Alex Halderman: we will never know if the Wisconsin vote was hacked unless we check now

Alex Halderman has clarified his earlier remarks about the integrity of the Wisconsin election: in a nutshell: voting machine security sucks, hackers played an unprecedented role in this election; there are statistical irregularities in the votes recorded on software-based touchscreen machines and the votes registered with paper ballots counted by optical scanners, so why the hell wouldn't we check into this?

A bipartisan, GOP-led voting machine security bill that would actually fix vulnerabilities in US elections

The Secure Elections Act is a bipartisan Senate bill with six co-sponsors that reads like a security researcher's wish-list for voting machine reforms. Specifically, it reads like Matt Blaze's wishlist, hewing closely to the excellent recommendations laid out in his testimony to the House of Representatives' Committee on Oversight and Government Reform Subcommittee on Information Technology and Subcommittee on Intergovernmental Affairs Hearing on Cybersecurity, recounting his experiences as a security researcher and as the founder of Defcon's Vote Hacking Village.

If the 2016 election is hacked, it's because no one listened to these people

Ever since the Supreme Court ordered the nation's voting authorities to get their act together in 2002 in the wake of Bush v Gore, tech companies have been flogging touchscreen voting machines to willing buyers across the country, while a cadre computer scientists trained in Ed Felten's labs at Princeton have shown again and again and again and again that these machines are absolutely unfit for purpose, are trivial to hack, and endanger the US election system.

The NSA sure breaks a lot of "unbreakable" crypto. This is probably how they do it.

There have long been rumors, leaks, and statements about the NSA "breaking" crypto that is widely believed to be unbreakable, and over the years, there's been mounting evidence that in many cases, they can do just that. Now, Alex Halderman and Nadia Heninger, along with a dozen eminent cryptographers have presented a paper at the ACM Conference on Computer and Communications Security (a paper that won the ACM's prize for best paper at the conference) that advances a plausible theory as to what's going on. — Read the rest

Hari Prasad, India's evoting researcher, working to save Indian democracy from dirty voting machines

Hari Prasad is one of the winners of this year's Electronic Frontier Foundation Pioneer Awards; in Prasad's case, the prize was awarded based on his excellent work dissecting the (deeply flawed) electronic voting machines used in India's elections. Prasad was imprisoned by Indian authorities for pointing out the many vulnerabilities he and his colleagues discovered. — Read the rest

India's e-voting machines vulnerable to fraud

E-voting security researcher J Alex Halderman writes,

India, the world's largest democracy, votes entirely on paperless electronic voting machines. There are an incredible 1.4 million machines in use. Authorities claim they are "tamperproof", "infallible", and "perfect," but they've prevented anyone from doing an independent security analysis by denying access on secrecy and intellectual property grounds.

Read the rest

Chinese censorware will expose every PC in the nation of malware, ID theft, botnetting

Green Dam, the mandatory censorware that will be installed on all Chinese PCs as of July 1, is remarkably insecure. J Alex Halderman from Freedom to Tinker and his colleagues Scott Wolchok and Randy Yao have released a paper, based on a mere 12 hours testing, detailing attacks that can be used to "steal private data, send spam, or enlist the computer in a botnet" and " install malicious code during the update process." — Read the rest