A Texas company that sells software that cities and states use to display results on election night was hit by ransomware last week, the latest of nearly a thousand such attacks over the past year against small towns, big cities and the contractors who run their voting systems. From a report: Many of the attacks are conducted by Russian criminal groups, some with shady ties to President Vladimir V. Putin's intelligence services. But the attack on Tyler Technologies, which continued on Friday night with efforts by outsiders to log into its clients' systems around the country, was particularly rattling less than 40 days before the election. While Tyler does not actually tally votes, it is used by election officials to aggregate and report them in at least 20 places around the country -- making it exactly the kind of soft target that the Department of Homeland Security, the F.B.I. and United States Cyber Command worry could be struck by anyone trying to sow chaos and uncertainty on election night.

Tyler would not describe the attack in detail. It initially appeared to be an ordinary ransomware attack, in which data is made inaccessible unless the victim pays the ransom, usually in harder-to-trace cryptocurrencies. But then some of Tyler's clients -- the company would not say which ones -- saw outsiders trying to gain access to their systems on Friday night, raising fears that the attackers might be out for something more than just a quick profit. That has been the fear haunting federal officials for a year now: that in the days leading up to the election, or in its aftermath, ransomware groups will try to freeze voter registration data, election poll books or the computer systems of the secretaries of the state who certify election results. With only 37 days before the election, federal investigators still do not have a clear picture of whether the ransomware attacks clobbering American networks are purely criminal acts, seeking a quick payday, or Trojan horses for more nefarious Russian interference. But they have not had much success in stopping them. In just the first two weeks of September, another seven American government entities have been hit with ransomware and their data stolen. "The chance of a local government not being hit while attempting to manage the upcoming and already ridiculously messy election would seem to be very slim," said Brett Callow, a threat analyst at Emsisoft, a security firm.

Google informed its advertisers Friday that it will broadly block election ads after polls close Nov. 3, according to an email obtained by Axios. From a report: Big Tech platforms have been under pressure to address how their ad policies will handle conflicts over the presidential election's outcome. Facebook recently said that it will no longer accept new political ads for the week leading up to Election Day, but it will not block election ads after the polls close. It will, however, reject ads from U.S. political campaigns prematurely claiming victory before results have been declared, per Fast Company. In the email, Google says that advertisers will not be able to run ads "referencing candidates, the election, or its outcome, given that an unprecedented amount of votes will be counted after election day this year." The policy, which is intended to block all ads related to the election, will apply to all ads running through Google's ad-serving platforms, including Google Ads, DV360, YouTube, and AdX Authorized Buyer.

Last week, voters and election administrators who emailed Leanne Jackson, the clerk of rural Hamilton County in central Texas, received bureaucratic-looking replies. "Re: official precinct results," one subject line read. The text supplied passwords for an attached file. But Jackson didn't send the messages. From a report: Instead, they came from Sri Lankan and Congolese email addresses, and they cleverly hid malicious software inside a Microsoft Word attachment. By the time Jackson learned about the forgery, it was too late. Hackers continued to fire off look-alike replies. Jackson's three-person office, already grappling with the coronavirus pandemic, ground to a near standstill. "I've only sent three emails today, and they were emails I absolutely had to send," Jackson said Friday. "I'm scared to" send more, she said, for fear of spreading the malware. The previously unreported attack on Hamilton illustrates an overlooked security weakness that could hamper the November election: the vulnerability of email systems in county offices that handle the voting process from registration to casting and counting ballots. Although experts have repeatedly warned state and local officials to follow best practices for computer security, numerous smaller locales like Hamilton appear to have taken few precautionary measures.

U.S. Department of Homeland Security officials have helped local governments in recent years to bolster their infrastructure, following Russian hacking attempts during the last presidential election. But desktop computers used each day in small rural counties to send routine emails, compose official documents or analyze spreadsheets can be easier targets, in part because those jurisdictions may not have the resources or know-how to update systems or afford security professionals familiar with the latest practices. A ProPublica review of municipal government email systems in swing states found that dozens of them relied on homebrew setups or didn't follow industry standards. Those protocols include encryption to ensure email passwords are secure and measures that confirm that people sending emails are who they purport to be. At least a dozen counties in battleground states didn't use cloud-hosted email from firms like Google or Microsoft. While not a cure-all, such services improve protections against email hacks.

mabu writes: National Voter Registration Day, earmarked to call attention to encouraging more people to register to vote, is a pinnacle of many state's voter registration drives. Unfortunately in the state of Louisiana, its secretary of state Kyle Ardoin, decided this was a great time to shut the web site down for "scheduled maintenance." As a result, people who tried to register to vote online, on one of the most visible days of the registration drive, were denied the ability. "Ardoin's apparent decision to shut down the website raises concerns about ongoing efforts to suppress voter turnout during a heated election season in the midst of the COVID-19 pandemic," reports NOLA.com. New Orleans' mayor Latoya Cantrell called the move "Unacceptable."

"Ardoin, a Republican, has sparred with Democrat Gov. John Bel Edwards over absentee voting -- both in federal court and in the court of public opinion," NOLA.com adds. "A federal judge in Baton Rouge recently overturned efforts by Ardoin and GOP lawmakers to roll back previously expanded absentee voting in Louisiana. The judge's ruling, if it stands, would allow Louisiana voters to cast absentee ballots if they are concerned about COVID-related health risks associated with voting in-person. The ruling effectively reinstates the absentee voting rules that applied to the statewide primaries held in July and August, which came off without a whiff of 'voter fraud.'"

Yesterday, U.S. Senators Rand Paul (R-KY), Ron Wyden (D-OR), and Gary Peters (D-MI) introduced the bipartisan ''Unplug the Internet Kill Switch Act of 2020'' (S. 4646), which would help protect Americans' First and Fourth Amendment rights by preventing a president from using emergency powers to unilaterally take control over or deny access to the internet and other telecommunications capabilities. Slashdot reader SonicSpike shares an excerpt from the announcement: In a World War II-era amendment to Section 706 of the Communications Act of 1934, Congress gave the Executive sweeping authority to put under direct government control or even shut down "any facility or station for wire communication" should a president "[deem] it necessary in the interest of the national security and defense" following a proclamation "that there exists a state or threat of war involving the United States." Cause for alarm over such power has only increased across the decades with the technological revolution, which has included email, text messages, and the internet, as well as the expansion of television, radio, and telephone networks.

The Unplug the Internet Kill Switch Act would amend Section 706 to strip out this "Internet Kill Switch" and help shut the door to broader government surveillance or outright control of our communications channels and some of Americans' most sensitive information. The legislation would also reassert a stronger balance of power during a national emergency between the Executive Branch and the people's representatives in Congress. You can read the "Unplug the Internet Kill Switch Act of 2020" here (PDF).

Facebook has said it will take aggressive and exceptional measures to "restrict the circulation of content" on its platform if November's presidential election descends into chaos or violent civic unrest [the link may be paywalled; alternative source]. From a report: In an interview with the Financial Times, Nick Clegg, the company's head of global affairs, said it had drawn up plans for how to handle a range of outcomes, including widespread civic unrest or "the political dilemmas" of having in-person votes counted more rapidly than mail-in ballots, which will play a larger role in this election due to the coronavirus pandemic. "There are some break-glass options available to us if there really is an extremely chaotic and, worse still, violent set of circumstances," Mr Clegg said, though he stopped short of elaborating further on what measures were on the table. The proposed actions, which would probably go further than any previously taken by a US platform, come as the social media group is under increasing pressure to lay out how it plans to combat election-related misinformation, voter suppression and the incitement of violence on the November 3 election day and during the post-election period.

The Washington Post covered "a sprawling yet secretive campaign that experts say evades the guardrails put in place by social media companies to limit online disinformation of the sort used by Russia" during America's last presidential campaign in 2016.

According to four people with knowledge of the effort, "Teenagers, some of them minors, are being paid to pump out the messages..." The campaign draws on the spam-like behavior of bots and trolls, with the same or similar language posted repeatedly across social media. But it is carried out, at least in part, by humans paid to use their own accounts, though nowhere disclosing their relationship with Turning Point Action or the digital firm brought in to oversee the day-to-day activity. One user included a link to Turning Point USA's website in his Twitter profile until The Washington Post began asking questions about the activity. In response to questions from The Post, Twitter on Tuesday suspended at least 20 accounts involved in the activity for "platform manipulation and spam." Facebook also removed a number of accounts as part of what the company said is an ongoing investigation...

The months-long effort by the tax-exempt nonprofit is among the most ambitious domestic influence campaigns uncovered this election cycle, said experts tracking the evolution of deceptive online tactics. "In 2016, there were Macedonian teenagers interfering in the election by running a troll farm and writing salacious articles for money," said Graham Brookie, director of the Atlantic Council's Digital Forensic Research Lab. "In this election, the troll farm is in Phoenix...."

The messages — some of them false and some simply partisan — were parceled out in precise increments as directed by the effort's leaders, according to the people with knowledge of the highly coordinated activity, most of whom spoke on the condition of anonymity to protect the privacy of minors carrying out the work... The messages have appeared mainly as replies to news articles about politics and public health posted on social media. They seek to cast doubt on the integrity of the electoral process, asserting that Democrats are using mail balloting to steal the election — "thwarting the will of the American people," they alleged. The posts also play down the threat from covid-19, which claimed the life of Turning Point's co-founder Bill Montgomery in July...

By seeking to rebut mainstream news articles, the operation illustrates the extent to which some online political activism is designed to discredit the media. While Facebook and Twitter have pledged to crack down on what they have labeled coordinated inauthentic behavior, in Facebook's case, and platform manipulation and spam, as Twitter defines its rules, their efforts falter in the face of organizations willing to pay users to post on their own accounts, maintaining the appearance of independence and authenticity.
One parent even said their two teenagers had been posting the messages since June as "independent contractors" — while being paid less than minimum wage.

Two dozen award-winning computer scientists, in a rebuke of President Trump's immigration policies, said on Friday that they were endorsing Joseph R. Biden Jr. in November's presidential election. From a report: The scientists, including John Hennessy, the executive chairman of Google's parent company, Alphabet, are all winners of the Turing Award, which is often called the Nobel Prize of computing. In a group interview, four of the scientists said the Trump administration's restrictive immigration rules were a threat to computer research in the United States and could do long-term damage to the tech industry, which for decades has been one of the country's economic engines. "The most brilliant people in the world want to come here and be grad students, but now they are being discouraged from coming here, and many are going elsewhere," said one of the scientists who organized the endorsement, David Patterson, a Google distinguished engineer and former professor at the University of California, Berkeley.

The Turing winners are the latest members of the scientific community to find their political voice as the election nears. The research journal Scientific American also endorsed Mr. Biden this week, citing, among other criticisms, Mr. Trump's response to the coronavirus pandemic and his skepticism of climate change. It was the first time in its 175 years that the publication endorsed a presidential candidate. The Turing winners' endorsement -- also a first for them -- was made against the backdrop of the Trump administration's increasingly antagonistic relationship with the tech industry. Several federal agencies are investigating the business practices of tech's biggest companies, and the Justice Department could bring an antitrust case against Google as soon as this month.

The House Judiciary Committee on Tuesday unanimously approved the Open Courts Act -- legislation to overhaul PACER, the federal courts' system for accessing public documents. The proposal would guarantee free public access to judicial documents, ending the current practice of charging 10 cents per page for many documents -- as well as search results. From a report: The bill must still be passed by the full House and the Senate and signed by the president. With Election Day just seven weeks away, the act is unlikely to become law during this session of Congress. Still, the vote is significant because it indicates the breadth of congressional support for tearing down the PACER paywall. The legislation is co-sponsored by Rep. Doug Collins (R-Ga.), whose bill we covered in 2018, and a fellow Georgian, Democrat Hank Johnson. Prior to Tuesday's vote of the House Judiciary Committee, the bill received a strong endorsement from Chairman Jerrold Nadler (D-N.Y.). "It is indefensible that the public must pay fees, and unjustifiably high fees at that, to know what is happening in their own courts," Nadler said.

If a Facebook page or an Instagram post is offering the location of your polling place, you should double check that with your local elections office, the FBI director said Thursday at a congressional hearing. Better yet, don't get your election information from social media at all. From a report: The House Committee on Homeland Security hosted on Thursday its annual worldwide threats hearing, where intelligence agencies in past years have warned about international cyberattacks and online disinformation. [...] The FBI director said that social networks like Facebook and Twitter have worked with the bureau to take down disinformation campaigns, but he also warned Americans against getting election information on those platforms. "It's particularly of concern to us in the election context when Americans make the mistake of getting information about elections themselves on social media," Wray said. "We're trying to make sure Americans know [that] to get information about where, when and how you vote, you need to go to your local election official's website. Don't take it from social media."

Kyle Wiggers, reporting for VentureBeat: Over 111.8 million people in the U.S. talk to voice assistants like Siri, Alexa, and Google Assistant every month, eMarketer estimates. Tens of millions of those people use assistants as data-finding tools, with the Global Web Index reporting that 25% of adults regularly perform voice searches on smartphones. But while voice assistants can answer questions about pop culture and world events like a pro, preliminary evidence suggests they struggle to supply information about elections. In a test of popular assistants' abilities to provide accurate, localized context concerning the upcoming U.S. presidential election, VentureBeat asked Alexa, Siri, and Google Assistant a set of standardized questions about procedures, deadlines, and misconceptions about voting. In general, the assistants fared relatively poorly, often answering questions with information about voting in other states or punting questions to the web instead of answering them directly.

goombah99 shares a report from The Washington Post: Four years ago, the magazine flagged Donald Trump's disdain for science as "frightening" but did not go so far as to endorse his rival, Hillary Clinton. This year, its editors came to a different conclusion. "A 175-year tradition is not something you break lightly," editor in chief, Laura Helmuth told The Washington Post on Tuesday. "We'd love to stay out of politics, but this president has been so anti-science that we can't ignore it." In a nod to Trump's embrace of anti-science conspiracy theories, Scientific American editors compared the people each candidate turns to for expertise and insight. Biden's panel of public health advisers "does not include physicians who believe in aliens and debunked virus therapies, one of whom Trump has called 'very respected' and 'spectacular,'" the editors write. The editor in chief of Science Magazine, the "apex predator of academic publishing," according to Wired, also denounced Trump but stopped short of endorsing presidential candidate Joe Biden. goombah99 writes: "This may be the most shameful moment in the history of U.S. science policy," writes H. Holden Thorp, a chemist and longtime university administrator. The editorial's key point is that it was negligence but more like malice. "As he was playing down the virus to the public, Trump was not confused or inadequately briefed: He flat-out lied, repeatedly, about science to the American people. These lies demoralized the scientific community and cost countless lives in the United States." This follows on an august issue's lament over the dangerous policies of the unqualified presidential coronavirus advisor Scott Atlas: "Although Atlas may be capable of neurological imaging, he's not an expert in infectious diseases or public health -- and it shows. He's spreading scientific misinformation in a clear attempt to placate the president and push his narrative that COVID-19 is not an emergency." Thorp concludes his article in this prestige journal with a searing indictment "Trump was not clueless, and he was not ignoring the briefings. Listen to his own words. Trump lied, plain and simple."

schwit1 shares a report from TechCrunch: A privacy bug in Democratic presidential candidate Joe Biden's official campaign app allowed anyone to look up sensitive voter information on millions of Americans, a security researcher has found. The campaign app, Vote Joe, allows Biden supporters to encourage friends and family members to vote in the upcoming U.S. presidential election by uploading their phone's contact lists to see if their friends and family members are registered to vote. The app uploads and matches the user's contacts with voter data supplied from TargetSmart, a political marketing firm that claims to have files on more than 191 million Americans.

When a match is found, the app displays the voter's name, age and birthday, and which recent election they voted in. This, the app says, helps users find people you know and encourage them to get involved." While much of this data can already be public, the bug made it easy for anyone to access any voter's information by using the app. The App Analyst, a mobile expert who detailed his findings on his eponymous blog, found that he could trick the app into pulling in anyone's information by creating a contact on his phone with the voter's name. The Biden campaign fixed the bug and pushed out an app update on Friday.

"We were made aware about how our third-party app developer was providing additional fields of information from commercially available data that was not needed," Matt Hill, a spokesperson for the Biden campaign, told TechCrunch. "We worked with our vendor quickly to fix the issue and remove the information. We are committed to protecting the privacy of our staff, volunteers and supporters will always work with our vendors to do so."

NPR reporter Shannon Bond reports of a little-known -- and now nearly entirely forgotten -- company called Simulmatics, which had technology that used vast amounts of data to profile voters and ultimately help John F. Kennedy win the 1960 election. From the report: The [...] company was called Simulmatics, the subject of Harvard historian and New Yorker writer Jill Lepore's timely new book, If Then: How the Simulmatics Corporation Invented the Future. Before Cambridge Analytica, before Facebook, before the Internet, there was Simulmatics' "People Machine," in Lepore's telling: "A computer program designed to predict and manipulate human behavior, all sorts of human behavior, from buying a dishwasher to countering an insurgency to casting a vote."

Lepore unearths Simulmatics' story and makes the argument that, amid a broader proliferation of behavioral science research across academia and government in the 1960s, the company paved the way for our 21st-century obsession with data and prediction. Simulmatics, she argues, is "a missing link in the history of technology," the antecedent to Facebook, Google and Amazon and to algorithms that attempt to forecast who will commit crimes or get good grades. "It lurks behind the screen of every device," she writes.

If Then presents Simulmatics as both ahead of its time and, more often than not, overpromising and under-delivering. The company was the brainchild of Ed Greenfield, an advertising executive straight out of Mad Men, who believed computers could help Democrats recapture the White House. He wanted to create a model of the voting population that could tell you how voters would respond to whatever a candidate did or said. The name Simulmatics was a contraction of "simulation" and "automation." As Greenfield explained it to investors, Lepore writes: "The Company proposes to engage principally in estimating probable human behavior by the use of computer technology." The People Machine was originally built to analyze huge amounts of data ahead of the 1960 election, in what Lepore describes as, at the time, "the largest political science research project in American history."

Joe Biden's presidential campaign was hit by an attack that was caught by Microsoft, which reportedly gathered information identifying hackers linked to the Kremlin as the most likely suspects. The Daily Beast reports: Reuters reported Thursday morning that suspected Russian state-backed hackers have attempted to breach the systems at Washington-based SKDKnickerbocker, a strategy and communications firm working hand-in-glove with Joe Biden's campaign. The attacks, which took place over the past two months, were unsuccessful. The failed hacking attempt was brought to SKDK's attention by Microsoft, which reportedly gathered information identifying hackers linked to the Kremlin as the most likely suspects. The attacks are said to have mainly focussed on phishing -- a common hacking method which lures users into disclosing sensitive passwords. That was the method used by Russian hackers to access DNC emails, which were subsequently leaked online, ahead of the 2016 presidential election.

A person familiar with SKDK's repelling to the hacking attempts said the agents didn't get very far, telling Reuters: "They are well-defended, so there has been no breach." Another source said it was impossible to confirm if Biden's campaign was the target, or whether the Russians were trying to gather intel on the long list of other SKDK clients.

Google said it will block some autocomplete search suggestions to stop misinformation spreading online during the U.S. presidential election in November. From a report The autocomplete feature of the world's largest search engine regularly recommends full queries once users begin typing words. The company said on Thursday it will remove predictions that could be interpreted as claims for or against any candidate or political party. In addition, Google said it will pull claims from the autocomplete feature about participation in the election, including statements about voting methods, requirements, the status of voting locations and election security. For instance, if you type in "you can vote" into Google's search engine, the system may have suggested a full query that includes misleading or incorrect information. Typing those three words into Google on Thursday produced the full phrase "You can vote yourself into socialism" as the top recommended query.

Legendary journalist Bob Woodward reports in his new book new details on Russia's election meddling, writing that the NSA and CIA have classified evidence the Russians had placed malware in the election registration systems of at least two Florida counties, St. Lucie and Washington. From a report: While there was no evidence the malware had been activated, Woodward writes, it was sophisticated and could erase voters in specific districts. The voting system vendor used by Florida was also used in states across the country.

Facebook is offering users money to refrain from using the site and Instagram in the weeks leading up to the bitterly contested November elections. The New York Post reports: To assess the impact of social media on voting, the company will pay selected members up to $120 to deactivate their accounts beginning at the end of September. "Anyone who chooses to opt-in -- whether it's completing surveys or deactivating FB or IG for a period of time -- will be compensated," Facebook spokesperson Liz Bourgeois tweeted last week. "This is fairly standard for this type of academic research." The Silicon Valley giant said it expects 200,000 to 400,000 people to take part.

"Representative, scientific samples of people in the US will be selected and invited to participate in the study. Some potential participants will see a notice in Facebook or Instagram inviting them to take part in the study," Facebook said. "Study samples will be designed to ensure that participants mirror the diversity of the US adult population, as well as users of Facebook and Instagram." The results of the study are expected to be released sometime next year.

Mark Zuckerberg tells "Axios on HBO" that Facebook is imposing new election rules to deter use of the platform to spread of misinformation and even violence, and to help voters see the results as "legitimate and fair." From a report: The new measures, announced Thursday, include throwing a flag on posts by candidates who claim premature victory, and forbidding new ads within a week of Election Day. "There is, unfortunately, I think, a heightened risk of civil unrest in the period between voting and a result being called," Zuckerberg told Axios' Mike Allen. "I think we need to be doing everything that we can to reduce the chances of violence or civil unrest in the wake of this election."

Facebook will stop accepting political advertising in the United States a week before Election Day on Nov. 3, CEO Mark Zuckerberg announced in a post on Thursday. From a report: But the social network will continue showing users all political ads that candidates or political action committees buy before that day, and continue to let these groups adjust who they target. Candidates for political office will also still be able to run ads containing lies. In Thursday's announcement, Zuckerberg claimed he was putting in the one-week ban on new ads prior to the election because he was "concerned" about the challenges people could face while voting. "I'm also worried that with our nation so divided and election results potentially taking days or even weeks to be finalized, there could be an increased risk of civil unrest across the country," Zuckerberg said. Social networks are facing increasing pressure to police political advertising on their platforms ahead of the US elections, and some critics have urged tech companies to stop running political ads altogether. Last year, Twitter banned all political advertising from its platform, and Google restricted micro-targeting of political ads on certain products.