Tuesday, February 4, 2020

Keep Technology Away from Voting

I'm posting this in middle of the "total meltdown" of reporting of the Iowa caucus 2020 (https://www.politico.com/news/2020/02/03/iowa-caucus-2020-election-110600). Still a lot is left to be seen and learned about this issue. But as both a security and technology professional for roughly 25 years I want so say this:

Stop trying to use technology for voting!

Security:
No credible cyber-security expert who doesn't have a conflict of interest thinks putting any parts of how we vote or record votes online is a good idea. Any part of our voting system that is connected to the Internet will be attacked by state actors. Protecting against state actors is really hard. The most common successful approach to defending systems against state actors when you know they will be attacked is to not connect them to the Internet! Trying to protect them while leaving them connected is likely not possible, but also adds huge complexity which brings us to the next topic.

Technology:
Technology is hard. All experienced Infrastructure and AppDev people know this. There are more things that can go wrong than you can imagine, and they all do eventually. And if Microsoft can have a major outage because of a certificate expiring (https://www.cnet.com/news/microsoft-teams-outage-due-to-expired-certificate-company-says/) what do you think the odds are the small companies working on systems for voting can do everything perfectly? The more complex a system is, the harder it is to get it right and keep it from having outages or problems. The more security you try to add to something, the more complex you make it. It is too early to tell with this issue, but I wouldn't be surprised if we eventually find out their attempt to keep this system secured helped cause the outage or problems they ran into last night in Iowa. For example, ensuring systems aren't shared in the cloud might have prevented them from being able to quickly scale out when they ran out of resources.

Summary/TL;DR:

  • Anything attached to the Internet that has anything to do with US voting will be attacked by state actors
  • Protecting from this threat is somewhere between hard and impossible, and trying will add complexity to the system
  • Complexity is the bane of all technology and makes outages and issues more likely
  • Therefore even if not successfully attacked, outages and issues should be expected due to this complexity
  • Which means we really should keep voting and vote recording systems offline, and use the least amount of technology as possible for the time being

No comments:

Post a Comment