Sunday, July 30, 2017

Every four years the vulnerability of voting machines makes the news.  Someday, someone may actually consider security when designing a voting system.  NOTE: it is unclear from the article when (or if) these machines actually connected to the Internet (except for the one hacked via WiFi).
It took DEF CON hackers minutes to pwn these US voting machines
This year at the DEF CON hacking conference in Las Vegas, 30 computer-powered ballot boxes used in American elections were set up in a simulated national White House race – and hackers got to work physically breaking the gear open to find out what was hidden inside.
In less than 90 minutes, the first cracks in the systems' defenses started appearing, revealing an embarrassing low level of security.  Then one was hacked wirelessly.
   The machines – from Diebolds to Sequoia and Winvote equipment – were bought on eBay or from government auctions, and an analysis of them at the DEF CON Voting Village revealed a sorry state of affairs.  Some were running very outdated and exploitable software – such as unpatched versions of OpenSSL and Windows XP and CE.  Some had physical ports open that could be used to install malicious software to tamper with votes.


Defining “official” communication in the age of Social Media?
A Tweet Is a Direct Order
In the two days since President Trump’s tweets barring transgender troops from the U.S. armed forces, a consensus has emerged among senior military leaders and members of Congress that those tweets do not constitute an official policy announcement.  “We don’t have guidance.  We have a tweet.  We don’t execute policy based on a tweet,” said one Pentagon spokesperson.
This creative interpretation allows Pentagon leaders to avoid conflict with their commander in chief, and maybe signal a little dissent too.  It’s a posture, though, that has little basis in law.  Military officers and Cabinet officials have a legal duty to obey presidential orders and statements of policy, no matter what form they take.  This kind of clever disobedience only adds uncertainty to the chain of command and could create bigger problems in the event of a real crisis.

(Related)
My friend Phil Carter has written an excellent piece for Slate, pointing out the institutional dangers of disregarding President Trump’s recent series of tweets that announced an unjustified retrograde policy barring transgender personnel from service in the armed forces.  What follows is a slight friendly amendment to Phil’s fine essay, offering some additional perspective drawn from the Manual for Courts-Martial that may interest readers.  (The Manual is an executive order, issued and amended from time to time by the president.  It sets forth many provisions that would, in comparable civilian settings, be found in a code of criminal procedure.  It has the force of law.)

No comments: