Hackers and Elections -- Why The Russians Tried and Failed (11:00 mark)

Lessons for the world about our 2016 election.

Everything we have is online. Everything in our critical infrastructure is online.

U.S. vote hacking is difficult because of our extensive distribution and county-level differences.

But the Russians tried.

Internet voting is a bad idea, for obvious reasons. It doesn't solve current problems and exposes the U.S. to new ones -- lack of home privacy in home voting; voting by text message, etc.

Putin's response about how "there's no need to distract the public about who did it [stole Clinton's and Podesta's emails) tells us how foreign targeting by the Duke Family of attackers gets covered up. No meetings by Trump with Putin will create any reasonable expectation for the West that Putin can ever be an ally.

And so the Duke malware families of attackers carry on with no concern, because they are state sponsored and untouchable, they think.

Russia is on the move to conquer more than just elections.

They fear us. Our hacker nation. Not our hacker teens.

Mikko Hypponen And the Cyber Arms Race

Hypponen is another important hacker expert who's helped us (besides Alex Stamos), like members of America's Cult of the Dead Cow, our original hacker supergroup that Beto O'Rourke was a founding member of.

This video is considered old, but it's still important, since no one takes time to sit Americans down and let them know what their private and public sector tech people are thinking about.

Since data is now worth more than oil, and wealth is built from it (Thus Snowden in 2013), this is important history for upcoming cyber discussions. It covers how to prioritize hackers and targets, weaponizing software tools, how bitcoin and its mining works, botnets as information miners, etc.

The way he speaks of these things, so common today (exploit, APT, back door, PHBB, zero days, etc) made that time seem so innocent.

Hiya, Congress People!

Hiya, Congress people!

Security Conferences are coming up this month and the rest of the year!

Cool stuff to go learn!

Maybe you'd like to show up at one of them, and learn how to secure your state's election integrity connected to its
-- voting equipment; its
-- voting networks and databases; and
-- how it secures, monitors, troubleshoots and contacts key fixers when personnel find problems.
-- how you train vigilant, competent personnel.

This Democracy won't secure itself. Right?

You still have to live up to your oaths of office, even when you're on vacation.

So check these out ...

1.
DEF CON 27
@_defcon_
August 8 - 11, 2019
Las Vegas, NV

2.
28th USENIX Security Symposium
@USENIXSecurity
August 14 - 16, 2019
Santa Clara CA

3.
DerbyCon
@DerbyCon
September 20 - 22, 2019 (training will be held September 18 - 19, 2019)
Louisville, KY

https://digitalguardian.com/blog/top-50-must-attend-information-security-conferences#Q42019

Trumporn -- Better With Sound Off

McConnell Received Donations from Voting Machine Lobbyists Before Blocking Election Security Bills

This is American democracy's structural problem, folks. By design.

https://www.msn.com/en-us/news/politics/mitch-mcconnell-received-donations-from-voting-machine-lobbyists-before-blocking-election-security-bills/ar-AAEUGcx?ocid=spartanntp&fbclid=IwAR17TKRxNCc5maJwIf8-xHY1FfpA3lD0S2KlBhwKZEMNVwbW083AaIW2OMc

Gov. Inslee Promotes Evergreen Economy Plan

Inslee's Evergreen Economy Plan has teeth and stop signs.

This plan will take full time legislative and budgeting prioritizing effort in Congress.

I can't see how the unions of the Democratic Party wouldn't sign on to such a great middle class and economic revitalizing plan for this country, all while scaling Washington's successful climate change mitigation programs.

This plan is the second major policy announcement from Governor Inslee’s Climate Mission agenda, a 10-year national mobilization to defeat climate change and build a just, innovative, and inclusive clean energy future.

Highlights:

1. Igniting America’s Clean Energy Economy will establish:
-- a ReBuild America Initiative to upgrade millions of buildings over the next two-plus decades;
-- a $90 billion Green Bank for clean energy deployment;
-- a Next Generation Rural Electrification Initiative;
-- programs to support energy democracy and community-led energy transformation;
-- grants in lieu of tax incentives for clean energy installation.

2. Building Sustainable & Climate-Smart Infrastructure will:
-- make the largest investment in American infrastructure in generations
-- build sustainable transportation, water, affordable housing, sustainable communities, smart grid systems.
-- double investment in public transit
-- expand dramatically electric car-charging infrastructure,
-- launch a Clean Water for All Initiative to close the $82 billion annual funding gap in critical drinking water, stormwater and wastewater infrastructure.
-- put Americans to work in every community to achieve a state of good repair; protect public health; and improve resilience to devastating floods, droughts, fires, and storms.

3. Leading the World in Clean Manufacturing will come from:
-- the federal government partners with industry to increase efficiency, cut costs and waste, deploy new technologies and fuels to reduce climate pollution.
-- the federal government makes major investments in domestic manufacturing of electric vehicles and batteries;
-- establishing a federal “Buy Clean” Program to help close the carbon loophole and support domestic industries and workers;
-- legislating a new Advanced Energy Manufacturing Tax Credit;
-- using established entities such as the Export-Import Bank to increase exports of made-in-America clean energy solutions.

These initiatives allow workers and businesses to revitalize America’s economic competitiveness in existing manufacturing industries, to take the lead in emerging clean technologies and growth markets.

4. Investing in Innovation & Scientific Research:
-- invest in transformative research and development in next-generation clean technology and climate solutions,
-- invest expanded scientific discovery, STEM education.
-- increase investment in U.S. clean energy and climate solutions research -- to $35 billion each year, more than 5 times the current funding
-- marshal the resources of the federal government, states, universities and private sector innovators to confront the climate challenge.
-- invest in innovation in the agricultural sector through a new ARPA-Ag effort and
-- a Next Generation Rural Clean Energy Extension Service.

5. Ensuring Good Jobs with Family Supporting Wages & Benefits Through the Above Stages will:
-- create high-paying, high-skilled jobs
-- reunionize and empower workers in every industry with new tools to collectively bargain,
-- ensure racial and gender hiring and promotion,
-- close the gap in wealth and prosperity, which includes
-- enacting a “G.I. Bill” for impacted fossil fuel workers and communities;
-- repeal the Taft-Hartley Act provisions that allow so-called “Right-to-Work” laws;
-- redouble commitment to national apprenticeship programs and creating and enforcing protections for gender pay equity.


Let's promote political action that cares for the planet.

The primaries are our chance to set election campaign priorities.

Let's promote thinking about America's future.

Let's promote how Jay Inslee's thinking solves so much else besides climate change.

Gov. Inslee Promotes Evergreen Economy Plan

Inslee's Evergreen Economy Plan has teeth and stop signs.

This plan will take full time legislative and budgeting prioritizing effort in Congress.

I can't see how the unions of the Democratic Party wouldn't sign on to such a great middle class and economic revitalizing plan for this country, all while scaling Washington's successful climate change mitigation programs.

This plan is the second major policy announcement from Governor Inslee’s Climate Mission agenda, a 10-year national mobilization to defeat climate change and build a just, innovative, and inclusive clean energy future.

Highlights:

1. Igniting America’s Clean Energy Economy will establish:
-- a ReBuild America Initiative to upgrade millions of buildings over the next two-plus decades;
-- a $90 billion Green Bank for clean energy deployment;
-- a Next Generation Rural Electrification Initiative;
-- programs to support energy democracy and community-led energy transformation;
-- grants in lieu of tax incentives for clean energy installation.

2. Building Sustainable & Climate-Smart Infrastructure will:
-- make the largest investment in American infrastructure in generations
-- build sustainable transportation, water, affordable housing, sustainable communities, smart grid systems.
-- double investment in public transit
-- expand dramatically electric car-charging infrastructure,
-- launch a Clean Water for All Initiative to close the $82 billion annual funding gap in critical drinking water, stormwater and wastewater infrastructure.
-- put Americans to work in every community to achieve a state of good repair; protect public health; and improve resilience to devastating floods, droughts, fires, and storms.

3. Leading the World in Clean Manufacturing will come from:
-- the federal government partners with industry to increase efficiency, cut costs and waste, deploy new technologies and fuels to reduce climate pollution.
-- the federal government makes major investments in domestic manufacturing of electric vehicles and batteries;
-- establishing a federal “Buy Clean” Program to help close the carbon loophole and support domestic industries and workers;
-- legislating a new Advanced Energy Manufacturing Tax Credit;
-- using established entities such as the Export-Import Bank to increase exports of made-in-America clean energy solutions.

These initiatives allow workers and businesses to revitalize America’s economic competitiveness in existing manufacturing industries, to take the lead in emerging clean technologies and growth markets.

4. Investing in Innovation & Scientific Research:
-- invest in transformative research and development in next-generation clean technology and climate solutions,
-- invest expanded scientific discovery, STEM education.
-- increase investment in U.S. clean energy and climate solutions research -- to $35 billion each year, more than 5 times the current funding
-- marshal the resources of the federal government, states, universities and private sector innovators to confront the climate challenge.
-- invest in innovation in the agricultural sector through a new ARPA-Ag effort and
-- a Next Generation Rural Clean Energy Extension Service.

5. Ensuring Good Jobs with Family Supporting Wages & Benefits Through the Above Stages will:
-- create high-paying, high-skilled jobs
-- reunionize and empower workers in every industry with new tools to collectively bargain,
-- ensure racial and gender hiring and promotion,
-- close the gap in wealth and prosperity, which includes
-- enacting a “G.I. Bill” for impacted fossil fuel workers and communities;
-- repeal the Taft-Hartley Act provisions that allow so-called “Right-to-Work” laws;
-- redouble commitment to national apprenticeship programs and creating and enforcing protections for gender pay equity.


Greening an economy goes with action that cares for the planet.

The primaries are our chance to set election campaign priorities.

Think about America's future, and how Jay Inslee's thinking solves so much else besides climate change.

$$ Solutions: Obama's tech people, Shomik Dutta and Betsy Hoover, are trying to beat Brad Parscale,

Trump's campaign manager. Of course, the Kochs' and Mercers' money is behind it all. (https://en.wikipedia.org/wiki/Brad_Parscale)

https://techcrunch.com/2019/07/01/higher-ground-labs/

Problems for our side

From DEF CON 2018 -- 12 Actions To Secure National Elections before 2020. Yes, We Can.

12 actions to secure national elections. This can be done before 2020. This info seems relevant to the primaries threads, too, but they're probably only focused on candidates and party issues.

This is structural. Still.

-- Safeguard Voting Equipment--

1. Implement universal use of paper ballots, marked by hand and read by optical scanner, ensuring a voter-verified paper audit trail (VVPAT).

2. Phase out touch-screen voting machines – especially the most vulnerable direct-recording electronic (DRE) devices

3. Update pollbooks used to check in voters.

4. Verify voting results by requiring election officials to
conduct “Risk-Limiting Audits” (RLAs), a statistical post- election audit before certification of final results.

-- Protect Voting Networks and Databases --

5. Secure voting infrastructure, especially voter registration databases, using time-tested cyber hygiene tools such as the CIS “20 Critical Security Controls” or
NIST’s Cybersecurity Framework.

6. Call upon outside experts to conduct cyber assessments – DHS,
white-hat hackers,
cybersecurity vendors and
security researchers – where needed.

7. Provide resources and training to state and local election leaders for cyber maintenance and on-going monitoring.

8. Promote information-sharing on cyber threats and incidents in and across the entire voting industry.

-- Coordinate With All Stakeholders --

9. Appropriate federal funding to states to
implement infrastructure upgrades,
audits, and
cyber hygiene measures.

10. Establish clear channels for coordination between
local,
state, and
federal agencies, including
real-time sharing of threat and intelligence information.

11. Maintain DHS’s designation of elections as a Critical Infrastructure Subsector.

12. Require DHS to institute a pre-election threat assessment plan to bolster its technical support capacity to state and locals requesting assistance.

Congress shouldn't just suggest any of this for DHS, they should mandate it and monitor it.

https://defcon.org/images/defcon-26/DEF%20CON%2026%20voting%20village%20report.pdf

I'm not even suggesting that no one in government is doing anything. It only appeared that way as of 2018.

Since then, I'd like to believe that high quality journalism sites are keeping an eye on actions this government is taking to insure free and fair elections.

If you doubt it is, consider our current context:

Do you actually think that those who are firewalling, or
buying all new voting machine equipment, or
using security industry tech
are going to tell this to the American public so that hackers of the world know it?

It's often our military's and government's strategy to appear stupider, slower, more vulnerable than we are. Even if our govt really IS vulnerable, at times.

Even if we see state level cheaters from recent elections in GA;
even if we see that the Senate won't pass "fixes" for the election system,
we citizens can still keep our radar out for changes being made at state levels, stay calm, watch and see who's doing what out there. And not believe the hype.


IMO, we must pay attention to any structural progress made to improve our election system.

Re the Senate's rejection of election security bills -- we're down, but not out

We know the Senate knows how deep their action cuts into U.S. national security.

That pisses off hacking supergroups like the old and young white hats at DEF CON.

(https://en.wikipedia.org/wiki/DEF_CON)

The latest 2018 DEF CON Report from its Voting Village is the DEF CON community's continuing response to the Russian hacking of our elections. The Voting Village originated in 2017 to invite all states' election and tech officials to share information and findings to pass on to the American public.

The last chapters of this year's report are recommended (est. 16 pages).

-- Election Security is National Security;
-- Technical Findings,
-- Recommendation: Make A Crisis Communications Plan Before Your Website is Hacked
-- Conclusion
-- Next Steps
-- APPENDIX #4: Firewall Democracy: Best Practices for Securing America’s Vulnerable Voting Infrastructure


https://www.defcon.org/images/defcon-26/DEF%20CON%2026%20voting%20village%20report.pdf