Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION SECURITY"

https://www.usenix.org/conference/enigma2021/presentation/cable
Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?
Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!
Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton
One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
The voting process
* significant advances in recent years (e.g. paper ballots, risk-limiting audits, end-to-end verifiability)
* research needed in integrating these technologies
* expanding to mail-in voting?
But there's also internet voting
* we can't do it securely today [oh no voatz reference]
* we have to combat malware, authentication etc.
* if we could solve them, that would be great. But in the meantime voting has to be successful for everyone
* can improve accessibility through things like getting ballot online, filling it out, then returning through the mail
Election support systems
* less researched. Probably because they look boring
* Voter registration databases aren't working. Russians breached at least 2 states, targeted all 50 states
* little to no public scrutiny of these systems
* election night reporting -- this is a picture of one where there was a bug in reporting. [It was fixed but freaked a lot of people out]
A lot of the trouble with the security of election support systems is not that we don't know how to do it -- it's that we have to do it
Campaign security
* biggest unknown (see Sunny Consolvo's talk!)
* we must view campaign security as non-partisan and increase resources and services available
Public confidence
* major damage from domestic actors
* widespread mis/dis-information
* technical election security measures helps to debunk rumours floating around
Misinformation-fighting supply measures:
* platforms: downranking and deplatforming
* trusted institutions
* debunking & fact checks
Misinformation-fighting demand measures:
* media literacy
* increased civics education

[ Also note that @katestarbird will be giving a talk on misinformation don't miss it: https://www.usenix.org/conference/enigma2021/presentation/starbird]
Let's fix election support systems!
* Much of this is applying security things we already know
[ Note: a lot of organizations have this problem 😭 ]
* engage in public research. Have a vuln disclosure policy so people can confidently help
Election security is a problem that can only be solved by working together: elections officials, security people, everyone

[end of talk]
You can follow @LeaKissner.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.