Tag Archive

Georgia: Data breach: State to offer voters ID theft monitoring | Atlanta Journal Constitution

Georgia Secretary of State Brian Kemp announced plans Thursday to offer 6.2 million registered voters a year of free credit and identity theft monitoring services. The announcement came more than two weeks after a massive data breach at the agency exposed those voters’ personal information, including Social Security numbers and birth dates. An agency spokesman said the move is expected to cost $1.2 million, paid by the agency through reserve funds. Kemp said he has contracted with Austin, Texas-based CSID for services that will be available within 10 to 14 business days. Additionally, he said all Georgia voters in the breach whose identity is compromised will be eligible for identity theft restoration services if their identity is compromised over the next year.

Full Article: Georgia data breach: State to offer voters ID theft monitoring | www.myajc.com.

Editorials: Wellington city council was wrong to think internet voting is safe | The Dominion Post

Wellington is a town of political junkies and digital hotshots. We are the coolest – and smartest – little capital. So perhaps it was obvious what the Wellington City Council would say about having internet elections here: “Of course.” But in fact the council’s decision is wrong. The risks – hacking, mainly – are too great, and the benefits – internet voting is supposed to boost voter turnout – are small. Software expert Nigel McNie warned councillors against internet voting and cited the problem of the Death Star. It had just one little hole of vulnerability, but it was big enough to let a bomb through.  Now of course geeks disagree about the risk from hacking. Some say internet voting can be made safe, or as safe as can be reasonably expected. But everyone knows that no system is guaranteed against hackers. 

Full Article: Editorial: Wellington city council was wrong to think internet voting is safe | Stuff.co.nz.

Canada: Why hi-tech voting has low priority for Canadian elections | CBC News

Estonians can vote over the internet in their national elections. Brazilians vote using electronic terminals that have Braille on the keypads and that have cut the tabulation time from a month to six hours. Some local British elections have let people vote by text message. It’s the year 2015, after all. So why do Canadian elections still happen the centuries-old way — by marking paper ballots and depositing them in a box? Especially when advocates say higher-tech voting methods could make the process more accessible? “There’s a number of reasons,” said Nicole Goodman, research director at the Centre for E-Democracy and an assistant professor at the University of Toronto’s global-affairs school. Goodman has extensively researched internet voting at other levels of government in Canada, particularly municipal elections in Ontario, where in last year’s contests 97 local governments out of 414 offered online voting. At the municipal level, Canada is a world leader in voting via the internet, Goodman says. But so far, no province or federal electoral authority has attempted it even in a small trial. One reason? “Lack of political will,” Goodman said. Elections Canada, by law, has to takes its cues on how to run elections from Parliament, and no recent government has made it a priority to introduce potentially radical new voting methods — especially one such as internet balloting that might get whole new demographics, including traditionally non-voting youth, to suddenly take part. Another concern that has held back any internet voting system is security.  “People want 100 per cent assurance that this cannot be tampered with,” said Jean-Pierre Kingsley, Canada’s former chief electoral officer. “I’m absolutely sure that we’ll be able to find something, but at this stage we’re not there yet.”

Full Article: Why hi-tech voting has low priority for Canadian elections - Technology & Science - CBC News.

New Zealand: Christchurch Council rejects online voting trial | Radio New Zealand News

Online voting at next year’s local government elections is in jeopardy after the Christchurch City Council today rejected it. The company hired to conduct the online trial said without Christchurch it might not be viable – and it was rushing to try to reassure councillors and others that such voting is secure from hackers. On Monday, Checkpoint reported IT experts held grave fears about online voting, which has already been agreed to by councils in Palmerston North, Porirua, Whanganui, Rotorua and Matamata Piako. Today at a full meeting of the Christchurch City Council, IT experts pleaded with councillors to reject it based on security fears.  One of them, Jonathan Hunt, reeled off a list of overseas examples where online voting has failed.

Full Article: Christchurch Council rejects online voting trial | Radio New Zealand News.

National: Federal Election Commission refuses to release computer security study | Center for Public Integrity

Next to the Federal Election Commission’s front door is a quotation from former U.S. Supreme Court Justice Louis Brandeis: “Sunlight is said to be the best of disinfectants.”  But the agency is refusing to uncloak a pricey, taxpayer-funded study that details decay in the security and management of its computer systems and networks, which the Center for Public Integrity revealed had been successfully infiltrated by Chinese hackers in October 2013. The report — known within the FEC as the “NIST study” — also provides recommendations on how to fix the FEC’s problems and bring its computer systems in line with specific National Institute of Standards and Technology computer security protocols.

Full Article: Federal Election Commission refuses to release computer security study | Center for Public Integrity.

Colorado: The high risk of e-voting | The Denver Post

If we can bank and shop online, why can’t we also vote online? This once-common refrain — I certainly used to ask the question — has been answered in recent years by revelations that hackers have penetrated some of our largest financial institutions, retailers, entertainment studios and, of course, the federal government. We can do our banking and shopping online because, as Lawrence Livermore computer scientist David Jefferson said earlier this year, “Financial losses in e-commerce can be insured or absorbed, but no such amelioration is possible in an election. And, of course, the stakes are generally much higher in a public election than in an e-commerce system.” Jefferson’s view that online voting — and especially e-mail — is extremely vulnerable to being hacked, intercepted or manipulated is shared by many experts, including those at the National Institute of Standards and Technology and the U.S. Election Assistance Commission. 

Full Article: Carroll: The high risk of e-voting - The Denver Post.

Greece: Scientists in Greece Design Cryptographic E-Voting Platform | Wall Street Journal

A team of researchers in Athens say they’ve designed the world’s first encrypted e-voting system where voters can verify that votes cast actually go to the intended candidate. The process happens on a distributed, publicly-available ledger, much like the blockchain — the peer-reviewed software architecture that underpins bitcoin. The digital ballot box, called DEMOS, decreases the probability of election fraud as more voters use the system to verify their votes. The voting system starts by generating a series of randomized numbers. Each voter gets two sets of numbers, or ‘keys’: a key corresponding to the voter, and a key that corresponds to the voter’s preferred candidate. This is akin to the blockchain’s private and public key combination which authenticates bitcoin transactions.

Full Article: Scientists in Greece Design Cryptographic E-Voting Platform - Digits - WSJ.

United Kingdom: Why can’t the UK vote online? The answer is simple – we fail at passwords | Information Age

In an age where so many of us handle our banking, tax returns and bill paying online, many have asked why can’t we cast a vote via the internet as well? Last year, over eight in ten (83%) of UK adults were active online – just imagine if we saw this sort of turnout for 2020’s election. However, moving voting online has its own risks as well. And much of this is down to poor password security. Much of this insecurity is rooted in existing Electronic Voting Machines – or EVMs – which are already in use throughout the world. India, for example, adopted EVMs for its 2004 parliamentary elections, with 380 million voters casting their ballots on more than a million machines. In the United States, push button or touchscreen style EVMs have been used regularly since 1976. However, across the world, EVMs have been roundly criticized for being susceptible to hacking and fraud. In India, It was successfully demonstrated that the 2009 election victory of the Congress Party of India could easily have been rigged – forcing the election commission to review the current EVMs.

Full Article: Why can't the UK vote online? The answer is simple - we fail at passwords | Information Age.

Nigeria: The Independent Nigerian Electoral Commission’s Website Has Been Hijacked | TechCabal

The Nigerian presidential elections are in full swing. And as if the Independent Nigerian Electoral Commission doesn’t have enough things to worry about, their website just got hacked by some people calling themselves the Nigerian Cyber Army. As is customary, there is a rambling signature left by the hackers, in place of the usual website. It’s not like the website is essential to the elections or anything. Their software and servers are likely not pointed to that url. This, as far as I can tell, has absolutely no bearing on the outcome of the election, which is more physical than digital. It’s more of egg on their face. We are reaching out to INEC for comment. “Sorry x0 Your Site has been STAMPED by TeaM Nigerian Cyber Army. FEEL SOME SHAME ADMIN!!”, the hackers said on the defaced site.

Full Article: The Independent Nigerian Electoral Commission's Website Has Been Hijacked - techcabal.com.

Maine: Cyberattack strikes Maine website for second day | WMTW

For the second day in a row, an apparent cyberattack took down the state of Maine’s website. A Twitter account with the handle Vikingdom2015 posted Tuesday morning that Maine.gov will be offline for more than five hours. Another post said other hackers helped make the website unaccessible. Service to Maine.gov was restored by 9:45 a.m. The outages lasted about 2 1/2 hours. On Monday, Vikingdom2015 took credit for knocking out Maine.gov for three hours.

Full Article: Cyberattack strikes Maine website for second day | Politics - WMTW Home.

Australia: NSW’s online gamble: why internet and phone voting is too risky | The Conversation

Up to 250,000 votes are expected to be cast using the iVote electronic voting system between March 16 and the close of polls on March 28 in the New South Wales election. That would represent a massive increase on the 46,864 votes at the 2011 state election and could mean about 5% of the total vote is cast electronically, using a telephone or via the internet. It looks set to be by far the biggest test of electronic voting in Australia, which has largely been limited to small trials in the past, and one of the largest online votes worldwide. If the NSW election proves to be close, those electronic votes could prove crucial. But before electronic voting begins on Monday, people in NSW should be warned: there are many unanswered questions about the integrity and privacy of those votes. Late last year, the federal Joint Standing Committee on Electoral Matters recommended against electronic voting in federal elections. Its report concluded that:

Australia is not in a position to introduce any large-scale system of electronic voting in the near future without catastrophically compromising our electoral integrity.

So what are some of the potential threats? Software errors, hackers, misbehaving system administrators, malware or other unobservable problems could all potentially cause electronic votes to be misrecorded, modified or exposed.

Full Article: NSW's online gamble: why internet and phone voting is too risky.

Australia: NSW state election 2015: China may seek to hack electronic votes: report | The Canberra Times

If you thought Chinese intelligence agencies had more on their minds than the NSW election, you should think again, according to a security analysis that found our key trading partner may seek to disrupt the state’s democratic big day. A report commissioned by the NSW Electoral Commission warned cyber attacks could be waged against iVote, an electronic system that will allow eligible people to vote in the March 28 election using the internet or a phone. Up to 200,000 voters are expected to register. The consultants’ report, parts of which have been labelled “silly”, lumped groups such as al-Qaeda and the governments of China, North Korea and Iran with the home-grown “threat” of anti-coal and refugee activists. It claimed covert groups with a “broad spectrum of capability” may use “offensive actions” to influence the NSW election result, embarrass authorities or gain media attention.

Full Article: NSW state election 2015: China may seek to hack electronic votes: report.

Canada: Online voting still years away at the federal level | Northern Life

While it was a success in Greater Sudbury last October, online voting is still years away at the federal level, says Canada’s chief electoral officer. Marc Mayrand, who was in Sudbury on Sunday getting local election workers ready for this year’s federal election, said there are still too many issues with online voting for it to be done on a scale as big as a national vote. “The technology is there,” Mayrand said. “But there’s still issues around security (and) verification … Hackers are getting ever more sophisticated. And there are also concerns around transparency.” There’s also worry about switching from a system where election officials personally witness people voting, to one where voters use a PIN number to cast a ballot at home, or wherever they happen to be.

Full Article: Online voting still years away at the federal level.

Tajikistan: Dirty Tricks Discredit Opposition Ahead of Tajikistan’s “Vote” | Transitions Online

Less than a month before elections to Tajikistan’s rubber-stamp parliament, members of the embattled opposition say the authoritarian-minded government is resorting to new tactics and old – sex tapes and arrests – to discredit them. A flurry of allegations about alleged sexual impropriety among members of the Islamic Renaissance Party of Tajikistan (IRPT) has surfaced on social media and state television in recent months. Meanwhile, another opposition group has seen several members arrested on what supporters call spurious charges. For longtime observers, the harassment in the run-up to the 1 March parliamentary elections is an unsurprising attempt to discredit opponents of President Imomali Rakhmon. In its most recent report on Tajikistan, Freedom House ranked the country’s electoral process a 6.75 out of 7, with 7 representing the farthest a country can be from democracy. The Central Asian state has never held an election judged free and fair by independent observers, though it regularly goes through the motions of holding polls. Eight parties, several of them loyal to the president, will field candidates in the elections next month.

Full Article: Dirty Tricks Discredit Opposition Ahead of Tajikistan’s “Vote” - Transitions Online.

Illinois: Voters to be placed in nationwide database | The Southern

At a time when computer systems of major corporations have been under attack by hackers, Illinois is poised to join other states in a first-ever national database of voter registration information. But, despite concerns from scholars and others who monitor online security, state and national officials involved in the Electronic Registration Information Center program say every registered voter’s information will be safe. “We make a pretty good argument that we do more to protect the data than the states do themselves. We follow above normal security protocols,” said John Lindback the executive director of the Washington D.C.-based ERIC program. In one of his final acts as governor, former Illinois Gov. Pat Quinn signed legislation that put Illinois on track to join other states in the program. The law was just one piece of a larger overhaul of state election law that included changes to absentee voting and ballot counting.

Full Article: Illinois voters to be placed in nationwide database.

Poland: Hackers, IT problems disrupt Polish local elections | My Broadband

Poland’s president on Wednesday sought to calm a row over key weekend local and regional elections after computer glitches left the final tally up in the air. Exit polls in the Sunday vote, seen as a test for the centre-right government ahead of next year’s general election, showed voters handing a surprise victory to the conservative Law and Justice (PiS) opposition. But final results have not yet been released due to repeated crashes by the PKW national election commission’s servers. “We cannot allow for the integrity of the ballot to be called into question, namely through calls for the elections to be repeated. That’s complete madness,” said President Bronislaw Komorowski. He pledged after discussing the matter with justice officials that the votes would be counted “honestly”.

Full Article: Hackers, IT problems disrupt Polish local elections.

Spain: Catalonia ‘suffered cyber attack in independence vote’ | AFP

Catalan authorities suffered a massive cyberattack while the region was voting in an independence ballot outlawed by Madrid, their leader said on Tuesday. On polling day Sunday, the regional government’s computer systems received 60,000 times more hits than usual in “hard, organised cybernetic attacks”, said its president Artur Mas. “They tried to take down the Catalan government’s computer systems.” He was speaking to reporters in his first public address since Sunday’s polls, in which 2.3 million people turned out to vote on whether the rich region should break away from Spain.

Full Article: Catalonia 'suffered cyber attack in independence vote' - International - World - Ahram Online.

Alaska: Online Voting Leaves Cybersecurity Experts Worried | IEEE Spectrum

Some Americans who lined up at the ballot boxes on Tuesday may have wished for the convenience of online voting. But cybersecurity experts continue to argue that such systems would be vulnerable to vote tampering — warnings that did not stop Alaska from allowing voters to cast electronic ballots in a major election that had both a Senate seat and the governorship up for grabs. There was no evidence of tampering during the first use of Alaska’s online voting system in 2012. But cybersecurity experts have gone on the record as saying that hackers could easily compromise or alter online voting results without being detected. Alaska’s own election site includes a disclaimer about votes cast through online voting or by fax. “When returning the ballot through the secure online voting solution, your are voluntarily waiving your right to a secret ballot and are assuming the risk that a faulty transmission may occur,” according to Alaska’s Division of Elections website. Alaskans can vote online by filling out an electronic ballot through a web-based interface, saving the file as a PDF and then transmitting the ballot to their county elections department. But cybersecurity experts told The Intercept that Alaska’s online voting system — developed by Scytl, a Spanish-based company — could be compromised by hackers from anywhere in the world. One expert’s team spent just a day to figure out how to remotely change the results on supposedly locked PDFs without being detected.

Full Article: Alaska's Online Voting Leaves Cybersecurity Experts Worried - IEEE Spectrum.

Alaska: Hackers Could Decide Who Controls Congress Thanks to Alaska’s Terrible Internet Ballots | The Intercept

When Alaska voters go to the polls tomorrow to help decide whether the U.S. Senate will remain in Democratic control, thousands will do so electronically, using Alaska’s first-in-the-nation internet voting system. And according to the internet security experts, including the former top cybersecurity official for the Department of Homeland Security, that system is a security nightmare that threatens to put control of the U.S. Congress in the hands of foreign or domestic hackers. Any registered Alaska voter can obtain an electronic ballot, mark it on their computers using a web-based interface, save the ballot as a PDF, and return it to their county elections department through what the state calls “a dedicated secure data center behind a layer of redundant firewalls under constant physical and application monitoring to ensure the security of the system, voter privacy, and election integrity.” That sounds great, but even the state acknowledges in an online disclaimer that things could go awry, warning that “when returning the ballot through the secure online voting solution, your are voluntarily waving [sic] your right to a secret ballot and are assuming the risk that a faulty transmission may occur.”

Full Article: Hackers Could Decide Who Controls Congress Thanks to Alaska's Terrible Internet Ballots - The Intercept.

Canada: Rise of e-voting is inevitable, as is risk of hacking | The Globe and Mail

It took just one typo in one line of code to elect a malevolent computer program mayor of Washington, D.C. In the fall of 2010, the District staged a mock election to test out a new online voting system, and invited hackers to check its security. A team from the University of Michigan took them up on the offer. They quickly found a flaw in the code and broke in. They changed every vote. Master Control Program, the self-aware software that attempts to take over the world in the film Tron, was a runaway write-in candidate for mayor. Skynet, the system that runs a robot army in the Terminator franchise, was elected to Congress. And Bender, the hard-drinking android in the cartoon Futurama, became a member of the school board. Incredibly, it took D.C. officials two days to realize they had been hacked. …The use of Internet voting is exploding. Nearly 100 Ontario municipalities are using it in Monday’s election – including one that will even ditch paper ballots entirely. Proponents contend it is not only more convenient, but more equitable, giving people who cannot get to physical polling stations the same opportunity to vote as everyone else. But the expansion of e-voting has also caused consternation for some security researchers and municipal officials. They worry that entrusting this pillar of democracy to computers is too great a risk, given the potential for software problems – or hackers determined to put beer-swilling robots on the school board. 

Full Article: Rise of e-voting is inevitable, as is risk of hacking - The Globe and Mail.