National: The Computer Scientist Who Prefers Paper | The Atlantic

For years, Barbara Simons was the loneliest of Cassandras—a technologist who feared what technology had wrought. Her cause was voting: Specifically, she believed that the electronic systems that had gained favor in the United States after the 2000 presidential election were shoddy, and eminently hackable. She spent years publishing opinion pieces in obscure journals with titles like Municipal World and sending hectoring letters to state officials, always written with the same clipped intensity. Simons, who is now 76, had been a pioneer in computer science at IBM Research at a time when few women not in the secretarial pool walked its halls. In her retirement, however, she was coming off as a crank. Fellow computer scientists might have heard her out, but to the public officials she needed to win over, the idea that software could be manipulated to rig elections remained a fringe preoccupation. Simons was not dissuaded. “They didn’t know what they were talking about and I did,” she told me. She wrote more articles, wrote a book, badgered policy makers, made “a pain of myself.” Though a liberal who had first examined voting systems under the Clinton administration, she did battle with the League of Women Voters (of which she is a member), the ACLU, and other progressive organizations that had endorsed paperless voting, largely on the grounds that electronic systems offered greater access to voters with disabilities.

Editorials: Internet voting and paperless machines have got to go | Barbara Simons/Minneapolis Star Tribune

“They’ll be back in 2020, they may be back in 2018, and one of the lessons they may draw from this is that they were successful because they introduced chaos and division and discord and sowed doubt about the nature of this amazing country of ours and our democratic process.” — Former FBI Director James Comey, testifying about the Russian government before a House Intelligence Committee hearing, March 20, 2017

We are facing a major national security threat. As former Director Comey stated, we know that Russia attacked our 2016 election, and there is every reason to expect further attacks on our elections from nations, criminals and others until we repair our badly broken voting systems. Despite a decade of warnings from computer security experts, 33 states allow internet voting for some or all voters, and a quarter of our country still votes on computerized, paperless voting machines that cannot be recounted and for which there have been demonstrated hacks. If we know how to hack these voting systems, so do the Russians and Chinese and North Koreans and Iranians and ….

National: The Inside Story of the Chaotic Trump-Clinton Recount | New Republic

Five days after Donald Trump was elected president, Alex Halderman was on a United Airlines flight from Newark to Los Angeles when he received an urgent email. A respected computer scientist and leading critic of security flaws in America’s voting machines, Halderman was anxious to determine whether there had been foul play during the election. Had machines in Wisconsin or Michigan been hacked? Could faulty software or malfunctioning equipment have skewed the results in Pennsylvania? “Before the election, I had been saying I really, really hope there’s not a hack and that it’s not close,” he says. “Afterwards, I thought, ‘Wait a minute, there’s enough reason here to be concerned.’ ” Now, wedged into a middle seat on the cross-country flight, Halderman stared in disbelief at the email from Barbara Simons, a fellow computer scientist and security expert. Working with Amy Rao, a Silicon Valley CEO and major Democratic fundraiser, Simons had arranged a conference call with John Podesta, Hillary Clinton’s campaign chair, to make the case for taking a closer look at the election results. Could Halderman be on the call in 15 minutes? United’s wi-fi system didn’t allow for in-flight phone calls. But Halderman wasn’t fazed. “I’m blocked,” he emailed Simons, “but I can try.” Within minutes, Halderman had circumvented the wi-fi and established an interface with computers at the University of Michigan, where at 36 he is the youngest full professor in the history of the computer science department. He dialed in to the call but did not speak, afraid of drawing attention to the fact that he was violating the airline’s phone ban.

National: Hackers Used New Weapons to Disrupt Major Websites Across U.S. | The New York Times

Major websites were inaccessible to people across wide swaths of the United States on Friday after a company that manages crucial parts of the internet’s infrastructure said it was under attack. Users reported sporadic problems reaching several websites, including Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times. The company, Dyn, whose servers monitor and reroute internet traffic, said it began experiencing what security experts called a distributed denial-of-service attack just after 7 a.m. Reports that many sites were inaccessible started on the East Coast, but spread westward in three waves as the day wore on and into the evening. And in a troubling development, the attack appears to have relied on hundreds of thousands of internet-connected devices like cameras, baby monitors and home routers that have been infected — without their owners’ knowledge — with software that allows hackers to command them to flood a target with overwhelming traffic. … The attacks were not only more frequent, they were bigger and more sophisticated. The typical attack more than doubled in size. What is more, the attackers were simultaneously using different methods to attack the company’s servers, making them harder to stop. The most frequent targets were businesses that provide internet infrastructure services like Dyn. “DNS has often been neglected in terms of its security and availability,” Richard Meeus, vice president for technology at Nsfocus, a network security firm, wrote in an email. “It is treated as if it will always be there in the same way that water comes out of the tap.”

Michigan: Experts: State should audit election results | The Detroit News

Since hackers have targeted the election systems of more than 20 states, cyber-security experts say Michigan should change its policy and routinely audit a sample of its paper ballots to protect against election fraud. Voter registration lists were hacked recently in Arizona and Illinois. The U.S. Department of Homeland Security would not acknowledge whether those particular systems were breached, but Secretary Jeh Johnson said hackers “in a few cases … gained access to state voting-related systems.” The department would not disclose whether Michigan was one of “a large number of state systems” scanned by hackers in preparation for possible attacks, but the Michigan Secretary of State’s office said the state’s voter registration lists have not been targeted or affected. … Audits in Michigan are only triggered in certain circumstances, according to the Secretary of State’s office. Automatic recounts for presidential ballot results happen when the leading candidates are 2,000 or fewer votes apart, while a losing candidate can request a recount for a district or certain precincts, according to the Secretary of State’s office. “It should be done routinely in order to provide a strong degree of confidence,” said University of Michigan cyber-security expert Alex Halderman. “That’s an opportunity for Michigan to improve its election procedures. You should audit every election.”

National: Trump, Putin and the hacking of an American election | The Boston Globe

Did Republican nominee Donald Trump just ask Russian strongman Vladimir Putin to cast the deciding vote in the US presidential election? On Wednesday morning, Trump said he hoped Russia would find and publish 30,000 e-mail messages deleted by his Democratic rival, Hillary Clinton, from the personal server she used as secretary of state. It was a startling spectacle: a presidential candidate urging a foreign government to play a role in America’s game of thrones. But there’s a chance Putin is already a player. The trove of embarrassing e-mails stolen from the Democratic National Committee, which were leaked to the press just in time for this week’s party convention in Philadelphia, were probably swiped by Russian hackers, according to US intelligence officials and independent cybersecurity companies. Russia’s apparent election tampering — and Trump’s call for the Russians to expose Clinton’s deleted e-mails — shows that the insecurity of America’s data networks could undermine our ability to hold free and fair elections. But if the Russian president would go this far to pick our next president, why not take the direct approach? Why not tamper with the computers that manage the nation’s voting systems? Maybe that has already happened. Those voting systems are certainly vulnerable.

Media Release: Verified Voting announces appointment of John DeCock as new Executive Director

Verified Voting, the nation’s leading election integrity organization, today announced the appointment of John DeCock as our new Executive Director.

“We are delighted to have John join our team,” said Verified Voting President Pamela Smith. “John’s appointment signals an important step in our efforts to safeguard elections and to support each voter’s right to cast an effective ballot. John’s exceptional skills and experience will support our outreach and ability to share our resources with a broad range of communities, from voters to policymakers to election officials and more. Working together with John, I am certain that we will continue making vital contributions towards achieving reliable and publicly verifiable elections.”

“There is nothing more fundamental to our Democracy than the right to vote and the knowledge that each vote matters and will be properly counted,” said DeCock. “I am looking forward to working with the talented staff and board at Verified Voting, as well as with the many experts who have collectively achieved so much. There still is much to do to improve the systems by which we cast our votes and to guarantee that every voter knows that his or her vote is counted as cast.”

Editorials: Online voting rife with hazards | Barbara Simons/USA Today

Today Americans are voting in an election that could shift control of the U.S. Senate and significantly impact the direction our nation will take in the next few years. Yet, 31 states will allow over 3 million voters to cast ballots over the Internet in this election, a practice that computer security experts in both the federal government and the private sector have warned is neither secure nor trustworthy. Most states’ online voting is limited to military and overseas voters, but Alaska now permits all voters to vote over the Internet. With a hotly contested Senate seat in Alaska, the use of an online voting system raises serious concerns about the integrity of Alaska’s election results. Alaska’s State Election Division has even acknowledged that its “secure online voting solution” may not be all that secure by posting this disclaimer on its website: “When returning the ballot through the secure online voting solution, your are [sic] voluntarily waving [sic] your right to a secret ballot and are assuming the risk that a faulty transmission may occur.” Unfortunately, faulty transmission is only one of the risks of Internet voting. There are countless ways ballots cast over the Internet can be hacked and modified by cyber criminals.

Canada: Latest Internet voting reports show failures across the board | Al Jazeera

Internet voting, a technology often cited as a solution to the United States’ problematic voting machines, received failing security and accessibility grades in the latest in-depth audit conducted by the City of Toronto. Two of the three vendors audited by the city currently have contracts with over a dozen U.S. jurisdictions for similar technologies. The accessibility report, prepared by researchers at the Inclusive Design Research Centre at OCAD University, and the security report, prepared by researchers at Concordia and Western universities, were obtained by Al Jazeera America through a Freedom of Information Act request. … The reports highlight the difficulty in creating a voting system that isn’t more susceptible to corruption than existing voting technology and that is easy enough to use for voters with a variety of personal computer setups, including those with disabilities who often use alternatives to traditional mice, keyboards and screens. …  “It’s clear from the report for Toronto that the systems being considered don’t meet the minimum accessibility standards required,” said Barbara Simons, a board member of Verified Voting, and co-author of the book “Broken Ballots: Will your Vote Count?” who also obtained the reports through a Freedom of Information request.

National: Voting’s ‘impending crisis’ | Al Jazeera

A recent presidential commission report on election administration characterizes the state of U.S. voting machines as an “impending crisis.” According to the report, created in response to a presidential order, existing voting machines are reaching the end of their operational life spans, jurisdictions often lack the funds to replace them, and those with funds find market offerings limited because several constraints have made manufacturing new machines difficult. On Election Day, these problems could translate into hours-long waits, lost votes and errors in election results. In the long term, such problems breed a lack of trust in the democratic process, reducing the public’s faith in government, experts say. According to Barbara Simons, a member of the board of advisers to the federal Election Assistance Commission (EAC), the problem can’t be avoided any longer. “People died for the right to vote as recently as the civil rights movement,” she said. “The American Revolution was all about being able to control our own democracy, and that means voting … We know that a lot of machines were breaking in the 2012 election. It’s not that it’s an impending crisis. This crisis is already here.” Also, outdated voting machines can present security risks both in hardware deficiencies (some machines use generic keys to protect sensitive panels) and in software flaws that are difficult if not impossible to detect when compromised, according to security audits. Assessing the security of many of these systems is difficult, however, since companies insist proprietary software and hardware may not be disclosed to third parties. Government audits are often not fully public. The current problem is rooted in the short-term fixes that were implemented to solve the last major voting crisis, in 2000, when unreliable punchcard machines led to ambiguous ballots in Florida, putting the presidential election into question. After further issues in the 2002 midterm elections, Congress passed the Help America Vote Act (HAVA) that fall. HAVA gave states millions of dollars to replace punchcard machines and created the EAC, charged with establishing standards for voting systems.

National: Court case: Voting via the Internet is a civil rights issue for disabled | Al Jazeera

The debate over whether Americans should be permitted to vote via the Internet has long pitted voting system manufacturers, who frame it to election officials as inevitable and modern, against top cybersecurity experts who insist it cannot be done without inviting wide-scale fraud. In recent months, however, a powerful new force has joined the fight: people with disabilities, insisting that using electronic ballots from their homes ought to be seen as a right guaranteed by the Americans With Disabilities Act. Most notably, a federal judge in Maryland is scheduled next month to hear arguments as to whether the state board of elections must certify a system that involves the Internet-based delivery and marking of absentee ballots for people with disabilities. The lawsuit’s main plaintiff is the National Federation for the Blind (NFB), joined by a man with cerebral palsy and a woman who is deaf and blind. Separately, the Utah legislature in March passed the Internet Voting Pilot Project Act to permit county election officials to develop systems for people with disabilities to vote online. No actual system has been proposed or adopted yet. …  Those systems are worrisome to opponents, but for the most part they represent a relatively small number of voters scattered across the nation. The focus on Maryland is the result of both limited resources and the fear of a federal precedent, said Susan Greenhalgh of Verified Voting, a watchdog group that raises concerns about vulnerabilities in electronic voting systems of all types.

National: How Block Chain Technology Could Usher in Digital Democracy | CoinDesk

In the digital age, it seems strange that people all around the world still use paper to vote. Of course, given bitcoin’s promise to remove paper from the financial system, many in the industry are beginning to ask if the same block chain technology can be applied to help modernize the democratic process. … Forget it, says Barbara Simons. “At this point we cannot do Internet voting securely,” warns the former IBM computer scientist who has conducted extensive research into Internet voting. Readers will point out that Internet voting is already happening, but she’s saying that we cannot guarantee its integrity. Simons, a former president of the Association for Computing Machinery, participated in a National Workshop on Internet Voting commissioned by former US President Bill Clinton, and authored a book, ‘Broken Ballots‘. She is a long-standing critic of online voting, and her research caused the US Department of Defense to nix an Internet voting system it was considering. “A lot of people think ‘I can bank online, so why can’t I vote online?’,” says Simons. “But, millions disappear from online bank accounts each year.”

Canada: Switch to e-voting still an issue in Brockton | The Post

Some Brockton residents are upset with council’s decision to go with electronic voting in the municipal election this fall. Council has approved a contract with Dominion Voting to provide telephone and Internet voting at a cost of $1.70 for each 7,600 potential voters. Pauline Gay and Barb Klages left last Monday’s council meeting critical of council’s decision. They want the municipality to stick with paper ballots. “I’m disappointed because they don’t seem to consider the security of my computer if I choose to vote with it . . . and there is no way to do a valid recount with an electronic vote,” said Klages. During the meeting council heard from former IBM employee and computer scientist Barbara Simons, who addressed council by teleconference from California. She cited cost, lack of security and the inability to have a recount in a close election as reasons to reject electronic voting. She also said Internet voting doesn’t increase voter participation.

Maryland: Experts remain concerned about Maryland election fraud threat | Baltimore Sun

By now, just about everyone connected to the Internet is familiar with this process: Required to fill out and sign a form of some kind, you ask for and receive a hyperlink via email. You open the link, find the form you need (perhaps a pdf), download it, print it, fill it out and mail it off. That’s a common practice, though increasingly old-school by today’s online standards. There doesn’t seem to be anything particularly risky about the transaction; few would think twice about conducting business that way. But while integrity is important in all transactional realms, it rises to precious when we’re talking about voting. And that’s why a similar process, new this year and slated to be part of Maryland’s primary election in June, has some civic-minded computer security experts sounding alarms about the potential for fraud. … The three experts who wrote to the board about this in 2012 were David Jefferson, a computer scientist based at the Lawrence Livermore National Laboratory in California; J. Alex Halderman, assistant professor of electrical engineering and computer science at the University of Michigan; and Barbara Simons, a retired IBM computer scientist and an expert on electronic voting. They are part of network of vigilant computer security experts who independently assess state elections systems and report their concerns.

Estonia: E-voting source code publishes on GitHub | Ars Technica

Estonia, which created the world’s first nationwide Internet-based voting system, has finally released its source code to the public in an attempt to assuage a longstanding concern by critics. “This is the next step toward a transparent system,” said Tarvi Martens, chairman of Estonia’s Electronic Voting Committee, in an interview Friday with ERR, Estonia’s national broadcaster. “The idea, which was the result of joint discussion between numerous Estonian IT experts and the Electronic Voting Committee, was implemented today. We welcome the fact that experts representing civil society want to contribute to the development and security of the e-elections.” Martens and his colleagues have now put the entire source code on GitHub—previously it was only made available after signing a confidentiality agreement.

Canada: Liberal Party Holds Online Primaries While Security Experts Scowl | TechPresident

Canada’s Liberal party elected a new leader last week. And for the first time in the party’s history, the voting took place online. Justin Trudeau, the telegenic son of the late Pierre Trudeau, Canada’s most famous prime minister, won in a landslide with over 80 per cent of the vote. But online voting critics say that despite the decisive results, the Internet remains an unsafe place to cast your vote. “If the Conservative party want to select the next Liberal party leader, this provides them with the perfect opportunity,” says Dr. Barbara Simons, an online voting expert, and co-author (with Douglas Jones) of Broken Ballots: Will Your Vote Count? “I am not saying the Conservatives would do this — I’m just saying this is a very foolish and irresponsible thing for Liberals to be doing, because they open themselves up to vote-rigging that would be almost untraceable, and impossible to prove.”

National: Online Voting For Academy Awards Must Not Become Model For Public Elections, Cyber Security & Voting Rights Experts Warn | Paramus Post

A group of concerned cyber security experts and voting rights advocates released a statement today warning that Internet voting for this year’s Academy Awards must not become a model for public elections. The group includes advocacy organizations Common Cause and Verified Voting and some of the most renowned figures in computer science including Ron Rivest, co-founder of RSA and Verisign and recipient of the Turing Award;[1] and Dr. Barbara Simons, former President of ACM and author of Broken Ballots: Will Your Vote Count? “When the Academy of Motion Picture Arts and Sciences announced that it would be using an online voting system to help its members choose this year’s Oscar nominees and finalists, thereby adding to the “credibility” of online voting, we found ourselves compelled to remind the general public that it is dangerous to deploy voting by email, efax, or through internet portals in public governmental elections at this time,” the experts said. “Public elections run by municipal, local and state governments should not be compared to elections like the one run by the Academy.”

National: Computer security experts and advocates: Internet voting poses risk | Politico.com

Just because online voting is possible, doesn’t mean the U.S. government should try it for national elections any time soon. That’s the message computer security experts and advocates for voting rights are trying to get across to American voters. David Jefferson, a Lawrence Livermore computer scientist, said Thursday that hosting a national election online poses a national security threat. Jefferson was part of a press conference hosted by Common Cause, a transparency advocacy organization. He pointed out three fundamental areas of attack by hackers or viruses, with no immediate solutions for online voting. “Client side” attacks would trigger malicious software in a voter’s computer or smartphone itself. “Server side” attacks could bring down the servers that would collect and count the votes and the “denial of service” attacks could actually prevent people from voting and take the server down. “There is no fundamental solution to any of these categories of problems, and at least for the client or server side, anyone in the world can initiate such an attack. It can be completely undetectable so the outcome would be wrong and no one would know about it,” said Jefferson, who serves on the board of the Verified Voting Foundation and California Voter Foundation. Even if a faulty outcome is discovered, he added, there would be no way to correct it as there would be no audit trail to “recount.”

Verified Voting in the News: You’ve Got Mail, Mr. President: Two New Letters Weigh In on Voting Technology Issues | Election Academy

For the past month, the election community has been focused to different degrees on President Obama’s Election Night observation that “we need to fix” problems that caused long lines at the polls on Election Day. Recently, the President received two separate letters from computer scientists and advocates concerned about the role of technology in elections. The first, from California Voter Foundation founder and President Kim Alexander and 28 co-signers, focuses heavily on the concept of verifiable voting systems and urges the Administration to put a federal stamp on the problem. The second letter, signed by computer scientist Barbara Simons and 49 co-signers (many of whom appear on the first letter but also including some election officials), covers much of the same territory but contains stronger language on the perceived danger of Internet voting.

National: The Threat of a Stolen Election | In These Times

Perhaps it’s because the U.S. Constitution does not guarantee Americans the right to vote. Perhaps it’s because election officials believe (or hope) that the public has forgotten what democracy means or what fair elections are all about. Perhaps both parties opportunistically seek an advantage through fraud. Perhaps people are simply stupid. Nevertheless, it remains an almost inconceivable screw-up: in many states, including critical swing states, government officials have not guaranteed that votes can be counted, either, in some cases, counted accurately or, in others, counted at all. The mechanics of U.S. voting systems, by international standards, languish at the level of a dismal third world failure.

National: Claims increase of machines switching votes in Ohio, other battlegrounds | Fox News

Imagine going to vote for your presidential candidate and pushing the button on a touch-screen voting machine — but the “X” marks his opponent instead. That is what some voters in Nevada, North Carolina, Texas and Ohio have reported. Fox News has received several complaints from voters who say they voted on touch-screen voting machines — only when they tried to select Mitt Romney, the machine indicated they had chosen President Obama. The voters in question realized the error and were able to cast ballots for their actual choice. “I don’t know if it happened to anybody else or not, but this is the first time in all the years that we voted that this has ever happened to me,” said Marion, Ohio, voter Joan Stevens.

National: Could e-voting machines in Election 2012 be hacked? Yes. | CSMonitor.com

Rapid advances in the development of cyberweapons and malicious software mean that electronic-voting machines used in the 2012 election could be hacked, potentially tipping the presidential election or a number of other races. Since the machines are not connected to the Internet, any hack would not be a matter of someone sneaking through cyberspace to change ballots. Rather, the concern is that an individual hacker, a partisan group, or even a nation state could infect voting machines by gaining physical access to them or by targeting the companies that service them.

Maryland: Online voter registration vulnerable to attack, researchers say | The Washington Post

A voting rights group and some of the nation’s leading researchers on election technology are urging Maryland voters to check the accuracy of their online voter registration files after warning that the data had been left vulnerable to tampering. Researchers at the University of Michigan, the Lawrence Livermore National Laboratory and a former president of the Association for Computing Machinery wrote to Maryland officials late last month urging them to take immediate steps to better protect a new system that allows Marylanders to update their voter registration online. The letter warned that anyone with access to a Maryland voter’s full name and birth date could exploit a simple online tool to change the voter’s address, party affiliation or other information. Such changes, especially a change of address, could lead to a voter’s ballot not being counted normally on Election Day.

Maryland: Cracks in Maryland and Washington Voter Databases | NYTimes.com

Computer security experts have identified vulnerabilities in the voter registration databases in two states, raising concerns about the ability of hackers and others to disenfranchise voters. In the last five years, Maryland and Washington State have set up voter registration systems that make it easy for people to register to vote and update their address information online. The problem is that in both states, all the information required from voters to log in to the system is publicly available. It took The New York Times less than three minutes to track down the information online needed to update the registrations of several prominent executives in Washington State. Complete voter lists, which include a name, birth date, addresses and party affiliation, can be easily bought — and are, right now, in the hands of thousands of campaign volunteers.

Maryland: Cracks in Maryland and Washington Voter Databases | NYTimes.com

Computer security experts have identified vulnerabilities in the voter registration databases in two states, raising concerns about the ability of hackers and others to disenfranchise voters. In the last five years, Maryland and Washington State have set up voter registration systems that make it easy for people to register to vote and update their address information online. The problem is that in both states, all the information required from voters to log in to the system is publicly available. It took The New York Times less than three minutes to track down the information online needed to update the registrations of several prominent executives in Washington State. Complete voter lists, which include a name, birth date, addresses and party affiliation, can be easily bought — and are, right now, in the hands of thousands of campaign volunteers.

Editorials: Internet voting advocates ignorant of software, says computer scientist Barbara Simons | FierceGovernmentIT

Advocates of Internet voting typically form their opinions without real knowledge of how software works, said Barbara Simons, a computer scientist and board member of VerifiedVoting.org. She gave an Aug. 8 talk to the research division of Microsoft; the company posted a webcast of her presentation online. “They don’t understand why when we say you can’t find all the software bugs, you can’t,” Simons said. An analogous public policy example of how software can permit inadvertent flaws that enable later malicious exploitation is the U.S. tax code, she said. Congress periodically approves well-intentioned updates to that complex system which, once implemented, “turn out to benefit a single company in ways that have not been anticipated before the update,” she said.

Editorials: Not Again! How Our Voting System Is Ripe For Theft and Meltdown in 2012 | AlterNet

The most fundamental of democratic processes has become more barrier-filled and error-prone than at anytime since Florida’s 2000 election, when voter list purges, flawed voting technology and a partisan U.S. Supreme Court majority ended a statewide recount and installed George W. Bush as president. This fall’s potential problems begin with a new generation of voter suppression laws and aging voting machines in a handful of presidential battleground states. And other important factors are in play, such as election officials curtailing voting options due to fiscal constraints, the increasing age of poll workers—volunteers averaging in their 70s—who must referee an ever more complex process, and the likelihood that close races will end up in post-Election Day legal fights. Voters tell academics they want consistency in voting. Yet emerging trends are poised to upend that hope in many states. This year’s big questions are: where will the meltdown—or meltdowns—occur, what will go wrong, on what scale, and, when it comes to computer failures or tampering, will we even know about it?

National: Book review: Broken Ballots | ZDNet UK

Few people — the security expert Rebecca Mercuri being the notable exception — thought much about the mechanics of voting before the Bush-versus-Gore presidential election in 2000. A few weeks of watching diligent poll workers holding up ballots to look for hanging chads changed all that. The timing — coincidental with both the rise of the internet and the dot-com bust — suddenly put voting technology on everyone’s agenda. The UK, like a number of European countries, had a brief flirtation with electronic voting. Notably, the Netherlands reverted to pencil-and-paper after a group of technical experts proved their point by getting the voting machines to play chess. E-counting is still on the UK’s agenda, however, despite objections from the Open Rights Group on technical and cost grounds. Most recently, it was used in London’s May 2012 mayoral elections. In the US, Bush v. Gore led to the passage of the Help America Vote Act (HAVA), which mandated the updating of voting equipment and set off substantial controversy.

Editorials: Challenging the market power of one voting machine maker | Sean Flaherty/Iowa City Press Citizen

I am co-chairman of Iowans for Voting Integrity, a nonpartisan citizen group that works for voting systems worthy of the public trust. We have worked for six years for two reforms that both we and many of the world’s leading computer technologists consider essential to fair elections: First, we believe that all computer voting systems must provide a reliable paper record of every ballot cast, and Second, we believe that following every election, election officials should routinely conduct a manual tally of a sample of cast ballots to check against electronic tallies. This column revisits an issue well-known both to the small community of advocates and technology experts who work on electronic voting issues and to an untold number of conspiracy theorists around the nation, but largely unknown outside those communities. This issue is the centralized marked power of the nation’s leading vendor of election equipment and services, Election Systems and Software (ES&S), and the opacity of ES&S’s ownership. I’d like to share some highly judicious and disturbing comments about ES&S that I heard June 7 at a reading at Prairie Lights by University of Iowa computer scientist Douglas Jones. Along with his co-author Barbara Simons, Jones recently published an important book, “Broken Ballots.” The reading was livestreamed on the Internet, and and audio archive should be available soon.

Canada: Officials mum about source of cyber-attack meant to disrupt online voting | thestar.com

New Democrats remained tight-lipped Sunday about the cyber-attack that kept the country waiting for hours at Saturday’s leadership convention. Party brass refused to disclose the source of two Internet Protocol addresses that they say perpetrated an attack meant to disrupt its online voting system, as they tried to manage Thomas Mulcair’s first day as head of the federal NDP. The party is investigating the attack, in tandem with its voting system provider, Scytl, auditors Price Waterhouse Cooper and a number of “experts,” party president Rebecca Blaikie said on Sunday. “At this point, there is not a single point person,” Blaikie said of the investigation. “We’re going to investigate what (the attack) is, where it came from. . . As soon as we know that, we’ll be able to decide what to do next.” Blaikie said neither police nor Elections Canada have been contacted. The NDP identified the IP addresses, essentially identification tags assigned to web-wired devices, as perpetrators of a denial-of-service (DNS) attack. While the party insists the results were not compromised, some are questioning the integrity of the final, fourth-round ballot, which propelled Thomas Mulcair to victory after more than 12 hours of voting.