cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Community Champion

Iowa Election Results "Delayed"

Election officials are “doing quality control checks, making sure the numbers are accurate".

 

An aide to a top Democratic campaign said their operation doesn’t “know what’s going on” but “something is clearly up”. Well, we all know too well the dangers of electronic voting...

2 Solutions

Accepted Solutions
Highlighted
Community Champion

Re: Iowa Election Results "Delayed"

How hard is it to build an app that says:

1) How many people are in the room?

2) How many stood in each candidates corner?

3) Is the number in #2 equal to or greater than 15% of number 1 for all candidates?

4) If yes then go to step 8

5) If no, then tell that candidate that they are eliminated and tell those people to stand in one of the remaining corners.

6) Do # 4 until all remaining candidates numbers for #3 in the first tally are => 15% of total people.

7) Once the eliminated candidates peoples have stood in a new corner then go to # 1

8) Post results locally and update to total server.

View solution in original post

Highlighted
Community Champion

Re: Iowa Election Results "Delayed"

The IowaReporterApp was so insecure that vote totals, passwords and other sensitive information could have been intercepted or even changed, according to officials at Massachusetts-based Veracode.The IowaReporterApp was so insecure that vote totals, passwords and other sensitive information could have been intercepted or even changed, according to officials at Massachusetts-based Veracode.

View solution in original post

11 Replies
Highlighted
Community Champion

Re: Iowa Election Results "Delayed"


@AppDefects wrote:

Election officials are “doing quality control checks, making sure the numbers are accurate".

 

An aide to a top Democratic campaign said their operation doesn’t “know what’s going on” but “something is clearly up”. Well, we all know too well the dangers of electronic voting...


Wow, who could possible have predicted problems here?

    

This Is The Buzzy Democratic Firm That Botched The Iowa Caucuses  (Huffpost)

 


The app tasked with reporting the results of the Iowa caucus has crashed, delaying the results   (TechCrunch)  

 

App Used to Tabulate Votes Is Said to Have Been Inadequately Tested     (NY Times)

 

From the NY Times article:

Matt Blaze, a professor of computer science and law at Georgetown, said that introducing apps in the midst of an election posed many problems. Any type of app or program that relies on using a cellphone network to deliver results is vulnerable to problems both on the app and on the phones being used to run it, he said.

“The consensus of all experts who have been thinking about this is unequivocal,” Mr. Blaze added. “Internet and mobile voting should not be used at this time in civil elections.”

Any technology, he said, should be tested and retested by the broader cybersecurity community before being publicly introduced, to test for anything ranging from a small bug to a major vulnerability.

“I think the most important rule of thumb in introducing technology into voting is be extremely conservative,” he said.

 

\(*0*)/

Craig

 

Dr. D. Cragin Shelton, CISSP
Dr.Cragin@iCloud.com
https://CraginS.blogspot.com/
My Community Profile
My LinkedIn Profile
href="Not Passing a Cert Exam is Not the Same as Failing" target="new";;https://cragins.blogspot.com/2018/08/pass-rates-for-professional-exams.html
Highlighted
Community Champion

Re: Iowa Election Results "Delayed"

I've been cringing all morning wondering when the arrows will be launched back and forth between the two parties accusing each other of this and that.  

I really am NOT a fan of paper. I'v mentioned it before.  But sometimes I'm willing to reconsider.  Maybe we need to go BACK to the stoneage of paper and crayons to vote?

Highlighted
Community Champion

Re: Iowa Election Results "Delayed"

NBCNews writes:

Party chair Troy Price said the party is "validating every piece of data we have against our paper trail. That system is taking longer than expected, but it's in place to ensure we are eventually able to report results with full confidence."

Hopefully, this cements the need for an immutable journal and contingency plans.

Highlighted
Community Champion

Re: Iowa Election Results "Delayed"

How hard is it to build an app that says:

1) How many people are in the room?

2) How many stood in each candidates corner?

3) Is the number in #2 equal to or greater than 15% of number 1 for all candidates?

4) If yes then go to step 8

5) If no, then tell that candidate that they are eliminated and tell those people to stand in one of the remaining corners.

6) Do # 4 until all remaining candidates numbers for #3 in the first tally are => 15% of total people.

7) Once the eliminated candidates peoples have stood in a new corner then go to # 1

8) Post results locally and update to total server.

View solution in original post

Highlighted
Contributor III

Re: Iowa Election Results "Delayed"

Shocked I haven't seten a plethora of "Russian Hacking" and incompetent developer jokes yet. Ahh but its early in the day isn't it?

Highlighted
Community Champion

Re: Iowa Election Results "Delayed"

I'm wondering if we aren't already in the days of pre-planning an excuse in case of a loss. The logic goes, if we create doubt in the beginning then if we don't get the results we want, we have something to blame it on. If we do get the results we want then we can say it was not such a big deal.

Highlighted
Community Champion

Re: Iowa Election Results "Delayed"


@CISOScott wrote:

How hard is it to build an app that says:

...


It is easy to build such an app. The challenge is in establishing the credentialing and security control processes that ensure only authorized precinct captains can authenticate themselves when submitting the report, and that the various devices and data bases used in the process are not compromised. Further, it appears that the Shadow app was never load-tested to be sure it could handle about 1,000 inputs in a short time.

 

Craig

 

 

Dr. D. Cragin Shelton, CISSP
Dr.Cragin@iCloud.com
https://CraginS.blogspot.com/
My Community Profile
My LinkedIn Profile
href="Not Passing a Cert Exam is Not the Same as Failing" target="new";;https://cragins.blogspot.com/2018/08/pass-rates-for-professional-exams.html
Highlighted
Community Champion

Re: Iowa Election Results "Delayed"

> Beads (Contributor II) posted a new reply in Tech Talk on 02-04-2020 12:08 PM

 

> Shocked I haven't seten a plethora of "Russian Hacking" and incompetent
> developer jokes yet. Ahh but its early in the day isn't it?

 

Comrade, you must get up pretty early in morning to get jump on Soviet state sponsored election-meddling red (you should pardon the expression) team. (Moscow gets up 11 hours before Iowa ...)


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Contributor II

Re: Iowa Election Results "Delayed"

https://twitter.com/ShadowIncHQ/status/1224773796307050497

 

---
Eric Geater, CISSP
I've always said, "There's nothing an agnostic can't do if he really doesn't know whether he believes in anything or not."