National: How to Hack an Election | GQ

There is a voting machine in J. Alex Halderman’s office, not a particularly large one, just an oversize computer tablet set into a plastic frame balanced on tubular legs. But Halderman’s office isn’t especially large, either, so the machine takes up an inordinate, almost clumsy, amount of space. The machine is a Diebold AccuVote-TSX. In the jargon of election machinery, it is a DRE, which is short for direct recording electronic: Voters touch the screen to make their choices, which are then logged in the AccuVote’s memory. This is not exotic technology. DREs have been used in American elections for three decades, and the AccuVote and similar machines are being used in some 30 states this fall, when voters are determining, among other things, which party will control one or both houses of the United States Congress and whether there will be any reasonable checks on the current administration. Halderman got his AccuVote-TSX on eBay. It cost him $94.90 from a seller in North Canton, Ohio, who by last spring had sold at least 40 other used AccuVote-TSXs and had at least 10 more for sale (by the last week of October, he either had sold out or gone out of business, as his listing was gone). Because Halderman is a computer scientist at the University of Michigan, he programmed his AccuVote to tally a two-candidate election for “greatest university” between Michigan and, of course, Ohio State.

Myanmar: Myanmar to Hire 40,000 Workers for Election Security | VoA News

Myanmar has started a campaign to recruit 40,000 temporary workers to help police provide security for elections scheduled for November. Police Force Colonel Maung Maung Soe said locals would be given preference to provide security for each polling station in the country. “We will train them for enough knowledge and guidelines of what a policeman should know or follow,” he said. “They must follow or act under the supervision of the Myanmar police force. We are now preparing for the two-week course in which what they should or shouldn’t do and job description for them will be included.”

Afghanistan: Who is watching Afghanistan’s elections? | Al Jazeera

Security has been a scarce commodity in Afghanistan for some time, but the Taliban’s recent spate of attacks intended to disrupt the April 5 elections – and the promise of more to come – have amplified the sense of insecurity. Assaults targeting international observers and the election commission itself have left open questions regarding the legitimacy and the security of Saturday’s vote. In an attempt to calm nerves and promise a safe day at the polls, the Interior Ministry, coupled with Afghan Special Forces, planned a press conference on Thursday to answer security questions. But things did not go as planned; after Wednesday’s deadly attack on the MOI’s compound within central Kabul’s heavily guarded “steel belt”, it started to seem that the Taliban can strike at will. So can the security apparatus improve confidence?

Mali: Vote turnout weak following Islamist suicide bombing | AFP

Malians voted on Sunday in the second round of parliamentary elections intended to cap the nation’s return to democracy but overshadowed by the deaths of two UN peacekeepers in an Islamist attack. The polls marked the troubled west African nation’s first steps to recovery after it was upended by a military coup in March last year, finalising a process begun with the election of President Ibrahim Boubacar Keita in August. “This second round establishes the recovery on a foundation of legitimacy in this country. It will give us more strength, more power to say ‘Mali’ and that’s what Mali needs,” Keita said after casting his ballot in the capital Bamako. “What has been done has put us in a position to say Mali everywhere with honour and dignity, without any hang-ups.”

Maldives: MDP cautious over police conduct as Commonwealth assigns election security consultant | Minivan News

The Maldivian Democratic Party (MDP) has expressed caution following the Commonwealth’s decision to assign a security expert to observe police conduct during the 2013 presidential election. The opposition party this week questioned the Commonwealth’s previous lack of success in ensuring security force reforms, adding that it remained “highly suspicious” of Police Commissioner Abdulla Riyaz’s conduct in the build up to the election. Police announced this week that the Commonwealth had appointed Eldred de Klerk to assist with ensuring election security, a decision they declared was in line with “international best practices” after requesting the intergovernmental organisation provide consultancy services. Police Commissioner Abdulla Riyaz met with de Klerk in Male’ on Sunday (August 26) to discuss his planned work ahead of the election.

Ghana: 5,000 Soldiers For Elections | Daily Guide

The Ghana Armed Forces (GAF) will deploy about 5,000 personnel throughout the country as part of the election security taskforce instituted to deal with troublemakers and to ensure peace and security at the December 7 polls. The Director of the Public Relations Directorate of the GAF, Col. Mbawine Atintande, who disclosed this at a press soiree organised by Public Relations Officers of Security Services in Ghana, indicated that the security agencies would leave no stone unturned to deal with people who would foment trouble during the general elections. As part of the taskforce, the Ghana Prisons Service would also be providing about 2,000 personnel for election duties, Public Relations Officer of Prisons, Vitalis Ayeh disclosed.

National: How I Hacked An Electronic Voting Machine | Roger Johnston/Popular Science

The Vulnerability Assessment Team at Argonne National Laboratory looks at a wide variety of security devices– locks, seals, tags, access control, biometrics, cargo security, nuclear safeguards–to try to find vulnerabilities and locate potential fixes. Unfortunately, there’s not much funding available in this country to study election security. So we did this as a Saturday afternoon type of project. It’s called a man-in-the-middle attack. It’s a classic attack on security devices. You implant a microprocessor or some other electronic device into the voting machine, and that lets you control the voting and turn cheating on and off. We’re basically interfering with transmitting the voter’s intent. We used a logic analyzer. Digital communication is a series of zeros and ones. The voltage goes higher, the voltage goes lower. A logic analyzer collects the oscillating voltages between high and low and then will display for you the digital data in a variety of formats. But there all kinds of way to do it. You can use a logic analyzer, you can use a microprocessor, you can use a computer–basically, anything that lets you see the information that’s being exchanged and then lets you know what to do to mimic the information.

Venezuela: Electoral Commission Ramps up Security Measures | venezuelanalysis.com

With just over 10 weeks before the realization of the country’s presidential elections, Venezuela’s National Electoral Commission (CNE) is tightening its preparations for October 7 through heightened security measures and high-tech anti-fraud initiatives. On Sunday, the CNE closed enrollment for the initiative known as “Make Your Mark” which obliges enlisted voters to register their thumbprint with the electoral authority in order to ensure the integrity and veracity of the electronic ballots cast at polling stations around the country. The measure began on June 22 and has successfully updated the prints of more than 3 million people through the deployment of over 3,000 registration machines made available to residents in 1,600 enrollment points throughout the country.

Colorado: Secretary of State proposing changes to voting machine security making the already-vulnerable equipment more susceptible to hacking | The Denver Post

The Colorado Secretary of State’s office is considering changes that would relax security around electronic voting machines, making the already-vulnerable equipment more susceptible to hacking, opponents of the equipment and the draft rules said today. “There’s nothing more important than election security,” said attorney Paul Hultin, who represented several voters in a 2006 lawsuit that sought to eliminate use of the machines in Colorado. “It’s a step back.”

Richard Coolidge, public information officer for Secretary of State Scott Gessler, said the aim is to provide more guidance and clarity to county clerks, thereby creating more uniformity in how rules are applied. “We’re trying to balance common sense, practical application with security on the other end,” Coolidge said. “We can do that without compromising any security.”

A public meeting is scheduled for 1 p.m. Thursday to provide input on the proposed changes. Formal rulemaking has not yet started, but the meeting is a likely first step toward the rulemaking process, Coolidge said.

Colorado: Some challenge Colorado voting machine rule proposal | The Pueblo Chieftain

Plaintiffs who prevailed in a lawsuit to decertify Colorado voting machines in 2006 spoke out Wednesday against Secretary of State Scott Gessler’s proposal to relax security protocols for the machines. Gessler has proposed a rule change that would eliminate his office’s mandatory inspection of voting machines in counties, lessen the requirement for tamper-proof seals on the machine, lift the mandate for clerks to report suspected tampering to the secretary of state and reduce the amount of video surveillance required for the machines.

“This is the culmination of about a year of work with our staff and county clerks’ staffs,” said Rich Coolidge, spokesman for the secretary of state’s office. Pueblo County Clerk Gilbert “Bo” Ortiz, president-elect of the County Clerks of Colorado, said the organization favors relaxing how direct recording electronic voting machines are monitored.

…Denver lawyer Paul Hultin, who represented voters in a 2006 lawsuit seeking to do away with terminals in the state, said if the new rules are adopted as Gessler has proposed them, the security of the voting machines will be compromised. Hultin, of the firm Wheeler Trigg O’Donnell, contends Gessler is overstepping his authority to relax the rules and is opening a door to fraud through computer hacking. He also worries that evidence on paper that could settle disputes and questions of fraud is not an option in electronic voting.

Washington: Ballots’ journey juggles security, transparency | The Issaquah Press

King County Elections places a huge mail order each year. Officials must secure enough ballots for more than 1 million voters spread across a county larger than Rhode Island. Then, the elections office is responsible for ensuring a secure — and hassle-free — process to distribute, authenticate and tally ballots on a strict deadline.

The complicated process starts on a printing press in Everett and ends in a tabulation machine in Renton. The voter is situated in the middle, black ink pen at the ready. The job to print almost 1.1 million ballots is delegated to a commercial printer. The elections office oversees the process as Everett-based K&H Election Services prints and inserts ballots into envelopes. The printer creates ballots for King County and jurisdictions across the United States. Then, ballots stacked on pallets await shipment to voters.

Michigan: Rock the Vote urges Michigan to allow online registration – Secretary of State expresses concerns about security | Detroit News

Michigan is failing to engage young voters because it lacks online registration and some of its laws are too restrictive, according to a group whose aim is to get more youths to vote. Rock the Vote said the younger generation is comfortable with online access for everyday tasks and the current voting laws are outdated. Its study called for the state to update its laws.

“Today’s generation uses technology to register for classes and pay for taxes,” said Heather Smith, president of Rock the Vote. “It would seem quite normal that we’d also be able to fill out a voter registration form with technology.”

Idaho: Vote here, only – cities question county clerk’s decision to consolidate absentee voting | Coeur d’Alene Press

City halls might not be secure enough to house absentee ballot polling locations for November’s election, the Kootenai County Clerk’s Office decided. It’s too expensive to provide staff to work at the absentee polling sites too, the office said, so for the first time in decades, several Kootenai County municipalities won’t have their city halls available for voters to cast an early ballot.

So anyone – from Rathdrum to Hayden – who wants to cast an absentee ballot early and in person will have to do so at the Kootenai County Elections Office, 1808 N. 3rd Street, in Coeur d’Alene. It’s the latest change Kootenai County Clerk Cliff Hayes has implemented since his election to office in 2010, having run his campaign on fixing the issues that arose in the heavily litigated 2009 Coeur d’Alene general election.

National: Most Security Measures Easy to Breach, Expert Says | NBC Chicago

When things go really, really wrong, Roger Johnston has a really, really good day. After all, he’s usually the man who made them go wrong.

Johnston has a PhD, 10 patents to his name, and what every 10 year old kid would think is a dream job. As chief of the Vulnerability Assessment Team at Argonne National Laboratory outside Chicago, he has made it is his mission to crack into every security system labeled as foolproof by their creators.

… One of the most frightening examples Johnston has turned up is in one of the nation’s most treasured franchises: the right to vote. He said he’s found that most voting machines have almost no security to reveal tampering. Thus, he said, it’s a fairly simple matter to tinker with the electronics while machines are in storage or being transported by the truckload. He has even demonstrated how he can turn cheating mechanisms in voting machines on and off by remote control.

“It’s much easier to steal the election, right at the electronic voting machine,” said Johnston. “In many cases, we see security devices or electronic voting machines where we really have to wonder, ‘Did anybody spend 60 seconds figuring out the security issues?”