Editorials: Cities like Philadelphia are sitting ducks for cyber attacks | David Morris/The Philadelphia Inquirer

According to a new report, during President Donald Trump’s inauguration, Romanian hackers used ransomware to seize control of two-thirds of the Beltway’s police security cameras – a stunning feat only slightly diminished by the fact that they went on to order pizza from an email account linked to the attack, then used hijacked police computers to run an easily traceable Amazon scam. That combination – a successful, high-profile ransomware attack executed by thumb-fingered amateurs – shows the challenges now faced by local governments. It no longer takes a genius to hack municipal computer systems: Anyone can log onto the dark web and buy email lists and the malware needed to lock police officers, hospital workers, and government officials out of their computers. One ransomware program dubbed “Philadelphia,” available online for just $400, is specifically designed to help inexperienced hackers take victims’ data hostage. Such attacks are devastating. Without the hackers’ digital key, it’s impossible to unlock hacked files, leaving cities unable to access not just cameras, but 911 systems, hospital records, communication tools, and even water and power systems. That’s why cities make enticing targets: You can’t put public services on hold, so hackers can charge a premium when extorting government entities. Hacked companies pay an average of $36,295 to retrieve their data, but public entities pay an average of $338,700, or almost 10 times as much, according to a Coveware study.

Editorials: Northampton County voting system flunks a crucial first test | Rudy Miller/Lehigh Valley Live

What now? In the run-up to the most consequential election in modern American history — as counties throughout the U.S. are arming themselves with tamper-proof voting machines — Northampton County proved last week that you don’t need Russian interference to bungle an election, seriously damaging public confidence in the process. No, you can do it all by yourself. In Tuesday’s balloting, Northampton County’s all-new machines were plagued by hypersensitive push-buttons that confused voters, sometimes requiring them to go back and re-hit buttons to correct the machines. But that was just the beginning of the troubles. Incredibly, some of the electronic machines couldn’t handle registering simple “yes-no” voting on judge retentions, and displayed severe undercounts in contests with cross-filed candidates. Most incredibly, one judge candidate, Abe Kassis, ended up with zero votes at the end of the day. Some voters were confused by the paper readout they are asked to inspect before they leave the booth (voters don’t actually get a printout in hand), to make sure the electronic machine got it right. Long story short: Northampton County’s new ExpressVote XL machines failed their first crucial test in Tuesday’s election. The county paid $2.8 million for the voter-verifiable paper trail system, an upgrade required by state law.

Editorials: Empower the FEC to Fight Election Crime – A depleted commission faces threats from Russia and beyond | Bloomberg

Igor Fruman and Lev Parnas, two Soviet-born associates of Rudolph Giuliani, are charged with funneling $325,000 in foreign money into a super-PAC supporting President Donald Trump’s 2020 reelection campaign. Their indictment should serve as a warning about the threat of foreign manipulation of U.S. elections. It also proves the need for a functioning Federal Election Commission. After a resignation in August, the six-seat commission is down to only three members. The commission needs four for a quorum, and requires a quorum to authorize investigations by its office of general counsel. So FEC lawyers can work on cases previously authorized, but they can’t investigate new ones until the president nominates, and the Senate confirms, at least one new commissioner. Trump has nominated Texas lawyer James “Trey” Trainor III — but Senate Majority Leader Mitch McConnell, who has fast-tracked dozens of federal court nominees, has dragged his feet on this one, failing to schedule a hearing or a vote. McConnell’s antipathy to campaign regulation appears to be trumping his duty to voters.

Editorials: Could Matt Bevin steal the Kentucky governor’s election? | Richard Hasen/Salon

Will the Kentucky Legislature assist Matt Bevin in stealing the governor’s race from Democrat Andy Beshear, who appeared to have won Tuesday’s election by about 5,000 votes? Ordinarily, I would consider the possibility preposterous. We do not live in ordinary times, though, and on Wednesday Kentucky Senate President Robert Stivers raised the prospect that his institution, not the voters, could determine the outcome of the race. If Stivers and Republican Kentucky legislators were to make such a hardball move without good evidence that there were major problems with the vote count, the election would likely end up in federal court, where it is anyone’s guess what would happen. Either way, that we’re even discussing this potentiality one year before Donald Trump—who has repeatedly challenged the vote totals in his 2016 election victory—is set to face reelection is a wrenching sign for our already-damaged democracy.

Editorials: A simple step every state could take to safeguard elections | The Washington Post

Election security is a complex challenge. One essential step, however, is so simple it can be carried out with a pen and paper. Pennsylvania officials have announced that Philadelphia and Mercer County will conduct a post-election pilot next month of what’s called a risk-limiting audit. The procedure is new to most of the country, but 12 states are experimenting with it — because it’s that much of a no-brainer. Currently, 17 states are not required by law to verify the accuracy of their vote tallies at all. Those that are mostly do so the “traditional” way, which in this case means the wrong way. The process auditors typically use — manually recounting votes in a predetermined percentage of precincts — tells officials whether a particular machine or group of machines is working, but it doesn’t actually answer the essential question: Did the declared winner actually win? Risk-limiting audits instead do what any mathematician . They hand-count a statistically meaningful sample of all votes to determine whether the original tally was correct. The required sample increases as the margin of victory narrows. It’s easy, and it’s time-consuming only in the tightest elections, or when something actually has been tampered with. Of course, that’s when it’s most worth investing the time. So why isn’t everyone doing it?

Editorials: Democrats Must Act Now to Deter Foreign Interference in the 2020 Election | Thomas Wright/The Atlantic

Democrats face a national-security problem without parallel in the annals of American democracy. The president of the United States, Donald Trump, has made clear not only that he will remain passive in the face of foreign interference in the 2020 U.S. election—a threat his current and former directors of national intelligence have called the most serious facing the country—but also that he will actually solicit such interference if it serves his interests. We know of at least one case—when he asked President Volodymyr Zelensky of Ukraine to launch an investigation into former Vice President Joe Biden as a personal favor—but there may well be others. Parts of the U.S. government, such as the Department of Homeland Security and the FBI, as well as state authorities, are working to prevent foreign interference in American elections, but even with a Herculean effort, the country’s defenses against political warfare, especially in the cyber domain, are weak and porous. Such attacks are easy to execute, but difficult and expensive to thwart. The threat is evolving and will be different than it was in 2016. There are many targets.

Editorials: Voting machines pose a greater threat to our elections than foreign agents | Lulu Friesdat/The Hill

As the election security conversation widens beyond Russia, to include countries like Iran and China, it’s important to examine how security flaws in our country’s voting equipment increase the vulnerability of our elections. In 2010 a university cyber team conducted a test attack on an internet voting pilot project in Washington, D.C. The team successfully picked the winner of the election remotely from its Michigan lab. Writing about the attack, computer science professor J. Alex Halderman said, “Within 36 hours of the system going live, our team had … the ability to change votes.” In follow-up testimony, Halderman offered some chilling details: “While we were in control of these systems, we observed other attack attempts originating from computers in Iran and China. These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded.” Security experts have long warned that short passwords provide easy targets, but hackers at DEF CON, an annual security convention, recently found U.S. election systems with no passwords at all.  How did the security bar get set so low?

Editorials: Cyber attacks threaten security of 2020 election | Ray Rothrock/San Jose Mercury-News

Following the 2016 elections, investigators found evidence that Russian hackers successfully infiltrated the computerized voting systems of several states. Hackers also stole data from campaigns and weaponized social media polarizing the electorate against and for certain candidates.  All of this undermines the trust we all place in the United States’ election system. There is nothing more powerful in a democratic country than a legitimate election.  Unchecked, these actions and future similar future actions against our elections are a significant danger to our democracy.  It’s clear we’ll be facing similar threats in the 2020 election cycle. Elections have become a new target in asymmetrical cyber warfare, allowing smaller groups to launch targeted attacks that have an outsized impact. To ensure our democracy is resilient in the face of these bad actors and nation-states, Congress must take action to adequately fund our election system’s cyber defenses and implement programs that bring about greater digital resilience in our government systems and in candidate’s campaigns. More importantly, something so fundamental to the country – trust in our elections – must be pursued with vigor on a bipartisan basis and in a manner that makes our systems more resilient.

Editorials: Election security isn’t that hard – We can have safe elections if we follow these three steps. | Kevin Shelley and Wayne Williams/Politico

Intelligence experts warn that hostile nation-states, criminals and political partisans are preparing attacks on our election systems in 2020. We’ve set ourselves up for this: In the course of modernizing our voting systems, our country has introduced computers into many layers of our election process, including the recording and tallying of our votes. In fact, 99 percent of votes cast in 2020 will be counted either by the computerized voting machines on which the voters cast their ballots or – in the case of voter-marked paper ballots – by scanners, which also are computers. As former secretaries of state from both parties, we know that it’s possible to devise tangible solutions needed to validate our elections. In fact, we can tell you how to do it. That’s not to say that it’s easy, particularly given the decentralized nature of our election administration system. Most states administer elections locally and only a few states have uniform equipment in each locality. For many years, election administration has been woefully underfunded, leading to wide variability in capacity and resources. But, as long as the equipment incorporates a voter-marked paper ballot, officials can adjust existing processes to instill confidence in elections, regardless of the equipment in place.

Editorials: We need our elections protected. A weakened FEC only invites attack. | The Washington Post

IF THE Securities and Exchange Commission stopped acting, the nation would feel vulnerable to securities fraud. If the Federal Trade Commission were paralyzed, or the Federal Communications Commission, there would be a crisis of confidence in fields they regulate. Why, then, are the nation’s political leaders so complacent about the Federal Election Commission, the independent regulatory agency charged with being the watchdog over the political process and protecting the integrity of U.S. democracy? As of this month, the six-member commission is down to three commissioners, although it needs four for a quorum. Without a quorum, the FEC cannot hold hearings, make rules, initiate litigation, issue advisory opinions, launch investigations or approve enforcement actions and audits, among other things. The FEC chairwoman, Ellen L. Weintraub, has put on a brave face, noting that the commission’s “most important duties will continue unimpeded,” such as shining a spotlight on campaign finance and performing the staff work when it receives complaints. She insists that the “United States’ election cop is still on the 2020 campaign beat” and that she will “remain vigilant to all threats to the integrity of our elections.”

Editorials: A bipartisan idea to secure elections: paper backup of electronic votes | Dallas Morning News

Our elections must be secure. And just as important as the integrity of our ballot boxes is voter trust in that integrity. In an age of political division, this is something we agree on across political lines here in Texas. We know that’s true because the Texas Lyceum’s annual poll, just released, showed that 84% of respondents said it is important to ensure ineligible voters are prevented from voting, and 92% said it’s important to ensure that all eligible voters are permitted to vote. We would like to see both of those numbers at 100%, but this is an imperfect world, and we accept these powerful majorities as a statement that Texans understand the importance of the ballot box. A troubling element did emerge from the poll. Just 62% of respondents say they are confident that the voting system in Texas is secure from hacking and other technological threats. Here again, Texans get it right. Few of us are naive enough now to think that electronic ballots are not vulnerable.

Editorials: Why is the Russian medding in 2016 such a big secret? I’m not allowed to say. | Stephanie Murphy/The Washington Post

In May, other members of Florida’s congressional delegation and I were briefed for 90 minutes in the U.S. Capitol by officials from the FBI and the Department of Homeland Security regarding Russia’s interference in the 2016 election. I sought the briefing after then-special counsel Robert S. Mueller III’s report showed Russia had probed and even pierced election networks in Florida, among the most closely contested states in U.S. politics. Although our briefers supplied new details, much remained unknown. What I do know, I can’t talk about. Why that’s the case is itself a mystery. The Mueller report noted that Moscow’s meddling involved three lines of effort, and Florida was a target of each. First, a Russian entity conducted a social media campaign to sow discord and help then-candidate Donald Trump, including by organizing pro-Trump rallies in Florida. Second, a Russian intelligence agency — the GRU — hacked computer accounts connected to Hillary Clinton’s campaign. As part of this effort, it published Florida-related data stolen from House Democrats’ campaign arm. Finally, Mueller reported, the GRU sought to infiltrate computer networks involved in the administration of elections, which could enable Russia to alter voter registration databases or perhaps vote tabulation systems. That would be tantamount to an act of war, with malware rather than missiles as the weapon of choice. While Russian cyber actors cast a wide net, Florida’s county-based election supervisors were a focal point.

Editorials: Paper ballots are essential to securing our elections and our democracy | Lee C. Bollinger and Michael A. McRobbie/The Hill

Public confidence in the integrity and security of our elections is essential for democracy to be a trusted means of governing, and that very confidence is now under unprecedented attack by foreign adversaries. A newly released report from the Senate Select Committee on Intelligence, as well as recent congressional testimony by Special Counsel Robert Mueller, indicated that in 2016 Russia attempted intrusions into the election infrastructure of all 50 states. In one of the most dramatic moments of his testimony, Mueller said that Russia is at it again “as we sit here.” With just 15 months until the next round of major state and federal elections, and as Congress continues to debate the sources of and steps to combat the cyberattacks, it is sobering to consider the effect that a deep erosion of public confidence in the election process could have. It would be devastating to Americans’ faith in our democracy and the legitimacy of our elected government. For these reasons, state and federal leaders must act with urgency to secure our elections. As co-chairs of the committee convened in 2016 by the National Academies of Sciences, Engineering and Medicine to address voting security, we concluded that the nation should immediately take three actions to strengthen the safeguards for election systems against the mounting cyberthreats.

Editorials: Federal Election Commission is now out of commission — that’s downright scary | Kim Wehle/The Hill

Republican Matthew S. Petersen announced his resignation from the Federal Election Commission (FEC) this week. Ho hum news this is not. What it means is that the government agency charged with overseeing compliance with the federal campaign finance laws has been gutted. It now lacks the ability to meaningfully function in the run-up to the 2020 presidential election. There are two primary takeaways here. The first is that this is not unwelcome news for conservatives — such as Senate Majority Leader Mitch McConnell (R-Ky.) — who believe that government oversight of federal campaigns is bad in general. McConnell led the years-long charge to kill the Bipartisan Campaign Reform Act of 2002 (BCRA), a feat that was largely accomplished by the Supreme Court with its 2009 decision in Citizens United v. Federal Election Commission. That case overruled on First Amendment grounds the statutory bans on soft or “issue-ad” money spent by corporations and unions close to presidential primaries and general elections. With the FEC now out of commission, there is no longer a cop on the block to enforce the remaining rules-of-the-game aimed at enhancing fair and free elections in the United States. If no cop is around to pull over speed-demon drivers, the speed limits become meaningless. Translation? It’s the Wild West in federal-campaign-land, and individual voters are the ones who will suffer for it. The second takeaway is that, once again, Congress is to blame for this travesty.

Editorials: When It Comes to Voting, You Can’t Phone It In | Stephen L. Carter/Bloomberg

A lot of people are excited about recent research suggesting that mobile voting would mean more voters casting ballots. No doubt the premise is correct. If you lower the cost of an activity, you get more of it. Still, there are reasons to be skeptical. In the third place, the security risks are obvious. In the second place, as regular readers know, I’ve long questioned whether higher turnout leads to better results. But in the first place, even if mobile voting resulted in a greater number of votes cast, we shouldn’t refer to the result as higher “turnout.” Whatever we might call it, that’s the wrong word. The notion of voter turnout has long conjured images of crowded polling places, neighbors chatting as long lines shuffle forward.  Not all traditions are valuable, but here a bit of etymology teaches an important lesson about democracy.

Editorials: Putin’s Nightmare: The Ballot Box | Michael Khodarkovsky/The New York Times

On Sept. 8, Russians will vote in municipal and regional elections, and the authorities are afraid. Not of any foreign power’s interference in Russia’s elections — there have been no fair elections in decades — but of Russia’s own people and opposition candidates, who are far more popular than the official nominees. Moscow’s old bag of electoral tricks survives — for example, moving elections from December to early September so that summer vacations would leave challengers little time to organize. The authorities have resorted to new tricks too, like clogging the electoral system with fake candidates and putting party loyalists on the ballot as independent candidates. This year’s election will also see a new mobile digital voting system that allows people to vote online from any location. Critics say it is yet another trick to help the authorities. Leaving nothing to chance, Moscow’s electoral commission found bogus reasons to disqualify all unapproved candidates from running in the elections. And to intimidate those would-be candidates, their homes were raided and many of them were detained, brought to Police Headquarters and interrogated in the middle of the night. Yet none of that worked: Thousands of people took to the streets, beginning on July 28, to protest the election committee’s decisions. In response, the authorities deployed an overwhelming force of local and federal police who detained most opposition leaders and nearly 1,400 demonstrators.

Editorials: Why November 4, 2020 could be a very bad day | Chris Cillizza/CNN

Since almost the moment Donald Trump won the White House in 2016, people have had November 3, 2020 — aka Election Day — circled on their calendars. For Trump haters, that first Tuesday in November next year is the moment when they can put an end to what they believe is a colossal mistake. For Trump backers, Election Day 2020 is their chance to prove that 2016 was no fluke — and that they want another four years of the billionaire businessman in the White House. But what if the vote on November 3, 2020 doesn’t actually settle anything? There’s been polling evidence for some time that Americans are losing faith in the ability of Americans elections to be conducted fair and squarely. In an NPR/Marist University poll conducted just before the 2018 midterm elections, almost half — 47% — of respondents said that they lacked faith that all votes cast would be counted fairly. That number was even higher among non-white voters — of whom almost 6 in 10 said it was likely not all votes would be counted. Two in 5 voters said they did not believe American elections were fair in that same poll. Other more recent data suggests there is no slackening in the doubts about fair elections. And after the events of the last three years, it’s not hard to see why there’s rising doubt among the public about fair elections.

Editorials: Trump’s hostility to election security preparedness | Elaine Kamarck/Brookings

From the very beginning of his presidency, Donald Trump has denied or downplayed Russian interference in the 2016 campaign. He has, at various times, dismissed the whole idea as a hoax, as fake news, or as an excuse by Democrats for why they lost the election. At other times, he has proclaimed his innocence vis-à-vis Russian campaign interference. From the earliest days of his presidency when he fired FBI Director James Comey in an effort to stop the investigation, he has denigrated and dismissed the entire issue. In its place he has insisted that the real problem in 2016 was not Russian interference but rather illegal voting by immigrants. The president’s beliefs have put him at odds with his own government and his own appointees, creating some awkward moments as the machinery of the federal government comes into conflict with the tweets of the chief executive. In spite of the president’s antipathy towards the effort, the gears of government managed to grind on, even in the White House. On September 12, 2018, President Trump issued Executive Order 13848 titled “Executive Order on Imposing Certain Sanctions in the Event of Foreign Interference in a United States Election.” The order requires a post-election audit by the intelligence community, under the direction of the ODNI (Office of the Director of National Intelligence) and mechanisms to place sanctions—such as confiscation of property—on those who take actions to interfere in U.S. elections.

Editorials: Prediction: 2020 election is set to be hacked, if we don’t act fast | Adam K. Levin/The Hill

Since 1993, hackers have traveled to Las Vegas from around the world to demonstrate their skills at DefCon’s annual convention, and every year new horrors of cyber-insecurity are revealed as they wield their craft. Last year, for example, an eleven-year-old boy changed the election results on a replica of the Florida state election website in under ten minutes. This year was no exception. Participants revealed all sorts of clever attacks and pathetic vulnerabilities. One hack allowed a convention attendee to commandeer control of an iPhone with a non-Apple-issue charging cord, one that is identical to the Apple version. Another group figured out how to use a Netflix account to steal banking information. But for our purposes, let’s focus on election security because without it democracy is imperiled. And if you think about it, what are the odds of something like DefCon being permitted in the People’s Republic of China? Speaking of China (or Russia or North Korea or Iran or…) will the 2020 election be hacked? In a word: Yes.

Editorials: The malware election: Returning to paper ballots only way to prevent hacking | Lulu Friesdat/The Hill

The key takeaway of special counsel Robert S. Mueller’s report on Russian interference in the 2016 election was that “There were multiple, systematic efforts to interfere in our election … and that allegation deserves the attention of every American.” But with so much attention on what happened in 2016, we have lost much of the time available to protect the 2020 election. This was immediately apparent recently at DEF CON, one of the largest hacker conventions on the planet. The conference, where tens of thousands of hackers descend on the pseudo-glamourous “pleasure pit” that is Las Vegas, includes the Voting Village, a pop-up research lab with an array of U.S. voting equipment available for security researchers to compromise. They were terrifyingly successful. High school hackers and security professionals united to take control of almost every voting system in the room, most of it currently in use around the U.S. They found systems with no passwords, no encryption, and operating systems so old that young hackers often had no previous experience with them. That did not prevent them from completely dominating the machines. They accessed USB, compact flash and ethernet ports that were glaringly unprotected, and then proceeded to play video games and run pink cat graphics across the screens of ballot-marking devices and voter registration database systems.

Editorials: Rage against the voting machines | Philadelphia Inquirer

The latest controversy over the city’s ongoing voting machines saga presents multiple choices of questions and concerns. Last week, City Controller Rebecca Rhynhart, while investigating the contract for new voting machines, found that the company, Election Systems & Software, failed to disclose that it had hired lobbyists and made campaign contributions to the reelection campaigns of two city commissioners who were in charge of selecting the vendor. These mistakes, which ES&S says were inadvertent, made the contract “voidable.” But so far the contract is moving ahead — 3,700 voting machines have already been delivered. ES&S has agreed to pay a $2.9 million fine for its failure to disclose. The Controller’s Office is withholding payment on the contract until it completes its investigation sometime next month. The choices for questions are multiple: Are the resulting disclosures (and fines) proof that the system is working, or A. An indictment of the city’s new best value procurement policy, initiated in 2017 when voters approved a change that allowed the city to award contracts on factors other than the lowest price? While overwhelmingly approved by voters, others (including this board) had concerns that the new policy opened the door to granting contracts to insiders and encouraging a pay-to-play culture, as well as more expensive contracts. The $30 million machine contract is the first major test of the new policy.

Editorials: Guess which ballot costs less and is more secure– paper or electronic? | Kevin Skoglund and Christopher Deluzio/PennLive

Pennsylvania’s counties are choosing new voting systems, with implications for the security, reliability, and auditability of elections across the commonwealth and beyond. Our organizations’ analysis of county selections reveals that several have decided to purchase expensive electronic machines with security challenges over the better option: hand-marked paper ballots. Pennsylvania—where vulnerable paperless machines have been the norm—needs new paper-based voting systems. But not all systems are the same. The main choice counties face is the style of voting and polling place configuration. They can have most voters mark a paper ballot with a pen and offer a touchscreen computer to assist some voters (a ballot-marking device or “BMD”). Or they can have all voters use touchscreen computers to generate a ballot (an all-BMD configuration). The hardware in each configuration is often the same, but this fundamental choice creates significant differences. In fact, our analysis shows that many counties have chosen the all-BMD configuration and are paying a hefty sum for it—twice as much per voter as counties that selected systems that rely principally on voters hand-marking their ballots. Pricier electronic systems also carry greater security risks and make it harder for voters to verify their ballots before casting.

Editorials: There’s no excuse for failing to secure election systems from Russian meddling | St. Louis Post-Dispatch

More than a dozen states are still using electronic ballot systems that leave no paper trail — an invitation to Russia and anyone else who wants to hack into and disrupt America’s next national election. This gaping security hole is being blamed on lack of money in state and local budgets, and a lack of urgency among some Republican officials. Both reasons are unacceptable. Americans may be divided about the veracity of some aspects of the report and testimony from special counsel Robert Mueller, but those who think that renders debatable his conclusions about Russian election interference are simply not paying attention. Mueller’s unambiguous warning that Russia hacked into the election systems of all 50 states in 2016 and is planning to do so again next year has been confirmed on both sides of the aisle. U.S. intelligence agencies have long insisted it happened and will happen again. Even the Republican-controlled Senate Intelligence Committee reached the same conclusion in a recent report. “Russian activities demand renewed attention to vulnerabilities in U.S. voting infrastructure,” the report found. “In 2016, cybersecurity for electoral infrastructure at the state and local level was sorely lacking. … Aging voting equipment, particularly voting machines that had no paper record of votes, were vulnerable to exploitation by a committed adversary.”

Editorials: Trump is holding election security hostage | Brian Klaas/The Washington Post

President Trump is holding American election security hostage in a bid to suppress votes in his reelection campaign. On Tuesday, Trump tweeted that “No debate on Election Security should go forward without first agreeing that Voter ID (Identification) must play a very strong part in any final agreement. Without Voter ID, it is all so meaningless!” In other words, he is explicitly acknowledging that he will allow known vulnerabilities in American election security infrastructure to remain as inviting targets to foreign adversaries of the United States — unless he gets his way on a long-standing Republican priority. But the evidence is clear: Foreign attacks on American democracy are an urgent, ongoing threat to national security that could result in the entire democratic process being rigged or hacked. On the other hand, voter fraud — the problem that voter ID legislation is ostensibly trying to solve — has already been solved. It’s a minuscule problem that poses virtually no threat to American elections.

Editorials: Security improvements for South Carolina elections are welcome news | Charleston| Post and Courier

South Carolina’s new voting machines that leave a paper trail for audits and cannot be hacked remotely get their first workout Oct. 1 in a special election in Aiken County, and will be operable in all precincts around the state by November. But that’s not the only welcome improvement in the state’s election security. Others address training in cybersecurity for election workers and include frequent tests of the vulnerability of state systems to intrusion. These upgrades, a response to the ongoing threat posed by Russia and other foreign adversaries, are the product of a fruitful collaboration between the federal government and the states. The federal Election Assistance Commission provides an information clearinghouse for best practices and also certifies voting machines and associated hardware and software. The Department of Homeland Security keeps states up to date on the latest security threats. The states receive federal grants to help defray the added costs of enhanced security.

Editorials: Why Are Florida Republicans So Afraid of People Voting? | The New York Times

Coral Nichols will be eligible to vote when she’s 190. That’s assuming the 40-year-old Floridian — who served five years in prison for fraud and embezzlement, followed by nearly 10 years on probation — is able to keep up with her $100 monthly restitution payments. Jermaine Miller thought he had fully repaid the $223.80 he owed in restitution for a 2015 robbery and trespass conviction. In fact, he paid $18.20 more than that, but Florida says he still has a balance due of $1.11 because of a 4 percent surcharge on restitution payments. On top of that, Mr. Miller owes $1,221 in court costs and fines, which he doesn’t have the money to pay. Ms. Nichols and Mr. Miller are two of more than 1.4 million Floridians with criminal records who have spent the last year Ping-Ponging between hope and despair over whether they can exercise their most fundamental constitutional right — the right to vote. Last November, nearly two-thirds of the state’s voters approved Amendment 4, a ballot initiative that erased Florida’s 150-year ban on voting by people with felony convictions, except for those convicted of murder or sexual offenses. It was one of the nation’s biggest expansions of voting rights in decades. Florida, which was one of just four states that imposed a lifetime voting ban, bars a higher percentage of its citizens from voting than any other state. The state also accounts for more than one in four citizens disenfranchised nationwide. But Florida’s Republican lawmakers decided Amendment 4 was too much democracy for their taste. In June, after thousands of formerly incarcerated people — including Jermaine Miller — had registered to vote, Gov. Ron DeSantis signed a law passed on party lines that effectively reinstates the ban for most of them, and for hundreds of thousands more people who had not yet registered.

Editorials: 2020 and the black-box ballot box | Jon Evans/TechCrunch

One of the scarier notions in the world today is the prospect of American voting machines being compromised at scale: voters thrown off rolls, votes disregarded, vote tallies edited, entire elections hacked. That’s why the nation’s lawmakers and civil servants flocked (relatively speaking) to Def Con in Las Vegas this week, where hackers at its Voting Village do their best to prove the potential vulnerabilities — including, in some cases, remote command and control — of voting systems. There are several ways to help secure voting. One, thankfully, is already in place; the decentralization of systems such that every state and county maintains its own, providing a bewildering panoply of varying targets, rather than a single tantalizing point of failure. A second, as security guru Bruce Schneier points out, is to eschew electronic voting machines altogether and stick with good old-fashioned paper ballots.

Editorials: Scientific evidence and securing the vote: Verdict is in, now we need the funds | Michael D. Fernandez/The Hill

The Senate Intelligence Committee recently released its much-anticipated report on election security and Russian interference in the 2016 presidential election. Alongside the alarming insights regarding Russian interference, there are critical recommendations based on scientific evidence regarding the security of our voting process, including the replacement of “outdated and vulnerable voting systems.” In too many counties across the country, ballots are being cast on insecure electronic systems. These direct recording electronic systems record a voter’s selection directly to the machine’s memory and automatically tabulate votes. Many leave no physical record of the vote cast. Within the scientific community, there has been consistent alarm regarding the security vulnerabilities of these direct recording electronic systems. Just last year, the National Academies of Science, Engineering, and Medicine issued a report finding that paperless direct recording electronic machines are not secure and should be removed from service as soon as possible. The committee of computer science and cybersecurity experts, legal and election scholars, social scientists, and election officials concluded that local, state, and federal elections should be conducted using human-readable paper ballots, either marked by hand or machine. Every effort should be taken to ensure that direct recording electronic machines are removed from service prior to the 2020 election. Regardless of the vendor or configuration, direct recording electronic systems are fundamentally unverifiable. While hacking is the most discussed concern, these systems are also vulnerable to everyday coding mistakes or errors that could lead to the same inaccurate results as malicious hacking. To effectively safeguard public confidence in our elections and democracy, we must  ensure that every vote is counted accurately.

Editorials: Mitch McConnell Mislabeled Election Security as a ‘Wish List of the Left.’ Period. | Ali Javery & Edgardo Cortés/Rewire.News

In the height of one of the most politicized times in U.S. history, election security is an issue that should not be partisan. But that’s how U.S. Senate Majority Leader Mitch McConnell (R-KY)—who continues to block election security efforts from a vote—framed the issue in a recent speech from the Senate floor. “Make no mistake—many of the proposals labeled by Democrats to be election security are measures, in fact, for election reform that are part of the wish list of the left,” McConnell said. Eligible voters already face hurdles to making their voices heard at the ballot box, including outdated voter rolls and difficultly accessing the polls. The added fear of foreign interference and tampering in our elections only add to the fear that Americans feel about voting. In an effort to ease that anxiety, states across the country have implemented election security reforms through bipartisan efforts. We’ve seen several prominent Republicans support or sign into law voting reforms that provide greater election security within their states. In the past five years alone, elected officials from states like Illinois, Maine, Massachusetts, Maryland, and Alaska have supported legislation or ballot measures to push automatic voter registration, among other voting reforms.

Editorials: Election security in North Caroliba | Wilkes Journal Patriot

Well before most people seriously imagined the Russians might attempt to interfere with U.S. elections, the N.C. General Assembly passed a law requiring that all voting machines used in the 2020 election and beyond generate a paper record showing how votes were cast. The legislature took this action in 2013 because it recognized security weaknesses in touchscreen voting machines, which provide no paper record of how ballots were cast. This makes the touchscreen systems more vulnerable to outside interference than voting systems with paper ballots. Now, here we are in the summer of 2019 and about one-third of North Carolina’s counties still have these touchscreen-only voting systems that don’t meet the paper ballot requirement enacted in 2013. Mecklenburg and Guilford, two of the state’s most heavily populated counties, are among those still using the touchscreen systems that don’t meet requirements of the law.