voting process, including the replacement of “outdated and vulnerable voting systems.” In too many counties across the country, ballots are being cast on insecure electronic systems. These direct recording electronic systems record a voter’s selection directly to the machine’s memory and automatically tabulate votes. Many leave no physical record of the vote cast. Within the scientific community, there has been consistent alarm regarding the security vulnerabilities of these direct recording electronic systems. Just last year, the National Academies of Science, Engineering, and Medicine issued a report finding that paperless direct recording electronic machines are not secure and should be removed from service as soon as possible. The committee of computer science and cybersecurity experts, legal and election scholars, social scientists, and election officials concluded that local, state, and federal elections should be conducted using human-readable paper ballots, either marked by hand or machine. Every effort should be taken to ensure that direct recording electronic machines are removed from service prior to the 2020 election. Regardless of the vendor or configuration, direct recording electronic systems are fundamentally unverifiable. While hacking is the most discussed concern, these systems are also vulnerable to everyday coding mistakes or errors that could lead to the same inaccurate results as malicious hacking. To effectively safeguard public confidence in our elections and democracy, we must  ensure that every vote is counted accurately.

Florida: Counties’ elections systems were connected to the internet, report says | Steven Lemongello/Orlando Sentinel

Seven Florida counties have elections systems that have been connected to the internet for months, if not years, according to a report by Vice Motherboard – and one was still connected as of this week. The counties – Bradford, Charlotte, Flagler, Wakulla, Miami-Dade, Pasco and one other county researchers were unable to identify – were among 35 in 10 states in which elections systems were potentially exposed to risk of hacking, Motherboard reported. At least 19 of the systems, including one in Miami-Dade, were still connected to the internet as of August. Elections supervisors in Central Florida said although they use the equipment being cited, none of them believed their systems were exposed. The systems are made by Election Systems & Software, one of the country’s top voting machine companies. Orange County Supervisor of Elections Bill Cowles said 49 of the state’s 67 counties, including Orange, use ES&S equipment. The systems are used to transmit unofficial vote totals via a wireless modem from ES&S voting machines on election night, Motherboard reported. The server that receives these votes is connected to the internet behind a Cisco firewall, both of which are only supposed to be connected to the internet for only a few seconds.

Georgia: State faces tight timeline for replacing voting system | Kate Brumback/Associated Press

Georgia elections officials have no time to spare as they hustle to replace thousands of outdated voting machines statewide while fending off lawsuits in the wake of a much criticized gubernatorial election. Even if the state manages to implement the $106 million purchase of new voting machines on schedule, some county officials worry the tight timeline could lead to another round of confusion as presidential politics drives high voter turnout. “There is concern from my board and myself that we won’t have enough time to get our training in for ourselves, our poll workers and the voters,” Elections Supervisor Jennifer Doran of Morgan County said in an interview Wednesday. Without proper training time, voters could face “confusion, anxiety” and longer waits as people learn to navigate the new system, Doran said. The voting system overhaul comes after Republican Gov. Brian Kemp — previously Georgia’s top election official — beat Democrat Stacey Abrams for the governor’s mansion.

Mississippi: Recovered thumb drive puts Newman ahead after DeLano claimed victory in District 50 race | Alyssa Newton/Biloxi Sun Herald

The District 50 Senate race was one of the closest on the Mississippi Coast, but it’s taken another turn with the Wednesday recovery of a thumb drive full of votes. With all precincts in Tuesday night, incumbent Rep. Scott DeLano held a 33-vote lead over Biloxi City Councilwoman Dixie Newman. That lead was without the affidavit votes, but DeLano declared the victory late Tuesday evening. “We look at these elections and see how many affidavits that are out there. It’s very unusual to make a really big difference in the outcome,” told the Sun Herald Tuesday night. “Even though it’s razor-thin, we expect it to fall in line with what the vote came out of those individual precincts.” It wasn’t the affidavits, but a thumb drive that changed the race Wednesday afternoon. “There was a drive that was left out from the D’Iberville Civic Center,” Newman’s campaign manager Holly Gibbes said. “Those numbers were never counted. (Harrison County Circuit Clerk) Connie Ladner‘s office produced that thumb drive today and added it in. “The thumb drive and all the affidavits, absentees and what could be counted is what put Dixie up by one vote.”

Montana: Stapleton nixes upgrade to voter registration system | The Fulcrum

The modernization of Montana’s voter registration system won’t happen in time for next year’s elections, because the state’s top election administrator has concluded the new software cannot be installed and its security assured in time. The decision was made by Secretary of State Corey Stapleton, who has something of a vested interest in his decision. He’s a leading GOP candidate for the state’s singular and reliably Republican seat in the House of Representatives in 2020. But Stapleton was pressed to make the decision by the association of the state’s county clerks, who said the system in place for 15 years was good enough for one more election. “It would seem more reasonable to begin this immense change-over outside of a presidential cycle, which could be one of the biggest in our lifetimes,” they told the secretary of state. “The current project development timeline is simply too aggressive and stands to put the election process in Montana at risk.”

North Carolina: Proposal offers new absentee ballot security, tweaks early voting hours | Travis Fain/WRAL

House leadership rolled out a wide-ranging election bill Thursday to tinker with early voting hours, let counties that use touchscreen voting machines keep doing so and tighten absentee ballot rules in response to last year’s 9th Congressional District scandal. Among other things, Senate Bill 683 would start a pilot project to cover postage on absentee ballots so that voters wouldn’t have to buy stamps. There are other measures meant to keep campaigns from trying to collect absentee ballots en masse, including a rule requiring prohibiting outside groups from returning ballot request forms. Those forms would also change every election so groups couldn’t simply photocopy old ones and submit fraudulent requests. The 12-page bill has been under construction for some time, and it has a ways to go to become law. Rep. David Lewis, R-Harnett, a House leader on election issues, said in a statement that he looks forward to working with the Senate to get the bill passed “in a timely manner.”

Rhode Island: Report prompts elections officials to examine security of voting systems | Patrick Anderson/Providence Journal

The Providence Journal delivers accurate, timely news about the moments that matter most. To receive stories like this one in your inbox, sign up here. Election hacking fears rekindled by the federal Russia probe have prompted Rhode Island elections officials to take a closer look into whether the state’s voting systems are vulnerable to attack. The new concerns relate to the state’s decision to buy voting machines before the 2016 election equipped with their own Verizon modems that transmit preliminary election results to the state Board of Elections after the polls close. The modems have helped shorten the time it takes the state to declare winners on election night. But because any internet connection exposes a system to potential cyber attack, the federal government never certified the modem-equipped machines for states to use and this summer the U.S. Senate committee investigating Russian efforts to breach the 2016 elections urged states to tighten their election security, use only federally-approved voting machines and “remove (or render inert) any wireless networking capability,” such as a modem.

Washington: Primary election tests new voter system, but ‘everything went according to plan’ | Joseph O’Sullivan/The Seattle Times

Washington’s same-day voter-registration law and new elections system faced a major stress test Tuesday as voters around the state returned ballots for the primary election. The new statewide voter management system, VoteWA, had a rocky rollout this spring, but county auditors Tuesday said it was running smoothly as the 8 p.m. election deadline came and went. “Everything went according to plan and worked out really well,” said King County Elections Director Julie Wise after Tuesday night’s election results posted. She previously had expressed concerns about the system being ready for the primary. Turnout in King County was projected to hit 36%, and possibly be a few points higher than that in Seattle, where seven City Council seats are up for grabs. VoteWA, which is rooted in a centralized voter-registration database, is expected to cut the risk of fraud, strengthen the security of the state’s elections and give many counties new elections capabilities.

India: Electronic Voting Machines Controversy: Election Commission’s Use Of Contract Engineers Puts Indian Elections At Risk | Ravi Nair/HuffPost India

The Election Commission of India has deployed teams of private contract workers, with a minimum work experience of just one year, to Maharashtra and Haryana, where they are conducting “first-level checks” on Electronic Voting Machines (EVMs) for state assembly elections scheduled for later this year, HuffPost India has learnt. These engineers told HuffPost India they had previously been tasked with critical aspects of the voting process — including setting EVMs and loading symbols into vote verification machines called VVPATS — in the 2019 general elections. Opposition leaders in these states told HuffPost India they were unaware that first-level checks on EVMs had begun, and that these checks were being performed by engineers who were not full-time employees of Bharat Electronics Limited (BEL) and Electronics Corporation of India Limited (ECIL), two state-owned companies that manufacture and maintain EVMs for the Election Commission. The Election Commission has never admitted to the use of contract workers, and the commission’s own guidelines require that representatives from all political parties be present when first level checks on EVMs are conducted. This HuffPost India report suggests that the nature of electronic voting makes it impossible for the Election Commission of India to maintain full control over all aspects of the voting process, despite its protestations to the contrary. The Commission’s submissions in Supreme Court indicate, at best, a fundamental ignorance about the nature of cybersecurity threats.

National: The government’s relationship with ethical hackers has improved, security experts say | Joseph Marks/The Washington Post

The relationship between ethical hackers and the federal government is better now than it was in 2013, when then-National Security Agency chief Keith Alexander first spoke at the Black Hat cybersecurity conference — not long after Edward Snowden revealed the government’s sweeping surveillance programs. That’s the conclusion of 72 percent of experts who responded to an informal survey by The Cybersecurity 202 before the kickoff of this year’s conference in Las Vegas. The experts are part of the The Network, an ongoing survey of more than 100 cybersecurity experts from government, academia and the private sector. (You can see the full list of experts here. Some were granted anonymity in exchange for their participation.) When Alexander spoke in 2013, many security researchers were enraged about the newly disclosed surveillance programs, which they said ran roughshod over Americans’ privacy rights and made their jobs harder. Alexander’s defense of the programs fell especially flat, many survey respondents said, since at that time the U.S. government often failed to distinguish between ethical hackers, who tried to make the Internet safer by finding and patching computer bugs, and criminal hackers who tried to exploit those bugs to steal people’s money and information.

National: Black Hat 2019: What We Expect | Neil J. Rubenking and Max Eddy/PCMag

The annual DEF CON hacking conference started as an accident in 1993, and has been going and growing ever since. Black Hat, launched in 1997 by DEF CON founder Jeff Moss (aka Dark Tangent), is its more formal cousin. To paraphrase a welcome speech by Moss a few years ago, friends said to him, “Hey, why don’t you invite more people, charge them a lot of money, and make them wear suits?” The suits are gone, for the most part, but Black Hat gets bigger every year, with 19,000 attendees last year. Black Hat consists of two very different parts. From Saturday to Tuesday, security experts and aspiring experts pay thousands of dollars to participate in training sessions intended to hone their skills in a wide range of security tasks. The press is not invited. On Wednesday and Thursday, the conference switches to briefings, where security experts and academics from all over the world share their latest discoveries, new vulnerabilities, and cutting-edge research.

National: Def Con draws election officials to Las Vegas in effort to combat hackers | Miranda Willson/Las Vegas Sun

Ahead of the annual hacker and cybersecurity conference Def Con in Las Vegas this weekend, organizers anticipate that the part of the event devoted to election security will entice more local, state and federal election officials than ever before. Drawing tens of thousands of hackers, researchers, lawyers and others interested in cybersecurity every year to Las Vegas, Def Con has included a so-called “Voting Village” in its weekend-long programming for the past three years to address election security and how to protect elections from hacking. This is the first time that Def Con explicitly invited local and state election officials to attend, and many seem to be taking advantage of the opportunity, said Harri Hursti, co-founder of the Voting Village and founder of computer and network security company Nordic Innovation Labs. “We never intended this to be a main or big thing. It became a big thing because of popular demand,” Hursti said. Among those attending the conference are representatives from the Clark County Election Department and the Nevada Secretary of State’s Office.

National: Key House Republican demands answers on federal election security efforts | Maggie Miller/The Hill

Illinois Rep. Rodney Davis, the top Republican on the House Administration Committee, demanded answers from the Election Assistance Commission (EAC) on Monday regarding election security oversight issues. In a letter to the EAC, Davis posed a series of questions, citing the committee “Majority’s inadequate oversight of your Commission” during an EAC oversight hearing on May and the recent testimony by former special counsel Robert Mueller as key factors in sending the letter.  “I remain committed to ensuring that local election officials have every resource they need to provide for a secure election in 2020,” Davis wrote. “Effective and focused oversight over the EAC is critically important in this mission.” Questions included what steps the EAC is taking to ensure there is a plan in place to coordinate with the Department of Homeland Security in the event of a threat to election infrastructure in 2020, how the EAC is communicating its activities to the public, and details around the new Voluntary Voting Systems Guidelines 2.0, which are a national voluntary set of standards for voting systems. Davis gave the EAC until Sept. 2 to respond. A spokesperson for the EAC told The Hill the commission has “received the letter and will respond to Congress within the agreed upon deadline.”

National: Judge signals interest in removing Mueller report redactions | Darren Samuelsohn/Politico

A federal judge signaled Monday he’s considering removing the Mueller report’s redactions. During more than two hours of oral arguments in Washington, District Judge Reggie Walton appeared on several occasions to side with attorneys for BuzzFeed and the nonprofit Electronic Privacy Information Center, which are seeking to remove the black bars covering nearly 1,000 items in former special counsel Robert Mueller’s final 448-page final report. Walton didn’t issue an opinion from the bench on the case, which centers on a pair of consolidated lawsuits filed against the Justice Department under the Freedom of Information Act. But the judge, an appointee of President George W. Bush, sounded increasingly skeptical of the government’s arguments pressing him to leave the redactions untouched. “That’s what open government is about,” Walton said during one exchange, citing the resolution of a 2008 sex crimes case against financier Jeffrey Epstein as an example of how obfuscating the reasons behind not prosecuting high-profile people generates public distrust in the country’s criminal justice system.

National: Bipartisan Agreement on Election Security—And a Partisan Fight Anyway | Scott R. Anderson, Eugenia Lostri, Quinta Jurecic, Margaret Taylor/Lawfare

The good news is that national security bipartisanship in Congress lives. The bad news is that the only place it lives is in the pages of the Senate Intelligence Committee report on Russian election interference. The report, released on July 25, offers a thorough—if often redacted—assessment of Russian threats against U.S. voting infrastructure in 2016. It paints an alarming picture of the scope and scale of Russia’s efforts and an equally alarming picture of the degree of vulnerability that persists in U.S. election systems heading into the 2020 election. While it describes no evidence of vote tallies being manipulated or votes being changed, it does describe how “Russian government-affiliated cyber actors conducted an unprecedented level of activity against state election infrastructure in the run-up to the 2016 U.S. elections.” The report is a serious work and reflects a level of bipartisan cooperation that is vanishingly rare in Washington these days. The committee and its staff should be commended for that. The problem is that while both sides appear to agree on the nature of the threat, Republicans and Democrats remain sharply divided over what, if anything, to do about it. And that division became painfully apparent the very day the committee released the report.

National: Former DHS, intelligence leaders launch group to protect presidential campaigns from foreign interference | Maggie Miller/The Hill

Two former Homeland Security secretaries, along with other former top intelligence officials, launched a non-profit group on Tuesday intended to protect presidential campaigns from foreign interference, such as cyber attacks, at no cost. The new U.S. CyberDome group’s Board of Advisors will be chaired by former Department of Homeland Security (DHS) Secretary Jeh Johnson, who served under former President Obama. Other members of the board will include former DHS Secretary Michael Chertoff, who served under President George W. Bush, former CIA Director Michael Morell, former Director of National Intelligence Lt. Gen. James Clapper, and Brig. Gen. Francis Taylor, the former DHS under secretary of Intelligence and Analysis. The former leaders put together the organization due to alarm over how exposed political campaigns were to cyber interference and the lack of protection available to campaigns and voters to protect against these threats. It will work with charities and other donors to provide funding for cyber protections for presidential campaigns.

National: Voting machines run on antiquated operating systems | Grant Gross/Washington Examiner

As the presidential election nears, lawmakers and security experts are raising questions about the security of electronic voting machines used in many parts of the country. The latest concerns focus on devices running Windows 7 and other older operating systems. The Associated Press reports that the “vast majority” of the nation’s 10,000 election jurisdictions use Windows 7 or older operating systems to create ballots, program voting machines, tally votes, and report counts. … Meanwhile, some election security experts say the use of old operating systems is only one concern of many. Electronic voting machines are vulnerable to security risks, claimed Marian Schneider, president of Verified Voting, a group pushing for paper audits of electronic voting machines.

“Software can present risks,” she said. “This is a software issue.”

Electronic voting machines should undergo regular security audits, suggested Jamie Cambell, a security consultant and founder of GoBestVPN, which is a site that reviews virtual private networks. Those security audits should be open-sourced so that multiple security experts can review them, he recommended.

“There are many things that can make electronic voting machines insecure,” Cambell added. “It’s not just the machines or operating systems. It can be the way that the machines store and transmit the data.”

Editorials: Mitch McConnell Mislabeled Election Security as a ‘Wish List of the Left.’ Period. | Ali Javery & Edgardo Cortés/Rewire.News

In the height of one of the most politicized times in U.S. history, election security is an issue that should not be partisan. But that’s how U.S. Senate Majority Leader Mitch McConnell (R-KY)—who continues to block election security efforts from a vote—framed the issue in a recent speech from the Senate floor. “Make no mistake—many of the proposals labeled by Democrats to be election security are measures, in fact, for election reform that are part of the wish list of the left,” McConnell said. Eligible voters already face hurdles to making their voices heard at the ballot box, including outdated voter rolls and difficultly accessing the polls. The added fear of foreign interference and tampering in our elections only add to the fear that Americans feel about voting. In an effort to ease that anxiety, states across the country have implemented election security reforms through bipartisan efforts. We’ve seen several prominent Republicans support or sign into law voting reforms that provide greater election security within their states. In the past five years alone, elected officials from states like Illinois, Maine, Massachusetts, Maryland, and Alaska have supported legislation or ballot measures to push automatic voter registration, among other voting reforms.

Georgia: Georgia awards voting contract before testing finished | Mark Niesse/The Atlanta Journal-Constitution

Georgia’s new voting machines haven’t yet passed state tests of their accuracy, reliability and security, a required step before they can be used in elections. The testing of Dominion Voting System’s equipment is expected to be completed soon, said Georgia Secretary of State spokeswoman Tess Hammock on Monday. Dominion’s voting system, which combines touchscreen voting machines and paper ballots, already received federal certification in January.Until the state’s own tests are completed, it’s unknown whether there are any potential problems with Georgia’s new voting system that need to be corrected.Secretary of State Brad Raffensperger announced last week that Dominion won a $107 million contract to provide voting equipment to the state’s 7 million registered voters. State rules require voting systems to complete testing and be certified by the secretary of state before they can be put into service.

Montana: After elections administrators voice concern, new voter system won’t roll out until 2021 | Holly K. Michels/The Missoulian

The secretary of state is backing away from plans to implement a new election system for Montana before 2020 after elections administrators around the state raised concerns about the aggressive timeline. In a July 24 letter to the head of the Montana Association of Clerks and Recorders, Secretary of State Corey Stapleton wrote that “it does not appear to me that we will be able to implement a new voter registration system this year.” County elections administrators had previously told Stapleton they had “grave concerns” over a plan to replace the existing MontanaVotes system with a new ElectMT system before 2020, as reported by the Montana Free Press. The 2020 elections are expected to see the highest voter turnout in Montana history — it’s a presidential election year, with two federal offices and all the statewide elected officials up for election, plus other state-level, legislative and local races, and ballot initiatives. “The whole association is extremely excited with the decision to wait and not roll it out in the 2020 election,” said Montana Association of Clerks and Recorders President Stephanie Verhasselt, who is the Richland County clerk and recorder. “We do believe when the new system comes out, once we get it working and everyone trained, I think it will have a lot of features we like.”

Nevada: Cybersecurity experts from around the world descend on Las Vegas for Black Hat 2019 | KVVU

Cellphones, cars, even your refrigerator. They’re all “smart.” But so are some criminals who want to hack into those smart systems. That’s why cybersecurity experts from around the world are in Las Vegas this week. They’re not here to hack your phone or your credit card (hopefully). They’re learning how to stop the bad guys. “It’s become summer camp for hackers in the desert,” said Black Hat General Manager Steve Wylie. For the 23rd year, camp is in session. With new technology comes new vulnerabilities. “There’s tremendous value from understanding how a bad guy might get in. So if we can reverse engineer that and understand how to better protect ourselves and our systems,” said Wylie. Voting machines could be very vulnerable during the 2020 election. Black Hat surveyed cybersecurity experts from around the world. They said there’s a 60% chance the 2020 presidential election will be hacked. “That’s alarming because this is coming from the very people who are protecting those systems in our organizations,” said Wylie.

Editorials: Election security in North Caroliba | Wilkes Journal Patriot

Well before most people seriously imagined the Russians might attempt to interfere with U.S. elections, the N.C. General Assembly passed a law requiring that all voting machines used in the 2020 election and beyond generate a paper record showing how votes were cast. The legislature took this action in 2013 because it recognized security weaknesses in touchscreen voting machines, which provide no paper record of how ballots were cast. This makes the touchscreen systems more vulnerable to outside interference than voting systems with paper ballots. Now, here we are in the summer of 2019 and about one-third of North Carolina’s counties still have these touchscreen-only voting systems that don’t meet the paper ballot requirement enacted in 2013. Mecklenburg and Guilford, two of the state’s most heavily populated counties, are among those still using the touchscreen systems that don’t meet requirements of the law.

Pennsylvania: Lebanon County Commissioners approve USB backup drives for new voting machines | Marylouise Sholly/LebTown

Lebanon County Commissioners approved a request earlier this week by the county’s Director of Elections, Michael Anderson, to purchase 72 USB “thumb drives” as extra security for the scanning devices in the new voting machines to be used during the next election. Thumb drives are devices that can upload and download information from a computer. In July, the county received 100 Express Vote ballot marking devices and 72 DS 200 scanner/tabulators along with election management systems that had been purchased earlier in the year from Election Systems & Software. Total purchase price was $704,932, Anderson said. The first use of these new voting machines will be the elections of Nov. 5, 2019.

Rhode Island: State Rebuilding Central Voter Registration System Ahead of 2020 | GoLocalProv

Rhode Island Secretary of State Nellie Gorbea joined GoLocalProv News Editor Kate Nagle on LIVE where she spoke to the office overseeing the rebuilding of the central voter registration system this year — and why she fears early voting not passing the General Assembly this year will have consequences in 2020. “We are in the process of making sure that our hardware an internet structures are secure — so Stonewall Solutions, I’m proud to say a Rhode Island company from Pawtucket — just won the RFP for rebuilding our central voter registration system, so we are secure to modern-day standards,” said Gorbea. “It was a great program back in 2003 when we first built it but now you know it needs to be upgraded.”

Ukraine: Zelensky’s team working on internet voting in Ukraine | Unian

The team of Ukrainian President Volodymyr Zelensky is working on a project that will allow Ukrainians to vote online during elections. “We have already ‘The Vote’ project,” Zelensky’s advisor Mykhailo Fedorov said in an interview to Liga.net. According to him, at the first stage, the platform will be used for surveys, thanks to which the president, prime minister and others will learn the real opinion of the population. The identification system in this project is implemented through Mobile ID, electronic signature, BankID. Fedorov assures Ukrainians will be able to vote online in elections in 2024.

National: 5 big takeaways from Politico’s national survey of election offices | Eric Geller/Politico

Paperless voting machines are a glaring weakness in U.S. election infrastructure. They are dangerous, experts say, because they lack paper voting records, making them vulnerable to malfunctions or intrusions that could undetectably change votes. With top U.S. intelligence officials predicting the return of Russian hackers in 2020, cybersecurity experts have urged state and local governments to replace their paperless machines as soon as possible. Since March, POLITICO has been tracking their progress. The nationwide picture is mixed: Some states and counties are moving quickly to buy paper-based machines and others are doing nothing at all. Here are the five big takeaways from POLITICO’s nationwide survey:

1) Many counties don’t have enough money to upgrade

In hundreds of small counties, election officials can’t afford to buy new voting machines, however insecure their current systems are. Between schools, infrastructure, police, environmental protection and emergency services, counties have enough on their plate without having to worry about their voting machines.

The fact that these machines are used so infrequently is another reason they often slip down the list of counties’ spending priorities. It’s hard to justify buying new voting machines when there are overcrowded schools or crumbling hospitals. “It is a huge expense for small rural counties,” said Cheri Hawkins, the clerk in Shackelford, Texas. “I would love to be able to update!”

National: Russian Election Hacking Could Be Much Worse in 2020 | Jonathan Chait/New York Magazine

What if Trump fails to win the Electoral College in 2020? Would he refuse to accept the results of an election? The first thing to remember is that he already has. Back when Hillary Clinton was viewed as 2016’s likely victor, one widely expressed fear was that Donald Trump would not abide by the outcome, threatening the tradition of peaceful transfer of power that has survived more than two centuries. What happened instead was something nobody anticipated: Trump won — and still refused to accept the election results. He has never stopped insisting that the national vote, which his opponent carried by nearly 3 million ballots, was stolen. He has periodically charged that millions of undocumented immigrants cast votes for Clinton and that this fraud was carried out, for some reason, in California, rather than in states where it might have had some bearing on the outcome. In a recent address to the Turning Point USA Teen Summit, Trump went further. “Don’t kid yourself, those numbers in California and numerous other states, they’re rigged,” he said to applause. “You got people voting that shouldn’t be voting. They vote many times, not just twice, not just three times. They vote — it’s like a circle. They come back; they put a new hat on. They come back; they put a new shirt. And in many cases, they don’t even do that. You know what’s going on. It’s a rigged deal.”

National: EAC plans Windows 7 confab | Tim Starks/Politico

The EAC will convene state and local election supervisors, federal officials and cyber experts to discuss the ramifications of Microsoft sunsetting support for Windows 7, which is still used in many voting systems. “It is essential that the election community and the EAC have a full appreciation not only for the scope of this specific software issue, but also the issues of patching and internet connectivity more broadly,” EAC Chairwoman Christy McCormick told Sen. Ron Wyden (D-Ore.) in a July 26 letter. Wyden had asked how the EAC was handling the issue, including whether it would decertify machines running Windows 7 before the Jan. 15, 2020, sunset. McCormick didn’t answer that question but noted that decertification “has wide-reaching consequences” and that the EAC has an established policy for when to initiate it. Election Systems & Software, one of the companies still selling Windows 7-based voting systems, has submitted new technology for certification that runs on Windows 10 and Windows Server 2016, McCormick told Wyden. “The test plan has been approved by the EAC,” she wrote, “and testing is underway.” Based on the EAC’s conversations with vendors, she said, “we are confident that they are working to address” the Windows 7 issue. The vendors “are in direct contact with Microsoft,” she added, and “have received commitments from Microsoft regarding software support.” She did not say whether Microsoft had promised free updates for these products; the company plans to charge everyone else for continued Windows 7 support.

National: DARPA wants help cracking the election security problem | Kelsey D. Atherton/Fifth Domain

If election security is an engineering problem, the Defense Advanced Research Projects Agency is heading to the right place to solve it. The Pentagon’s blue skies projects agency is taking its System Security Integrated Through Hardware and Firmware (SSITH) to the 2019 DEF CON hacking conference to demonstrate its capabilities before the dark lords and apprentices of the underground community. SSITH will be on display as part of the conference’s Voting Village, where researchers will explore what can and cannot be done to interfere with voting machines and, by extension, elections. “We expect the voting booth demonstrator to provide tools, concepts and ideas that the election enterprise can use to increase security; however, our true aim is to improve security for all electronic systems. This includes election equipment, but also defense systems, commercial devices and beyond,” said Dr. Linton Salmon, the program manager leading SSITH, in a release from DARPA. DARPA sees securing faith in the literal machinery of elections as a national security issue. To prove that faith in the security systems is warranted, they have prepped the “SSITH voting system demonstrator,” with processors mounted on programmable arrays and installed in a ballot box. To get to the system, hackers can enter via either an Ethernet port or a USB port, loading software to try and get past the system’s hardware gatekeeping and security functions.

National: Experts’ Views On NSA Launching New Cyber-Security Directorate | Sophanith Song/The Organization for World Peace

The National Security Agency (NSA) has announced its intention to create “cybersecurity directorate” in order to defend against foreign cyber interference. The cyber defense arm launch date is currently set to be this fall.  According to the NSA, Anne Neuberger, who is currently the Director’s Senior Advisor, will be leading the Cybersecurity Directorate. The advisor also used to serve as NSA assistant deputy director of operations, chief risk officer and head of the NSA/US Cybercom Election Security Small Group that involved in working to prevent foreign interference with 2018 US midterm elections. The launch of this initiative was believed to be motivated by the upcoming 2020 general election. The NSA continued by stating that this approach to this cybersecurity objective will prepare the NSA in a suitable state to corporate with a key partner across the United States government such as the US Cyber Command, Department of Homeland Security and Federal Bureau of Investigation. The initiative will also prepare the NSA to easily share information with the customer with equipped security measure against malicious attacks. According to the Wall Street Journal, the NSA recently concur with a “broader fusion” of intelligence agency’s offensive and defensive portfolio.