Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
United States Democrats Government Republicans Security

Bipartisan US Election Group Issues Security Tips (reuters.com) 103

An anonymous reader quotes Reuters: A bipartisan Harvard University project aimed at protecting elections from hacking and propaganda will release its first set of recommendations today on how U.S. elections can be defended from hacking attacks. The 27-page guidebook calls for campaign leaders to emphasize security from the start and insist on practices such as two-factor authentication for access to email and documents and fully encrypted messaging via services including Signal and Wickr. The guidelines are intended to reduce risks in low-budget local races as well as the high-stakes Congressional midterm contests next year.

Though most of the suggestions cost little or nothing to implement and will strike security professionals as common sense, notorious attacks including the leak of the emails of Hillary Clinton's campaign chair, John Podesta, have succeeded because basic security practices were not followed... "We heard from campaigns that there is nothing like this that exists," said Debora Plunkett, a 31-year veteran of the National Security Agency who joined the Belfer Center this year. "We had security experts who understood security and election experts who understood campaigns, and both sides were eager to learn how the other part worked."

The group includes "top security experts" from both Google and Facebook.
This discussion has been archived. No new comments can be posted.

Bipartisan US Election Group Issues Security Tips

Comments Filter:
  • by Anonymous Coward

    notorious attacks including the leak of the emails of Hillary Clinton's campaign chair, John Podesta

    Someone who wants to be one of the most powerful persons in the world falling for a simple phishing attempt is now a "notorious attack".

    If someone on your company network did that, you'd call him a foolish idiot and take away his computer.

    • *And* you'd go after the criminals that did it.

      • He's dead, so done.

        You approve of assassinating whistle blowers? Think fixing the primary was 'just fine'?

        • Comment removed based on user account deletion
          • Just ignore what the conduit for the information said...it disagrees with your chosen narrative.

          • Donna Brazile is claiming that after the murder of Seth Rich she was so afraid of assassins that she kept her blinds closed. That seems like a strange reaction to a random mugging gone wrong. Hmmm...So you're one of those weirdo coincidence theorists, huh?ï
          • by rtb61 ( 674572 )

            I look at this story and see only one thing, a corrupt bipartisan effort to digitally corrupt upcoming elections behind the lies of securing it and surprise, surprise with the help of killing net neutrality, the 99% are all trolls to be censored and full of nothing but lies and propaganda and the 1% are descended from Gods and are to be believed in everything they say. They are still carrying on with this shit with zero public evidence, they are corrupt and fucking lying and about to try to get a whole lot

      • *And* you'd go after the criminals that did it.

        They did. They shot him dead.

    • by Z00L00K ( 682162 )

      To fix the election you need to fix the election system.

  • by Anonymous Coward on Saturday November 25, 2017 @10:52AM (#55620177)

    Between the meandering redistricting and Fox News [businessinsider.com] - that goes out of its way to misinform their viewers - who needs foreign hacking?

    And an electorate that refuses to actually learn the issues but instead listens to only what it wants to hear, we are just headed towards an "Idiocracy".

    The election of a reality TV show host is the start. Trump just shows how stupid we've become as a society.

    Dwayne Elizondo Mountain Dew Herbert Camacho is coming.

    • Dwayne Elizondo Mountain Dew Herbert Camacho is coming.

      I would vote for him over Trump. Ironically, we'd still have a more qualified president.

      Now hand me a beer...and get yourself one. Woooo!!!!

    • by DNS-and-BIND ( 461968 ) on Saturday November 25, 2017 @12:01PM (#55620417) Homepage

      Media shows why it's so mistrusted after falsified Trump fish-feeding 'story' [thehill.com]. Here are several credible mainstream media outlets and Jezebel reporting the story.

      Bloomberg's White House reporter: Trump and Abe spooning fish food into a pond. (Toward the end, @potus decided to just dump the whole box in for the fish)

      New York Magazine: Trump Under Fire for Improper Fish-Feeding Technique

      Jezebel: Big stupid baby dumps a load of fish food on Japanese koi pond http://bit.ly/2zAyCD6 [bit.ly]

      CNBC's Christina Wilkie (in a now-deleted tweet): "Trump and Japanese PM Shinzo Abe were scheduled to feed koi spoonfuls of food. Until Trump poured his entire box of fish food into the pond."

      New York Daily News: Photo of Donald Trump dumping fish food into koi pond during Japan visit draws Obama comparisons

      The Guardian: "White House reporters, keen perhaps to pick up on a Trump gaffe, captured the moment when he upended his box on their smartphones and tweeted evidence of his questionable grasp of fish keeping. Some speculated that a poor palace employee would be dispatched to the scene to clean up the mess as soon as the two leaders disappeared inside."

      CNN: Trump feeds fish, winds up pouring entire box of food into koi pond

      The media was not only blatantly overt, but intentional in its deception. The greatest danger to our nation comes from a free press that chooses sides in the political process. And that has openly and unapologetically taken place.

      • It’s not just the gross distortion. It’s also the choice of topic. Even if Trump had, in fact, blundered, focussing a news article on that entirely unimportant instant of the visit is quite revealing about the state of the press in this country.

        Not that it’s the first time, of course. I will never forget the 1992 press conference in Japan, shortly after Bush (H.W.) fell sick during dinner. It was eerie to watch American and Japanese journalists taking turns, asking questions:
        10 Jap

      • Right wing media - *chooses to ignore/misrepresent attempts by foreign powers to influence American elections, possibly colluding with associates of the candidate in said election*

        Left wing media - *misrepresents a story about feeding fish, making the president look silly*

        Slashdot: "Left wing media is a threat to democracy!!"

        • Media deliberately lying in order to serve a political point of view is indeed a threat to democracy. Our entire system depends on the media to report, not take sides. It is devastating that the media is on the Democrat side and against the side of the people. It's far more of a threat than blaming the dirty foreigners for all our troubles.
  • by RedK ( 112790 ) on Saturday November 25, 2017 @10:53AM (#55620179)
    So which was it ? Because it seems to be a DNC thing to me. Which makes sense considering the DNC internal leak and Podesta phishing, wouldn't want your voters to know you're colluding with CNN for debate questions and rigging your primary.
  • by DontBeAMoran ( 4843879 ) on Saturday November 25, 2017 @11:20AM (#55620263)

    Look at how Canadian elections are handled. You can't hack paper ballots via viruses or computer networks.

    • Oh, pff. The PRI in Mexico rigged elections for 80 years using nothing but paper ballots.
    • This isn't about how to secure the voting machines. Perhaps you should read the summary at least?
      • We all agreed years ago that reading the article was too much work. And now you're telling me we can't post anything without reading the summary?

        I didn't sign up for this!

  • If they don't recommend photo ID for voters the whole thing is worthless. There is voter fraud on both sides of the political spectrum and the arguments against voter ID are actually quite racist.

    • Voter fraud doesn't exist and has never existed in the way described. Stuffing meatbags into polling booths is the least effective, most costly and the most easily detected form of electoral fraud. Might as well be defending democracy from unicorns.
      • Re:Identification (Score:5, Informative)

        by DNS-and-BIND ( 461968 ) on Saturday November 25, 2017 @11:38AM (#55620337) Homepage
        The Democrats have a long history of doing precisely that.

        "We loaded up all 13 of our buses with maybe 70 people on each bus, and we had those buses rolling nonstop up and down the coast into San Francisco the day before the election," recalled Jim Jones Jr. "We had people going from precinct to precinct to vote. So could we have been the force that tipped the election to Moscone? Absolutely! Slam dunk. He only won by 4,000 votes. I'm sorry, but I've got to give my father credit for that. I think he did the right thing. George Moscone was a good person; he wanted what was best for San Francisco."

        Yes, that Jim Jones. Of Jonestown. The one we got the phrase "drink the Kool-aid" from (even though it was actually Fla-Vor-Aid). Full confession viewable at: http://www.salon.com/2012/05/0... [salon.com]

        • And by long time, you mean one example that would be incredibly easy to spot and stop, had anyone in SF been sober/competent at the time? This plan would be thwarted by voter rolls long before voter ID would have been needed.
          • Voter rolls are setup to make it easy to identify registered voters that haven't voted in multiple elections.

            • I'm not sure exactly what your point is. Do you care to clarify what you mean?
              • 'The plan' has not been thwarted by voter rolls. Now or anytime in the last 100 years. In fact, voter rolls are just lists of registered nonvoters to be used in 'the plan'.

                • Okay, I think I could vaguely agree with you. But you haven't explained what that has to do with voter ID. If I control the polling place, voter ID will not stop me from committing electoral fraud.

                  But voter rolls, properly administered and checked for duplicates (in an intelligent way, like with a hash of SSN+Name), could prevent voters from voting in multiple districts, which is the only type of meatbag fraud that has occurred in any significant fashion.

                  Voter ID, btw, does nothing to prevent this. I

      • by Anonymous Coward

        Voter fraud doesn't exist and has never existed in the way described. Stuffing meatbags into polling booths is the least effective, most costly and the most easily detected form of electoral fraud. Might as well be defending democracy from unicorns.

        BULLSHIT

        Pure unadulterated mendacious BULLSHIT

        1,088 cases of provable voter fraud [heritage.org].

        And that wonderful supporter of women? Al Franken?

        Al Franken May Have Won His Senate Seat Through Voter Fraud [usnews.com]

        When 1,099 felons vote in race won by 312 ballots [washingtonexaminer.com]

        Oh, yeah. "Mendacious" means you're a lying sack of shit.

        • You should try reading your own source, dipshit. "In the way described" is voter impersonation, and your own source [heritage.org] puts that at a whopping 13 cases, mostly impersonating family members.
    • Throw the baby out with the bathwater much?
  • More tips: (Score:4, Insightful)

    by king neckbeard ( 1801738 ) on Saturday November 25, 2017 @11:32AM (#55620311)

    1. "Stop breaking the law, asshole!"
    2. Instant Runoff Voting
    3. Blockchains
    4. Purging instead of promoting the worst people within a party
    5. Hiring security professionals based on qualification, not on their connections to your bribery machines.

    But I suspect that none of these will be implemented because they aren't interested in secure elections, just holding power.

  • that the security issues in our election system are intentional, so any 'tips' are really just pissing in the wind. Our elections are rigged, I'll leave it as an exercise for the reader on who and why. But ask yourself who's running our government and who as been for most of the last 30 years.
  • Step 1: Voter ID (Score:5, Informative)

    by DNS-and-BIND ( 461968 ) on Saturday November 25, 2017 @11:50AM (#55620383) Homepage

    If those that demand no Voter Identification were concerned for the poor, they'd facilitate the acquisition of ID, not seek ways to avoid it. After all, what's the best job you ever had where you didn't need to identify yourself? I'm just confused how anyone buys beer or cold medicine without an ID. WTF?

    Only ONE party disapproves of measures to make our elections secure. Voter ID is NOT a function of America's "racist past" EVERY COUNTRY THAT'S not a dictatorship has some form of assuring that the person voting is entitled to. EVERY COUNTRY.

    California liberals allege voter fraud, demand voter ID. [townhall.com] LOL. Democrats think voter identification laws are important for their party elections, but think they're not important when it comes to our elections.

    Maxine Waters, an advocate against voter ID, requires an ID to attend her town hall meeting. [theamericanmirror.com]

    Hillary Clinton's Book Tour. Valid Photo ID Required. [kxan.com] Wait, isn't this suppressing minority turnout? Why's it racist when we do it in our super-important elections, but Hillary does it for her book-signing and suddenly it's not racist? Someone want to take a stab at this one?

    • Yes, there should be efforts on making IDs more accessible. But until that happens, Voter ID laws are light racist intimidation. And just for the record, Hillary Clinton should be shot into the sun, along with most of her cronies.
    • Easier Solution (Score:2, Insightful)

      by Anonymous Coward

      Just disallow the GOP from winning elections. After all, none of this was ANY concern before Trump was elected, in fact Obama had stated numerous times that the election couldn't be hacked, that it was fair, that voter id wouldn't help, there is absolutely nothing wrong with how votes happen, etc.

      This week we are being told that even if Judge Moore WINS his election in Alabama, he will not be seated as a Senator because the Senate does not allow sexual molesters to be members. He was never convicted nor a

    • by doom ( 14564 )

      Only ONE party disapproves of measures to make our elections secure. Voter ID is NOT a function of America's "racist past"

      Every attempt at finding examples of the fraud that voter ID is supposed to prevent have come up empty. Question: why would someone push a fix for a non-existent problem? Answer: they've got a different agenda.

      The existing system in much of the US is you show up at the polls, tell 'em who you are, and sign off on the register. If you think about it for a minute, you can see how dif

      • Look at all the other countries laughing their asses off at us. Quote:

        This, as a Spaniard it always amuses me how can people vote without an official ID and how try to enforce that is considered racist.

        Sorry guys if it sounds rude, but it makes your Election look as the election from some African cheap dictatorship. In here (Spain) you have to bring a national Country-provided ID, national driver's license or passport. All of them have a picture on them to easily figure out if you're that person or not.

        Y

  • Their political partisanship and profit motive should call into question any contributions they make.
  • As long as computers are involved in the tabulation or transmission of election results the concept of secure elections is laughable.
  • Someone who has not spoken down to and lectured large parts of the USA would be a good start.
    A person who can talk and keep talking to most average people in their state and all over the USA.
    Not have a political party machine that induces US campaign staff and party workers to walk out with lots of internal party documents and give them to the US media.

    Support charming, charismatic, honorable, ethical political leadership.
    The Amercian voting public will find out what their political leadership like to
  • A few things bother me in the recommendations (not to say that they are not sensible, just that the need for them annoys me):

    - Policy of email deletion, etc. I know I’m naïve (and perhaps unreasonable), but I feel that political campaigns should have nothing to hide. It would be more sensible (I feel) to train people to be fair, courteous, clear, unambiguous, etc., rather than training them to keep their dirty laundry secure or promptly eliminated. Even when they mention “the theft

  • by doom ( 14564 ) <doom@kzsu.stanford.edu> on Saturday November 25, 2017 @08:11PM (#55622579) Homepage Journal

    https://www.belfercenter.org/c... [belfercenter.org]

    2. Use the cloud: A big, commercial cloud service will be much more secure than anything you can set up. Use a cloud-based office suite like GSuite or Microsoft365 that will provide all your basic office functions and a safe place to store information.

    That's completely ridiculous, short-sighted crap. We're all supposed to trust our entire voting system to a tiny handful of companies? "We're completely invulnerable to any sort of subversion, because Technology. Trust us!"

    • https://www.belfercenter.org/c... [belfercenter.org]

      2. Use the cloud: A big, commercial cloud service will be much more secure than anything you can set up. Use a cloud-based office suite like GSuite or Microsoft365 that will provide all your basic office functions and a safe place to store information.

      That's completely ridiculous, short-sighted crap. We're all supposed to trust our entire voting system to a tiny handful of companies?

      OTOH, said companies actually have a really good security track record, in spite of being among the most attractive targets on the planet. When was the last time someone compromised GMail?

      • by doom ( 14564 )

        When was the last time someone compromised GMail?

        You mean besides google?

        We don't know.

        But what the fuck, let's entrust the democratic process for the entire United States to google. What could go wrong?

        • When was the last time someone compromised GMail?

          You mean besides google?

          What does that even mean?

          We don't know.

          But what the fuck, let's entrust the democratic process for the entire United States to google. What could go wrong?

          Oversight would be easily arranged. The FTC already does regular reviews, per the requirements of the Buzz consent decree.

          And in any case the question isn't whether or not some company would be a perfect choice, it's whether it would be a better choice than what parties have been doing. And the answer is clearly that it would be better than what the DNC has been doing.

          • by doom ( 14564 )

            When you entrust your information to google, google gets to know about it. (Yeah, I know, encryption. Like anyone encrypts their gmail.) Google is not shy about using your information. Strictly for advertising purposes, you understand. At present. We hope.

            Further, anyone who has placed a plant inside of google-- or subverted someone already there-- has the potential to know about it.

  • From "propaganda"? WTF does that mean, in this context?

    Foreign propaganda rather than domestic propaganda, I would assume. Maybe I'll RTFA to confirm/correct that.

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...