An anonymous reader quotes a report from MIT Technology Review: In just the last week, Google Docs has emerged as a way to share everything from lists of books on racism to templates for letters to family members and representatives to lists of funds and resources that are accepting donations. Shared Google Docs that anyone can view and anyone can edit, anonymously, have become a valuable tool for grassroots organizing during both the coronavirus pandemic and the police brutality protests sweeping the US. It's not the first time. In fact, activists and campaigners have been using the word processing software for years as a more efficient and accessible protest tool than either Facebook or Twitter.

It wasn't until the 2016 elections, when misinformation campaigns were rampant, that the software came into its own as a political tool. Melissa Zimdars, an assistant professor of communication at Merrimack College, used it to create a 34-page document titled "False, Misleading, Clickbaity-y, and/or Satirical 'News' Sources.'" Zimdars inspired a slew of political Google Docs, written by academics as ad hoc ways of campaigning for Democrats for the 2018 midterm elections. By the time the election passed, Google Docs were also being used to protest immigration bans and advance the #MeToo movement. Now, in the wake of George Floyd's murder on Memorial Day weekend, communities are using the software to organize. One of the most popular Google Docs to emerge in the past week is "Resources for Accountability and Actions for Black Lives," which features clear steps people can take to support victims of police brutality. It is organized by Carlisa Johnson, a 28-year-old graduate journalism student at Georgia State University.

Business Insider reports that some players are adapting their avatars in the game world of Animal Crossing: New Horizons to show their support for the Black Lives Matter movement in the real world: In "Animal Crossing: New Horizons," players are creating customized signs and clothing for their game characters that say "BLM" and depict symbols of "No justice, no peace...." Anyone with access to a Nintendo Online account can host an online protest in the game; one such virtual protest was held on June 7.

As there's a limit of only eight players allowed to be on another player's island at a time, interested players were directed to a site which put folks in line to gain access. When the player's turn came, they were given a special code needed to enter the island. The protest host made customized signs, pillows, and memorial photos, and carved out a special path and area on their island to hold the sit-in protest. Players were encouraged to bring in-game currency (also known as bells) to the island, which would be converted into a charity donation by the host in the name of the player who contributed. This protest raised money for six different charities. including the NAACP, the National Bail Fund Network, and the Southern Poverty Law Center.
Meanwhile, Forbes reports: Roblox, a popular game among children and early teens that announced 100 million active players last year, has become a small-scale battleground in the upcoming U.S. presidential elections. The BBC is reporting that hackers are taking over accounts to spread pro-Trump propaganda, dressing them up in red hats like Trump supporters and putting pro-Trump messages in profiles...

There are ton of posts on social media from players who say that their accounts have been hacked, and Gamespot notes that since Roblox accounts are indexed by Google, it's easy to see a ton of accounts featuring the same message in the "about field": Ask your parents to vote for Trump this year!#Maga2020. A search on Google yields about 1,800 results... They also appear to be spamming friend requests and friend lists to send out pro-trump messages far beyond the single hacked account.

"Starting in 2015 Mark Zuckerberg and Facebook rewrote their rules in order to not sanction then-candidate Donald Trump," writes Rick Zeman (Slashdot reader #15,628) — citing a new investigation by the Washington Post. (Also available here.)

After Trump's infamous "the shooting starts" post, Facebook deputies contacted the White House "with an urgent plea to tweak the language of the post or simply delete it," the article reveals, after which Trump himself called Mark Zuckerberg. (The article later notes that historically Facebook makes a "newsworthiness exception" for some posts which it refuses to remove, "determined on a case-by-case basis, with the most controversial calls made by Zuckerberg.") And in the end, Facebook also decided not to delete that post — and says now that even Friday's newly-announced policy changes still would not have disqualified the post: The frenzied push-pull was just the latest incident in a five-year struggle by Facebook to accommodate the boundary-busting ways of Trump. The president has not changed his rhetoric since he was a candidate, but the company has continually altered its policies and its products in ways certain to outlast his presidency. Facebook has constrained its efforts against false and misleading news, adopted a policy explicitly allowing politicians to lie, and even altered its news feed algorithm to neutralize claims that it was biased against conservative publishers, according to more than a dozen former and current employees and previously unreported documents obtained by The Washington Post. One of the documents shows it began as far back as 2015...

The concessions to Trump have led to a transformation of the world's information battlefield. They paved the way for a growing list of digitally savvy politicians to repeatedly push out misinformation and incendiary political language to billions of people. It has complicated the public understanding of major events such as the pandemic and the protest movement, as well as contributed to polarization. And as Trump grew in power, the fear of his wrath pushed Facebook into more deferential behavior toward its growing number of right-leaning users, tilting the balance of news people see on the network, according to the current and former employees...

Facebook is also facing a slow-burning crisis of morale, with more than 5,000 employees denouncing the company's decision to leave Trump's post that said, "when the looting starts, the shooting starts," up... The political speech carveout ended up setting the stage for how the company would handle not only Trump, but populist leaders around the world who have posted content that test these boundaries, such as Rodrigo Duterte in the Philippines, Jair Bolsonaro in Brazil and Narendra Modi in India...

"The value of being in favor with people in power outweighs almost every other concern for Facebook," said David Thiel, a Facebook security engineer who resigned in March after his colleagues refused to remove a post he believed constituted "dehumanizing speech" by Brazil's president.

House Democrats approved a bill to admit Washington, DC, as a state on Friday, marking the first time either chamber of Congress has advanced a DC statehood measure. From a report: The bill, introduced by DC's nonvoting House member, Del. Eleanor Holmes Norton, would shrink the federal capital to a small area encompassing the White House, Capitol building, Supreme Court, and other federal buildings along the National Mall. The rest of the city would become the 51st state, named the Washington, Douglass Commonwealth after abolitionist Frederick Douglass. The bill passed with a vote of 232-180. Rep. Collin Peterson of Minnesota was the only Democrat to join Republicans in voting against it. Independent Rep. Justin Amash of Michigan also voted no. The bill would grant DC two senators and make the existing sole House representative a voting member. It is unlikely to gain traction in the Republican-held Senate, however, and the White House said (PDF) this week that President Donald Trump would veto the bill if it came to his desk.

Proponents of making DC a state also point to the area's large population, which surpasses the populations of Wyoming and Vermont. As of June 2019, DC had more than 705,000 residents, according to estimates from the US Census Bureau. To become law, the bill's supporters argue it would only have to pass both chambers of Congress with a simple majority and then be signed by the President. They say the legislation's strategy of resizing the capital area would sidestep constitutional questions about making the rest of DC a state. But Republicans who oppose DC statehood maintain that adding the district as a state would require a constitutional amendment.

An anonymous reader quotes a report from NBC News: Sens. Ed Markey, D-Mass., and Jeff Merkley, D-Ore., introduced legislation Thursday that seeks to ban the use of facial recognition and other biometric surveillance technology by federal law enforcement agencies. The legislation would also make federal funding for state and local law enforcement contingent on the enactment of similar bans. The Facial Recognition and Biometric Technology Moratorium Act, is supported by Reps. Ayanna Pressley, D-Mass., and Pramila Jayapal, D-Wash. It comes at a time of intense scrutiny of policing and surveillance tools, and widespread protests after the killing of George Floyd in Minneapolis police custody in late May.

The bill would make it unlawful for any federal agency or official to "acquire, possess, access or use" biometric surveillance technology in the United States. It would also prohibit the use of federal funds to purchase such technology. The bill states that this type of surveillance technology could only be used if there was a federal law with a long list of provisions to ensure it was used with extreme caution. Any such federal law would need to stipulate standards for the use, access and retention of the data collected from biometric surveillance systems; standards for accuracy rates by gender, skin color and age; rigorous protections for due process, privacy, free speech, and racial, gender and religious equity; and mechanisms to ensure compliance with the act. It also stipulates that local or state governments would not be eligible to receive federal financial assistance under the Edward Byrne Memorial Justice Assistance Grant program, which funds police training, equipment and supplies, without complying with a similar law or policy.

An anonymous reader quotes a report from Ars Technica: House Democrats yesterday unveiled a $100 billion broadband plan that's gaining quick support from consumer advocates. "The House has a universal fiber broadband plan we should get behind," Electronic Frontier Foundation Senior Legislative Counsel Ernesto Falcon wrote in a blog post. House Majority Whip James Clyburn (D-SC.) announced the Accessible, Affordable Internet for All Act, saying it has more than 30 co-sponsors and "invests $100 billion to build high-speed broadband infrastructure in unserved and underserved communities and ensure that the resulting Internet service is affordable." The bill text is available here.

In addition to federal funding for broadband networks with speeds of at least 100Mbps downstream and upstream, the bill would eliminate state laws that prevent the growth of municipal broadband. There are currently 19 states with such laws. The Clyburn legislation targets those states with this provision: "No State statute, regulation, or other State legal requirement may prohibit or have the effect of prohibiting any public provider, public-private partnership provider, or cooperatively organized provider from providing, to any person or any public or private entity, advanced telecommunications capability or any service that utilizes the advanced telecommunications capability provided by such provider." The bill also has a Dig Once requirement that says fiber or fiber conduit must be installed "as part of any covered highway construction project" in states that receive federal highway funding. Similar Dig Once mandates have been proposed repeatedly over the years and gotten close to becoming US law, but never quite made it past the finish line.

New submitter feross shares a report: A group of Senate Republicans is looking to force tech companies to comply with "lawful access" to encrypted information, potentially jeopardizing the technology's security features. On Tuesday, Republican lawmakers introduced the Lawful Access to Encrypted Data Act, which calls for an end to "warrant-proof" encryption that's disrupted criminal investigations. The bill was proposed by Sen. Lindsey Graham, chairman of the Senate Judiciary committee, along with Sens. Tom Cotton and Marsha Blackburn. If passed, the act would require tech companies to help investigators access encrypted data if that assistance would help carry out a warrant. Lawmakers and the US Justice Department have long battled with tech companies over encryption, which is used to encode data.

The Justice Department argues that encryption prevents investigators from getting necessary evidence from suspects' devices and has requested that tech giants provide "lawful access." That could come in many ways, such as providing a key to unlock encryption that's only available for police requests. The FBI made a similar request to Apple in 2016 when it wanted to get data from a dead terrorist's iPhone in a San Bernardino, California, shooting case. Giving access specifically to government agencies when requested is often referred to as an "encryption backdoor," something tech experts and privacy advocates have long argued endangers more people than it helps.

Optimism about the internet's role in politics peaked around the time of the Arab Spring, then steadily collapsed into alarm and despair until this weekend, when it ticked up again after President Donald Trump held a disappointing campaign rally. From a report: There are various ways to interpret the lower-than-expected turnout at the Tulsa, Oklahoma event, but among the most intriguing was the claim from a group of Korean pop fans that they'd undercut the campaign by coordinating to reserve thousands of tickets, then not showing up. They are likely giving themselves too much credit. Still, the narrative took hold for online observers as an example of a rare bright spot in the social media hellscape. The surge in activism from young Korean pop music enthusiasts has been one of the stranger plot lines of a uniquely unsettled time in American politics. Working together, they've rendered Twitter hashtags like #WhiteLivesMatter useless by filling them with music video clips, and they crashed a mobile app established by the Dallas Police Department to collect evidence of illegal activity at protests by overwhelming it with data.

This has gripped the imagination of some internet commentators, who noted how young people have reconstituted their "lightning-fast coordination and prodigious spamming abilities" for what the fans believe are righteous political causes. But spamming has historically been seen as a bad thing. When right-wing trolls coordinate to do things like pollute hashtags, pile onto people they dislike or disrupt the process of government it's regularly described as a serious threat to democracy. The tactics are remarkably similar, though the end goals are different.

Epic Games is apparently trying to navigate some difficult cultural waters, reports Engadget: Gamers report that Epic has removed all police cars from Fortnite as of the shooter's latest update, and the Wall Street Journal understands that it was in response to Black Lives Matter protests over police violence. The developer wasn't trying to make a "political statement," according to a WSJ source — rather, it was trying to be "sensitive about the issues" players are dealing with...

The broader game industry has endorsed the Black Lives Matter cause, including a message in Call of Duty: Modern Warfare and temporary shutdowns of GTA Online and Red Dead Online. Epic appears to be taking a milder approach with Fortnite, acknowledging the outrage without explicitly advocating for a cause. The company previously stressed that it wouldn't ban players for political speech.

Two major outdoor-goods retailers "have joined a boycott of Facebook after six civil rights groups called on businesses to stop advertising on Facebook in July," reports CNET, "to push the social network to do more to combat hate speech and misinformation..." The moves by the high-profile brands [North Face and REI] suggest the ad boycott, unveiled Wednesday, is beginning to gain traction. In addition to the two retailers, digital-advertising firm 360i urged its clients in an email to stop purchasing ads on Facebook in July, The Wall Street Journal reported on Wednesday. The Anti-Defamation League, the NAACP, Sleeping Giants, Colors of Change, Free Press and Common Sense say that boycotting advertising on Facebook will put pressure on the platform to use its $70 billion in annual advertising revenue to support people who are targets of racism and hate and to increase safety for private groups on the site.

"We have long seen how Facebook has allowed some of the worst elements of society into our homes and our lives. When this hate spreads online it causes tremendous harm and also becomes permissible offline," Anti-Defamation League CEO Jonathan Greenblatt said in a press release announcing the campaign. "Our organizations have tried individually and collectively to push Facebook to make their platforms safer, but they have repeatedly failed to take meaningful action. We hope this campaign finally shows Facebook how much their users and their advertisers want them to make serious changes for the better."

In a press call Wednesday, Facebook Vice President of Global Affairs and Communications Nick Clegg said the company doesn't allow hate speech on its platform. Facebook removed nearly 10 million posts for violating its rules against hate speech in the last quarter, he said, and most were taken down before users reported them. The social network relies on a mix of human reviewers and technology to moderate content, but detecting hate speech can be challenging because machines have to understand the cultural context of words.

"Of course, we would like to do even better than that," Clegg said. "We need to do more. We need to move faster, but we are making significant progress."
Among the groups' demands: removing all ads that contain hate speech -- or misinformation.

In an abrupt about-face, the movie theater chain AMC said Friday it would require guests to wear face masks when its theaters reopen, after CEO Adam Aron earlier said it would not. The Verge reports: "This announcement prompted an intense and immediate outcry from our customers, and it is clear from this response that we did not go far enough on the usage of masks," Aron said in a statement. "Accordingly, and with the full support of our scientific advisors, we are reversing course and are changing our guest mask policy. As we reopen theaters, we now will require that all AMC guests nationwide wear masks as they enter and enjoy movies at our theaters."

On Thursday, Aron told Variety the chain would not require patrons to wear face masks because it "did not want to be drawn into a political controversy," saying he thought it would be "counterproductive if we forced mask wearing on those people who believe strongly that it is not necessary." AMC, the largest theater chain in the world, plans to reopen in 450 of its 600 US locations on July 15th with limited capacity, after closing all of its theaters around the world in mid-March. The company posted a $2.2 billion net loss in the first quarter and made "virtually no revenue" in the last two weeks of March. AMC also said in its 8-K filing earlier this month that unless it was able to restart operations in July that "substantial doubt exists about our ability to continue as a going concern for a reasonable period of time."

Facebook on Thursday took down Trump campaign ads against antifa that prominently featured a symbol used by Nazis to designate political prisoners, a spokesperson for the company confirmed to The Hill. From the report: "We removed these posts and ads for violating our policy against organized hate," Facebook said in a statement. "Our policy prohibits using a banned hate group's symbol to identify political prisoners without the context that condemns or discusses the symbol." The ads featured an inverted red triangle, which was used by Nazis to identify political opponents including communists, social democrats and liberals at concentration camps.

The symbol was included in 88 ads run by pages for President Trump, Vice President Pence and "Team Trump" alongside text warning readers of "Dangerous MOBS of far-left groups" and asking them to sign a petition against antifa, a loose group of radical activists that use direct action to fight against fascism. Just the ads on Trump's page were seen as many 950,000 times before being taken down. The Trump campaign is defending using the image, calling it a "common Antifa symbol" in a statement to The Hill. The campaign directed The Hill toward shirts, stickers and posters on websites were users can upload whatever design they would like to. The most common symbol used to identify antifa is a black and red flag or three arrows inside a circle.

Facebook boss Mark Zuckerberg says users will be able to turn off political adverts on the social network in the run-up to the 2020 US election. The BBC reports: In a piece written for USA Today newspaper, he also says he hopes to help four million Americans sign up as new voters. "For those of you who've already made up your minds and just want the election to be over, we hear you -- so we're also introducing the ability to turn off seeing political ads," Mr Zuckerberg wrote. Facebook and its subsidiary Instagram will give users the option to turn off political adverts when they appear or they can block them using the settings features. Users that have blocked political adverts will also be able to report them if they continue to appear.

The feature, which will start rolling out on Wednesday, allows users to turn off political, electoral and social issue adverts from candidates and other organizations that have the "Paid for" political disclaimer. The company said it plans to make the feature available to all US users over the next few weeks and will offer it in other countries this autumn. Mr Zuckerberg went on to encourage people who aren't signed up as voters to register in time for the US election in November. As part of the initiative a new information hub, called The Voting Information Center, will be put at the top of American users' Facebook and Instagram feeds from the beginning of July. Information on offer will include how to register to vote and details about mail-in ballots. The firm also said it will share reliable information from state and local election authorities.

Social media research group Graphika published today a 120-page report unmasking a new Russian information operation of which very little has been known so far. ZDNet reports: Codenamed Secondary Infektion, the group is different from the Internet Research Agency (IRA), the Sankt Petersburg company (troll farm) that has interfered in the US 2016 presidential election. Graphika says this new and separate group has been operating since 2014 and has been relying on fake news articles, fake leaks, and forged documents to generate political scandals in countries across Europe and North America. The research team says it first learned of the group from reports published by Reddit and Facebook last year, along with previous research done by the Atlantic Council's Digital Forensic Research Lab.

According to Graphika's analysis, most of the group's content has followed nine primary themes:

- Ukraine as a failed state or unreliable partner
- The United States and NATO as aggressive and interfering in other countries
- Europe as weak and divided
- Critics of the Russian government as morally corrupt, alcoholic, or otherwise mentally unstable
- Muslims as aggressive invaders
- The Russian government as the victim of Western hypocrisy or plots
- Western elections as rigged and candidates who criticized the Kremlin as unelectable
- Turkey as an aggressive and destabilizing state
- World sporting bodies and competitions as unfair, unprofessional, and Russophobic

Graphika says that most of this content has been aimed at attacking classic Russian political rivals like Ukraine, the US, Poland, and Germany, but also other countries where Russian influence came under attack, at one point or another. [...] Researchers said the group managed to keep its identity secret because they paid very close attention to operational security (OpSec). Graphika says Secondary Infektion agents employed single-use burner accounts for almost everything they posted online, abandoning each account in less than an hour after promoting their content. With its identity still a secret, the group is expected to continue operating and sowing conflict between Russia's rivals.

"President Trump on Saturday told his Twitter and Facebook followers to drop Comcast..." reports CNN -- adding that "For the most part, people just shrugged." Comcast executives barely batted any eyelashes. The company didn't bother to comment. And Google searches for "Comcast customer service" trended lower than in recent days... Saturday's anti-Comcast post received fewer than 10,000 retweets in 10 hours. On Facebook, where it was reposted, it received fewer than 7,500 comments.

One of the comments with the most reactions said, "You spend way too much time on social media."

Strangely, his post was a reaction to a three-year-old tweet by former Arkansas governor and Fox News commentator Mike Huckabee, who wrote in 2017 that the mafia has "better service than Comcast. Sure they shoot you, but it's over with and they don't charge you for the bullet," Huckabee riffed. It was unclear how the old tweet suddenly grabbed the president's attention.
Though reaction to the tweet seemed muted, CNN still called it "an egregious use" of a presidential platform to hurt an American business...

Republican Federal Communications Commissioner Mike O'Rielly said he's unsure whether his agency has the authority to carry out President Trump's executive order targeting tech firms' legal protections. From a report: Trump's order seeks to have the FCC craft regulations limiting the scope of legal immunity that online platforms have under federal law. All three commission Republicans would need to support such regulations for them to pass, as the FCC's two Democrats are certain to oppose them. In an interview Wednesday for C-SPAN's "The Communicators," O'Rielly told Axios he sympathizes with the president's claims that conservatives have been unfairly stifled online, but "what we do about that is a different story. I have deep reservations they provided any intentional authority for this matter, but I want to listen to people," O'Rielly said, later adding, "I do not believe it is the right of the agency to read into the statute authority that is not there."

The Biden presidential campaign, emboldened by a recent surge in support, is going after a new target: Facebook. From a report: After months of privately battling the tech giant over President Trump's free rein on its social network, the campaign will begin urging its millions of supporters to demand that Facebook strengthen its rules against misinformation and to hold politicians accountable for harmful comments. On Thursday, the campaign will circulate a petition and an open letter to Mark Zuckerberg, Facebook's chief executive, to change the company's hands-off approach to political speech. The petition will be sent to millions of supporters on its email and text message lists and through social media, including Facebook, imploring them to sign the letter. The campaign will also release a video this week to be shared across social media to explain the issue.

"Real changes to Facebook's policies for their platform and how they enforce them are necessary to protect against a repeat of the role that disinformation played in the 2016 election and that continues to threaten our democracy today," said Bill Russo, a spokesman for the Biden campaign. The move puts the Biden camp in the center of a raging debate about the role and responsibility of tech platforms. Civil rights leaders, Democratic lawmakers and many of Facebook's own employees say that big tech companies have a responsibility to prevent false and hateful information from being shared widely.

Even fed-up tech workers are paralyzed by Silicon Valley's culture. From a column: It's easier for tech workers to talk about taking a stand than to do so. For one, big technology companies such as Facebook and Google are viciously competitive about acquiring talent. They hire or poach the best people, sometimes just to prevent a competitor from having access to them instead. Some workers don't want to rock the boat for fear they might get blacklisted, Ian McCarthy, a vice president of product at Yahoo, said. And ironically, the brokenness at companies such as Facebook and Uber can also make their jobs enticing. Disruption is appealing, and the promise to move fast and break things (even priceless and irrecoverable ones, such as democracy) can be a recruiting tool.

Others already in a company's employ may see an opportunity to fix some of its ills. One product manager at a large tech firm, who also advises many early-career professionals, spoke with me on the condition of anonymity because she fears reprisal from within the industry. She told me about her "activist" friends who refuse to leave jobs at Facebook, even if they disagree with the company's practices. "They came to change the world," she said, "and stayed to work within the system on issues they cared about." The same drive that makes these workers care about the consequences of Facebook's impact on democracy also makes them want to stick it out in an effort to improve the service.

Even so, Facebook seems to have crossed the line of tolerable abhorrence for some tech workers. Inside the business, nextplayism may offer the best, and maybe the only, way for them to show their distaste. "The vast majority of people I know at the director-and-up level, when they are leaving a company and looking for a new gig, they're Never Facebookers," McCarthy, who is also an occasional collaborator of mine, said, referring to senior-level roles. "They're offended if you even offer to do introductions to someone at Facebook." But that is a privileged attitude. Much of the magical operation of online services is driven by rote laborers, such as moderators, AI-training wranglers, and gig workers. They aren't counted as members of the industry, except perhaps as its casualties.

An anonymous reader quotes a report from Politico: On Sunday, researchers at the Massachusetts Institute of Technology and the University of Michigan revealed numerous security flaws in the product that West Virginia and Delaware are using, saying it "represents a severe risk to election security and could allow attackers to alter election results without detection." In fact, it may be a decade or more before the U.S. can safely entrust the internet with the selection of its lawmakers and presidents, according to some experts. Still, a handful of states are pushing ahead, with the encouragement of one politically connected tech entrepreneur -- and the tempting logic of the question, "If we can bank online, why can't we vote the same way?" These are the problems with that logic:

1) Elections are different. Lots of people bank, shop and socialize online -- putting their money and personal details at potential risk of theft or other exploitation. But elections are unique for two reasons: They are anonymous and irreversible. Aside from party caucuses and conventions, virtually all U.S. elections use secret ballots and polling places designed for privacy. That protects people from being blackmailed or bribed to vote a certain way -- but it also means that, barring an advance in the technology, voters have no way to verify that their ballots were correctly counted or challenge the results. That's far different from a consumer's ability to contest a fraudulent credit card purchase, which depends on their financial institution linking their activity to their identity.

2) The internet is a dangerous place. Even if it were possible to require electronic ballots to travel through servers only in the U.S., no method exists to ensure security at every server along the way. It would be like trusting FedEx to deliver a package that had to pass through warehouses with unlocked doors, open windows and no security cameras. The most effective way to protect data along these digital paths is "end-to-end" encryption [...] Researchers have not figured out how to use end-to-end encryption in internet voting.

3) People's devices may already be compromised. It's hard enough to protect a ballot as it transits the internet, but what really keeps experts up at night is the thought of average Americans using their computers or phones to cast that ballot in the first place. Internet-connected devices are riddled with malware, nefarious code that can silently manipulate its host machine for myriad purposes. [...] Importantly, election officials cannot peer into their voters' devices and definitively sweep them for malware. And without a secure device, end-to-end encryption is useless, because malware could just subvert the encryption process.

4) Hackers have lots of potential targets. What could an attacker do? "There are literally hundreds of different threats," said Joe Kiniry, chief scientist of the election tech firm Free & Fair. Among the options: Attacking the ballot; Attacking the election website; Tampering with ballots in transit; Bogging down the election with bad data; and/or The insider threat involving a "bad" employee tampering with an election from the inside.

5) Audits have faulted the major internet voting vendors' security. Virtually every audit of an internet voting system has revealed serious, widespread security vulnerabilities, although the ease with which a hacker could exploit them varies.

6) Internet voting advocates disagree. Election officials who embrace internet voting deny the risks are as serious as the experts say.

7) What it would take to make internet voting secure. Secure internet voting depends on two major advances: technology that allows voters' computers and phones to demonstrate that they are malware-free, and end-to-end encryption to protect ballots in transit. [...] Solving these problems would require expensive, long-term collaboration between virtually every big-name hardware- and software-maker, Kiniry said. Note: Each point listed above has been abbreviated for brevity. You can read the full article here.

An anonymous reader quotes a report from Reuters: A little-known Indian IT firm offered its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years. New Delhi-based BellTroX InfoTech Services targeted government officials in Europe, gambling tycoons in the Bahamas, and well-known investors in the United States including private equity giant KKR and short seller Muddy Waters, according to three former employees, outside researchers, and a trail of online evidence. A cache of data reviewed by Reuters provides insight into the operation, detailing tens of thousands of malicious messages designed to trick victims into giving up their passwords that were sent by BellTroX between 2013 and 2020. The data was supplied on condition of anonymity by online service providers used by the hackers after Reuters alerted the firms to unusual patterns of activity on their platforms. On the list: judges in South Africa, politicians in Mexico, lawyers in France and environmental groups in the United States. These dozens of people, among the thousands targeted by BellTroX, did not respond to messages or declined comment.

Researchers at internet watchdog group Citizen Lab, who spent more than two years mapping out the infrastructure used by the hackers, released a report here on Tuesday saying they had "high confidence" that BellTroX employees were behind the espionage campaign. "This is one of the largest spy-for-hire operations ever exposed," said Citizen Lab researcher John Scott-Railton. Reuters was not able to establish how many of the hacking attempts were successful.