Surprising Security Facts About the Upcoming Midterm Elections
After the scandal-wrought battle that led to Trump getting elected President back in November of 2016, the populace has been clamoring for better fraud and disinformation protection during critical, protracted political battles.
For months, the U.S. intelligence community — including National Security Council staff members — has been holding meetings on the topic. The fact so much of the disinformation battle occurs in the private sector has complicated efforts, as that’s an area that’s largely untouchable by intelligence agencies.
Efforts in both private- and public sectors have had some success (see: Microsoft, below) or, alternatively, engendered collective head scratching. Some newsworthy tidbits regarding wins, losses, and progress made in the fight to protect the integrity of the coming congressional midterm elections:
Twitter changes their rules
- If you’re a self-proclaimed hacker, you’re out. Twitter has long left hackers’ accounts untouched, usually only taking one down after law enforcement officials demand it. The new hardline: Twitter will now ban accounts that claim responsibility for a hack, threaten to hack, or encourage hacking by incentivizing the practice.
- Fake and/or bot accounts will be targeted for deletion. The new rules will no longer allow these accounts to run roughshod over everyone’s good time. They’re identified, in part, through telltale cues of potential malicious activity, like the ubiquitous and always-suspect stock photo avatar.
- Stricter conditions for developers’ access to the Twitter API. This is in an effort to prevent bot networks from using automated methods to disseminate their agenda.
Read more about measures the platform is taking here.
The amount of personal data collected by social media platforms like Twitter will shock you. Click here to take our digital fingerprint scan and get a preview of the tracks you’re leaving all over the internet.
West Virginia takes a risk with blockchain voting
West Virginians currently living overseas will be casting absentee ballots using a blockchain-enabled app called Voatz. The Boston-based startup’s app uses blockchain encryption to allow for remote, secure voting if mail services or physical polling are unavailable.
Blockchain technology,most commonly used to facilitate the mining and trading of cryptocurrencies, works like this:
- It maintains and stores a list of transactions on every computer participating in a particular network
- These computers corroborate and verify the list additions
- The records are encrypted to prevent tampering by bad actors
Experts in the field of election tech remind us the security risks of blockchain voting are real. The tech may not do much to ensure the fair and accurate recording of votes, nor ensure that no manipulation has occurred. Among the concerns:
- Blockchain data is not immune to various exploits
- Malware on a smartphone could change a vote before it’s able to reach the blockchain
- Blockchain tech is fundamentally based on an anonymous, decentralized model — not suitable for voting, which presupposes verifiable identities and a central authority
Voatz developers claim their app can successfully detect a malware-infected device, and will only run on updated and thus, patched and sensibly secure smartphones. While this particular implementation of blockchain-based voting may be imperfect, it’s possibly a bellwether of the coming future and an opportunity to learn how to build blockchain election systems that are truly decentralized and fraud resistant.
Bad Russian factions may be worse than ever
Outside experts warn that Russian efforts to manipulate the US elections through disinformation and inflammatory social media posts are likely to have increased in sophistication. Combine that with what’s thought by those same experts to be an insufficiently strong government strategy to combat information warfare, and chances of detection grow smaller.
In August of this year, Microsoft’s Digital Crimes Unit detected and seized six sites which the Russian hacking group formerly known as the G.R.U. intended to use for cyberattacks. The ill-intended domains found and eliminated by Microsoft remind us that malicious Russian actors are far from gone, and may yet play a role in the midterm elections.
It’s clear from many vantage points that privacy and security need to be at the forefront as we approach November. Tech companies, especially, have struggled to staunch the flow of disinformation and hacking, and all without much guidance from the U.S. government as to how. Ultimately, it’s a game of whack-a-mole, while Russian hackers seek new vectors of assault and Twitter, Microsoft, Facebook and others seek to stop them.
Just because these companies aim to intervene in possible election tampering doesn’t mean that they’re entirely out for your best interests in all situations. With so many companies becoming increasingly notorious for profound privacy invasion, individuals — not just governments — also need to take steps to ensure their own privacy and security.
That’s why we made the Privacy Browser, by TrackOFF. It has everything you need to start browsing safely. And it’s free.
CityLab: Is This Experiment in Digital Democracy Too Crazy to Work?
Sarah Holder, September 11, 2018
Scientific American: Are Blockchains the Answer for Secure Elections? Probably Not
Jesse Dunietz, August 16, 2018
NBC News: Poll: Most Americans think Russia will interfere again in 2018 elections
Andrew Arenge, John Lapinski and Stephanie Perry, February 7, 2018
NBC News: Russians penetrated U.S. voter systems, top U.S. official says by Cynthia McFadden, William M. Arkin and Kevin Monahan, February 7, 2018
ABC News: Senate rejects additional election security spending even as experts warn of growing foreign threat
Ali Rogin, Aug 1, 2018
Wired: How Microsoft Tackles Russian Hackers — and Why it’s Never Enough Ily Hay Newman, August 21, 2018