Today, we devote the bulk of The BradCast to HBO's new documentary film, released just last week and considered important enough that the premium cable channel is now making it available, for free, through May 25th on their YouTube channel right here. (You can also watch a number of clips, teasers and extras from the film here.) [Audio link to today's full program is posted below.]

The new film is called Kill Chain: The Cyber War on America's Elections and it comes from the team who created the landmark, Emmy-nominated 2006 HBO doc Hacking Democracy.

The climax of that earlier film (you can watch just that key scene right here) featured the first known on camera hack of a Diebold optical-scan vote tabulation system, which changed the results of a mock election in which one question was asked on the ballot: "Can Diebold's optical-scan vote tabulators be hacked?" The votes, as we see them cast in the film on hand-marked paper ballots by Election Integrity advocates including Bev Harris of Black Box Voting in the office of then Leon County, Florida Supervisor of Elections Ion Sancho, are clearly 6 'NO' and 2 'YES'. But when the paper ballots are run through the tabulator, the results reported back by the computer are 1 'NO' and 7 'YES'. The tabulator had been hacked and only a hand-count of the hand-marked paper ballots would ever have revealed that it was, had it happened in an actual election. (Needless to say, almost no paper ballots are hand-counted by humans after elections in the U.S., including the 2016 Presidential election, to assure the computers are reported accurate results.)

The manipulation of the system at the time was carried out by legendary Finish cybersecurity and voting system expert Harri Hursti, who is the central character in this new follow-up film. It follows Hursti as he uncovers new and persistent revelations proving that U.S. elections remain far more vulnerable than many realize, and arguably no safer or more secure from manipulation --- by foreign or domestic actors --- than they were during the making of the 2006 film or even since the 2016 Presidential election. (Yes, the same optical-scanners hacked in the 2006 film are still in use in states around the country in 2020!) All of that, despite assurances from the U.S. Intelligence Community and bipartisan U.S. Senate Intelligence Committee that Russia attempted to access elections systems in all 50 states in 2016 --- when Donald Trump is said to have won by a razor thin margin in three states that hadn't voted for a Republican candidate in decades. Those same institutions continue to warn us that Russia plans to do the same in 2020, though as the film shows, it does not take a nation-state in order to do so.

We're joined for today's special edition of The BradCast by SIMON ARDIZZONE and RUSSELL MICHAELS, the British directors of both 2006's Hacking Democracy as well as, with Sarah Teale, the follow-up Kill Chain out this week from HBO. We share a number of clips from the new film, which features at its climax a chilling interview with a foreign hacker, shot in silhouette, who explains that, before the 2016 election, he was able to take complete control of Alaska's entire election system --- from its online voter registration database to its vote tabulation system. The hacker, who goes by the name 'CyberZeist', claims he was able to gain access to every user name and password on the system and obtain root access to change anything he might have wanted to. "I could have made any changes in the system, like deleting the candidates. I could kick anyone out. I could alter any date, any vote." he claims. "It was such a rush that, at that particular moment, I felt like I was the God."

Ardizzone and Michaels offer insight on CyberZeist and why they believe his allegations to be very credible. But there are many other disturbing allegations and evidence to support them presented before that point in the movie, including Ion Sancho's reflections and continuing concerns 16 years after the first film, as he reports on the mandatory secret meeting that all Florida election supervisors were summoned to after the 2016 election, regarding a hack of VR Systems, the contractor which runs the voter registration system in the Sunshine State and others as well. That is the company --- and the spearfishing operation --- described in documents leaked to media in 2017 by DHS whistleblower Reality Winner, who is still serving 5 years in federal prison for having done so.

We also witness disturbing evidence of chicanery in the 2018 Gubernatorial election in Georgia, which was overseen by its eventual "winner" Brian Kemp. He served as Secretary of State at the time, responsible for programming the state's unverifiable touchscreen voting systems and creating the electronic access cards needed to vote on it. The filmmakers were there and had their cameras rolling on Election Day in 2018 when those voter access cards failed, leading to hours-long lines to vote in one of the state's most Democratic-leaning counties. Kemp would eventually be named the winner of the election by little more than 1% over popular Democratic candidate Stacey Abrams.

Longtime BRAD BLOG readers and BradCast listeners are likely to recognize a number of the featured players in the film, as many of them have been repeated guests on the program over the years. Ardizonne and Michaels share a number of insights on the making of the film today, such as why it took 14 years to follow-up the previous one and the mysteriously huge interest in the original online just before the 2016 election; they offer additional details on several disturbing discoveries made by hackers at DefCon's Voting Village in Las Vegas; they discuss how the private voting system vendors responded to invitations from the filmmakers to tell their sides of the story in the movie; what the reaction has been from law enforcement officials to CyberZeist's revelations since the film's premier last week; whether they believe the 2016 election results were legitimate; whether a move to Vote-by-Mail during the coronavirus crisis will help avoid any of these problems in 2020; and why the film is titled Kill Chain.

"We, actually, in a way, didn't want to make [Kill Chain," Ardizzone tells me. "The reason we made it was because we noticed a really sudden uptick in the number of people who were watching Hacking Democracy online. And a lot of our contacts started to get back in touch with us, saying, 'You know, even though you made that film, the problems are still there, and they're kind of worse now.' And this was before the elections in November 2016."

"I believe, to this day, no individual voting machines [from 2016] have been subpoenaed, sequestered and cyber-investigated by the Department of Homeland Security," Michaels says. "The scientists are screaming out, saying this is completely insecure, you must stop doing it. As far as I'm aware, no one is going to stop doing it in 2020. It's still going full steam ahead."

Of course, there is much much more. I believe you'll want to tune in for this conversation today.

Finally, we close today with a bit of listener mail regarding the ongoing and upcoming election disaster now underway in Wisconsin which is still set to hold its Presidential Primary this Tuesday. That, despite the global coronavirus pandemic, a statewide stay-at-home order issued by the Governor, a lack of poll workers willing to risk death by working the polls, and a flood of absentee ballot requests and incoming mail ballots that officials are finding impossible to keep up with given their current lack of resources.

If any bad guys out there were hoping to cause havoc and chaos in the American electoral system, well mission accomplished! Hopefully it won't result in too many people actually dying in Wisconsin, where the state's Republican-controlled legislature has repeatedly refused the Democratic Governor's pleas to postpone the election or change it to an all Vote-by-Mail election...

CLICK TO LISTEN OR DOWNLOAD SHOW!...

MONTHLY BRAD BLOG SUBSCRIPTION	ONE-TIME DONATION
Choose monthly amount... $10 : $10.00 USD - monthly$20 : $20.00 USD - monthly$50 : $50.00 USD - monthly$100 : $100.00 USD - monthly	(Snail mail support to "Brad Friedman, 7095 Hollywood Blvd., #594 Los Angeles, CA 90028" always welcome too!)

Just before airtime for today's BradCast, everything seemed to blow up at once (figuratively!) But we do our best to navigate through the most important explosions, including one that is likely receiving little coverage around the country. An astounding vote by the North Carolina Board of Elections --- led by a new appointee of Democratic Gov. Roy Cooper --- has allowed the certification of controversial, new, 100% unverifiable touchscreen voting systems in the state for the 2020 elections. The Board's vote was 3 to 2 against a motion that would have blocked the dangerous and expensive voting systems made by ES&S, with the newly-appointed Democratic chair voting with the Board's two Republicans to kill the motion. It had been put forward and supported by the two Democratic Commissioners and supported by virtually every public commenter who packed today's SBE meeting. We discuss that remarkable news and much more with our guest today. [Audio link to full show is posted at end of article.]

But first, a few of the other items blowing up in today's news that you have likely heard a bit more about than the very bad news out of NC today. The U.S. Supreme Court released a statement that Justice Ruth Bader Ginsberg has completed radiation therapy for a malignant cancerous tumor discovered on her pancreas at the end of July, but that there is no evidence of the disease remaining in her body at this time. The 86-year old Justice underwent surgery for lung cancer in December and was diagnosed with colorectal cancer in 1999 and pancreatic cancer in 2009.

Rightwing billionaire David Koch has died, according to his brother Charles. Collectively, the pair had raised and spent about $1 billion on elections and in support of almost exclusively Republican candidates and causes in recent years. Just last week, brother Charles was allowed to absurdly opine in a Washington Post op-ed that "both sides" of the political spectrum "have made it harder to come together as a country."

And, the Dow Jones took another 600+ point dive on Friday, after China announced retaliatory tariffs on U.S. goods and as Donald Trump pitched a tirade on Twitter in response. Not only did he announce intentions to double-down several times in kind today, but he also attacked his own Fed chair Jerome Powell by calling him an "enemy" of the U.S. and comparing him to China's Chairman Xi. But, that's not all. He then absurdly declared that he has "hereby ordered" U.S. companies to stop doing business with China and their 1.4 billion consumers. White House officials, as well as Republicans in Congress and rightwing business groups were reportedly left dumbstruck by the President's latest and increasingly unhinged Twitter pronouncements as he headed off to France for a G-7 summit with allies --- and as the market headed sharply "south" in response to it all.

With the figurative national cancer in the White House seemingly metastasizing quickly at this point, and with corporate media focused almost exclusively on the horse race elements of the 2020 Presidential election, we look once again toward the quickly deteriorating track conditions on which next year's horses will be running. That issue has received a lot of coverage on The BradCast over the past several weeks, if not from the rest of the media, including news of the federal judge finding Georgia's entire touchscreen voting system unconstitutional; voting and tabulation systems discovered online in at least ten states, including several battleground states, despite claims by elections officials and private vendors that the systems were never connected to the Internet; ransomeware attacks that have shutdown city government computer systems in 22 Texas municipalities over the past week; and the successful efforts by citizens in New York, Pennsylvania and Georgia to demand new security reviews of recently certified, hackable touchscreen voting systems.

But the wild twists and turns in the battle against the new systems in the battleground state North Carolina came to a shocking and disappointing conclusion today, after scores of citizens spoke out against the dangers of the new computer-printed, barcoded ballot system being unleashed in the state. While largely the only person to testify in favor of the systems was a representative of the company selling and servicing them, the State Board of Elections certified them for use anyway, with the help of the Board's new Democratic chair voting with its Republican Commissioners in a series of stunning 3 to 2 votes.

We spoke to a number of folks on the ground in NC today, who testified against the new systems, and they were both stunned and furious. Frequent BradCast guest Marilyn Marks of the Coalition for Good Governance (a plaintiff in the successful federal case against Georgia's touchscreen voting machines) is a North Carolina resident who testified today. She sent me a statement just before airtime: "As a North Carolina voter I am embarrassed by the level of ignorance shown by three of the five members of the Board. The arguments they made wouldn't pass muster in fifth grade civics class." Another opponent of the new systems, Lynn Bernstein, an election security advocate, aerospace test engineer and ardent supporter of hand-marked paper ballot systems also spoke today and told me afterward that the new Chairman Damon Circosta "couldn't cite a single reason" for his vote, "other than he has confidence the new system will be fine."

We're joined today by longtime, award-winning journalist, columnist, documentarian and SMART Elections co-founder LULU FRIESDAT for her response to today's stunning news from NC, which she says she regards as a "coup" that will allow the new, unverifiable touchscreen voting systems next year in the closely divided battleground state of North Carolina as well as other jurisdictions such as Philadelphia and Los Angeles, unless the public can rollback this alarming trend.

"We have state after state after state --- we have this in Pennsylvania, in Philadelphia, we've had it in New York, they had it in Kansas --- it's the same ES&S machines. And now you're seeing it in North Carolina, where you have a vast majority of citizens coming to these Board of Election meetings saying 'We want hand-marked paper ballots! We want voting systems that we can trust! We don't want touchscreen barcode systems!' And the election officials are putting in place those electronic touchscreen barcode systems that are the exact ones that people are protesting against."

She cites broad donations by vendors to many of the officials tasked with selecting the systems and passing statutes which allow them.

We also discuss the disturbing news out of DefCon's Voting Village a week ago, where she witnessed new voting and electronic pollbook systems --- like the ones now set for use in NC --- being easily hacked by attendees in minutes time. "This is the third year that they've had a Voting Village, where they have voting machines that are in use in the United States available there. And each year it becomes more clear that really, every system is extremely vulnerable. There was not a single system there, to my knowledge, that was not penetrated in some way, or they didn't find vulnerabilities," Friesdat tells me.

And, finally, we discuss her newly-launched effort at SmartElections.US to help train and organize voters nationally to help oversee our own public elections via her new #CountTheVote citizens initiative to help people "get involved on a very local level" .

CountTheVote will be "training people who care across the country, in county by county, especially targeting states where we know this is really going to come down to the wire, swing-states, giving people the toolkits that they need and the skills and information they need.," she explains. "You can have conversations with your election officials to try to influence them to purchase secure voting equipment. Get other groups involved to start pressuring them. This is happening all over the country."

Finally, if it seems that the world is on fire of late, that's because it is --- both figuratively (see everything above) and literally, from the Arctic to the Amazon. We close with a few words on the troubling developments in the Brazilian rainforest where that country's Trump-like authoritarian climate science-denying leader, Jair Bolsonaro, is actually blaming non-profit groups fighting to save the Amazon rainforest for the global warming conditions and Bolsonaro policies that are actually helping to spark the massive fires in a region of the world that otherwise helps turn climate warning C02 into oxygen. At least it did before the record fires have become to consume the region...

CLICK TO LISTEN OR DOWNLOAD SHOW!...

MONTHLY BRAD BLOG SUBSCRIPTION	ONE-TIME DONATION
Choose monthly amount... $10 : $10.00 USD - monthly$20 : $20.00 USD - monthly$50 : $50.00 USD - monthly$100 : $100.00 USD - monthly	(Snail mail support to "Brad Friedman, 7095 Hollywood Blvd., #594 Los Angeles, CA 90028" always welcome too!)

On today's BradCast: Elections officials seem to be panicking around the country, and for good reason. But their concerns may be coming a bit late...perhaps a decade or so too late, as virtually every aspect of our "public" elections in the U.S. --- from ballot programming to registration to voting to vote tabulation to election results reporting --- has now been allowed to have become largely taken over by private vendors and contractors, with little or no oversight from either state or federal officials. [Audio link to today's full show is posted at end of article.]

An exclusive analysis last month by AP found that virtually all voting systems currently in use in the nation's 10,000 separate voting jurisdictions in all 50 states run on software --- Windows 7 or earlier --- that will no longer be supported by Microsoft with regular security updates and patches as of January. That includes systems certified by the U.S. Elections Assistance Commission (EAC) from the nation's largest private elections vendors as recently as this year. Those newly certified systems still use Windows 7, which was released a decade ago in 2009.

Of course, the EAC's certification process --- for the few states which choose to follow federal voluntary (yes, voluntary) guidelines --- has been laughable for years. It focuses on usability and functionality, not security. Most systems in the U.S., if they are EAC certified at all, were tested to guidelines published by the EAC in 2005.

At a summit this week of elections officials and vendors, hastily convened by the EAC in Maryland in response to the disturbing AP analysis, officials complained about the lack of federal support and standards, and that financially strapped and technologically challenged elections divisions at both the state and local level are realizing only now that they are being asked "to take part in what is national security" with little or no help from the federal government. One official at the EAC confab reportedly complained: "We are talking about local communities having trouble funding roads and water bills, and now we want them to take part in defense against foreign and state actors."

Of course, it is not only nation-states like Russia that pose a threat to the security of America's vulnerable, computerized and privatized public elections, so do regular old Americans, as the recent hack by a woman in Seattle of more than 100 million customer records at Capitol One proved, along with the vulnerabilities in brand new voting and registration systems discovered by hackers in a few hours at the DefCon Voting Village convention last weekend in Las Vegas.

All of this comes on the heels of Thursday's federal court ruling finding Georgia's voting systems to be so "unsecure, unreliable, grossly outdated....seriously flawed and vulnerable to failure, breach, contamination and attack" that the judge declared the systems (which are similar to ones used in several other states) a violation of voters' Constitutional right to have their votes counted as cast.

But all of that might ultimately be small potatoes in light of longtime cybersecurity journalist and author KIM ZETTER's recent exclusive at VICE's Motherboard, finding that "Critical U.S. Election Systems Have Been Left Exposed Online Despite Official Denials". Zetter, one of the only journalists in the nation who has been covering these matters as long or longer than we have at this point, joins us on today's program to explain her jaw-dropping article which begins this way: "For years, U.S. election officials and voting machine vendors have insisted that critical election systems are never connected to the internet and therefore can't be hacked. But a group of election security experts have found what they believe to be nearly three dozen backend election systems in 10 states connected to the internet over the last year, including some in critical swing states. These include systems in nine Wisconsin counties, in four Michigan counties, and in seven Florida counties --- all states that are perennial battlegrounds in presidential elections. Some of the systems have been online for a year and possibly longer."

In many cases, she tells me, the elections officials seemed to have no idea that their systems were connected to the Internet by their vendors. As for the vendors' part --- in this case, the nation's largest, ES&S --- Zetter explains their bizarre claim that voting and backend tabulation and reporting systems connected around the clock for years at a time aren't really connected to the Internet at all --- and, even if they are, they are perfectly secure. Zetter and the data researchers found otherwise.

The systems found vulnerable on the net, she details, would allow a malicious actor to change unofficial election night results, official results, and the public reporting of the results themselves. Moreover, she explains, access to the exposed backend portions of these systems over the Internet could also result in malware being transferred to voting machines themselves. And all of this was discovered by a small team of researchers with little or no funding. No nation-state required, she confirms.

"If it was just a box on the Internet that was receiving the votes transmitted [on Election Night from the precinct] that would be a security problem in itself, not only because you could potentially alter those votes. They are unofficial results on Election Night --- and the officials results are taken from the actual memory cards in the voting machines. But if you can alter the unofficial results, that's going to create a lot of mistrust in the final outcome if they don't match," she says.

"But even if you don't alter those votes, that communication over the phone between the voting machine in the field and that backend server that's on the Internet creates a channel for infecting those voting machines. So, someone who could actually install that malware on that system on the Internet can design it in such a way that it downloads to the voting machines when they connect to that system. So the attackers can alter that voting machine in preparation for a future election."

"But that's not the only problem," she continues. "If that was the only thing that was on the Internet, that would be a concern in itself. What was remarkable is that ES&S acknowledged to me that they don't just put an empty box on there to receive the votes. Also connected to that Internet connection is the backend system for tabulating both the unofficial results on Election Night, and those official results that are later taken from the memory card."

"And the Election Management System is also connected. The Election Management System is used to do a lot of functions in elections. Among them is the actual programming of these voting machines before each election. So, if you don't get to the machines through that little receptacle that's connected to the Internet, you can get to that backend Election Management System and put in malicious code that then gets transferred directly to the voting machines before the next election."

But, of course, other than that, why worry, right? Well, Zetter has much more to say on that as well, including about Republican Senate Majority Leader Mitch McConnell's continuing efforts to block any and all election security measures in the Senate that might help shore up at least some of these concerns, including bills already passed by the House that would mandate hand-marked paper ballots for all voters. Even that, at this point, wouldn't fully protect against attacks on computer optical-scanners currently used in all 50 states to tabulate those ballots with little or no post-election audits to make sure they did so accurately...

CLICK TO LISTEN OR DOWNLOAD SHOW!...

MONTHLY BRAD BLOG SUBSCRIPTION	ONE-TIME DONATION
Choose monthly amount... $10 : $10.00 USD - monthly$20 : $20.00 USD - monthly$50 : $50.00 USD - monthly$100 : $100.00 USD - monthly	(Snail mail support to "Brad Friedman, 7095 Hollywood Blvd., #594 Los Angeles, CA 90028" always welcome too!)

After a quick report on Saturday's primary elections in Hawaii (moderate Democrats did well, more progressive candidates less so), we head straight out to Las Vegas for today's BradCast, where the 26th annual hackers convention, DEF CON, held its 2nd annual Vote Hacking Village. [Audio link to show follows below.]

After every voting system on display at last year's event was hacked within minutes by conference attendees, organizers tried to make it a bit more difficult this year. They made unverifiable electronic voting systems, optical-scan paper ballot tabulators and electronic pollbooks from a number of companies --- almost all of which will be in wide use across the country once again for this November's crucial midterms --- available for investigation and penetration. Once again, the hackers in attendance made short order of pretty much all of them.

Stunning vulnerabilities [PDF] were discovered, including some that officials have known about (and ignored or tried to keep secret for years) while others were revealed for the first time. Things like Chinese pop song files were found on one system used in actual elections recently, along with a host of other disturbing findings, which we summarize today.

Other disturbing findings regard the ES&S m650, an optical scanner used to tabulate paper absentee ballots in more than half of the country. Hackers discovered several severe vulnerabilities (some of which have been known for more than a decade, and others which election officials hoped to withhold from the public), including the ease with which the machine's entire operating system can be overwritten by inserting a zipdrive with a file named "update" before powering it on. Also, electronic pollbooks were found to be corruptible in seconds and found to store unencrypted administrative passwords --- in plain text format! --- on their removable memory cards (one of which was simply "password".)

There was also a mock election run on the systems still used in states like Georgia. In that election, a candidate not even on the ballot ending up winning. In another case which officials should take note of, a ballot cast via email was intercepted and changed. "The selection of the candidate was changed so that when it was received it was different from what was sent," the organizers note. "This is a big deal for the real world because we already allow for email balloting, in special cases for Americans living overseas [such as active military]. This is allowed in 30 states plus DC."

Moreover, the Voting Village organizers also offered replicas of swing-state Sec. of State website available to some 50 children from ages 6 to 17. You'll be shocked to learn that most were able to hack the mock SoS websites in some fashion, including changing candidates names and parties, and tampering with reported elections results to show, for example, 12 billion votes cast. The fastest exploit of a Sec. of State replica site (Florida's) was by an 11-year old who did it in 10 minutes!

We're joined today to discuss all of this by Emmy-award winning journalist and documentarian LULU FRIESDAT whose video from last year's DEF CON Voting Village went viral (several times) since then, and who was on hand to document this past weekend's conference once again. She details the extraordinary "sea change" since last year's event, as many elections officials and U.S. Intelligence Community representatives were on hand for this year's festivities.

"What's really great about this year's Def Con is that we are starting to see a collaboration and communication between three groups that really have been working more as silos previously, and that is election officials, security experts, and hackers," Friesdat reports. "It was very deliberate on the part of the organizers, Jake Braun, Harri Hursti and Matt Blaze, to really try to bring those three groups together... Because we're not going to make progress on this issue unless these three groups start communicating with each other."

"We don't have a one-size-fits-all solution for this. Every county is going to have to have some different solutions. What we have are principles. And I think the principles remain the same. The principles are yes, every voter who can mark a ballot by hand, needs to mark a ballot by hand. And security experts across the board are really starting to say that, openly publicly."

"There is a sea change happening. You really could feel it. This year, there was an entire panel of election officials, whereas last year almost none of them actually came," Friesdat tells me, adding cautiously: "There are thousands of election officials all over the country who are still dragging their feet. You look at states like Georgia, and they are doing everything they can to stay in basically an unauthenticated election protocol. So it is a wide spectrum."

Among the noteworthy accounts from Friesdat, we discuss California Sec. of State Alex Padilla's call for more federal funding for election systems (meaning, more money for more computers) and Colorado Elections Manager Dwight Shellman who, though a fan of electronic tabulation, calls for routine post-election audits everywhere (which almost no states do at all.)

We also discuss the remarks at the conference by DHS Asst. Secretary for Cybersecurity and Communications Jeanette Manfra, who admitted last summer during U.S. Senate Hearings that the agency never found evidence that votes were changed in the 2016 Presidential election, in no small part, because nobody ever bothered to look! DHS never carried out any forensic investigations of voting systems, nor even bothered to count ballots to make sure they were accurately tabulated by counting computers in the election, despite the ongoing warnings by the Intelligence Community of Russian cyberattacks and interference. "Could it be done?," Friesdat asks rhetorically, "The answer, over and over and over again, is yes, it could be done. Election results could be manipulated. And is it difficult? No. It is a piece of cake."

While this year's DEF CON Voting Village was another huge leap forward in bringing concerns about all of these systems to the public, it appears we have a long way to go until American figures out the solution. I'd suggest that solution is public oversight of tabulation of hand-marked paper ballots (Not computers, but people! I call it "Democracy's Gold Standard".) But, hey, computers --- all of which are obviously wildly hackable --- could work too, right?

Speaking of which, we close today with an email from a listener who turned one of my recent rants on this issue into a poem...

CLICK TO LISTEN OR DOWNLOAD SHOW!...

MONTHLY BRAD BLOG SUBSCRIPTION	ONE-TIME DONATION
Choose monthly amount... $10 : $10.00 USD - monthly$20 : $20.00 USD - monthly$50 : $50.00 USD - monthly$100 : $100.00 USD - monthly	(Snail mail support to "Brad Friedman, 7095 Hollywood Blvd., #594 Los Angeles, CA 90028" always welcome too!)

On today's BradCast: How hackers in Las Vegas over the weekend confirmed what we've been yelling and screaming about for nearly 15 years. Namely, every single computer voting, tabulation and registration system used in the U.S. is absurdly vulnerable to manipulation that would likely go undetected unless hand-marked paper ballots exist and are actually counted, by hand, by human beings. [Audio link to full show posted below at end of article.]

At the annual hackers convention in Vegas known as DefCon, thirty voting system computers (both voting machines and electronic pollbooks) were made available to attendees to crack at will! And, boy howdy, did they! Every single system was reportedly compromised in some fashion by the end of the weekend --- several of them fell within just minutes of opening DefCon's so-called "Voting Machine Hacking Village".

We're joined today for some of the amazing details on what happened in Vegas (in hopes that it doesn't just stay there!) by DR. DAVID JEFFERSON, a longtime computer scientist at Lawrence Livermore National Laboratory and Chair of the Board of Directors at VerifiedVoting.org. Jefferson, who has a been a pioneer in the field of voting system security for some 20 years, serving as an advisor to five successive Secretaries of State in California (both Republican and Democratic) also presented at the wildly popular DefCon "Voting Village".

"It was a wild time, I have to tell ya. This hacking village was set up --- really, in just six weeks it came together --- and in that short a time, they managed to gather all these voting machines," he says. It was quite a contrast from the "cloak and dagger" days when folks like us had to obtain voting machines from secret sources to share with independent investigators in order to have any kind of independent analysis of system vulnerabilities.

"That room was just crowded from morning to night," Jefferson says, describing the room at DefCon. "And the amazing thing is that all of those successful hacks, these were by people who, most of them, had never seen a voting machine before, and certainly not the system sitting in front of them, and they had not met each other before. They didn't come with a full set of tools that were tailored toward attacking these machines. They just started with a piece of hardware in front of them and their own laptops and ingenuity, attacking the various systems. And it was amazing how quickly they did it!"

Jefferson tells me, after all of these years, he is now seeing a major difference among the public, as well as election and elected officials (a number of whom were also in attendance), regarding the decades-long concerns by experts about electronic voting, tabulation and registration systems.

"I am seeing a kind of sea change here. For the first time, I am sensing that election officials, and the Department of Homeland Security, and the FBI, and the intelligence community, and Congress, and the press, are suddenly, after the 2016 election experience, receptive to our message that these systems are extremely vulnerable and it's a serious national security issue. As you know, in a democracy, the legitimacy of government depends on free and fair and secure elections. And people are beginning to realize that we haven't had those for a long time."

He explains how hacking methods attributed by many to Russians following the 2016 elections "are the same methods that anyone on Earth could use --- insiders, criminal syndicates, nation-states other than Russia, as well, or our own political partisans. The fear, of course, is that these hacking attempts will be totally undetectable. But even if they are detectable, it's difficult often to determine who did it, whether it's an insider, or a domestic partisan, or some foreign organization."

He also confirms what I've been trying to point out since the 2016 election, that despite officials continuously claiming that no voting results were changed by anyone, be it Russia or anybody else, "they cannot know that. They simply can't know. Certainly in those states where there are no paper ballots, such as in Georgia, for example, it's impossible for them to know. And even in states where there are, if they don't go back and either recount the paper ballots, or at least recount a random sample of them, no, they can't know either."

"Election officials have fooled themselves into believing the claims of their [private voting machine] vendors that the systems are secure from all kinds of attack. And it's just never been true," Jefferson argues.

But will the weekend's short order hacks of every voting system presented at DefCon actually help the U.S. to finally move toward systems that are overseeable by the public? And what does that mean, exactly? Is replacing old computer election systems --- many of which still run on no-longer-supported software like Windows 2000 --- with new ones the answer? Are paper ballots, which voting systems experts call for, enough? Particularly given that we saw, after the 2016 election, how it's nearly impossible, even for a Presidential candidate, to see those ballots publicly hand-counted ("Democracy's Gold Standard") in order to confirm results?

"We have to change the way we think about securing elections. Instead of trying to harden the voting systems themselves against all forms of attack --- I think that is going to be a hopeless task for as far into the future as computer scientists can see. Instead of hardening those systems themselves, we need to design systems so that after the election is over we can verify that the results were correct. And then if they're not, we have to be able to change the results accordingly. So the emphasis is on detection and correction, not prevention."

I hash all of that out and much more with my friend Dr. Jefferson today, who also details DefCon's plans to make the "Voting Village" a permanent fixture of its annual convention, which just spectacularly wrapped up its 25th year.

Also on today's show: Trump fires his incoming White House Communications Director Anthony "The Mooch" Scaramucci before he even officially begins in his new role, and the mop-up from last week's health care repeal disaster for Republicans in the Senate continues, as the White House demands the U.S. Senate vote on nothing else until they can vote to repeal the Affordable Care Act, despite a new poll finding Americans want Congress to move on, and Vermont Sen. Bernie Sanders vowing to introduce a single-payer healthcare bill in the U.S. Senate...

CLICK TO LISTEN OR DOWNLOAD SHOW!...

MONTHLY BRAD BLOG SUBSCRIPTION	ONE-TIME DONATION
Choose monthly amount... $10 : $10.00 USD - monthly$20 : $20.00 USD - monthly$50 : $50.00 USD - monthly$100 : $100.00 USD - monthly	(Snail mail support to "Brad Friedman, 7095 Hollywood Blvd., #594 Los Angeles, CA 90028" always welcome too!)