News & Insights
We’re Making History in Real Time.
Our timely insights share informed perspectives on the rapidly evolving story of Election Technology, as it unfolds.
The Basics About the Walled City of Election Administration
Our readers and followers may recall this tweet thread we posted in late November about where votes are counted and stored and how exactly basic voting systems function. The Trump Administration’s persistence of a false narrative about election rigging (“stop the steal”) shows no sign of letting up in the waning days of his presidency. So, it’s time to debunk these claims with an easier to follow explanation (a fact-based narrative) rather than continuing a whac-a-mole approach of pointing out each of the many falsehoods as they pop up, and individually responding. So, OSET Institute co-founders John Sebes & Gregory Miller offer a simple article about what is actually true…
Election 2020: The Most Secure Ever...
Recently, we read Eric Tucker’s and Frank Bajak’s article about the assessment that this election was " the most secure" in American history. (The statement is captured here if the current Administration has removed it). However, we must not believe that “the most secure election” means that there is no further need for government funding or innovation in the existing election technology infrastructure, or that we can just let the status quo remain. We cannot…
House Hearing on Election Security Broaches Supply Chain Issues
The Committee on House Administration, the committee with oversight responsibility for matters relating to federal elections, is holding a hearing today entitled “2020 Election Security: Perspectives from Voting System Vendors and Experts.” The CEOs of the three voting machine makers (Election Systems & Software, Hart InterCivic, Dominion Voting Systems) are providing written testimonies, two of which include statements about supply chain risk. Supply chain risk management is a timely topic.
National Security and “Federal Control” of Elections
Previously, our CTO, John Sebes tried to unpack the regrettable misunderstanding that current attempts to strength U.S. elections nationwide are some form of Federal hijack of states’ responsibilities for elections. And of course, he is not our corporate lawyer or anyone in Legal trying to sort this out. But from a layperson’s view (at least to Constitutional law and all) this doesn’t seem overly complicated to John, and so here’s his view....
“The Federal government should not gain more control over state elections” — Exactly Right, and Missing the Point
While at DEFCON Voting Village this week, OSET Institute CTO John Sebes observed that there is clearly more energy, more concern, and a greater sense of patriotism about defense of democracy and securing our elections than he has yet to see. And that has John thinking about how the federal government and states’ governments need to cooperate for the benefit of our democratic republic. John comments here, and in a follow-up post.
Microsoft Wades into Election Integrity & Security with New Open Source Software Tools
The primary short-term significance of the Microsoft announcement about ElectionGuard (similar to the recent DARPA SSITH open source trusted hardware project) is validation of a major point about election cyber-security that just wasn’t part of the national conversation a couple years ago: Major technology innovation is required to increase the verifiability, accuracy, and security of elections technology and (at least) U.S. elections. That’s probably just as important as the prospect that ElectionGuard might be included in future proprietary voting system products, or in open-source election technology offerings from OSET Institute’s TrustTheVote Project or others….
New Cybersecurity Threats Require New Thinking on Testing and Certification
Ms. Voting Matters offers a summation of internal leadership discussion on the imperative topic of evolving election technology security; a longer article, but we think worth the read.
On an almost daily basis, there is mounting evidence that the scope of “election security” is wider than might appear at first blush. While much attention has been paid to “voting machines” and “voting systems” that capture and tabulate votes, there is growing awareness that other types of election-related software infrastructure are even more vulnerable by virtue of being network-connected: specifically, voter registration (VR) systems and Election Night Reporting (ENR) systems (which display results over the web, but which do not tabulate votes) have been found to be especially vulnerable. The question is how can cybersecurity testing and certification adapt?
Perspectives from the U.S. Elections Assistance Commission Public Hearing in Memphis
On April 10, 2019, at the historic Peabody Hotel in Memphis, TN, Eddie Perez, our Director of Technology Development, had the privilege of presenting public testimony on behalf of the OSET Institute at a Public Hearing of the United States Election Assistance Commission (EAC). The topic was the latest version (still pending) of federal voting system standards: the Voluntary Voting System Guidelines (VVSG), Version 2.0. Here are Eddie Perez’s observations about themes that emerged from the Public Hearing:
A Major Breakthrough Development in the Innovation of Election Technology
On Thursday March 14th it was announced that the Defense Department Advanced Research Projects Agency (DARPA) System Security Integration Through Hardware and Firmware (SSITH) Program has selected Galois, a premier computer science company and a security engineering partner of the OSET Institute, to develop a public prototype voting system in order to demonstrate the Program’s advancements in hardware and system security. This is an enormously pivotal piece of news in the mission to innovate election technology infrastructure to be Verifiable, Accurate, Secure, and Transparent (the “VAST mandate'“)…
Examining the Georgia State Voting System Cost Projection
The OSET Institute closely follows all developments in election technology infrastructure, because it’s essential to the defense of democracy. Lately, one topic that has garnered more public attention is the process by which state and local jurisdictions assess, select, and procure voting technology. One in particular, Georgia, has garnered much attention, and rightly so. There are some very unusual cost justifications underway; and the math is not adding up. Not. Even. Close. The OSET Institute took a measured examination of what the costing should really look like. Something is not right in Georgia.
Are There Cyberterrorist Threats to Elections?
On the same day H.R.1 was introduced by Sarbanes, Rep. Sheila Jackson Lee (D-TX-18) introduced H.R.52 – SAFETI Act - the Security for the Administration of Federal Election from Terrorists Intervention Act of 2019. Unlike H.R.1, H.R.52 is short — just two pages …but what it calls for was enough to get our attention about an aspect not previously focused on…
Thinking and Acting Locally for the Nation’s Sake— A Strategy for Improving Election Security
This is the first of a two-part article by our Associate General Counsel and Director for International Development, Joy London, that considers a local, state-based strategy for improving the nation’s election security rather than purely a top-down federal approach.
A 116th Opportunity: New Congress to Offer Ambitious Election Reform Bill to Defend Democracy
We’ve said it many times and it bears worth repeating: foreign interference in U.S. elections is a threat to our democracy. The security of critical election infrastructure is the focal point of the OSET Institute’s mission. So, OSET leadership was pleased to learn that on January 3, 2019, the opening day of the 116th session of Congress, the newly elected House Democratic majority, led by Speaker-designate Rep. Nancy Pelosi (D-CA-12), will have its first order of legislative business—House Resolution #1 (“H.R.1”), a comprehensive election reform bill. The question is will H.R.1 become law, and be the change-agent needed to better defend democracy?
The Race to Secure Our Elections: Are We Ready for November?
In my last article I highlighted the most important advancements in election security. This post examines the next logical steps: Is all this progress enough, and will our upcoming elections be more resistant to disruption than they were in 2016? The answer is: "Yes, but not as much as we had hoped…"
The Race to Secure our Elections: How Far Have we Come?
This article is the 1st of a two-part series on the state of America’s election infrastructure security with less than 4-months left to 2018 midterm election. Here I discuss the current situation and progress, and in the next post I will evaluate preparedness for the upcoming midterm in 110 days…
Shifting the Conversation from “Shoring-up” to “Re-engineering”
This afternoon a bipartisan group of authorities on election administration and cybersecurity presented a Congressional Briefing on current election security challenges facing federal and state policymakers. While it was a worthy discussion, I keep having this sinking feeling that we’re simply re-arranging furniture on the deck of a large cruise ship steaming toward an icebreaker in the dark…
Election Vulnerabilities: No Exploit Too Small; No Impact Too Large
The American public is currently in the midst of a rude awakening as increasing numbers of reports diagnose the state of American cybersecurity, especially as it pertains to elections. The nature of attacks isn’t limited to election administration equipment. Lots of havoc can be wreaked just attacking voter services web site…
Recounting Cyberscoop's SF CyberTalks Election Security Panel
Our CTO John Sebes was a featured speaker at Cyberscoop’s recent San Francisco CyberTalks held last week in downtown San Francisco. A huge success, SF CyberTalks was a TED-like conference for the cyber-security leadership community that brought together top influential leaders from the cyber-security community, technology industry and the government. We recap the Election Security Panel discussion John participated on, including recaps of his comments and answers to the moderator’s questions.
Critical Democracy Infrastructure: Our Briefing Launches
We are pleased to announce the release of the OSET Institute’s Critical Democracy Infrastructure (CDI) Briefing. It’s been over a year in development. Early review by several in Government, Media, and Advisors tell us this may be the most important publication on the issue of election infrastructure yet. We humbly hope so. This Briefing provides a thorough review of the technology infrastructure of election administration and operation. We address its critical nature and what is required for it to be treated as such, and assess the challenges of official designation, as well as the immediate and longer-term challenges to protecting this vital aspect of our democracy...
Recapping Our 4 CAP Briefing Posts
You may wonder why we spent 4 blog posts reviewing and discussing the CAP Briefing. Here’s briefly why. This Briefing is the kind of substantive consideration and conversation America (e.g., election officials, U.S. security officials, policy strategists, policy makers, and other stakeholders) needs to be having right now. Any set of recommendations deserves fair, intellectually honest, and open consideration and debate...