[This article now cross-published by The Progressive...]

We've discussed, many times over the years, the madness of Internet Voting schemes. Today we've got yet another piece of disturbing evidence that underscores why such a scheme for American democracy would be nothing short of insane.

The BRAD BLOG has highlighted how easily Internet elections can be hacked by all sorts of nefarious folks (perhaps most disturbingly, without the knowledge of election officials); how various experiments in Internet Voting have proved disastrous (Hello, Canada! Hello, Honolulu! Hello, Oscars!); and how it is simply impossible to do a true pilot test of any such Internet Voting schemes in advance, since the most dangerous tactics that bad guys might throw at an Internet-based election in order to game it are actually illegal. Because of that, good guy "white hat hackers" wouldn't be able to use those same techniques to test the security of any Internet Voting scheme before it was actually put into use in a live election.

Moreover --- and perhaps the deal-breaker when it comes to the viability of Internet Voting ever being workable in public elections --- even if the Internet Voting scheme remains secure, there is no way that the citizenry can know that was the case. Any such scheme would require faith and trust in others, which is decidedly not what our system of oversight and checks and balances in public elections is supposed to be built on. Thus, even a secured Internet Voting scheme would seriously undermine the basic tenets of, and overall confidence in, American democracy.

Now, Kim Zetter at Wired's "Threat Level" blog offers yet another reason why the Internet, as it currently exists, is simply unfit to serve as a means for secure online voting. Her recently published article, which doesn't focus on voting, is alarmingly headlined "Someone's Been Siphoning Data Through a Huge Security Hole in the Internet".

And no, in this case, it's not the NSA. At least as far as we know.

Zetter details a "huge security hole" indeed, one which, as she documents, was found to have been used earlier this year to re-route "vast amounts" of U.S. Internet data all the way out to Belarus and Iceland, where it was intercepted in a classic "man-in-the-middle" fashion, before being sent on to its intended receiver. During the hijack attack, the senders and receivers of the Internet data were none the wiser, just as would likely be the case if the same gaping security hole in the Internet's existing architecture was used to hijack votes cast over the Internet, change them, and then send them on to the server of the intended election official recipient...

At this point, the slogan for Republican Secretaries of State around the country seems to be: "If it ain't broke, break it!"

That's certainly the case in Florida, where Sec. of State Ken Detzner --- fresh off his and Governor Rick Scott's embarrassing and failed 2012 purge of supposed "non-citizen voters" from the rolls (with another more recent attempt underway since then) --- is at it again. And this time, Detzner seems to be facing a full-blown uprising from county Supervisors of Elections (SOE) refusing to carry out a new directive which would make it more difficult for absentee voters to cast their ballot.

The elected SOEs are claiming that the new directive by Detzner, an appointee of Gov. Rick Scott (R), was neither asked for nor necessary under state law. They Supervisors have also denied Detzner's initial claim that the directive was issued in response to requests by two SOEs.

Last week, Detzner issued a directive [PDF] to county SOEs instructing them that they may no longer allow voters to use secured remote absentee ballot drop-off stations created at locations like public libraries and tax-collectors offices. Suddenly, according to Detzner's new rules, all absentee ballots must either be mailed in, or dropped off at county election offices.

The directive was issued just prior to an upcoming special election to replace the late, long-serving Republican Congressman Bill Young in the 13th Congressional District, and it has led to both suspicion for its motives, and somewhat of a bi-partisan mutiny from election officials, leading one well-known Florida SOE to respond tersely to The BRAD BLOG's request for comment last week this way: "I do have a comment, legally it's not worth the paper it's printed on"...

Election 2013 is but a memory --- good or bad --- for much of the nation. But, in Virginia, election officials, attorneys and partisans will still be busy as elves throughout much of the holiday season, and potentially even beyond, determining final results of the statewide November 5th Attorney General's election this year.

Last week, on the day before Thanksgiving, Virginia's Republican AG candidate Mark Obenshain filed for a recount [PDF] of the incredibly close race at the Richmond Circuit Court. Two days prior, his Democratic challenger Mark Herring had been certified by the state as the winner of the race by just 165 votes out of more than 2.2 million votes cast early last month.

Should those state-certified results hold, Herring would replace Republican Ken Cuccinelli as Virginia's AG. Cuccinelli was unsuccessful in his own run for Governor in November against Democrat Terry McAuliffe. Along with the Democratic win in the Lt. Governor's race as well, a Herring victory would result in the first time since 1969 that Democrats held all three statewide offices, and the first time in twenty years that Virginia will have a Democratic AG.

A "recount", in Virginia, however --- as we've documented previously (see last section of this article) --- amounts to much less than it may seem, given the technology used in the state and some of the ridiculous "recount" laws specified by the Virginia election code [PDF].

As bad as those "recount" statutes are, however, a margin of 165 votes could certainly be reversed, even in a state where most votes are currently recorded (either accurately or inaccurately, who knows?) by 100% unverifiable Direct Recording Electronic (DRE, usually touch-screen) voting systems, and where the rest are tallied (either accurately or inaccurately, who knows?) by paper-ballot optical-scan tabulators that will be used once again to "recount" (either accurately or inaccurately, who knows?) most of the state's paper ballots.

Yes, that's right. Hundreds of thousands of 100% unverifiable electronic votes cast in the closest statewide race in VA state history cannot be "recounted" now in any meaningful way. For those votes, state election code specifies that, during the "recount", election officials will merely recheck the voting machine computer printouts from Election Night to make sure the certified results match. Meanwhile --- and short of a court order --- votes that were cast on paper ballots will simply be run through the same optical-scan computers that tallied them the first time, after they've been reprogrammed to set aside all ballots which the scanner sees as an over vote, an under vote or a write-in vote in the AG's race. Those set aside paper ballots, at least, will then be examined by hand, in public, by actual human beings.

As ridiculous as the VA "recount" statute is, the "contest" law --- another procedure which the candidate who loses the "recount" may file thereafter --- is even more ridiculous. But, depending on the results of the "recount", that may be the only option Obenshain is left with...and it could result in a GOP "victory", even with fewer recorded popular votes, presuming there are enough heavily partisan Republicans in the VA state legislature...

We reported yesterday on the incredibly close race for Attorney General in Virginia. With more than 2.2 million votes cast, the margin between Mark Obenshain (R) and Mark Herring (D) has been within a few hundred votes since Election Night on Tuesday.

Within the last few hours, an unexplained discrepancy has been discovered by those combing over the reported numbers in Fairfax County. The county leans heavily Democratic and, unlike much of the rest of the state which uses 100% unverifiable touch-screen, Fairfax uses optically-scanned paper ballots for its main vote tabulation system.

After Democrats reportedly won both the Governor and Lt. Governor races, only the AG's remains undecided at the top of the ticket. For the last 24 hours or so, the Republican Obenshain has been leading during the canvassing of ballots by about 700 votes, as absentee and provisionals are tallied and doubled-checked.

But now, thanks to some smart detective work by both a Democratic political team in Fairfax County and by Dave Wasserman of the non-partisan Cook Political Report, the fortunes for the Democrat candidate Herring may just have taken a big turn, even as a new mystery is added to the equation...

You know how The BRAD BLOG is always going on about how Vote-by-Mail is a very bad idea for democracy (other than in cases where a voter really must vote absentee or is otherwise forced to vote on a 100% unverifiable touch-screen voting systems at the precinct on Election Day)?...

Yes, those dangling envelopes are absentee ballots being sent to voters. Maybe they'll actually reach them. Who knows?

The photos were taken by San Francisco surgeon and Election Integrity advocate Dr. John Maa last week and highlight just one of the many reasons why Vote-by-Mail is such a bad idea unless it's absolutely necessary. They were sent to us after being taken in the mail room of a San Francisco apartment building in advance of the upcoming November 5 municipal elections there.

"It was 10pm at night when I took those photos, so there were probably a lot more of them out there earlier in the day," Maa told us...

Yesterday, the U.S. Department of Justice sued the state of Texas under Section 2 of the Voting Rights Act. The complaint was filed in hopes of blocking the state's polling place Photo ID restriction law, newly re-enacted by TX Attorney General Greg Abbott just hours after the U.S. Supreme Court struck down the very heart of the VRA (the Section 4 formula used to determine jurisdictions covered by its Section 5 preclearance requirements for new voting laws) last June.

How did the TX AG respond to the DoJ suit?

Here is the very first line of Abbott's embarrassing website response to it posted yesterday...

Ya know what else "Voter IDs have nothing to do with"? The absentee ballot fraud committed by the woman cited by Greg Abbott above in the very first line of his response to the DoJ!

Here (courtesy of Ryan Reilly) is the very first page of the indictment against the woman cited by Abbott as a reason why the state needs their polling place Photo ID restriction law. [Red circle added for TX AGs who may have trouble reading their own legal filings]...

With these 300 fraudulent votes created by one Republican candidate alone, that's 300 more fraudulent votes than have ever been created by ACORN or anybody who has ever worked for them.

But, of course, you're unlikely to hear that, or even this story itself, from the tenacious Fox "News" "voter fraud special investigative unit" or the GOP clowns who help them disinform American voters.

From Nick Wing at Huffington Post...

According to the article, "Villamaino, a former East Longmeadow Board of Selectmen chairman who resigned last year amid the scandal, ultimately lost his Republican primary, and the GOP candidate subsequently lost to the Democrat in the race."

Three very quick points of note here...

It seems we may now have at least a partial answer to the Miami-Dade absentee ballot request cyberhacking mystery we initially reported on in March.

As we detailed at that time, some 2,500 absentee ballots were fraudulently requested online for three different 2012 primary elections in Miami-Dade, FL. One race involved requests for Democratic absentee ballots in a U.S. House primary, the other two involved requests for Republican ballots in two different Florida State House primary races. All of the fraudulent "phantom" ballot requests are said to have been flagged as such at the Supervisor of Election's office and, therefore, never fulfilled.

Late last year, a grand jury and federal prosecutors [PDF] were unable to identify the person or persons behind the failed attempts, as well as why they were actually made, since the ballots, had the fraudulent requests not been flagged and prevented, were set to go to the actual addresses of real voters whose online identities had been fraudulently used to make the requests online.

One of the reasons that prosecutors were originally unable to identify those behind the attempted July 2012 cyberhack was because the Internet Protocol (IP) addresses used for most of the requests were masked by proxy IP addresses from overseas. It was not until excellent investigative reporting from The Miami-Herald discovered that a number of the requests came from IP addresses located in the Miami-Dade area. For reasons currently chalked up to administrative confusion, the Elections Division never gave those Miami area IP addresses to the grand jury.

Armed with the new information offered by the Miami-Dade IP addresses, it now appears that prosecutors are closing in on suspects believed to be behind at least one of those sets of cyberhacks --- the ones involving the Democratic U.S. House primary. Over the weekend the investigation led to the resignation of the Chief of Staff of the Democratic Congressman who eventually won the primary in question, as well as last November's general election...

While The BradCast on KPFK/Pacifica Radio usually airs live on Wednesday's, we did a special Monday version this week, as I was filling in for my friend Harrison who was on the road today and unavailable to do his normal show.

That gave me the opportunity to cover some of today's breaking news on the Obama DoJ's subpoena of AP phone records, to take a call or two on the pretend Benghazi "scandal" (including from one caller who doesn't exactly know why its a scandal, but really really wants it to be one), to offer a words on the recent Internet Voting hack on NBC's The Voice, the madness of the Democratic Party push for Vote-by-Mail (as witnessed last week in the Colorado legislature, and this week in L.A. where absentee ballot fraud charges are flying between two different candidates) and even some thoughts on the coolest song ever recorded in outer-space.

But, before all (or most) of that, we were joined for an all-Brad BradCast by Brad Johnson of ForecastTheFacts.org to discuss the disturbing landmark of passing 400 parts per million of C02 in the atmosphere (for the first time in millions of years), why that matters, and the wingnut "weapons-grade denial" pushing back against the facts...

Download MP3 or listen online below [appx 58 mins]...

The BRAD BLOG has long detailed the dangers of Vote-by-Mail and absentee balloting, describing the practice as "terrible for democracy," for a number of reasons. Among those reasons are the ease by which absentee ballots can be undetectably gamed, bought or sold, used for intimidation ("Show me that you voted this particular way or you will be fired/beaten, etc.") or otherwise lost in the mail, never added to the optically-scanned computer tally, etc., just to name a few.

Usually when we point these matters out, we'll get some amount of push back, most notably from someone from Oregon, where many voters love their all Vote-by-Mail elections (despite all the dangers, as demonstrated once again by the recent stories out of the state where, in one, a man was convicted of fraud after offering $20 for blank, unvoted ballots prior to the 2012 election, and another where an election official was charged with fraud after it was discovered she was filling in unvoted races in favor of Republicans while processing incoming mailed ballots.)

We'll also get push back, in such cases, from partisans (usually Democrats in heavily "blue" jurisdictions, but also, occasionally from Republicans in heavily "red" jurisdictions) who argue that Vote-by-Mail increases turnout, therefore it is good for democracy, despite all of those dangers which they marginalize as being greatly exaggerated.

We most recently saw this dynamic play out in Colorado, where, as we reported in some detail last week, a sweeping election reform bill is moving through the Democratically-controlled legislature and is likely to land on the Democratic Governor's desk very soon. The ambitious bill does a number of very good things, such as allow voter registration up until the day of the election, and offers other reasonable improvements to elections in the state and voters' accessibility to them. On the other hand, the legislation also would send an absentee/Vote-by-Mail ballot to every single registered voter in the state, whether they actually wanted one or not.

In opposing the bill, Colorado Republicans foolishly focused on the possibility of "voter fraud" via the enhanced voter registration provisions in the bill, which --- though it was crafted in part by the state election clerks' association (which has a majority Republican representation) --- was passed in the legislature along party lines.

What the Republicans failed to highlight --- but certainly should have --- in their attempts to try and defeat the bill, is the massive fraud capacity presented by the insane idea of sending a blank, unvoted absentee ballot to every single voter in the state.

The following news out of Los Angeles this week underscores, yet again, how that sort of thing is an absolute recipe for election fraud disaster...

An ambitious election reform bill supported by state Democrats and the Colorado County Clerks Association, which is largely made up of Republicans, will soon land on the desk of Democratic Gov. John Hickenlooper, despite the objections of Republican lawmakers and the state's extraordinarily partisan Republican Sec. of State.

The bill has now been approved by both chambers of the Colorado legislature --- along party lines in each --- but must be approved again in the House due to "technical" amendments from the Senate. But while it may be too late, partisans and lawmakers would have been wise to look carefully before leaping in support of this bill which offers both excellent reforms and reasons to be very concerned about one of its central provisions.

John Tomasic of the Colorado Independent offered a detailed report earlier this week on the major concerns and somewhat confusing partisan divides on both sides of this particular piece of legislation.

There's a lot of good, long-overdue provisions in the sweeping, 126-page bill [PDF] (mercifully summarized on pages 2 through 4). The key provisions --- and main points of contention --- are summarized this way by Tomasic:

Tomasic goes on to explain that the bill, dubbed "The Voter Access and Modernized Elections Act", is sponsored by Democrats in both the CO House and Senate, but it's "based on a plan approved by a large bipartisan majority of clerks who run the state’s elections county to county. The Colorado County Clerks Association reports that 75 percent of the 64 clerks in the state support the bill. The Association is anything but a left-wing cabal: At least 44 of the clerks, some 70 percent, are Republican officeholders."

The politics on this one may be understandably confusing to some --- particularly with a former Republican Sec. of State favoring the bill, and the current Republican Sec. of State ardently opposing it --- but the professed concerns of the latter (that the expanded registration provisions will lead to "voter fraud") are largely nonsense. While the advocacy of the former (pushing broad expansion of vote-by-mail ballots to every voter in the state) ignores very real fraud concerns...

The good news: When the largest voting jurisdiction in the nation gets its new voting system, perhaps as early as 2015, it will not including Internet Voting, according to Dean Logan, Registrar-Recorder/County Clerk of Los Angeles. The bad news: It will very likely include touch-screen computers and, with them, 100% unverifiable voting.

I interviewed Logan last week on my KPFK/Pacifica Radio show [full audio interview is at the bottom of this article], and we had a very informative discussion about what voters in Los Angeles may have to look forward to in the coming years, as well as many of you in the rest of the country, since the new system is being designed with an eye towards selling it to other counties in California as well as in the rest of the country.

So this is not just a local L.A. story. It's likely to affect the way that votes are cast and tallied in much of the nation. It's well worth paying attention to, even if, unlike me, you don't live here.

Los Angeles County alone "has more voters than 42 of the 50 states," according to Logan's office. It features nearly 5,000 precincts. Well over 3 million votes were cast in this one county alone during the November 6, 2012 Presidential Election. When Logan took over the job of Registrar after our previous one resigned, suddenly, just months before the 2008 President Election, he had a monster of a job to take over. It's still a monster. And it may soon get even more gargantuan as he attempts to re-work, re-design and, indeed, re-think how voters vote here, and as we move from our current publicly-owned voting system to our next publicly-owned voting system. (L.A. is one of the very few jurisdictions in the nation which owns, maintains and designs its own system. Most similar systems in the rest of the state and nation are proprietary, owned by the private companies which make them, and don't allow even the election officials in those jurisdictions access to their "trade-secret" software and source code.)

While, happily, Logan offered me some assurance that we won't be casting votes over the Internet with his new system --- an assurance that should bring some measure of relief to both Election Integrity advocates as well as the consensus of computer science and security experts who are also experts in voting systems --- there is still much cause for concern, as this still-unknown voting system begins to take shape...

One month ago, The Miami Herald's Patricia Mazzei unleashed an excellent investigative report on an attempted series of online cyberhacks of absentee ballot requests prior to last August's primary election in Miami-Dade County, Florida.

Mazzei's article describes the mysterious attempt by someone to request more than 2,500 absentee ballots for elections in three different Miami-Dade districts using anonymous proxy Internet Protocol (IP) addresses from foreign countries to hide the real identity of the requester. A grand jury looked into the matter [PDF] of the "phantom" requests, but was hamstrung by the fact that they were not told --- the article says it was due to administrative confusion --- that the initial IP addresses used to make the absentee ballot requests were actually not from overseas, but local to Miami-Dade. Had prosecutors had that information, they might have been able to zero in on the culprits, rather than close the investigation late last year without identifying a suspect.

The case has now reportedly been reopened, but the length of time since the initial event may have allowed the trail run cold. Hopefully we will find out soon.

Last week, the story suddenly received a lot of fresh attention after it was picked up by NBC News' Gil Aegerter who describes what happened as the "first known case" of such a cyberattack on a U.S. election.

Setting aside, for now, the point as to whether this is the first such attack --- I've reported quite a bit of evidence of several others over the years (the NBC report links to a number of stories I've broken on these matters, including one of my stories at ComputerWorld in 2007 describing a malicious virus that struck Sarasota's contested 2006 Special Election for the U.S. House where some 18,000 votes ultimately disappeared from the touch-screen voting machines) --- there are a few key points and lessons from this story which I'd like to underscore, despite the fact that the mainstream corporate coverage has been pretty decent here for a change.

Additionally, one of several key remaining mysteries in the story --- a story that I've been trying to make sense over the past several weeks, since learning of it --- may now have an answer, or at least a new and troubling clue...

We've long argued that Vote-by-Mail elections are a terrible idea for democracy. You can see our quick list of our reasons right here. Nonetheless, in states like Oregon, which use Vote-by-Mail elections across the entire state, the citizens who don't appreciate the dangers of them, love them.

But once again last week, we were reminded of just one of the reasons they shouldn't love them, when a Bend, OR man was convicted of fraud after taking out a Craigslist ad claiming to offer $20 for blank ballots last November. With all registered voters in the state sent such a ballot, there is a lot of money to potentially be made from these types of crimes.

"All you need to do is bring your UNFILLED clean voting ballot and let us fill it out then you sign, then we hand it to the volunteer in the voting booth," the typo-filled ad promised. "Its that simple! Then you get $20. We'll be there all weekend through tuesday."

The perp, Aaron Hirschman, was convicted of a misdemeanor after offering a "full confession", according to the OR Attorney General's spokesperson, Jeff Manning who said that Hirschman "stated in his interview and at trial that he is an Internet 'troll' and that he posted the ad to 'agitate' and cause a stir."

The incident follows on another exploit of VBM ballots last November, when Deanna Swenson, an election official in Clackamas County, was indicted on 6 felony and 2 misdemeanor counts after being found to have allegedly filled in unvoted races in favor of Republican candidates while processing incoming mailed ballots.

Both Hirschman and Swenson got caught. That's good. The bigger question is how many don't get caught in such cases where the incentive for that kind of fraud --- the ability to change a lot of ballots to affect the results of an election, either by insider fraud or vote buying and selling --- is so high.

But, again, those cases highlight just two of the many reasons why VBM remains a terrible idea for democracy in any state.

Republicans like to pretend that there is a massive epidemic of "voter fraud" being carried out at polling places, despite the complete absence of evidence to demonstrate any such epidemic. They do so in order to push for polling place Photo ID restrictions in hopes of disenfranchising Democratic-leaning voters. Period.

On the other hand, election fraud does exist and "voter fraud" does occur. But, in almost all cases where it's found, it's via some form of mail-in voting, or at the hands of election insiders. Neither of those crimes are deterred by the polling place Photo ID restrictions Republicans continue to push for in state after state in hopes of disenfranchising legal voters for electoral gain.

[Hat-tip BRAD BLOG commenter David Werth.]

Luckily, it's "only" Florida.

More than 12,500 voters received robocalls this morning from the Pinellas County, FL Supervisor of Elections office, letting them know that the deadline for turning in their absentee ballot was "tomorrow", the day after the election. Unfortunately, the real deadline for turning in absentee ballots is 7pm today, Election Day, Tuesday, November 6th.

Pinellas County is home to Tampa and St. Petersburg. So here's why this monumental screw-up, presuming that's what it was, seems to have happened...