RISKS Forum mailing list archives
Risks Digest 29.69
From: RISKS List Owner <risko () csl sri com>
Date: Tue, 16 Aug 2016 16:51:57 PDT
RISKS-LIST: Risks-Forum Digest Tuesday 16 August 2016 Volume 29 : Issue 69 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/29.69.html> The current issue can also be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: The $47 Billion Network That's Already Obsolete (Steven Brill) Tesla Spontaneously Catches Fire! (Alister Macintyre) Tesla and Troubles (Alister Macintyre) Re: A New Hack Can Unlock 100 Million Volkswagens (Jim Geissman) Hacker Releases More Democratic Party Documents (Lillie Coney) Hackers claim to have stolen NSA cyberweapons, auctioning them to highest bidder (BoingBoing) 80% of Android Linux users vulnerable (Digital Trends) "Now data-stealing Marcher Android malware is posing as security update" (Danny Palmer) New air-gap jumper covertly transmits data in hard-drive sounds (Ars Technica) More on Air-Gap Security Threats (Security Week) "Linux TCP flaw lets 'anyone' hijack Internet traffic" (Steven J. Vaughan-Nichols) "How an IP mapping glitch turned a farm into federal hell" (Charlie Osborne) Windows 10 re-problems Internet connection (Rob Slade) Thai Plan to Track All Foreigners By SIM Cards Moves Forward (Dan Jacobson) Hacking the Vote: the Security of Our Election Systems (Bruce Schneier) Statistical study of voting results (PGN) Re: How to hack an election in seven minutes (Robert I. Eachus) Social Security Administration REMOVES highly criticized cell phone access requirement (Lauren Weinstein) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: August 14, 2016 at 9:46:24 AM EDT From: Richard Forno <rforno () infowarrior org> Subject: The $47 Billion Network That's Already Obsolete (Steven Brill) The $47 Billion Network That's Already Obsolete Steven Brill (via Dave Farber) http://www.theatlantic.com/magazine/archive/2016/09/the-47-billion-network-thats-already-obsolete/492764/ The prize for the most wasteful post-9/11 initiative arguably should go to FirstNet -â a whole new agency set up to provide a telecommunications system exclusively for firefighters, police, and other first responders. They would communicate on bandwidth worth billions of dollars in the commercial market but now reserved by the Federal Communications Commission for FirstNet. FirstNet is in such disarray that 15 years after the problem it is supposed to solve was identified, it is years from completion â- and it may never get completed at all. According to the GAO, estimates of its cost range from $12 billion to $47 billion, even as advances in digital technology seem to have eliminated the need to spend any of it. FirstNet, which has received scant press attention, was established in 2012 and funded with an initial $7 billion. A classic congressional compromise made it a quasi-independent unit of the Department of Commerce. That was supposed to give it the heft and authority of the federal government but the agility and culture of a private-sector start-up. In fact, the reverse dynamics seem to have taken over from the beginning. It took FirstNet two years just to recruit a skeleton staff, only to be hit by an inspector general's report that found potential conflicts of interest and problems with the awarding of initial consulting contracts. It then took another two years to issue a request for proposal (RFP) asking contractors to bid on the work to build and operate the system. The impetus for FirstNet grew out of an aspect of the September 11 narrative that is part tragedy and part urban myth. Certainly, FirstNet is not on Jeh Johnson's priority list. Asked about FirstNet, the homeland-security secretary said he was ânot familiar with what they're supposed to be doing.â ------------------------------ Date: Tue, 16 Aug 2016 07:48:04 -0500 From: "Alister Wm Macintyre \(Wow\)" <macwheel99 () wowway com> Subject: Tesla Spontaneously Catches Fire! Tesla Spontaneously Catches Fire, Burns Down During Test Drive In France. Not yet explained. There are some clues. http://www.zerohedge.com/news/2016-08-15/tesla-spotaneously-catches-fire-during-test-drive-france https://electrek.co/2016/08/15/tesla-model-s-catches-fire-test-drive-france/ http://bgr.com/2016/08/15/tesla-model-s-fire-photos-test-drive/ https://www.reddit.com/r/teslamotors/comments/4xt9zq/model_s_spontaneous_fire_during_customer_test/?sort=top Earlier there was a Tesla on fire in Norway. A short circuit is the explanation. An automobile spontaneously catching on fire, is not a risk unique to Tesla. Many other auto brand names also experience this surprise hazard. http://www.teslarati.com/tesla-short-circuit-cause-for-model-s-norway-fire/ http://www.vg.no/forbruker/bil-baat-og-motor/elbil/tesla-brannen-kortslutning-i-bilen-men-vet-ikke-hvorfor/a/23640710/ ------------------------------ Date: Tue, 9 Aug 2016 05:01:46 -0500 From: "Alister Wm Macintyre \(Wow\)" <macwheel99 () wowway com> Subject: Tesla and Troubles Auto occupant: human behind the wheel, who is not driving, but using a cyber-assist function, which cannot work right if there is no human to assist. Autopilot, not to be confused with "auto pilot" in air planes: a marketing gimmick that falsely leads the public to think that the "Autopilot" in cars is as qualified to drive the cars, as the auto pilot in planes is competent to drive the planes, without human interaction. The terminology "self-driving" and "driverless" cars is equally dangerous, as it leads consumers, and journalists, to believe technology has arrived which is much smarter than is really there. [Of course, grammatically an "auto pilot" might be someone licensed to drive an automotive vehicle who then tries to fly an aircraft. In this context, auto- is a combining form, as is cyber- (which I have adjusted twice in this message.) PGN] Tesla expects auto occupant to have hands on steering wheel, prepared to take over in an instant if the cyber-assistant needs to be superseded, but this is in the manual in tiny print, below marketing implying this not needed. In First Autopilot Crash In China, Tesla Model S Driver Crashes In Beijing With Autopilot http://www.zerohedge.com/news/2016-08-08/first-autopilot-crash-china-tesla-model-s-driver-crashes-beijing-autopilot-engaged Auto occupants, of cars with Tesla Autopilot, can sometimes have video of the Autopilot allegedly going bad, and the driver surviving the experience. That says more for the safety features of Tesla, because in how many traffic mishaps, where human occupants are driving, are they able to both video tape their screw ups, and live to tell the tale? http://www.dailymail.co.uk/sciencetech/article-3281562/Tesla-autopilot-fail- videos-emerge-Terrifying-footage-shows-happens-autonomous-driving-goes-wrong .html What if the occupant falls asleep at the wheel, or suffers a medical emergency? It is a miracle, the car can drive to the nearest hospital. At current level of technology, it needs the occupant sufficiently conscious to recognize what's going on & what is needed. There is not yet any "get us to 1st responder" emergency button on the self-driving car controls. Tesla car drives owner to hospital after he suffers pulmonary embolism http://www.bbc.co.uk/newsbeat/article/37009696/tesla-car-drives-owner-to-hospital-after-he-suffers-pulmonary-embolism In 2013, NHTSA released rating system for autonomous vehicle capabilities [NHTSA = US National Highway Transportation Safety Administration.]. In 2013, NHTSA released rating system for autonomous vehicle capabilities. If it came to a court case, people could generally agree that: . Tesla technology so far is no higher than level 2. . Tesla marketing has claimed that it is at least level 3. http://www.nhtsa.gov/About+NHTSA/Press+Releases/U.S.+Department+of+Transportation+Releases+Policy+on+Automated+Vehicle+Development * No-Automation (Level 0): The driver is in complete and sole control of the primary vehicle controls -- brake, steering, throttle, and motive power -- at all times. * Function-specific Automation (Level 1): Automation at this level involves one or more specific control functions. Examples include electronic stability control or pre-charged brakes, where the vehicle automatically assists with braking to enable the driver to regain control of the vehicle or stop faster than possible by acting alone. * Combined Function Automation (Level 2): This level involves automation of at least two primary control functions designed to work in unison to relieve the driver of control of those functions. An example of combined functions enabling a Level 2 system is adaptive cruise control in combination with lane centering. * Limited Self-Driving Automation (Level 3): Vehicles at this level of automation enable the driver to cede full control of all safety-critical functions under certain traffic or environmental conditions and in those conditions to rely heavily on the vehicle to monitor for changes in those conditions requiring transition back to driver control. The driver is expected to be available for occasional control, but with sufficiently comfortable transition time. The Google car is an example of limited self-driving automation. * Full Self-Driving Automation (Level 4): The vehicle is designed to perform all safety-critical driving functions and monitor roadway conditions for an entire trip. Such a design anticipates that the driver will provide destination or navigation input, but is not expected to be available for control at any time during the trip. This includes both occupied and unoccupied vehicles. [Maybe we need some new levels like 2.5]. [Maybe journalists need to pick up on Tesla's realization that "autopilot" is a terrible misnomer! PGN] ------------------------------ Date: Fri, 12 Aug 2016 21:39:05 -0700 From: "Jim" <jgeissman () socal rr com> Subject: Re: A New Hack Can Unlock 100 Million Volkswagens (RISKS-29.68) Andy Greenberg's article suggests this applies to VWs since 1995, therefore quite a lot of them. I got my 2001 model in 2000, and keyless was not available then. Perhaps the dates are wrong. ------------------------------ Date: Sun, 14 Aug 2016 23:58:15 -0400nn From: L Coney <coney () lillieconey net> Subject: Hacker Releases More Democratic Party Documents The latest release on the DNC through WikiLeaks: This is potentially the most damaging thing that the hackers could have done. This could allow access of personal address books, emails, and text messages of members of Congress via malware such as a virus or worm program. Privacy breaches are about getting to private matters or information that is not public knowledge. The best defense is shut the phones off and switch to new undisclosed numbers and emails until phone numbers and email addresses can be changed. http://www.nytimes.com/2016/08/13/us/politics/democratic-party-documents-hack.html [Monty Solomon <monty () roscom com> comments on this NYTimes article: Guccifer 2.0, believed to have ties to Russia, claimed responsibility for the breach, which included lawmakers' personal cellphone numbers and email addresses. PGN] ------------------------------ Date: Tue, 16 Aug 2016 08:30:37 -0700 From: Lauren Weinstein <lauren () vortex com> Subject: Hackers claim to have stolen NSA cyberweapons, auctioning them to highest bidder (BoingBoing) via NNSquad http://boingboing.net/2016/08/16/hackers-claim-to-have-stolen-n.html?utm_sourcefeedburner&utm_medium=feed&utm_campaign=Feed%3A+boingboing%2FiBag+%28Boing+Boing %29 Passed along FYI, though the real-world impact of this stuff appears minimal now, except to the wallet of any fool who was stupid enough to pay for it. [See also Elias Groll, *Foreign Policy*, 15 Aug 2016 A mysterious online group calling itself The Shadow Brokers is claiming to have penetrated the National Security Agency, stolen some of its malware, and is auctioning off the files to the highest bidder. http://foreignpolicy.com/2016/08/15/shadow-brokers-claim-to-be-selling-nsa-malware-in-what-could-be-historic-hack Also, Tim Libert in Dave Farber's IP distribution: "They've thus far netted 1.6BTC [Bitcoin]. I don't think the auction is going well." https://blockchain.info/address/19BY2XCgbDe6WtTVbTyzM9eR3LYr6VitWK And then this via Dewayne Hendricks by Mike Masnick, TechDirt, 16 Aug 2016: Mike Masnick: Ed Snowden Explains Why Hackers Published NSA's Hacking Tools, from the you-break-many-things. dept, https://www.techdirt.com/articles/20160816/07465535255/ PGN] ------------------------------ Date: Tue, 16 Aug 2016 08:48:00 -0700 From: "Peter G. Neumann" <neumann () csl sri com> Subject: 80% of Android Linux users vulnerable (Digital Trends) http://www.digitaltrends.com/mobile/android-hack-80-percent-users-linux/?u=tm_m_medium=t&utm_content=buffereb408&utm_medium=socialm&utm_source=facebook.com&utm_campaign=DT-FB ------------------------------ Date: Tue, 16 Aug 2016 15:08:26 -0700 From: Gene Wirchenko <genew () telus net> Subject: "Now data-stealing Marcher Android malware is posing as security update" (Danny Palmer) Danny Palmer, ZDNet, 16 Aug 2016 Now data-stealing Marcher Android malware is posing as security update Cybercriminals are telling users their device is at risk from viruses unless they download a particular 'security update' -- which delivers the malware. http://www.zdnet.com/article/now-data-stealing-marcher-android-malware-is-tricking-victims-by-posing-as-security-update/ ------------------------------ Date: Thu, 11 Aug 2016 22:08:03 -0700 From: Lauren Weinstein <lauren () vortex com> Subject: New air-gap jumper covertly transmits data in hard-drive sounds (Ars Technica) http://arstechnica.com/security/2016/08/new-air-gap-jumper-covertly-transmits-data-in-hard-drive-sounds/ Researchers have devised a new way to siphon data out of an infected computer even when it has been physically disconnected from the Internet to prevent the leakage of sensitive information it stores. The method has been dubbed "DiskFiltration" by its creators because it uses acoustic signals emitted from the hard drive of the air-gapped computer being targeted. It works by manipulating the movements of the hard drive's actuator, which is the mechanical arm that accesses specific parts of disk platter so heads attached to the actuator can read or write data. By using so-called seek operations that move the actuator in very specific ways, it can generate sounds that transfer passwords, cryptographic keys, and other sensitive data stored on the computer to a nearby microphone. The technique has a range of six feet and a speed of 180 bits per second, fast enough to steal a 4096-bit key in about 25 minutes. [This not a new risk, but is getting a bit of hype. PGN] ------------------------------ Date: Mon, 15 Aug 2016 21:25:40 PDT From: "Peter G. Neumann" <neumann () csl sri com> Subject: More on Air-Gap Security Threats (Security Week) Air-gapping a computer (i.e., isolating it from the Internet) is considered by many organizations a highly efficient security measure since, in theory, it should be impossible to remotely steal information from the device. However, researchers demonstrated on several occasions over the past years that the air-gap can be jumped using optic, thermal, electromagnetic and acoustic channels. Since experts have shown that speakers and microphones connected to a computer can be leveraged for a two-way communications channel, many organizations have decided to ban employees from connecting such devices to air-gapped systems. However, there are other components that can be used for covert data exfiltration via acoustic signals. In June, researchers from Ben-Gurion University of the Negev detailed Fansmitter, a method that involves using the noise from a device's fans to send bits of data to a nearby receiver (e.g., mobile phone). http://www.securityweek.com/hard-drive-noise-allows-data-theft-air-gapped-computers http://www.securityweek.com/malware-can-steal-data-air-gapped-devices-fans) ------------------------------ Date: Fri, 12 Aug 2016 09:48:38 -0700 From: Gene Wirchenko <genew () telus net> Subject: "Linux TCP flaw lets 'anyone' hijack Internet traffic" (Steven J. Vaughan-Nichols) http://www.zdnet.com/article/linux-tcp-flaw-lets-anyone-hijack-internet-traffic/ Steven J. Vaughan-Nichols for Networking, 11 Aug 2016 What started as an attempt to secure TCP/IP in Linux ended up enabling an attack vector that can be used to break, or even hijack, Internet connections between Linux and Android systems. Some days you can't win for losing. In 2012, Linux implemented a new TCP/IP networking standard, RFC 5961, Improving TCP's Robustness to Blind In-Window Attacks, to improve security. In the process, they opened up a heretofore unknown security hole. Ironically, other operating systems that lagged in implementing this new "security" mechanism -- such as FreeBSD, macOS, and Windows -- are immune to this new attack vector. This is potentially a big deal, because it can be used to break or even hijack Internet connections between Linux and Android systems. The good news -- and, yes, there is good news -- is it's easy to fix. First, Linux itself is being patched to stop the attack vector in its track. Next, you simply raise the 'challenge ACK limit' to an extremely large value to make it practically impossible to exploit the side channel problem that enabled the attack to work. [Example follows in article.] ------------------------------ Date: Fri, 12 Aug 2016 10:03:44 -0700 From: Gene Wirchenko <genew () telus net> Subject: "How an IP mapping glitch turned a farm into federal hell" (Charlie Osborne) Charlie Osborne for Zero Day, ZDNet, 12 Aug 2016 Everyone from federal agents to ambulance staff and IRS collectors all ended up on the same doorstep for years due to one lazy IP setting. http://www.zdnet.com/article/how-an-ip-mapping-glitch-turned-a-farm-into-federal-hell/ selected text: A rural Kansas farmhouse has been the target of federal agents and investigators for the past 10 years, driving the elderly owner and tenants up the wall -- and is all due to one mapping glitch. The cause? A single company which turned the rural farmhouse into a geographic hotspot and default answer for investigators attempting to trace nefarious IP addresses in the United States. The case has wound up in court, and in a background check conducted as part of the Arnolds' complaint, it appeared that MaxMind picked the farmhouse to act as the default IP for what was basically an unknown US location. ------------------------------ Date: Fri, 12 Aug 2016 11:18:14 -0800 From: Rob Slade <rmslade () shaw ca> Subject: Windows 10 re-problems Internet connection I've mentioned my saga with Windows 10 and an intermittent Internet connection problem: http://itsecurity.co.uk/2016/07/windows-10-internet-problems/ After about a week of work, I found a workaround that seemed to be fairly stable. This week was, of course, patch Tuesday. Wednesday night the machine rebooted itself. The workaround that I had implemented (of pointing to OpenDNS or Google's DNS) now no longer works. Fortunately, flushing the DNS still does. But it does mean that I have to leave the admin command prompt window open (on both our desktops), and keep resetting the connection on a fairly regular basis. And what is it that Microsoft has done this week to make things even worse than they were before? victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ ------------------------------ Date: Sat, 13 Aug 2016 07:13:44 +0800 From: Dan Jacobson <jidanni () jidanni org> Subject: Thai Plan to Track All Foreigners By SIM Cards Moves Forward http://www.khaosodenglish.com/news/2016/08/09/plan-track-foreigners-not-just-tourists-sim-cards-moves-forward/ "We will separate SIM cards for foreigners and Thais," Takorn Tantasith said Monday. "The location will always be turned on in this SIM card for foreigners. And it cannot be turned off." ------------------------------ Date: Mon, 15 Aug 2016 00:20:30 -0500 From: Bruce Schneier <schneier () schneier com> Subject: Hacking the Vote: the Security of Our Election Systems You can read this issue on the web at <https://www.schneier.com/crypto-gram/archives/2016/0815.html>. These same essays and news items appear in the "Schneier on Security" blog at <http://www.schneier.com/blog>, along with a lively and intelligent comment section. An RSS feed is available. Russia was behind the hacks into the Democratic National Committee's computer network that led to the release of thousands of internal e-mails just before the party's convention began, U.S. intelligence agencies have reportedly concluded. The FBI is investigating. WikiLeaks promises there is more data to come. The political nature of this cyberattack means that Democrats and Republicans are trying to spin this as much as possible. Even so, we have to accept that someone is attacking our nation's computer systems in an apparent attempt to influence a presidential election. This kind of cyberattack targets the very core of our democratic process. And it points to the possibility of an even worse problem in November -- that our election systems and our voting machines could be vulnerable to a similar attack. If the intelligence community has indeed ascertained that Russia is to blame, our government needs to decide what to do in response. This is difficult because the attacks are politically partisan, but it is essential. If foreign governments learn that they can influence our elections with impunity, this opens the door for future manipulations, both document thefts and dumps like this one that we see and more subtle manipulations that we don't see. Retaliation is politically fraught and could have serious consequences, but this is an attack against our democracy. We need to confront Russian President Vladimir Putin in some way -- politically, economically or in cyberspace -- and make it clear that we will not tolerate this kind of interference by any government. Regardless of your political leanings this time, there's no guarantee the next country that tries to manipulate our elections will share your preferred candidates. Even more important, we need to secure our election systems before autumn. If Putin's government has already used a cyberattack to attempt to help Trump win, there's no reason to believe he won't do it again -- especially now that Trump is inviting the "help." Over the years, more and more states have moved to electronic voting machines and have flirted with Internet voting. These systems are insecure and vulnerable to attack. But while computer security experts like me have sounded the alarm for many years, states have largely ignored the threat, and the machine manufacturers have thrown up enough obfuscating babble that election officials are largely mollified. We no longer have time for that. We must ignore the machine manufacturers' spurious claims of security, create tiger teams to test the machines' and systems' resistance to attack, drastically increase their cyber-defenses and take them offline if we can't guarantee their security online. Longer term, we need to return to election systems that are secure from manipulation. This means voting machines with voter-verified paper audit trails, and no Internet voting. I know it's slower and less convenient to stick to the old-fashioned way, but the security risks are simply too great. There are other ways to attack our election system on the Internet besides hacking voting machines or changing vote tallies: deleting voter records, hijacking candidate or party websites, targeting and intimidating campaign workers or donors. There have already been multiple instances of political doxing -- publishing personal information and documents about a person or organization -- and we could easily see more of it in this election cycle. We need to take these risks much more seriously than before. Government interference with foreign elections isn't new, and in fact, that's something the United States itself has repeatedly done in recent history. Using cyberattacks to influence elections is newer but has been done before, too -- most notably in Latin America. Hacking of voting machines isn't new, either. But what is new is a foreign government interfering with a U.S. national election on a large scale. Our democracy cannot tolerate it, and we as citizens cannot accept it. Last April, the Obama administration issued an executive order outlining how we as a nation respond to cyberattacks against our critical infrastructure. While our election technology was not explicitly mentioned, our political process is certainly critical. And while they're a hodgepodge of separate state-run systems, together their security affects every one of us. After everyone has voted, it is essential that both sides believe the election was fair and the results accurate. Otherwise, the election has no legitimacy. Election security is now a national security issue; federal officials need to take the lead, and they need to do it quickly. This essay originally appeared in the "Washington Post." https://www.washingtonpost.com/posteverything/wp/2016/07/27/by-november-russian-hackers-could-target-voting-machines/ DNC Hack: http://www.nytimes.com/2016/07/27/world/europe/russia-dnc-hack-emails.html http://www.cnn.com/2016/07/26/politics/julian-assange-dnc-email-leak-hack/ http://www.defenseone.com/technology/2016/07/how-putin-weaponized-wikileaks-influence-election-american-president/130163/ http://arstechnica.com/security/2016/06/guest-editorial-the-dnc-hack-and-dump-is-what-cyberwar-looks-like/ https://www.balloon-juice.com/2016/07/26/we-are-at-cyber-war-so-what-exactly-do-we-do-about-it/ How hackers could influence an election: http://www.huffingtonpost.com/michael-gregg/top-six-ways-hackers-coul_b_7832730.html Trump and Russia: http://talkingpointsmemo.com/edblog/trump-putin-yes-it-s-really-a-thing https://www.washingtonpost.com/politics/democratic-national-convention-obama-biden-kaine-set-to-tout-clinton-as-commander-in-chief/2016/07/27/afc57884-53e8-11e6-bbf5-957ad17b4385_story.html Electronic voting machine insecurities: http://arstechnica.com/tech-policy/2015/04/meet-the-e-voting-machine-so-easy-to-hack-it-will-take-your-breath-away/ Insecurity of voting machines: https://www.statslife.org.uk/significance/politics/2288-how-trustworthy-are-electronic-voting-systems-in-the-us https://www.salon.com/2011/09/27/votinghack/ https://www.theguardian.com/us-news/2015/apr/15/virginia-hacking-voting-machines-security http://whowhatwhy.org/2015/08/31/foreigners-could-hack-us-elections-experts-say/ http://www.popsci.com/gadgets/article/2012-11/how-i-hacked-electronic-voting-machine https://www.schneier.com/blog/archives/2004/11/the_problem_wit.html https://www.giac.org/paper/gsec/3687/inherent-problems-electronic-voting-systems/105962 http://homepage.cs.uiowa.edu/~jones/voting/congress.html https://cs.stanford.edu/people/eroberts/cs181/projects/2006-07/electronic-voting/index_files/page0004.html https://citp.princeton.edu/research/voting/ Relevant cartoon: https://xkcd.com/463/ Diebold's spurious security claims: https://www.salon.com/2006/09/13/diebold_3/ The importance of voter-verified paper audit trails: http://votingmachines.procon.org/view.answers.php?questionID=000291 The insecurity of Internet voting: http://engineering.jhu.edu/magazine/2016/06/internet-voting-nonstarter/ https://www.verifiedvoting.org/resources/internet-voting/vote-online/ http://www.scientificamerican.com/article.cfm?id=2012-presidential-election-electronic-voting Targeting voter records: http://thehill.com/policy/cybersecurity/278231-election-fraud-feared-as-hackers-target-voter-records Political doxing: https://www.schneier.com/blog/archives/2015/11/the_rise_of_pol.html Influencing Latin American elections with cyberattacks: http://www.bloomberg.com/features/2016-how-to-hack-an-election/ Obama's executive order on cyberattack response: https://www.whitehouse.gov/blog/2015/04/01/our-latest-tool-combat-cyber-attacks-what-you-need-know https://www.whitehouse.gov/blog/2015/04/01/expanding-our-ability-combat-cyber-threats https://medium.com/the-white-house/a-new-tool-against-cyber-threats-1a30c188bc4#.jgbalohyi https://www.whitehouse.gov/the-press-office/2015/04/01/executive-order-blocking-property-certain-persons-engaging-significant-m Russia has attacked the US in cyberspace in an attempt to influence our national election, many experts have concluded. We need to take this national security threat seriously and both respond and defend, despite the partisan nature of this particular attack. There is virtually no debate about that, either from the technical experts who analyzed the attack last month or the FBI which is analyzing it now. The hackers have already released DNC e-mails and voicemails, and promise more data dumps. While their motivation remains unclear, they could continue to attack our election from now to November -- and beyond. Like everything else in society, elections have gone digital. And just as we've seen cyberattacks affecting all aspects of society, we're going to see them affecting elections as well. What happened to the DNC is an example of organizational doxing -- the publishing of private information -- an increasingly popular tactic against both government and private organizations. There are other ways to influence elections: denial-of-service attacks against candidate and party networks and websites, attacks against campaign workers and donors, attacks against voter rolls or election agencies, hacks of the candidate websites and social media accounts, and -- the one that scares me the most -- manipulation of our highly insecure but increasingly popular electronic voting machines. On the one hand, this attack is a standard intelligence gathering operation, something the NSA does against political targets all over the world and other countries regularly do to us. The only thing different between this attack and the more common Chinese and Russian attacks against our government networks is that the Russians apparently decided to publish selected pieces of what they stole in an attempt to influence our election, and to use WikiLeaks as a way to both hide their origin and give them a veneer of respectability. All of the attacks listed above can be perpetrated by other countries and by individuals as well. They've been done in elections in other countries. They've been done in other contexts. The Internet broadly distributes power, and what was once the sole purview of nation states is now in the hands of the masses. We're living in a world where disgruntled people with the right hacking skills can influence our elections, wherever they are in the world. The Snowden documents have shown the world how aggressive our own intelligence agency is in cyberspace. But despite all of the policy analysis that has gone into our own national cybersecurity, we seem perpetually taken by surprise when we are attacked. While foreign interference in national elections isn't new, and something the US has repeatedly done, electronic interference is a different animal. The Obama administration is considering how to respond, but politics will get in the way. Were this an attack against a popular Internet company, or a piece of our physical infrastructure, we would all be together in response. But because these attacks affect one political party, the other party benefits. Even worse, the benefited candidate is actively inviting more foreign attacks against his opponent, though he now says he was just being sarcastic. Any response from the Obama administration or the FBI will be viewed through this partisan lens, especially because the president is a Democrat. We need to rise above that. These threats are real and they affect us all, regardless of political affiliation. That this particular attack targeted the DNC is no indication of who the next attack might target. We need to make it clear to the world that we will not accept interference in our political process, whether by foreign countries or lone hackers. However we respond to this act of aggression, we also need to increase the security of our election systems against all threats -- and quickly. We tend to underestimate threats that haven't happened -- we discount them as "theoretical" -- and overestimate threats that have happened at least once. The terrorist attacks of 9/11 are a showcase example of that: administration officials ignored all the warning signs, and then drastically overreacted after the fact. These Russian attacks against our voting system have happened. And they will happen again, unless we take action. If a foreign country attacked US critical infrastructure, we would respond as a nation against the threat. But if that attack falls along political lines, the response is more complicated. It shouldn't be. This is a national security threat against our democracy, and needs to be treated as such. This essay previously appeared on CNN.com. http://edition.cnn.com/2016/07/28/opinions/hackers-election-opinion-schneier/ More evidence pointing to Russia: http://www.cnn.com/2016/07/27/politics/dnc-hacking-emails-russia-white-house/ Organizational doxing: https://www.schneier.com/blog/archives/2015/07/organizational_.html How hackers could influence an election: http://www.huffingtonpost.com/michael-gregg/top-six-ways-hackers-coul_b_7832730.html http://www.bloomberg.com/features/2016-how-to-hack-an-election/ Foreign interference in US elections: https://www.washingtonpost.com/posteverything/wp/2016/07/26/why-would-russia-interfere-in-the-u-s-election-because-it-usually-works/ US interference in foreign elections: https://www.lawfareblog.com/what-old-and-new-and-scary-russias-probable-dnc-hack US response: http://www.nytimes.com/2016/07/28/us/politics/donald-trump-russia-clinton-emails.html Election interference as cyberattack: https://www.balloon-juice.com/2016/07/26/we-are-at-cyber-war-so-what-exactly-do-we-do-about-it/ Copyright (c) 2016 by Bruce Schneier. ------------------------------ Date: Mon, 15 Aug 2016 13:22:00 PDT From: "Peter G. Neumann" <neumann () csl sri com> Subject: Statistical study of voting results A report with statistical analyses of the Democratic primaries shows statistically significant disparities between machine-counted and hand-counted vote totals -- for example, 10% in one case. http://www.electoralsystemincrisis.org As always, statistical studies have to be taken for what they are. However, this report seems consistent with various independent factors as well. ------------------------------ Date: Sat, 13 Aug 2016 19:57:23 -0400 From: "Robert I. Eachus" <rieachus () comcast net> Subject: Re: How to hack an election in seven minutes (Kristiansen, RISKS-29.68) Where I vote, and almost everywhere in New Hampshire (Dixville Notch may be an exception ;-), we use mark sense paper ballots (ballots with blue boxes you fill in with a black fiber pen), that are counted as they are collected by a ballot box. If there is a second recount, or if the numbers from one ward or town seem off, the box can be opened and the ballots counted by hand. Ballot box stuffing is still possible, but it takes three separate actions in the presence of voters and poll watchers. It is not impossible, but unlikely to be effective. If you can round up enough people to vote in multiple towns, and get past the local recognition issue to make a difference, you can probably win the election based on their (single) votes anyway. IF you lived in New Hampshire you would know just how much pressure there is from the media to get instant results. Especially during the Presidential primary, there are whole seconds between the polls closing and the TV networks announcing winners, and bragging about how much faster their network was in declaring winners. ------------------------------ Date: Sun, 14 Aug 2016 08:06:58 -0700 From: Lauren Weinstein <lauren () vortex com> Subject: Social Security Administration REMOVES highly criticized cell phone access requirement https://plus.google.com/+LaurenWeinstein/posts/2NcpQZFtJ4Y My 29 July blog posting [now updated]: Confirmed and Unacceptable: Social Security Administration Cutting Off Users Who Can't Receive Text Messages https://lauren.vortex.com/2016/07/ssa-cutting-off-users-who-cant-receive-text-messages was highly critical of the manner in which SSA had implemented a new cell phone-only 2-factor access requirement. That posting generated among the most comments and responses I've ever received related to a single blog posting. I'm now informed that SSA has *removed* the requirement, and that users are being greeted with this text: "We removed the requirement to use a cell phone to access your account. While it's not mandatory, we encourage those of you who have a text capable cell phone to take advantage of this optional extra security. We continue to pursue more options beyond cell phone texting." Login security using 2-factor can be very important, but SSA totally botched it up. I appreciate that SSA has now done the right thing in this case. Perhaps in the future they'll think these things through better *ahead* of time! ------------------------------ Date: Tue, 10 May 2016 11:11:11 -0800 From: RISKS-request () csl sri com Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. The mailman Web interface can be used directly to subscribe and unsubscribe: http://mls.csl.sri.com/mailman/listinfo/risks Alternatively, to subscribe or unsubscribe via e-mail to mailman your FROM: address, send a message to risks-request () csl sri com containing only the one-word text subscribe or unsubscribe. You may also specify a different receiving address: subscribe address= ... . You may short-circuit that process by sending directly to either risks-subscribe () csl sri com or risks-unsubscribe () csl sri com depending on which action is to be taken. Subscription and unsubscription requests require that you reply to a confirmation message sent to the subscribing mail address. Instructions are included in the confirmation message. Each issue of RISKS that you receive contains information on how to post, unsubscribe, etc. => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) is online. <http://www.CSL.sri.com/risksinfo.html> *** Contributors are assumed to have read the full info file for guidelines. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line. *** NOTE: Including the string `notsp' at the beginning or end of the subject *** line will be very helpful in separating real contributions from spam. *** This attention-string may change, so watch this space now and then. => OFFICIAL ARCHIVES: ftp://ftp.sri.com/risks for current volume or ftp://ftp.sri.com/VL/risks for previous VoLume http://www.risks.org takes you to Lindsay Marshall's searchable archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html --> VoLume, ISsue. Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001) <http://the.wiretapped.net/security/info/textfiles/risks-digest/> *** NOTE: If a cited URL fails, we do not try to update them. Try browsing on the keywords in the subject line or cited article leads. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 29.69 ************************
Current thread:
- Risks Digest 29.69 RISKS List Owner (Aug 16)