Aleksander Essex Profile picture
Jun 11, 2020 11 tweets 3 min read Read on X
I spoke to the House of Commons (@HoCCommittees) Procedures Committee (#PROC) today about how to do remote legislative voting in a safe, cyber-conscious way.
parlvu.parl.gc.ca/Harmony/en/Pow…
Remote legislative voting is a way easier technical problem than online voting for general elections. Votes are a matter of public record, which means you can go back and check what was recorded, which means you can actually detect when things go wrong.
But it's not enough to be _able_ to check. You have to actually do it, and you need to have procedures in place so you know what to do when things go wrong.
This may seem like an obvious statement. It's actually not. It should be, but experience has demonstrated time and again a kind of tendency in the election world to only prepare for disasters after they've already happened.
For example, during the 2018 Ontario municipal election, the voting websites of 43 cities (accounting for a million voters) went down on election night. Many had no cyber-incident response plan. One even said said 6 months before the election saying "we hope nothing happens."
Now you might think that was just a fluke, but a similar situation happened in New South Wales last year. Their iVote registration system went down on the eve of the election.
Last week in Sarnia, a city council vote actually passed by mistake. It turns out, that that the word "disagree" sounds exactly like the word "agree" if the first syllable drops in a glitchy Zoom connection. theobserver.ca/news/local-new…
And that just covers accidents and mistakes. What about deliberate efforts from advanced threat-actors? If they're willing to ransom a city for a few thousand dollars, imagine what they can do to an election. And then, why even hack an election if you could hack the law itself?
Secure remote online voting for non-secret parliamentary divisions is doable, but it has to be done right.
There must be procedures for detecting errors (whether due to hacking, accidents, or disasters). Someone must be responsible for checking that an MPs voting intention was correctly recorded and there must be procedures granting opportunity to recover from errors.
And we need to confront our temptation to think nothing bad is going to happen to our elections. The ship doesn't need lifeboats until suddenly it does. When it comes to new election technology, we need a plan for disasters--even the ones that haven't happened yet.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Aleksander Essex

Aleksander Essex Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @aleksessex

Oct 18, 2021
Setting aside the dubious normalization of ubiquitous ID checking, vaccine passports create new opportunities for inescapable data collection 🧵
Proponents of vaccine passports rightly point out that showing ID was something we previously had to do, like when buying alcohol or entering a bar
However, in those settings, a human looks at your ID. They don't record it. The interaction is ephemeral. They make a decision in the moment, then it's gone
Read 11 tweets
Sep 30, 2020
I don't use remote online proctoring services in my courses. As a cybersecurity professor, I couldn't in good conscience make my students download and install something on their device that I wouldn't install myself. lfpress.com/news/local-new…
I couldn't in good conscience require my students to submit to facial recognition software when I wouldn't myself. Or grant such an app system-level privileges.
I hear the term "we're confident" thrown around altogether too much in the context of someone else's data and someone else's device. What I never hear is the indemnification. I never hear the pledge. Don't tell us how you're confident. Tell us how you're liable.
Read 5 tweets
Sep 18, 2020
This is what a ballot looks like when you prioritize the needs of voters above the needs of optical-scan equipment
Compare: tiny ovals, excessive white space, implicit oval/candidate associations Image
Here's a thread debating whether this mark would be counted by a machine, which, you'll notice, is a very different question than "should this mark be counted?"
Read 5 tweets
Sep 14, 2020
1/5 Online voting vendor @Voatz has been engaged in an alarming campaign in essence to become the gatekeepers of their own cyber accountability. Today I join 70 security experts in a letter admonishing their recent submission to the @USSupremeCourt disclose.io/voatz-response…
2/5 Our response has an unusually diverse list of signatories from academia, industry, and government. It includes those who work in software security in general, as well as those who work in elections in particular, making the case that @Voatz's views are not widely held
3/5 In their amicus brief, @Voatz referenced their work with @Hacker0x01 as evidence of the "success" of their bug bounty program. Notable among the signatories of this letter, therefore, is @Hacker0x01 and a number of other bug bounty organizations
Read 15 tweets
Sep 3, 2020
Remember when online voting vendor @Voatz referred a @UMich student to the authorities? Well now they're arguing to the @USSupremeCourt that the Computer Fraud and Abuse Act should not be narrowed to protect independent "unauthorized" security research supremecourt.gov/DocketPDF/19/1…
At issue is the question of whether independent cybersecurity research is necessary. @Voatz argues research and testing "can be performed by authorized parties" and that "unauthorized research" and dissemination of "theoretical security vulnerabilities" is "harmful".
.@Voatz describes bug bounties as "highly effective" and even references their past association with @Hacker0x01 while brazenly omitting that they were removed from the program for not "acting in good faith towards the security researcher community." cointelegraph.com/news/voatz-bug…
Read 12 tweets
Jul 25, 2020
So @nicolejgoodman and I testified to @HoCCommittees #PROC that remote voting was doable for NON-SECRET votes. The report completely omits this crucial point and instead inexplicably recommends "conducting votes via SECRET ballots electronically"
We detailed in an @IRPP oped why NON-SECRET voting was necessary for verifiability. We submitted this breif to the committee and summarized it in our testimony. Incredibly, these arguments were all omitted from the report and our brief wasn't even cited.
policyoptions.irpp.org/magazines/marc…
By selectively excluding key portions of expert testimony from the report that would have run contrary to the committee's eventual recommendation, I find myself sharing @CPC_HQ's assessment that the government "seemed committed to a specific outcome."
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(