<div dir="ltr"><br><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Arthur Keller</b> <span dir="ltr"><<a href="mailto:ark@soe.ucsc.edu">ark@soe.ucsc.edu</a>></span><br>Date: Thu, Jul 28, 2016 at 7:02 AM<br>Subject: Re: [VVSG-election] [VVSG-interoperability] By November, Russian hackers could target voting machines<br>To: Paul Lux <<a href="mailto:plux@co.okaloosa.fl.us">plux@co.okaloosa.fl.us</a>><br>Cc: vvsg-election <<a href="mailto:vvsg-election@nist.gov">vvsg-election@nist.gov</a>>, vvsg-pre-election <<a href="mailto:vvsg-pre-election@nist.gov">vvsg-pre-election@nist.gov</a>>, vvsg-post-election <<a href="mailto:vvsg-post-election@nist.gov">vvsg-post-election@nist.gov</a>>, vvsg-interoperability <<a href="mailto:vvsg-interoperability@nist.gov">vvsg-interoperability@nist.gov</a>><br><br><br><div dir="auto"><div></div><div>Thanks, Paul. Stuxnet crossed air gaps. Blank CDs burned each time with fresh data that goes one way is better but not foolproof. Hacks can be planted earlier and be programmed to erase their trace after Election Day. </div><div><br></div><div>Best regards,</div><div>Arthur </div><div><br>On Jul 28, 2016, at 6:51 AM, Paul Lux <<a href="mailto:plux@co.okaloosa.fl.us" target="_blank">plux@co.okaloosa.fl.us</a>> wrote:<br><br></div><blockquote type="cite"><div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Florida “fixed” this by requiring an air-gap (sneakernet) between tabulation systems and election reporting system. All voting is by marksense ballot, with
the rare exception of those in the disability community who must vote using a touch screen machine (and then only in jurisdictions that aren’t using AutoMARKs).<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Not 100% foolproof, but certainly a better-mitigated solution than many all-electroninc voting jurisdictions.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<div>
<p class="MsoNormal"><b><span style="font-family:"Myriad Pro Cond";color:#1f497d">Paul Lux, CERA<u></u><u></u></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#990000">Supervisor of Elections<u></u><u></u></span></b></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">
<image001.jpg><u></u><u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:10.5pt;font-family:"Myriad Pro Cond";color:#002060">Okaloosa County Supervisor of Elections</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u><u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060">Election Headquarters (Crestview)</span></b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060">:
<b> </b></span><b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#943634"><a href="tel:850.689.5600" value="+18506895600" target="_blank">850.689.5600</a></span></b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060"><u></u><u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060">Branch Office (Fort Walton Beach):</span></b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060">
</span><b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#943634"><a href="tel:850.651.7272" value="+18506517272" target="_blank">850.651.7272</a></span></b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060"><u></u><u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060">Email</span></b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060">: <a href="mailto:plux@co.okaloosa.fl.us" target="_blank">plux@co.okaloosa.fl.us</a><u></u><u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060">Visit us online at</span></b><span style="font-size:10.0pt;font-family:"Myriad Pro Cond";color:#002060"> <a href="http://www.govote-okaloosa.com" target="_blank">www.govote-okaloosa.com</a></span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u><u></u></span></p>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<div>
<div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif"">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif""> <a href="mailto:vvsg-interoperability-bounces@nist.gov" target="_blank">vvsg-interoperability-bounces@nist.gov</a> [<a href="mailto:vvsg-interoperability-bounces@nist.gov" target="_blank">mailto:vvsg-interoperability-bounces@nist.gov</a>]
<b>On Behalf Of </b>Arthur Keller<br>
<b>Sent:</b> Thursday, July 28, 2016 8:23 AM<br>
<b>To:</b> Deutsch, Herb<br>
<b>Cc:</b> vvsg-election; vvsg-pre-election; vvsg-post-election; vvsg-interoperability<br>
<b>Subject:</b> Re: [VVSG-interoperability] By November, Russian hackers could target voting machines<u></u><u></u></span></p>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">But vote tabulation and especially roll up is often connected to the Internet. And with the lack of effective audits in more jurisdictions, hacking the Internet-connected vote tabulation systems would do the trick. <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">In particular, if the vote tabulation system is connected to the web reporting system, then that's an avenue for attack. <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">There's a difference between auditable and actually audited. If the results are sufficiently skewed on election night, post election audits may not matter anyway. They didn't even matter in Florida in 2000 where the election was close. <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Could the programming of electronic voting machines be hacked in a Stuxnet type attack while they are loaded with the election data file?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">If China can hack Google, do we really believe there's no way Russia can't hack enough counties or states to change the outcome of the presidential election?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Best regards,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Arthur<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
On Jul 28, 2016, at 6:07 AM, Deutsch, Herb <<a href="mailto:hdeutsch@essvote.com" target="_blank">hdeutsch@essvote.com</a>> wrote:<u></u><u></u></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Voting machines are not attached to the internet. You can’t hack them without physical control and that is auditable.</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<div>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a href="mailto:vvsg-interoperability-bounces@nist.gov" target="_blank">vvsg-interoperability-bounces@nist.gov</a> [<a href="mailto:vvsg-interoperability-bounces@nist.gov" target="_blank">mailto:vvsg-interoperability-bounces@nist.gov</a>]
<b>On Behalf Of </b>Arthur Keller<br>
<b>Sent:</b> Thursday, July 28, 2016 12:30 AM<br>
<b>To:</b> John Wack<br>
<b>Cc:</b> vvsg-election; vvsg-pre-election; vvsg-post-election; vvsg-interoperability<br>
<b>Subject:</b> [VVSG-interoperability] By November, Russian hackers could target voting machines</span><u></u><u></u></p>
</div>
</div>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">What should the election community do about this threat?<u></u><u></u></p>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Best regards,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Arthur<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><a href="https://www.washingtonpost.com/posteverything/wp/2016/07/27/by-november-russian-hackers-could-target-voting-machines/" target="_blank">https://www.washingtonpost.com/posteverything/wp/2016/07/27/by-november-russian-hackers-could-target-voting-machines/</a><u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<h1>By November, Russian hackers could target voting machines<u></u><u></u></h1>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<h2>If Russia really is responsible, there's no reason political interference would end with the DNC emails.<u></u><u></u></h2>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="border:solid windowtext 1.0pt;padding:0in"><~WRD000.jpg></span><u></u><u></u></p>
<div>
<p class="MsoNormal"><span>By Bruce Schneier</span> <span>
July 27 at 3:10 PM</span> <u></u><u></u></p>
<div>
<p class="MsoNormal"><a href="https://www.schneier.com" target="_blank">Bruce Schneier</a> is a security technologist and a lecturer at the Kennedy School of Government at Harvard University. His latest book is
<a href="https://www.schneier.com/book-dg.html" target="_blank"><i>Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World</i></a>.<u></u><u></u></p>
</div>
</div>
</div>
<p class="MsoNormal">Russia was behind the hacks into the Democratic National Committee’s computer network that led to the release of thousands of internal emails just before the party’s convention
began, U.S. intelligence agencies have <a href="http://www.nytimes.com/2016/07/27/world/europe/russia-dnc-hack-emails.html" target="_blank">
reportedly</a> concluded.<u></u><u></u></p>
<p class="MsoNormal">The FBI is investigating. WikiLeaks
<a href="http://www.cnn.com/2016/07/26/politics/julian-assange-dnc-email-leak-hack/" target="_blank">
promises</a> there is more data to come. The <a href="http://www.defenseone.com/technology/2016/07/how-putin-weaponized-wikileaks-influence-election-american-president/130163/" target="_blank">
political nature</a> of this cyberattack means that Democrats and Republicans are trying to spin this as much as possible. Even so, we have to accept that someone is attacking our nation’s computer systems in an apparent attempt to influence a presidential
election. This kind of cyberattack targets the very core of our democratic process. And it points to the possibility of an even worse problem in November — that our election systems and our voting machines could be vulnerable to a similar attack.<u></u><u></u></p>
<p class="MsoNormal">If the intelligence community has indeed ascertained that Russia is to blame, our government needs to decide what to do in response. This is difficult because the attacks are politically
partisan, but it <a href="http://arstechnica.com/security/2016/06/guest-editorial-the-dnc-hack-and-dump-is-what-cyberwar-looks-like/" target="_blank">is</a> <a href="https://www.balloon-juice.com/2016/07/26/we-are-at-cyber-war-so-what-exactly-do-we-do-about-it/" target="_blank">essential</a>. If
foreign governments learn that they can influence our elections with impunity, this opens the door for <a href="http://www.huffingtonpost.com/michael-gregg/top-six-ways-hackers-coul_b_7832730.html" target="_blank">future manipulations</a>, both document thefts and dumps like
this one that we see and more subtle manipulations that we don’t see.<u></u><u></u></p>
<p class="MsoNormal">Retaliation is politically fraught and could have serious consequences, but this is an attack against our democracy. We need to confront Russian President Vladimir Putin in some
way — politically, economically or in cyberspace — and make it clear that we will not tolerate this kind of interference by any government. Regardless of your political leanings this time, there’s no guarantee the next country that tries to manipulate our
elections will share your preferred candidates.<u></u><u></u></p>
<p class="MsoNormal">Even more important, we need to secure our election systems before autumn. If Putin’s government has already used a cyberattack to attempt to <a href="http://talkingpointsmemo.com/edblog/trump-putin-yes-it-s-really-a-thing" target="_blank">help Trump
win</a>, there’s no reason to believe he won’t do it again — especially now that
<a href="https://www.washingtonpost.com/politics/democratic-national-convention-obama-biden-kaine-set-to-tout-clinton-as-commander-in-chief/2016/07/27/afc57884-53e8-11e6-bbf5-957ad17b4385_story.html?hpid=hp_hp-top-table-main_trump-1230pm%3Ahomepage%2Fstory" target="_blank">
Trump is inviting the “help.”</a><u></u><u></u></p>
<p class="MsoNormal">Over the years, more and more states have moved to electronic voting machines and have flirted with Internet voting. These systems <a href="http://arstechnica.com/tech-policy/2015/04/meet-the-e-voting-machine-so-easy-to-hack-it-will-take-your-breath-away/" target="_blank">are</a> <a href="https://www.statslife.org.uk/significance/politics/2288-how-trustworthy-are-electronic-voting-systems-in-the-us" target="_blank">insecure</a> <a href="https://www.salon.com/2011/09/27/votinghack/" target="_blank">and</a> <a href="https://www.theguardian.com/us-news/2015/apr/15/virginia-hacking-voting-machines-security" target="_blank">vulnerable</a> <a href="http://whowhatwhy.org/2015/08/31/foreigners-could-hack-us-elections-experts-say/" target="_blank">to</a> <a href="http://www.popsci.com/gadgets/article/2012-11/how-i-hacked-electronic-voting-machine" target="_blank">attack</a>.<u></u><u></u></p>
<p><i>[<a href="https://www.washingtonpost.com/posteverything/wp/2016/03/29/your-iphone-just-got-a-lot-less-secure-and-the-fbi-is-to-blame/" target="_blank">Your iPhone just got less secure. Blame the FBI.</a>]
</i><u></u><u></u></p>
<p class="MsoNormal">But while computer security experts <a href="https://www.schneier.com/blog/archives/2004/11/the_problem_wit.html" target="_blank">like me</a> have <a href="https://www.giac.org/paper/gsec/3687/inherent-problems-electronic-voting-systems/105962" target="_blank">sounded</a> <a href="http://homepage.cs.uiowa.edu/%7Ejones/voting/congress.html" target="_blank">the</a> <a href="https://cs.stanford.edu/people/eroberts/cs181/projects/2006-07/electronic-voting/index_files/page0004.html" target="_blank">alarm</a> <a href="https://citp.princeton.edu/research/voting/" target="_blank">for</a> many
years, states have largely ignored the threat, and the machine manufacturers have thrown up enough obfuscating babble that election officials are largely mollified.<u></u><u></u></p>
<p class="MsoNormal">We <a href="https://scontent.xx.fbcdn.net/hphotos-xlp1/v/t1.0-9/12115815_699872940152206_2266030088084252627_n.png?oh=2a4e5e944a5feadb7e133dd8c57be376&oe=57AD8C92" target="_blank">no longer</a> <a href="https://xkcd.com/463/" target="_blank">have
time</a> for that. We must ignore the machine manufacturers’ <a href="https://www.salon.com/2006/09/13/diebold_3/" target="_blank">spurious claims</a> of security, create tiger teams to test the machines’ and systems’ resistance to attack, drastically increase their cyber-defenses
and take them offline if we can’t guarantee their security online.<u></u><u></u></p>
<p class="MsoNormal">Longer term, we need to return to election systems that are secure from manipulation. This means voting machines with <a href="http://votingmachines.procon.org/view.answers.php?questionID=000291" target="_blank">voter-verified paper
audit trails</a>, and <a href="http://engineering.jhu.edu/magazine/2016/06/internet-voting-nonstarter/" target="_blank">
no</a> <a href="https://www.verifiedvoting.org/resources/internet-voting/vote-online/" target="_blank">Internet</a> <a href="http://www.scientificamerican.com/article.cfm?id=2012-presidential-election-electronic-voting" target="_blank">voting</a>. I know it’s slower and less convenient to
stick to the old-fashioned way, but the security risks are simply too great.<u></u><u></u></p>
<p class="MsoNormal">There are other ways to attack our election system on the Internet besides hacking voting machines or changing vote tallies: <a href="http://thehill.com/policy/cybersecurity/278231-election-fraud-feared-as-hackers-target-voter-records" target="_blank">deleting voter
records</a>, hijacking candidate or party websites, targeting and intimidating campaign workers or donors. There have already been multiple instances of <a href="https://www.schneier.com/blog/archives/2015/11/the_rise_of_pol.html" target="_blank">political doxing</a> — publishing
personal information and documents about a person or organization — and we could easily see more of it in this election cycle. We need to take these risks much more seriously than before.<u></u><u></u></p>
<p class="MsoNormal">Government interference with foreign elections isn’t new, and in fact, that’s something the United States itself has <a href="https://www.lawfareblog.com/what-old-and-new-and-scary-russias-probable-dnc-hack" target="_blank">repeatedly done</a> in
recent history. Using cyberattacks to influence elections is newer but has been done before, too — most notably in <a href="http://www.bloomberg.com/features/2016-how-to-hack-an-election/" target="_blank">Latin America</a>. Hacking of voting machines isn’t new, either. But
what is new is a foreign government interfering with a U.S. national election on a large scale. Our democracy cannot tolerate it, and we as citizens cannot accept it.<u></u><u></u></p>
<p><i>[<a href="https://www.washingtonpost.com/posteverything/wp/2016/07/26/why-would-russia-interfere-in-the-u-s-election-because-it-usually-works/" target="_blank">Why would Russia try to hack the U.S. election? Because it might work.</a>]
</i><u></u><u></u></p>
<p class="MsoNormal">Last April, the Obama administration <a href="https://www.whitehouse.gov/blog/2015/04/01/our-latest-tool-combat-cyber-attacks-what-you-need-know" target="_blank">issued</a> <a href="https://www.whitehouse.gov/blog/2015/04/01/expanding-our-ability-combat-cyber-threats" target="_blank">an</a> <a href="https://medium.com/the-white-house/a-new-tool-against-cyber-threats-1a30c188bc4#.jgbalohyi" target="_blank">executive</a> <a href="https://www.whitehouse.gov/the-press-office/2015/04/01/executive-order-blocking-property-certain-persons-engaging-significant-m" target="_blank">order</a> outlining
how we as a nation respond to cyberattacks against our critical infrastructure. While our election technology was not explicitly mentioned, our political process is certainly critical. And while they’re a hodgepodge of separate state-run systems, together
their security affects every one of us. After everyone has voted, it is essential that both sides believe the election was fair and the results accurate. Otherwise, the election has no legitimacy.<u></u><u></u></p>
<p class="MsoNormal">Election security is now a national security issue; federal officials need to take the lead, and they need to do it quickly.<u></u><u></u></p>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
</div></blockquote></div></div><br></div>