by Dave Moore, 1-9-2020
What is this delusional insistence by many political leaders that everything be done using some type of Internet-connected technology? Even worse, why do people insist on being able to do everything, including banking, bill paying and unlocking doors, using the least safe device they own — their phones?
Noone should have been shocked that the Iowa Democratic Party’s February 4 plans to use a cheap phone app to report the results of the party’s presidential primary results using the Internet failed and crashed miserably. Many days later, the election’s results have still not been fully tallied, and may never be 100% complete.
The app, cobbled together by party insiders running a recently-formed company named “Shadow, Inc.,” had never been properly tested before being deployed in Iowa. Most election workers received no training in how to use the app. Those trying to download, install and use the app were met with constant warnings and cryptic error messages. Oftentimes the app would simply freeze up and crash. In the end, software bugs caused the app to report incomplete or altered voting results.
Even though state party officials said they had “reviewed” security recommendations and protocols made by the Democratic National Committee’s own cybersecurity team, they were under no requirement or obligation to follow them, and, prior to the election, actually pooh-poohed the idea there could be problems.
Do you remember the news stories from October 21, 2016, describing how a large portion of the Internet came crashing down because of hacker attacks? I do. Did you also read the story from 20 days earlier, October 1, 2016, that the Department of Homeland Security (DHS) and the FBI reported sophisticated hackers were attacking numerous state voting systems, with the national elections right around the corner?
Perhaps you also remember the story from late September 2016 that numerous states were asking DHS for help in securing their systems against hack attacks. The national elections were less than two months away, and states were just then getting around to taking hacking threats seriously.
Even with highly-authoritative reports like “Hacking Elections is Easy! Part 1: Tactics, Techniques, and Procedures,” being released, concluding that “electronic voting systems are nothing but bare-bone, decades old computer systems that lack even rudimentary endpoint security,” many states have turned a deaf ear and blind eye to the realities of computer and Internet security.
That voters across the nation are being conned into thinking their electronically-cast votes are secure is a scam of colossal proportions. Worse still is the idea that public officials should be elected by people voting on the Internet using home computers, iPads and cell phones. The potential for vote fraud is mind-boggling, as entire elections can be hijacked with the click of a mouse.
Here we are years later and things still have not significantly improved. Many of the latest electronic voting systems have no way of being independently audited, and the system manufacturers are not willing to reveal to election board officials how their computerized voting machines actually work. If the integrity of an e-voting machine is ever brought into question, well, too bad, you’ll just have to take their word for it.
Security experts have demonstrated time and again the countless ways that e-voting systems can be easily hacked and compromised; the potential for fraud is stunning, to say the least. Election board officials don’t know how e-voting machines are programmed, but guess who does know: the computer hacking underground, and their skills are for sale.
With the reality being that e-voting is a fundamentally flawed idea, it seems there could be no debate that it should be fixed or scrapped. Yet, for some inexplicable reason, government officials, business big-shots and political hacks keep supporting this bad idea, and seem determined to push it through to the ugly end, no matter what the cost. It makes me wonder, “Who are these people? Where did they come from? How did they get to be in charge? Why is it so hot around here and why are we all sitting in this handbasket?”
Dave Moore has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd., he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or www.internetsafetygroup.com