Saturday, March 03, 2018

From Facebook

As an Oregon voter and taxpayer, I'd like to know more about these new security protections Oregonians have a right to know more about. Anyone into cybersecurity knows its about adhering to open standards using source code anyone can check.

That's how NIST designs stuff, around Elliptic Curve and AES. Oregon has Vote-By-Mail so I'm curious what people see as vulnerable to Russian attack.

I know my curiosity will be met by a cloak of secrecy if the plan is actually to further heist the system by making it opaque (less transparent). That'd be hard to do given the stated objectives and follow-up audits we'll be demanding.

Americans (in the US sense) have long distrusted the voting machine infrastructure, dating back several elections. I haven't seen many claims that this sense of distrust traces to Russian propaganda.

Rather, it seems well-founded and based on actual cases of tampering that have come to light, most notably purges of voter rolls using deliberately sloppy techniques designed to spread collateral damage among specific demographics.

Those who studied the black box voting machines found much to criticize.

So where is NIST in this picture?

Does the US commit any funds towards researching and developing the infrastructure of democracy?

If MAGA means anything at all, it would have to mean looking to the US for role model, trusted technology around voting, combined with best practices.

The US is very far from that now, with most judging bodies saying US elections no longer pass the sniff test. There may be moves afoot to hold the Russians accountable for Stinky Politics Nation (SPN), but that could easily backfire. Blaming all one's problems on a convenient enemy has a way of not working out.