Political newcomer vs. senior senator in Delaware primary
By RANDALL CHASE
Thursday, September 6
DOVER, Del. (AP) — A battle between Delaware’s senior senator and an upstart challenger riding an antiestablishment wave within the Democratic Party highlights the state’s primary elections Thursday.
Sen. Tom Carper, 71, has never lost a race in more than four decades in politics.
Carper’s primary challenger is political newcomer and community activist Kerri Evelyn Harris, 38.
Harris is among a wave of young activist Democrats, emboldened by the 2016 presidential campaign of U.S. Sen. Bernie Sanders of Vermont, trying to push the party farther left. Black, gay and female, her previous experience includes loading giant cargo planes, repairing cars and frying chicken in convenience stores, along with coaching young people to work for social change.
These candidates have sent shock waves through the party establishment, starting in June with a New York congressional primary victory by 28-year-old newcomer Alexandria Ocasio-Cortez over a 10-term incumbent. Recent victories by Tallahassee Mayor Andrew Gillum in Florida’s Democratic gubernatorial primary and Boston City Councilor Ayanna Pressley in a closely watched congressional primary in Massachusetts have further energized the movement.
Carper, who famously says he always campaigns as if he’s 20 points behind, is taking no chances against Harris, an Air Force veteran trying to stage one of the most shocking upsets in modern Delaware political history.
Carper has enjoyed a huge fundraising advantage against Harris this year, having raised more than $1.3 million as of mid-August, compared with a little more than $120,000 by Harris. He has far outspent her as well.
Harris noted that more than 40 states are represented in the donations and assistance her campaign has received.
“People of the entire United States realize that this campaign has implications that can be resounding for the rest of the nation,” Harris said. “It’s an effort to move the Democratic party closer to the people.”
Despite being a frequent and vocal critic of President Donald Trump, Carper has developed a reputation over the years as a centrist able to work with both Republicans and Democrats in Congress.
“Delaware’s always gotten rewarded for working to the middle, finding consensus. … I don’t think that’s changed,” he said.
That middle is largely occupied by people who aren’t registered with either leading party, but independents have no voice in Delaware’s closed primaries, in which only Democrats and Republicans can vote for their respective nominees. Polls were to remain open from 7 a.m. until 8 p.m.
Delaware Republicans, meanwhile, are holding their own Senate primary, pitting former PayPal executive Gene Truono against Sussex County Councilman Rob Arlett. Republican voters also will decide between actor and retired railroad industry worker Lee Murphy and businessman Scott Walker as their nominee for Delaware’s lone U.S. House seat, currently held by first-term Democrat Lisa Blunt Rochester.
Other statewide primaries to be decided Thursday include a four-way Democratic primary for attorney general and a three-way Democratic primary for state auditor. Seventeen legislative primaries also will be decided on the local level.
4 ways to defend democracy and protect every voter’s ballot
September 6, 2018
Douglas W. Jones
Associate Professor of Computer Science, University of Iowa
Douglas W. Jones was a co-principal investigator in the National Science Foundation funded ACCURATE (A Center for Correct, Usable, Reliable, Auditable, and Transparent Elections) project. He was a co-founder of the Open Voting Consortium, but is not currently affiliated with that group, and he is a registered Democrat.
As voters prepare to cast their ballots in the November midterm elections, it’s clear that U.S. voting is under electronic attack. Russian government hackers probed some states’ computer systems in the runup to the 2016 presidential election and are likely to do so again – as might hackers from other countries or nongovernmental groups interested in sowing discord in American politics.
Fortunately, there are ways to defend elections. Some of them will be new in some places, but these defenses are not particularly difficult nor expensive, especially when judged against the value of public confidence in democracy. I served on the Iowa board that examines voting machines from 1995 to 2004 and on the Technical Guidelines Development Committee of the United States Election Assistance Commission from 2009 to 2012, and Barbara Simons and I coauthored the 2012 book “Broken Ballots.”
Election officials have an important role to play in protecting election integrity. Citizens, too, need to ensure their local voting processes are safe. There are two parts to any voting system: the computerized systems tracking voters’ registrations and the actual process of voting – from preparing ballots through results tallying and reporting.
Before the passage of the Help America Vote Act of 2002, voter registration in the U.S. was largely decentralized across 5,000 local jurisdictions, mostly county election offices. HAVA changed that, requiring states to have centralized online voter registration databases accessible to all election officials.
In 2016, Russian government agents allegedly tried to access voter registration systems in 21 states. Illinois officials have identified their state as the only one whose databases were, in fact, breached – with information on 500,000 voters viewed and potentially copied by the hackers.
It’s not clear that any information was corrupted, changed or deleted. But that would certainly be one way to interfere with an election: either changing voters’ addresses to assign them to other precincts or simply deleting people’s registrations.
Another way this information could be misused would be to fraudulently request absentee ballots for real voters. Something like that happened on May 29, 2013, when Juan Pablo Baggini, an overzealous campaign worker in Miami, used his computer to file online absentee ballot requests on behalf of 20 local voters. He apparently thought he had their permission, but county officials noticed the large number of requests coming from the same computer in a short period of time. Baggini and another campaign worker were charged with misdemeanors and sentenced to probation.
A more sophisticated attack could use voters’ registration information to select targets based on how likely they are to vote a particular way and use common hacking tools to file electronic absentee ballot requests for them – appearing to come from a variety of computers over the course of several weeks. On Election Day, when those voters went to the polls, they’d be told they already had an absentee ballot and would be prevented from voting normally.
Two defenses for voter registration
There are two important defenses against these and other types of attacks on voter registration systems: provisional ballots and same-day registration.
When there are questions about whether a voter is entitled to vote at a particular polling place, federal law requires the person be issued a provisional ballot. The rules vary by state, and some places require provisional voters to bring proof of identity to the county election office before their ballots will be counted – which many voters may not have time to do. But the goal is that no voter should be turned away from the polls without at least a chance their vote will count. If questions arise about the validity of the registration database, provisional ballots offer a way to ensure every voter’s intent is recorded for counting when things get sorted out.
Same-day voter registration offers an even stronger defense. Fifteen states allow people to register to vote right at the polling place and then cast a normal ballot. Research on same-day registration has focused on turnout, but it also allows recovery from an attack on voter registration records.
Both approaches do require extra paperwork. If large numbers of voters are affected, that could cause long lines at polling places, which disenfranchise voters who cannot afford to wait. And like provisional voting, same-day registration may have more stringent identification requirements than for people whose voter registrations are already on the books. Some voters may have to go home to get additional documents and hope to make it back before the polls close.
Further, long lines, frustrated voters and frazzled election workers can create the appearance of chaos – which can play into the narratives of those who want to discredit the system even when things are actually working reasonably well.
Paper ballots are vital
Election integrity experts agree that voting machines can be hacked, even if the devices themselves are not connected to the internet.
Voting machine manufacturers say their devices have top-notch protections, but the only truly safe assumption is that they have not yet found additional vulnerabilities. Properly defending voting integrity requires assuming a worst-case scenario, in which every computer involved – at election offices, vote-tallying software developers and machine makers – has been compromised.
The first line of defense is that in most of the U.S., people vote on paper. Hackers can’t alter a hand-marked paper ballot – though they could change how a computerized vote scanner counts it, or what preliminary results are reported on official websites. In the event of a controversy, paper ballots can be recounted, by hand if needed.
Conduct post-election audits
Without paper ballots, there is not a way to be completely sure voting system software hasn’t been hacked. With them, though, the process is clear.
In a growing number of states, paper ballots are subject to routine statistical audits. In California, post-election audits have been required since 1965. Iowa allows election officials who suspect irregularities to initiate recounts even if the result appears decisive and no candidate asks for one; these are called administrative recounts.
Based on that experience, some election officials have told me that they suspect the current generation of scanners may be misinterpreting 1 vote in 100. That might seem like a small problem, but it’s really way too much opportunity for error. Voting simulations show that changing just one vote per voting machine across the United States could be enough to allow an attacker to determine which party controls Congress.
Recounts are expensive and time-consuming, though, and can create illusions of disarray and chaos that reduce public confidence in the election’s outcome. A better method is called a risk-limiting audit. It’s a straightforward method of determining how many ballots should be randomly selected for auditing, based on the size of the election, the margin of the initial result and – crucially – the statistical confidence the public wants in the final outcome. There are even free online tools available to make the calculations needed.
Preliminary experiences with risk-limiting audits are quite promising, but they could be made even more attractive by small changes to ballot-sheet scanners. The main problem is that the method is based in math and statistics, which many people don’t understand or trust. However, I believe relying on verifiable principles that any person could learn is far better than believing the assurances of companies that make voting equipment and software, or election officials who don’t understand how their machines actually work.
Elections must be as transparent and simple as possible. To paraphrase Dan Wallach at Rice University, the job of an election is to convince the losers that they lost fair and square. The declared winners will not ask questions and may seek to obstruct those who do ask. The losers will ask the hard questions, and election systems must be transparent enough that the partisan supporters of the losers can be convinced that they indeed lost. This sets a high standard, but it is a standard that every democracy must strive to meet.
Comment: Here in Oregon, as well as several other states, we vote by mail. We don’t have any of the screwups so often reported elsewhere. We’ve been doing this for many years and I cannot recall ever seeing any reports of controversies over ballots or counts. It’s simple, it’s easy, and it’s proven.
Reply: Voting by mail is indeed convenient for most of us, but it does not eliminate the threat that someone might hack the ballot tabulating machines. Most discussions of voting machine security focus on the machines in the precincts, but hacked software in the central election offices is just as dangerous.
There are also several important problems with postal voting that have little to do with the threat of Russian (or other) hackers but are sufficiently serious that we shouldn’t ignore them:
1) Postal ballots are handled by more people than any other voting medium. You must trust all of the postal workers delivering the ballots and returning them. Mailboxes are not very secure.
2) All forms of absentee voting make it easy to buy and sell ballots. The going rate is usually about the price of a cheap bottle of booze – this rate seems to apply worldwide.
3) Postal voting offers no help for blind voters. In recent years, we’ve equipped polling places with “accessible voting machines” (I admit that they’re not nearly as good as their proponents say), but then, where postal voting dominates, we only put one accessible polling place in each county, so blind voters have to drive to the county building to vote. Web-based apps are emerging for this, but these have horrible security vulnerabilities.
In sum, postal voting seems to create as many problems as it solves, and it doesn’t address the issue of software attacks on the ballot scanners at all.
Cyberattack on the Infrastructure Alarms Petraeus, Coats
By Llewellyn King
War always goes for the infrastructure: take out the bridges, cut off the electricity and water supplies. All that used to be done with artillery, tanks and bombs.
Going forward, it will be done by computers: Cyberwar.
Every day the early skirmishes — the tryout phase, if you will — are taking place. There are tens of thousands of probes of U.S. infrastructure by potential enemies, known and unknown, state and non-state. A few get through the defenses.
Jeremy Samide, chief executive officer of Stealthcare, a company that seeks to improve cyberdefenses for a diverse set of U.S. companies, sees the cyber battlefield starkly. He says the threat is very real; and he puts the threat of serious attack at 83 percent.
As Samide looks out across the United States from his base in Cleveland, he sees probes, the term of art for incoming cyberattacks, like an endless rain of arrows. Some, he says, will get through and the infrastructure is always at risk.
Director of National Intelligence Dan Coats issued a warning in July that the alarms for our digital infrastructure are “blinking.” He compared the situation to that in the country before the 9/11 terrorist attacks. The situation, he told the Hudson Institute in a speech, is “critical.” Coats singled out Russia as the most active of the probers of U.S. infrastructure.
Samide says probing can come from anywhere and Russia may be the most active of the cyber adventurers.
A common scenario, he says, is that the electric grid is target one. But considerable devastation could come from attacking banking, communications, transportation or water supply.
Retired Army Gen. David Petraeus, a former director of the CIA and current chairman of KKR Global Institute, in an article co-authored with Kiran Sridhar and published in Politico on Sept. 5, urges the creation of a new government agency devoted to cybersecurity.
Samide and others endorse this and worry that the government has much vital material spread across many agencies and not coordinated. Behind Petraeus’s thinking is one of the lessons of 9/11: Government departments aren’t good at sharing information.
Conventional wisdom has it that the electric grid is super-vulnerable. But Politico’s cybersecurity reporter David Perera, who consulted experts on the feasibility of taking down the grid, somewhat demurs. In a Politico article, he concluded that the kind of national blackout often theorized isn’t possible because of the complexity of the engineering in the grid and its diversity.
The difficulty, according to Perera, is for the intruder to drill down into the computer-managed engineering systems of the grid and attack the programmable controllers, also known as industrial control systems — the devices that run things, like moving load, closing down a power plant or shutting off the fuel supply. They are automation’s brain.
Perera’s article has been read by some as getting the utilities off the hook. But it doesn’t do that: Perera’s piece is not only well-researched and argued but also warns against complacency and ignoring the threat.
John Savage, emeritus professor of computer science at Brown University, says, “I perceive that the risk to all business is not changing very much. But to utilities, it is rising because it appears to be a new front in (Russian President Vladimir) Putin’s campaign to threaten Western interests. While I doubt that he would seek a direct conflict with us, he certainly is interested in making us uncomfortable. If he miscalculates, the consequences could be very serious.”
Samide warns against believing that all probes are equal in intent and purpose. He says there are various levels of probing from surveillance (checking on your operation) to reconnaissance (modeling your operation before a possible attack). Actual attacks, ranging from the political to the purely criminal, include ransomware attacks or the increasing cryptojacking in which a hacker hijacks a target’s processing power in order to mine cryptocurrency on the hacker’s behalf.
The threats are global and increasingly the attribution — the source of the attack — concealed. Other tactics, according to Samide, include misdirection: a classic espionage technique for diverting attention from the real aim of the attack.
The existential question is if cyberwar goes from low-grade to high-intensity, can we cope? And how effective are our countermeasures?
Today’s skirmishes are harbingers of the war-fighting of the future.
ABOUT THE WRITER
Llewellyn King is executive producer and host of “White House Chronicle” on PBS. His email is firstname.lastname@example.org. He wrote this for InsideSources.com.