Larry Hosken. Technical writer. Puzzlehunt enthusiast.
157 stories
·
4 followers

Shipbuilding Contract Signed for Unmanned, Zero-Emission Container Ship ‘Yara Birkeland’

1 Share
The world’s first autonomous and electric container ship is one step closer to reality with a shipbuilding contract now in signed and sealed for the vessel. Norwegian technology firm Kongsberg, who is partnering with Yara on the project, announced today that Yara has signed a deal worth NOK 250 million ($25.9 million) with VARD to […]
Read the whole story
lahosken
1 hour ago
reply
San Francisco, USA
Share this story
Delete

Democrats Complain About Green Party “Spoilers,” but Few in Congress Back a Solution: Ranked-Choice Voting

1 Share

Ballots are still being counted in Ohio’s nail-biting special election in the 12th Congressional District, but it looks like Republican Troy Balderson will narrowly defeat Democrat Danny O’Connor.

As of the time of publication, the vote tally is 101,772 for Balderson and 100,208 for O’Connor. But with Green Party candidate Joe Manchik garnering 1,129 votes votes, some Democrats have projected their frustration about their loss onto third parties.

Of course, even with all of Manchik’s votes, O’Connor would still come up 435 votes short. But math hasn’t stopped Democrats from blaming the Green Party.

Adam Best, founder of the sports blog FanSided and better known for his anti-Donald Trump Twitter presence, quipped that Green Party voters just want “a cookie” for being “nonconformist,” and are indifferent to the negative consequences of a spoiler vote. Comedian Kathy Griffin echoed that sentiment, tweeting, “Green Party voters..no one is saying you can’t vote for your candidates….but don’t tell me you care about the environment if you know your vote will make the difference between a Dem winning over a Rep and you still choose to vote for your candidate who has NO chance of winning.”

Actress and activist Alyssa Milano lamented that Green Party votes were evidence of “Russian meddling,” while the political blog Palmer Report tweeted, “Green Party voters are even worse than Trump supporters” because “Green Party voters know Trump is destroying everything, yet they choose to vote in a way that hands him more power.”

If this sounds familiar, it might be because this reasoning has been deployed since America’s first elections, and especially since 2000, when Ralph Nader won more votes than Al Gore’s loss margin in Florida — the state that decided the 2000 presidential election. (Few ever raise the fact that 308,000 registered Democrats voted for George W. Bush in Florida that year, over nine times the 34,000 who voted for Nader.)

But even if we were to credit the assessment that Green Party candidates are responsible for spoiling multiple presidential elections, and now, Ohio’s 12th District, it remains true that the Democratic Party has shown little interest in addressing the underlying cause of the spoiler effect: our first-past-the-post voting system.

In our current system, the person who wins the most votes wins the election. As a result, if a third-party candidate who is ideologically similar to one of the main two parties enters a race, they can split the vote, causing the less popular platform to cary the day. However, in a ranked-choice voting system, voters “rank” the candidates in order of preference. If none of the parties get to 50 percent of the vote, the least popular candidate is stricken, and their votes are allocated according to the second choice of the voter. Meaning that if Stein voters had ranked Clinton second on their ballots, the votes cast by Stein voters would have gone to Clinton once it became clear that Stein finished last.

In 2017, a group of House Democrats, led by Virginia Rep. Don Beyer, introduced H.R. 3057, the Fair Representation Act, which would require every congressional district in America to use ranked-choice voting. It would also require districts to be redrawn by independent redistricting committees, which would diminish the effects of partisan gerrymandering, and it would require the installation of multimember districts — a reform that would allow voters in each district to elect multiple lawmakers instead of just one, so that more people would be represented.

The law would make congressional elections much more competitive and also make it so that voters who feel unrepresented by the major parties, or disenfranchised because they live in a district that is staunchly in favor of one party or another, would have a greater incentive to vote.

When it was introduced, the bill had a total of three sponsors: Beyer; Rep. Ro Khanna, D-Calif.; and Rep. Jamie Raskin, D-Md.

A year later, it has only gained two additional sponsors: Rep. Jim McGovern, D-Mass., and Rep. Jim Cooper, D-Tenn.

Ranked-choice voting is employed by about a dozen different localities and states. It’s used in municipal elections in Oakland and San Francisco, California; Minneapolis and St. Paul, Minnesota; and even by the academy. Earlier this year, Maine adopted ranked-choice voting for its June primaries over the legislature’s attempts to block the voter-driven ballot initiative that first brought the system to Maine. The result? Voter turnout was up, implementation was uncomplicated and inexpensive, few errors were made, and outcomes were perceived to be fair.

Ranked-choice voting made news this spring, when the two most left-wing candidates for San Francisco’s mayoral election formed a tactical alliance to win the others’ second preference votes. While they were technically competing against each other, they were also able to cooperate to empower their shared ideology — the beauty of a system that allows voters to cast multiple votes.

And advocates of ranked-choice voting raised the benefits of alternative voting schemes when, after Michigan’s recent governor’s race, the results suggested that if the third place candidate, who branded himself as a progressive, had been reallocated in a ranked-choice system, Abdul El-Sayed, a genuine progressive, might have come within arm’s reach of winning.

Europe provides several examples of other voting alternatives. French President Emmanuel Macron, for instance, ran on introducing greater proportional representation in the French legislature, and is slowly making good on that promise. Under proportional representation, parties are allotted seats based on the total percentage of the vote they get. Under that system, if Democrats were to receive 51 percent of the vote, Republicans 44 percent, and Greens 5 percent, they’d each get that percentage of seats in Congress.

Proportional representation is how elections are run in countries like Sweden, Germany, and Israel. It’s no surprise that legislatures in these countries often have seven or eight different political parties with significant clout, which then work together in coalitions on legislation, offering far more choices to voters. 

By contrast, American political parties tend not to offer third-party voters any sort of election reform plans — even to win over their votes.

Michelle Obama, one of Clinton’s more powerful surrogates, neatly summarized the argument against voting for third parties in 2016, telling voters, “Here’s the truth: Either Hillary Clinton or her opponent will be elected president this year. And if you vote for someone other than Hillary, or if you don’t vote at all, then you are helping to elect Hillary’s opponent.”

Even after the election, in her campaign memoir, Clinton seemed focused on her entitlement to votes rather than policies which could prevent future spoilers. “In each state, there were more than enough Stein voters to swing the result, just like Ralph Nader did in Florida and New Hampshire in 2000. Maybe, like actress Susan Sarandon, Stein thinks electing Trump will hasten ‘the revolution.’ Who knows?” she flippantly wrote.

This attitude is particularly disheartening when one considers that third-party votes are, unlike the failure to cast a ballot, a direct expression of disenchantment with the two major parties. And black voters are particularly hurt by the two-party system, as votes cast by historically marginalized groups are often presumed rather than earned.

Although the Green Party, stymied by ballot-access battles and boxed out by the major party giants, struggles to mount candidates with sufficient mainstream qualifications to capture more than a narrow slice of the vote, it has been a much more consistent advocate for progressive ideals than the Democratic Party has been. Its members are often those who care more, not less, about left-wing ideological commitments. Thus, it feels particularly cruel to attack engaged voters rather than flawed institutions

As Elizabeth Bruenig recently argued, there’s some value to believing in something — especially when a “lesser of two evils” mindset forces Democrats ever rightward. The goal should not be to attack the left, but to dismantle the voting system which forces such regressive results. In the interest of representation and ideological integrity, it’s clear that it’s time to give alternative voting schemes a try.

Top photo: Voters in Ohio’s 12th Congressional District wait in line to cast a ballot for their next congressperson on Aug. 7, 2018, in Columbus, Ohio.

The post Democrats Complain About Green Party “Spoilers,” but Few in Congress Back a Solution: Ranked-Choice Voting appeared first on The Intercept.

Read the whole story
lahosken
4 days ago
reply
San Francisco, USA
Share this story
Delete

The Economics of Hacking an Election

1 Comment
There have been many news stories of late about potential attacks on the American electoral system. Which attacks are actually serious? As always, the answer depends on economics.

There are two assertions I'll make up front. First, the attacker--any attacker--is resource-limited. They may have vast resources, and in particular they may have more resources than the defenders---but they're still limited. Why? They'll throw enough resources at the problem to solve it, i.e., to hack the election, and use anything left over for the next problem, e.g., hacking the Brexit II referendum… There's always another target.

Second, elections are a system. That is, there are multiple interacting pieces. The attacker can go after any of them; the defender has to protect them all. And protecting just one piece very well won't help; after all, "you don't go through strong security, you go around it." But again, the attacker has limited resources. Their strategy, then, is to find the greatest leverage, the point to attack that costs the defenders the most to protect.

There are many pieces to a voting system; I'll concentrate on the major ones: the voting machines, the registration system, electronic poll books, and vote-tallying software. Also note that many of these pieces can be attacked indirectly, via a supply chain attack on the vendors.

There's another point to consider: what are the attacker's goals? Some will want to change vote totals; others will be content with causing enough obvious errors that no one believes the results---and that can result in chaos.

The actual voting machines get lots of attention. That's partly a hangover from the 2000 Bush–Gore election, where myriad technological problems in Florida's voting system (e.g., the butterfly ballot in Palm Beach County and the hanging chads on the punch card voting machines) arguably cost Gore the state and hence the presidential election.

And purely computerized (DRE---Direct Recording Electronic) voting machines are indeed problematic. They make mistakes. If there's ever a real problem, there's nothing to recount. It's crystal-clear to virtually every computer scientist who has studied the issue that DRE machines are a bad idea. But: if you want to change the results of a nation-wide election or set of elections in the U.S., going after DRE machines is probably the wrong idea. Why not? Because it's too expensive.

There are many different election administrations in the U.S.: about 10,000 of them. Yes, sometimes an entire state uses the same type of machine---but each county administers its own machines. Storing the voting machines? Software updates? Done by the county. Progamming the ballot? Done by the county. And if you want to attack them? Yup---you have to go to that county. And voting machines are rarely, if ever, connected to the Internet, which means that you pretty much need physical presence to do anything nasty.

Now, to be sure, if you are at the polling place you may be able to do really nasty things to some voting machines. But it's not an attack that scales well for the attacker. It may be a good way to attack a local election, but nothing larger. A single Congressional race? Maybe, but let's do a back-of-the-envelope calculation. The population of the U.S. is about 325,000,000. That means that each election area has about 32,500 people. (Yes, I know it's very non-uniform. This is a back-of-the-envelope calculation.) There are 435 representatives, so each one has about 747,000 constituents, or about 75 election districts. (Again: back of the envelope.) So: you'd need a physical presence in seven different counties, and maybe many precincts in each county to tamper with the machines there. As I said, it's not an attack that scales very well. We need to fix our voting machines---after all, think of Florida in 2000---but for an attacker who wants to change the result of a national election, it's not the best approach.

There's one big exception: a supply chain attack might be very feasible for a nation-state attacker. There are not many vendors of voting equipment; inserting malware in just a few places could work very well. But there's a silver lining in that cloud: because there are many fewer places to defend than 50 states or 10,000 districts, defense is much less expensive and hence more possible---if we take the problem seriously.

And don't forget the chaos issue. If, say, every voting machine in a populus county of a battleground state showed a preposterous result---perhaps a 100% margin for some candidate, or 100 times as many votes cast as there are registered voters in the area---no one will be believe that that result is valid. What then? Rerun the voting in just that county? Here's what the Constitution says:

The Congress may determine the Time of chusing the Electors, and the Day on which they shall give their Votes; which Day shall be the same throughout the United States.

The voter registration systems are a more promising target for an attacker. While these are, again, locally run, there is often a statewide portal to them. In fact, 38 states have or are about to have online voter registration.

In 2016, Russia allegedly attacked registration systems in a number of states. Partly, they wanted to steal voter information, but an attacker could easily delete or modify voter records, thus effectively disenfranchising people. Provisional ballots? Sure, if your polling place has enough of them, and if you and the poll workers know what to do. I've been a poll worker. Let's just say that handling exceptional cases isn't the most efficient process. And consider the public reaction if many likely supporters (based on demographics) of a given candidate are the ones who are disproportionately deleted. (Could the attackers register phony voters? Sure, but to what end? In-person voter fraud is exceedingly rare; how many times can Boris and Natasha show up to vote? Again, that doesn't scale. That's also why requiring an ID to vote is solving a non-problem.)

There's another point. Voting software is specialized; it's attack surface should be low. It's possible to get that wrong, as in some now-decertified Virginia voting machines, and there's always the underlying operating system; still, if the machines aren't networked, during voting the only exposure should be via the voting interface.

A lot of registration software, though, is a more-or-less standard web platform, and is therefore subject to all of the risks of any other web service. SQL injection, in particular, is a very real risk. So an attack on the registration system is not only more scalable, it's easier.

Before the election, voter rolls are copied to what are known as poll books. Sometimes, these are paper books; other places use electronic ones. The electronic ones are networked to each other; however, they are generally not connected to the Internet. If that networking is set up incorrectly, there can be risks; generally, though, they're networked on a LAN. That means that you have to be at the polling place to exploit them. In other words, there's some risk, but it's not much greater than the voting machines.

There's one more critical piece: the vote-tallying software. Tallies from each precinct are transmitted to the county's election board; there may be links to the state, to news media, etc. In other words, this software is networked and hence very subject to attack. However: this is used for the election night count; different procedures can be and often are used for the official canvas. And even without attacks, many things can go wrong:

In Iowa, a hard-to-read fax from Scott County caused election officials initially to give Vice President Gore an extra 2,006 votes. In Outagamie County, Wis., a typo in a tally sheet threw Mr. Bush hundreds of votes he hadn't won.
But: the ability to do a more accurate count the second time around depends on there being something different to count: paper ballots. That's what saved the day in 2000 in Bernalillo County, New Mexico. The problem: ``The paper tallies, resembling grocery-store receipts, seemed to show that many more ballots had been cast overall than were cast in individual races. For example, tallies later that night would show that, of about 38,000 early ballots cast, only 25,000 were cast for Mr. Gore or Mr. Bush.'' And the cause? Programming the vote-counting system:
As they worked, Mr. Lucero's computer screen repeatedly displayed a command window offering a pull-down menu. From the menu, the two men should have clicked on "straight party." Either they didn't make the crucial click, or they did and the software failed to work. As a result, the Accu-Vote machines counted a straight-party vote as one ballot cast, but didn't distribute any votes to each of the individual party candidates.

To illustrate: If a voter filled in the oval for straight-party Democrat, the scanner would record one ballot cast but wouldn't allocate votes to Mr. Gore and other Democratic candidates.

Crucially, though, once they fixed the programming they could retally those paper ballots. (By the way, programming the tallying computer can itself be complex. Bernalillo County, which had a population of 557,000 then, required 114 different ballots.)

There's a related issue: the systems that distribute votes to the world. Alaska already suffered such an attack; it could happen elsewhere, too. And it doesn't have to be via hacking; a denial of service attack could also do the job of causing chaos.

The best way to check the ballot-counting software is risk-limiting audits. A risk-limiting audit checks a random subset of the ballots cast. The closer the apparent margin, the more ballots are checked by hand. "Risk-limiting audits guarantee that if the vote tabulation system found the wrong winner, there is a large chance of a full hand count to correct the results." And it doesn't matter whether the wrong count was due to buggy software or an attack. In other words, if there is a paper trail, and if it's actually looked at, via either a full hand-count or a risk-limiting audit, the tallying software isn't a good target for an attacker. One caveat: how much chaos might there be if the official count or the recount deliver results significantly different than the election night fast count?

There's one more point: much of the election machinery, other than the voting machines themselves, are an ordinary IT installation, and hence are subject to all of the security ills that any other IT organization can be subject to. This specifically includes things like insider attacks and ransomware---and some attackers have been targeting local governments:

Attempted ransomware attacks against local governments in the United States have become unnervingly common. A 2016 survey of chief information officers for jurisdictions across the country found that obtaining ransom was the most common purpose of cyberattacks on a city or county government, accounting for nearly one-third of all attacks.
The threat of attacks has induced at least one jurisdiction to suspend online return of absentee ballots. They're wise to be cautious---and probably should have been that cautious to start.

Again, elections are complex. I've only covered the major pieces here; there are many more ways things can go wrong. But of this sample, it's pretty clear that the attackers' best target is the registration system. (Funny, the Russians seemed to know that, too.) Actual voting machines are not a great target, but the importance of risk-limiting audits (even if the only problem is a close race) means that replacing DRE voting machines with something that provides a paper trail is quite important. The vote-counting software is even less interesting if proper audits are done, though don't discount the utility to some parties of chaos and mistrust.

Acknowledgments:Many thanks to Joseph Lorenzo Hall, Avi Rubin, and Matt Blaze for many helpful comments on this blog post.

Read the whole story
lahosken
8 days ago
reply
To cheat at an election, you must change millions of votes, not just dozens. You need a method that scales.
San Francisco, USA
Share this story
Delete

Verizon lied about 4G coverage—and it could hurt rural America, group says

1 Share

Enlarge (credit: Aurich Lawson / Getty Images)

Verizon "grossly overstated" its 4G LTE coverage in government filings, potentially preventing smaller carriers from obtaining funding needed to expand coverage in underserved rural areas, a trade group says.

The Federal Communications Commission last year required Verizon and other carriers to file maps and data indicating their current 4G LTE coverage. The information will help the FCC determine where to distribute up to $4.5 billion in Mobility Fund money over the next 10 years. The funds are set aside for "primarily rural areas that lack unsubsidized 4G," the FCC says.

If Verizon provided the FCC with inaccurate data, the company's rural competitors might not be able to get that government funding.

Read 19 remaining paragraphs | Comments

Read the whole story
lahosken
8 days ago
reply
San Francisco, USA
Share this story
Delete

This is why the Senate should care about Brett Kavanaugh’s time as Bush’s staff secretary

1 Share
Yes, Grassley's already ordered up a lot of documents. But the ones he's not asking for matter, too.
Read the whole story
lahosken
10 days ago
reply
San Francisco, USA
Share this story
Delete

Solving Office Bathroom Contention with MQTT & Software

1 Share

Comments

Read the whole story
lahosken
11 days ago
reply
San Francisco, USA
Share this story
Delete
Next Page of Stories