Thread #log4j
"The ‘most serious’ security breach ever is unfolding right now. Here’s what you need to know."

Wondering how this affects #voting machines? Is anyone looking into that?
@rad_atl @VickerySec @kiniry @benniejsmith

via @washingtonpost
washingtonpost.com/technology/202… “The log4j vulnerability is the most serious vulnerability I have seen in my decades-long career,” Jen Easterly, U.S. Cybersecurity and Infrastructure Security Agency director, said in a Thursday interview on CNBC.

Thread #FreedomToVoteAct
From a #Security and #Technology POV, there are some excellent points in the new version & some very concerning ones.

BEST SECURITY PROVISION
Preprinted #handmarkedpaperballots are required in the polling place!! This is something many of us fought for Voting systems that can print on ballots after they are cast are prohibited - but the provision is weak. It can be "through mechanical means or through independently verified protections." I believe that means it is allowed, but you have to check if it's happening. Not great.

1. "Yesterday was such a frustrating day that by evening I had to go to bed with chest pains..."

Thread. What is a #Hybrid #VotingMachine & Why Do I Care?

lulufriesdat.medium.com/yesterday-was-…
#SMARTelections #ElectionProtection 2. "It started out a good day. The day before I celebrated my 14th anniversary with my husband. The cherry blossom tree we planted in the backyard was exploding in pink taffy balls, and the smell of the lilies he got me floated through the living room as I walked to my desk."

Thread 1. Where has Tracy Campbell documented #ElectionFraud in the US? I made a list of a few places.
Page numbers are from "Deliver the Vote"

Kansas
San Francisco
Minnesota
Wisconsin
D.C.
Baltimore
MA (Constitution)
Chicago

drive.google.com/file/d/1VWTOW4… 2.
New York (p. 64) multiple listings
Arkansas (p. 65)
Mississippi (p. 88)
“Venal” Indiana (p. 95)W. Virginina (p. 95)
Alabama (p. 100, 158)
Louisiana (p. 103)
Wilmington Riots (p. 105)
Louisville KY (p. 106) multiple listings
North Carolina (p. 104)

Thread. 1. Biden’s #BloodySunday Order an Important Step in Promoting Voter Access civilrights.org/2021/03/07/bid… via @civilrightsorg 2. I think most of us could use a refresher on #BloodySunday. That includes me. I found a good detailed description at the Encyclopedia of #Alabama.encyclopediaofalabama.org/article/h-1876 ""Bloody Sunday" refers to the March 7, 1965, civil rights march"

#HR1 #S1 #Amendments - all passed today
includes a new amendment to study #Blockchain voting
amendment #39
Directs the Election Assistance Commission (@EACgov) to conduct a study regarding the use of blockchain technology to enhance voter security in Federal elections. 44
Requires a sufficient number of ballot marking machines equipped for individuals with disabilities, as defined by the Election Assistance Commission in consultation with the Access Board and the National Institute of Standards and Technology, for all in person voting options.

#SolarWinds hack. Thread.
1. Dominion Voting Systems, a voting machine vendor used in #Election2020, is a Solar Winds client. It does not use Orion, the product at the center of the hack. via attorney Paul Lehto

Solar Winds list of clients is now hidden solarwinds.com/company/custom… 2. Unknown if #hacking investigation is expanding to all #SolarWinds clients, like Dominion Voting Systems.
#ElectionSecurity #ElectionProtection #Election2020results

Thread 1.
#LosAngeles Done listening to 3 hours of testimony & public comments about the LA Voting System. Incredible that in all that time not a single member of the public testified with any kind of enthusiasm for the voting system. #VSAP #SecurityFail #LaVotes #SMARTelections 2. Instead ppl noted:
- The #VotingMachine can print on the paper ballot after the voter casts it potentially changing votes.
- The method that #security experts recommend: #HandMarkedPaperBallots is not being offered.
- the system is tabulating #QRcodes, something banned in CO

Thread. 1. #ElectionProtection. What's the most important thing you're going to do today? Sign up to get ongoing Election Protection training. Reports predict #Election2020 may be "marked by a chaotic legal & political landscape" Will you be prepared?
eventbrite.com/e/online-elect… 2. Does it matter if you get training? Yes. "We face a period of contestation/from the 1st day a ballot is cast/until 1/20/20. The winner may not, & we assess likely will not, be known on 'election night'." If you are prepared & ready - you can help. assets.documentcloud.org/documents/7013…

1660 comments in the VVSG 2.0 that need to be resolved. Mona Harrington saying that they will be transparent - but they have been meeting w/vendors in meetings that were not open to the public.

https://twitter.com/LuluFriesdat/status/1293594504423931907

They're saying a lot of work ahead. What is the timeline for these to be approved?

Thread:
1. NY just passed #AVR Automatic Voter Registration. @StandUpAmerica estimates this will add over 1Mill voters to the #NY rolls. Wouldn't it be great to know that those votes were going to be counted correctly? But w/new #VotingMachines being certified we will not know. 2. #Security experts like @rad_atl & @kskoglund & auditing expert @philipbstark say that the hybrid #VotingMachines are not secure and "No form of audit can confirm they functioned correctly." (Quote from Dr. Stark). Read a paper he co-authored. stat.berkeley.edu/~stark/Preprin…

Thread #ElectionSecurity is THE #VoterSuppression issue.
1. I want you to listen to this @nytimes #TheDaily podcast about the #GeorgiaPrimary meltdown nytimes.com/2020/06/11/pod… Listen to how they tiptoe around the issue of #votingmachines & don't identify them as the CENTRAL issue. 2. Why are #votingmachines the central #VoterSuppression issue in #GA & many other states? Because they are the new #JimCrow. The machine is the way officials control how many ppl vote & how those votes are counted. It might as well be a literacy test. Could it be more obvious?

Thread. 1. Reposting these images now with the title
"Iowa Math is the #NewMath." In my original post I called these #RoundingErrors. But they are not errors. This is exactly the way the Iowa Democratic Party wants the votes to be counted. #IowaCaucus
smartelections.us/iowa-new-math 2. From my post: "Because of the way the math was done at the caucuses, many precincts wound up with an extra delegate that got 'assigned' to one of the candidates at the end of the caucus. We were able to look at worksheets from 18 precincts that were posted on Twitter." #Iowa

Please help hand-count audits continue in Columbia County. The Board of Supervisors has said they are not planning to reinstate Virginia Martin as election commissioner. She needs your support. They need to call a meeting by 6pm today to reinstate her. Please send a short email to these supervisors letting them know what it means to you that Columbia County keep her on and that she continue to do hand-count audits there. Thank you.

1/ Election officials & the media can stop saying that there is "No evidence that Russians changed vote tallies" usatoday.com/story/news/pol…

https://twitter.com/MarilynRMarks1/status/1217915668286312448

2/ Because now there IS evidence that vote totals may have been affected. "A Georgia election server contains evidence that it was possibly hacked before the 2016 presidential election ... according to an election security expert." politico.com/news/2020/01/1…

#ElectionSecurity funding will NOT actually have to be used for Election Security.
$425M allocated in bill to be announced later today.
"the funding deal used the language in the Senate version" which has NO #security requirements.
thehill.com/policy/cyberse… via @jennycohn1 @jennycohn1 2/ Why is this bad? Because states will be pressured by vendors to buy risky & expensive #votingmachines that do not protect voters or #taxpayers. Plz call members of the appropriations committee & ask them to include the language from #HR3351.

https://twitter.com/LuluFriesdat/status/1206618434768785409

#Security for #Election2020 is at stake right now.
1) #ElectionSecurity is for our national defense. It is worth investing in.
2) If we do not have security REQUIREMENTS w/funding some states will spend poorly. That is bad for tax payers & bad for voters. #SMARTelections At our #Senate briefing on #ElectionSecurity we brought national experts on #computer systems, #security and #audits together to demonstrate why it's critically important that congressional funding for election security includes REQUIREMENTS for security.
smartelections.us/congressional-…

A Pennsylvania County’s Election Day Nightmare Underscores Voting Machine Concerns
THE ARTICLE SAYS THE “BALLOTS” (summary cards) WERE RE-COUNTED BY HAND BUT THEY WERE ACTUALLY SCANNED BY MACHINE...KEVIN SKOGLUND IS ASKING @nytimes
TO PRINT A CORRECTION
nyti.ms/2rGZTkk "Abe Kassis, a Democrat, had just 164 votes out of 55,000 ballots... Some machines reported 0 votes for him. In a county with the ability to vote for a straight-party ticket, one candidate’s 0 votes was a near statistical impossibility. Something had gone quite wrong."

1/6 HOW TO SET GOOD GUIDELINES FOR VOTING SYSTEMS
1) Consult with #cybersecurity experts
2) Do what they say
House bill #HR3351 says "the voter shall have the option to mark his or her ballot by hand." That's good. That's what the majority of cybersecurity experts recommend. 2/6 HOW NOT TO SET GUIDELINES FOR VOTING SYSTEMS
Senate bill #SecureElectionsAct sets up a panel of "independent experts on #ElectionSecurity" then fills it with ppl who are NOT #security experts. If you have to have heart surgery - do you want a surgeon or a hospital admin?

Thread. BIG NEWS the Voluntary Voting System Guidelines 2.0 #cybersecurity working group is going to recommend NO #Wi-Fi & NO #Internet capability for #voting systems. This does not include #epollbooks but does include tabulators & election management systems. @secureourvotes This is not a done deal, but it is a good step! The working group recommendations will be given to the Technical Guidelines Development Committee this Fri & they (the TGDC) may vote on these recs (could be up/down) then (supposedly) they go to the EAC for a public comment period.

Securing America’s Elections Part II: Oversight of Government Agencies #ElectionSecurity hearings supposed to be starting now by the House #JudiciaryCommittee Strong priorities stated by #MattMasterson from @CISAgov but a focus on detecting interference will not detect insider rigging.