- 8 adorable tea infusers that will warm you with cuteness 2 Years Ago
- The Super Nintendo Pro is the wireless controller of your dreams 2 Years Ago
- Lori Loughlin reportedly dropped from ‘Fuller House’ final season 2 Years Ago
- The Legend of Zelda Encyclopedia Deluxe Edition is a true treasure Today 10:00 AM
- Even Republicans are angry with the GOP’s anti-Beto tweet Today 10:00 AM
- ‘Egg Boy’ vows to send GoFundMe money to mosque shooting victims Today 9:55 AM
- Noom is a weight loss program that prioritizes your mental health Today 9:10 AM
- Shane Dawson once joked about ejaculating on his cat—and people are furious Today 8:54 AM
- Rep. Steve King posts Civil War fantasy meme—accidentally mocks own state Today 8:41 AM
- Gaming company Valve removed tributes to Christchurch shooter Today 8:39 AM
- The best new bands at SXSW 2019 Today 8:00 AM
- 10 literary journalism classics that should be on your reading list Today 7:00 AM
- You can watch DC Universe’s acclaimed original shows for free Today 6:28 AM
- Ximena Sariñana talks capturing feminine energy on her latest album Today 6:00 AM
- The power of parasocial relationships in the age of loneliness Today 6:00 AM
Historic DDoS attack proves internet voting is still a terrible idea
Days like this are why online voting is nowhere on the horizon.
Adding to the already mile-long list of reasons why the United States should never adopt a centralized online voting system, widespread internet outages on Friday serve as yet another example of how the U.S. election system benefits from keeping it old school.
High-profile security breaches targeting politicians and alarms raised by the U.S. intelligence community over the possibility of an election day disruption by a malicious foreign actor have already led some states to engage in war-game-like exercises against their own election systems. But denial-of-service attacks, like the one experienced by millions in the U.S. on Friday, is a very different animal from the threat of infiltration that keeps lawmakers up at night.
The attack primarily targeted Dyn, a company that operates Domain Name System (DNS) servers for a wide rage of valuable online companies. The attack meant that people trying to access affected URLs—like twitter.com or paypal.com, among many others—couldn’t do so.
Amazon, Twitter, and a host of other companies saw significant downtime on Friday, starting on the East Coast and spreading across the U.S., an occurrence many experts warn could become commonplace unless traditional architectures supporting the web are improved.
Long lines and laziness have been suppressing voter turnout since democracy was invented.
“This is a reminder of how effective an attack on one can be an effective attack on many,” said Steve Grobman, chief technology officer for Intel Security. “An attacker seeking to disrupt services to multiple websites may be successful simply by hitting one service provider such as this, a DNS provider, or providers of multiple other Internet infrastructure systems.”
The idea of creating a centralized online voting system to enable Americans to vote electronically has been roundly dismissed as bad by government and private industry experts alike. It is also very enticing, perhaps because at first blush it feels only natural to evolve in that direction. We file our taxes, renew our driver’s licenses, and can even buy toilet paper with a simple swipe of the finger—so why not vote?
The election would look very differently after all if one could simply whip out a cellphone and cast a ballot: Long lines and laziness have been suppressing voter turnout since democracy was invented. But, as noted by Motherboard this week, previous attempts to construct internet voting systems have not gone as well as planned. It took a group of University of Michigan students roughly 36 hours to gain full control of a voting system designed by the District of Columbia’s Board of Elections & Ethics.
However, most cybersecurity expert say that applying the KISS principle—or ”keep it simple, stupid”—is the greatest defense Americans have against the type of “rigging” frequently raised this election season. The 50 states, plus the District of Colombia, all run their own election operations; and further, most votes are first collected at the county level. This decentralized format, while it has a lot of moving parts, would be ostensibly impossible to subvert with a computer from the other side of the planet.
The vulnerabilities that do remain are likely to be found in states that no longer offer paper ballots for voting. More than half of the country uses a Direct Recording Electronic (DRE) system to record votes, which stores the results on hard drives. While most generate a printout too, in a handful of states, including Nevada, Louisiana, and South Carolina, there’s no paper trail whatsoever—nothing to compare in audit in the event concerns about tampering are raised.
The type of distributed denial-of-service (DDoS) attack experienced on Friday could still wreak havoc on election day. Most news organizations pull their results from a small collection of sites on election night, for example. “Think about the chaos you could cause if you get one TV network calling the election for one candidate, and another network calling the election for the other,” Professor Herbert Lin of Stanford University noted in a CNN report last week.
“If you intent is to sow doubt and uncertainty, at least in the short term, affecting the media reporting could be really problematic.”
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.