The Voting News

National: Russia’s still targeting U.S. elections, King warns, and experts say we’re not prepared | Portland Press Herald

For weeks, U.S. Sen. Angus King has been telling anyone who’ll listen that the biggest, most worrisome thing about Russian interference in the 2016 election isn’t getting enough attention and has nothing to do with President Trump. King has warned in congressional hearings, television appearances and interviews with reporters that Moscow tried and is still trying to compromise American voting systems – and that if nothing’s done it might very well change the results of an election. … While intelligence officials say there is no evidence that vote counts were changed last November, a leading expert on security threats to voting machines said this possibility cannot be excluded without a forensic audit of the results. Even voting and vote counting machines that are not connected to the internet can be and could have been compromised when they received software programming them to display or recognize this year’s ballots, said J. Alex Halderman, director of the University of Michigan Center for Computer Security and Society. Read More

National: Vladimir Putin denied meddling in the U.S. election. The CIA caught him doing just that. | The Washington Post

Russian President Vladimir Putin has repeatedly — and often tauntingly — denied that his government interfered in the 2016 U.S. presidential race. Earlier this month he said that the cyber campaign might have been the work of “patriotically minded” Russian hackers he likened to “artists” who take to canvases to express their moods and political views. New details reported Friday by The Post reveal the extent to which the Russian meddling bore Putin’s own signature and brushstrokes. U.S. intelligence officials have been pointing at Putin since October, when the Obama administration released a statement declaring that the stream of embarrassing emails and other material being posted online by WikiLeaks and other sites were tied to Russian hacking efforts that “only Russia’s senior-most officials could have authorized.” A broader U.S. intelligence report released in early January went further, identifying Putin by name and concluding that one of the operation’s aims was to help elect Donald Trump. Read More

National: Russians targeted 21 election systems, U.S. official says | Reuters

Russian hackers targeted 21 U.S. state election systems in the 2016 presidential race and a small number were breached but there was no evidence any votes were manipulated, a Homeland Security Department official told Congress on Wednesday. Jeanette Manfra, the department’s acting deputy undersecretary of cyber security, testified before the Senate Intelligence Committee. U.S. intelligence agencies have concluded the Kremlin orchestrated a wide-ranging influence operation that included email hacking and online propaganda to discredit Democratic presidential candidate Hillary Clinton and help Donald Trump, a Republican, win the White House in November. The Russia issue has cast a shadow over Trump’s first five months in office. The extent of interference by Russian hackers, and whether they or others could interfere in future elections, has been the source of speculation and media reports for months. Read More

National: State and local election systems easy prey for Russians hackers | McClatchy

Local officials consistently play down suspicions about the long lines at polling places on Election Day 2016 that led some discouraged voters in heavily Democratic Durham County, N.C., to leave without casting a ballot. Minor glitches in the way new electronic poll books were put to use had simply gummed things up, according to local elections officials there. Elections Board Chairman William Brian Jr. assured Durham residents that “an extensive investigation” showed there was nothing to worry about with the county’s new registration software. He was wrong. What Brian and other election officials across eight states didn’t know until the leak of a classified intelligence is that Russian operatives hacked into the Florida headquarters of VR Systems, Inc., the vendor that sold them digital products to manage voter registrations. …  David Jefferson, a computer scientist at the Lawrence Livermore National Laboratory in California who has acted in his personal capacity in trying to safeguard election integrity, said he believes it is “absolutely possible” that the Russians affected last year’s election. “And we have done almost nothing to seriously examine that,” he said. “The Russians really were engaged in a pattern of attacks against the machinery of the election, and not merely a pattern of propaganda or information warfare and selective leaking,” said Alex Halderman, a University of Michigan computer science professor. “The question is, how far did they get in that pattern of attacks, and were they successful?” Read More

National: GOP Data Firm Accidentally Leaks Personal Details of Nearly 200 Million American Voters | Gizmodo

Political data gathered on more than 198 million US citizens was exposed this month after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server. The data leak contains a wealth of personal information on roughly 61 percent of the US population. Along with home addresses, birthdates, and phone numbers, the records include advanced sentiment analyses used by political groups to predict where individual voters fall on hot-button issues such as gun ownership, stem cell research, and the right to abortion, as well as suspected religious affiliation and ethnicity. The data was amassed from a variety of sources—from the banned subreddit r/fatpeoplehate to American Crossroads, the super PAC co-founded by former White House strategist Karl Rove. Read More

Editorials: Here’s how to keep Russian hackers from attacking the 2018 elections | J. Alex Halderman and Justin Talbot-Zorn/The Washington Post

“They’re coming after America,” former FBI director James B. Comey told the Senate intelligence committee this month. “They will be back.” In a highly politicized hearing, this bold statement drew strikingly little partisan disagreement. Senators on both sides of the aisle have seemingly reached consensus that foreign agents did try to tamper with the 2016 election and that they are extremely likely to do so again. The question is: What do we do about it? While the ongoing Russia investigation has, understandably, received massive attention, there’s so far been scant public focus on the question of how we safeguard our electoral systems from outside interference in the future. Responding to the threat of election hacking isn’t exclusively a matter of diplomatic intrigue or international sanctions. It’s fundamentally a matter of computer science: how we harden our election technology through cybersecurity standards. Read More

Verified Voting Blog: Verified Voting Letter to the US Senate Select Committee on Intelligence

This letter was sent to the US Senate Select Committee on Intelligence following a hearing on June 21, 2017. (Download PDF)

Verified Voting vigorously applauds the Senate Select Committee on Intelligence for its leadership and commitment to securing our elections. With clear evidence that foreign attackers sought to attack our 2016 elections through various means, our intelligence agencies warn that hostile attackers will be back to attack future elections. Congress and the most vulnerable states should act with urgency to fund and implement protective reforms that will make our election systems resilient against cyber attack: funding the adoption of paper ballots and accessible ballot marking systems, and implementing robust, manual post-election audits of the votes.

The June 21 hearing is an important first step toward those reforms, providing valuable information through witness testimony and questions of the Senators. We wish to expand on several key points that were raised in the hearing to ensure a clear understanding of the challenges we face in securing our elections.

It is crucial to understand that further reforms are urgently needed to bolster the mitigations currently in place so that it is possible to detect and correct a cyber attack on the vote count.

Some testimony asserted that pre-election testing and post-election audits currently in place would catch errors in vote tallies caused by a malicious attacker or software failure. Unfortunately, pre-election testing, though helpful for ensuring the completeness of ballot programming, can be defeated by malicious software designed to detect when the system is in test mode. This is what happened with Volkswagen diesels cars: the software caused the cars’ emissions systems to behave correctly during testing, but then allowed them to pollute under non-testing conditions.

Read More

Georgia: No paper trail: Georgia’s antiquated voting system prevents an audit for hacks | Raw Story

The polls are closing in Georgia following the most expensive congressional election in American history. As results are announced, there’s significant controversy over the credibility of those results. “Georgia’s voting issues aren’t rooted in any specific hacking threat,” reports Wired. “The problem instead lies in the state’s inability to prove if fraud or tampering happened in the first place.” The state of Georgia has 27,000 voting machines from the now-defunct Premier Election Systems (formerly known as Diebold) and 6,000 ExpressPoll machines — also made by Diebold. None of the machines have a paper trail. “You have an un-provable system,” says Pamela Smith, president of Verified Voting told Wired. “It might be right, it might not be right, and that absence of authoritative confirmation is the biggest problem. It’s corrosive.” Read More

Maine: Senate sets aside legislation to repeal ranked-choice voting law | Portland Press Herald

The Maine Senate tabled a bill Wednesday that would have repealed a citizens initiative passed in November that made Maine the first state in the nation to adopt a statewide ranked-choice voting system. Senators then voted unanimously, without a roll call tally, to give initial approval to a bill that would amend the Maine Constitution – if approved by two-thirds of the Legislature and by voters – to resolve issues with the new law identified by the Maine Supreme Judicial Court. Its advisory opinion in May found that parts of the new law violated the state constitution, which calls for candidates in races for the Legislature and the governor’s office to be elected by a plurality of voters – the most votes – and not necessarily a majority of voters – at least 50 percent – as they would be under a ranked-choice system. But the opinion did not address ranked-choice voting in Maine’s federal elections or party primary elections, and supporters have argued the law should stand for those races while the Legislature and then voters decide if the constitution should be amended. Read More

Ohio: U.S. Supreme Court won’t hear Ohio voting rights appeal | Columbus Dispatch

The U.S. Supreme Court Monday declined to take up a voting rights case on a technical challenge to the state’s right to reject a voter registration application on the basis of an error or omission unrelated to the voter’s qualifications. The justices refused to hear an appeal by Northeast Ohio Coalition for the Homeless, which challenged Ohio Secretary of State Jon Husted about whether private parties can appeal an Ohio voter-roll purge under the Voting Rights Act. The provisions effectively keep voters from registering if they have made a small error in their registration or voter forms, such as writing a name in legible cursive rather than in print, omitting a zip code, or missing a digit from a Social Security number, according to the Brennan Center for Justice, which supported the claimants in this case. Read More