samleecole writes: For years security professionals and election integrity activists have been pushing voting machine vendors to build more secure and verifiable election systems, so voters and candidates can be assured election outcomes haven't been manipulated. Now they might finally get this thanks to a new $10 million contract the Defense Department's Defense Advanced Research Projects Agency (DARPA) has launched to design and build a secure voting system that it hopes will be impervious to hacking.

The first-of-its-kind system will be designed by an Oregon-based firm called Galois, a longtime government contractor with experience in designing secure and verifiable systems. The system will use fully open source voting software, instead of the closed, proprietary software currently used in the vast majority of voting machines, which no one outside of voting machine testing labs can examine. More importantly, it will be built on secure open source hardware, made from special secure designs and techniques developed over the last year as part of a special program at DARPA. The voting system will also be designed to create fully verifiable and transparent results so that voters don't have to blindly trust that the machines and election officials delivered correct results.

An international group of researchers who have been examining the source code for an internet voting system that Switzerland plans to roll out this year have found a critical flaw in the code that would allow someone to alter votes without detection. New submitter eatmorekix shares a report: The cryptographic backdoor exists in a part of the system that is supposed to verify that all of the ballots and votes counted in an election are the same ones that voters cast. But the flaw could allow someone to swap out all of the legitimate ballots and replace them with fraudulent ones, all without detection. "The vulnerability is astonishing," said Matthew Green, who teaches cryptography at Johns Hopkins University and did not do the research but read the researchers' report. "In normal elections, there is no single person who could undetectably defraud the entire election. But in this system they built, there is a party who could do that."

The researchers provided their findings last week to Swiss Post, the country's national postal service, which developed the system with the Barcelona-based company Scytl. Swiss Post said in a statement the researchers provided Motherboard and that the Swiss Post plans to publish online on Tuesday, that the researchers were correct in their findings and that it had asked Scytl to fix the issue. It also downplayed the vulnerability, however, saying that to exploit it, an attacker would need control over Swiss Postâ(TM)s secured IT infrastructure "as well as help from several insiders with specialist knowledge of Swiss Post or the cantons."

President Trump on Monday threw his support behind efforts to keep the United States permanently on daylight saving time, which took effect Sunday morning. "Making Daylight Saving Time permanent is O.K. with me!" Trump tweeted. The Hill reports: California and several other states are considering measures that would end the biannual clock changes between standard and daylight saving time. Three GOP lawmakers from Florida introduced legislation in Congress this month that would end the November clock change from daylight saving time back to standard time. The measures, introduced by Sens. Marco Rubio and Rick Scott and Rep. Vern Buchanan, would keep the country in daylight saving time, the clock change made in early March that is observed by most states for eight months of the year. Rubio introduced a similar measure in 2018. That bill did not advance in the Senate.

"The Tennessee Star claims to be the 'most reliable' online local paper in the state," reports Salon. "In fact it's just a GOP front." An anonymous reader quotes their report:
An investigation by the fact-checking outlet Snopes found that several new local news websites are actually being launched by Republican consultants whose company is funded in part by the candidates the sites cover. Politico first reported last year that Tea Party-linked conservative activists Michael Patrick Leahy, Steve Gill and Christina Botteri were behind the "Tennessee Star," a website that purported to be a local news website but mostly posted content licensed from groups linked to big Republican donors. Snopes discovered that the trio has since launched similar sites in other battleground states ahead of the 2020 elections: the Ohio Star and the Minnesota Sun...

The group behind the sites does not appear content with just three outlets. According to Politico, Leahy has purchased domain names associated with Missouri, New England, the Dakotas, Michigan, North Carolina, Pennsylvania, Virginia and Wisconsin, most of which are electoral battleground states that will be vital in 2020.

Kathleen Bartzen Culver, who heads the Center of Journalism Ethics at the University of Wisconsin at Madison, told Snopes that political operatives are free to launch their own news platforms, but it's a problem if they are trying to deceive readers into believing the sites are nonpartisan local news. "I have no problem with advocacy organizations creating content that reinforces the positions they take on public policy issues on the left, right or center. The issue comes in when they're not transparent about that advocacy," Culver said... "The information sphere is so polluted right now that the average citizen has trouble telling what is real and what is not," Culver told Snopes. "I find that very troubling within a democracy."

An anonymous reader quotes Bloomberg: Russian internet trolls appear to be shifting strategy in their efforts to disrupt the 2020 U.S. elections, promoting politically divisive messages through phony social media accounts instead of creating propaganda themselves, cybersecurity experts say. The Kremlin-linked Internet Research Agency may be among those trying to circumvent protections put in place by companies including Facebook Inc. and Twitter Inc. to find and remove fake content that hackers created to sow division among the American electorate in the 2016 presidential campaign. "Instead of creating content themselves, we see them amplifying content," said John Hultquist, the director of intelligence analysis at FireEye Inc. "Then it's not necessarily inauthentic, and that creates an opportunity for them to hide behind somebody else."

Other hackers are breaking into computing devices and using them to open large numbers of social media accounts, according to Candid Wueest, a senior threat researcher at Symantec Corp. The hacked devices are used to create many legitimate-looking users as well as believable followers and likes for those fake users... Wueest said he observed a decrease in the creation of new content by fake accounts from 2017 to 2018 and a shift toward building massive followings that could be used as platforms for divisive messages in 2020.
Facebook's head of cybersecurity policy responded that policing foreign influence campaigns is "an incredibly hard balance" between the need to slow down bad actors while maintaining "meaningful public discussion."

Democratic presidential candidate Elizabeth Warren is proposing to break up technology companies, including Amazon.com, Google and Facebook, calling them anti-competitive behemoths that are crowding out competition. From a report: "Twenty-five years ago, Facebook, Google, and Amazon didn't exist. Now they are among the most valuable and well-known companies in the world," Warren wrote in a post on the blogging platform Medium. "It's a great story -- but also one that highlights why the government must break up monopolies and promote competitive markets." Warren's call also comes as Democrats have begun to plan for increased oversight of tech companies after winning control of the House in the 2018 midterm elections. On Wednesday, House and Senate Democrats introduced legislation to establish strong net neutrality protections that would look to prevent major service providers from using their power to manipulate how users experience the internet. Update: In a statement, Warren's team said that the proposal would also apply to Apple. "They would have to structurally separate -- choosing between, for example, running the App Store or offering their own apps," a spokesperson said.

As expected, Speaker Nancy Pelosi and other House and Senate Democrats on Wednesday introduced the Save the Internet Act, which aims to restore open internet rules that were repealed in 2017. From a report: The Obama-era rules, which lasted from 2015 to 2018, banned broadband providers from slowing or blocking access to the internet or charging companies higher fees for faster access. Democrats in Congress have said the repeal allows for large broadband and wireless companies to "control people's online activities." "86 percent of Americans opposed Trump's assault on net neutrality, including 82 percent of Republicans," said Pelosi during the press conference on Wednesday. "With 'Save The Internet Act,' Democrats are honoring the will of the people." Massachusetts Sen. Ed Markey tweeted out a copy of the bill on Wednesday, saying nearly every Democrat in the Senate had joined him to introduce it.

According to a senior Republican congressional aide, the National Security Agency has quietly shut down a system that analyzes logs of Americans' domestic calls and texts. "The agency has not used the system in months, and the Trump administration might not ask Congress to renew its legal authority, which is set to expire at the end of the year, according to the aide, Luke Murry, the House minority leader's national security adviser," reports The New York Times. From the report: In a raw assertion of executive power, President George W. Bush's administration started the program as part of its intense pursuit for Qaeda conspirators in the weeks after the 2001 terrorist attacks, and a court later secretly blessed it. The intelligence contractor Edward J. Snowden disclosed the program's existence in 2013, jolting the public and contributing to growing awareness of how both governments and private companies harvest and exploit personal data. The way that intelligence analysts have gained access to bulk records of Americans' phone calls and texts has evolved, but the purpose has been the same: They analyze social links to hunt for associates of known terrorism suspects.

Congress ended and replaced the program disclosed by Mr. Snowden with the U.S.A. Freedom Act of 2015, which will expire in December. Security and privacy advocates have been gearing up for a legislative battle over whether to extend or revise the program -- and with what changes, if any. Mr. Murry, who is an adviser for Representative Kevin McCarthy of California, raised doubts over the weekend about whether that debate will be necessary. His remarks came during a podcast for the national security website Lawfare. Mr. Murry brought up the pending expiration of the Freedom Act, but then disclosed that the Trump administration "hasn't actually been using it for the past six months." "I'm actually not certain that the administration will want to start that back up," Mr. Murry said. He referred to problems that the National Security Agency disclosed last year. "Technical irregularities" had contaminated the agency's database with message logs it had no authority to collect, so officials purged hundreds of millions of call and text records gathered from American telecommunications firms. A spokesman for Mr. McCarthy's office said that Mr. Murry "was not speaking on behalf of administration policy or what Congress intends to do on this issue."

An anonymous reader quotes a report from The Hill: Speaker Nancy Pelosi (D-Calif.) announced Monday that Democrats will introduce a net neutrality bill to replace the open internet rules that were repealed in 2017. In a letter to her Democratic colleagues, Pelosi said a bill called the "Save the Internet Act" will be unveiled Wednesday and will be introduced in the Senate as well. The text of the legislation has not been released, and it's unclear what will be included in the bill. Democrats have railed against the Trump administration's Federal Communications Commission (FCC) vote to repeal the net neutrality rules, which happened more than a year ago. The 2015 regulations prohibited internet service providers from blocking or throttling websites or creating internet fast lanes.

Facebook, Twitter, and Google still aren't doing enough to battle disinformation on their platforms, European Union officials said in a statement released this week. "As part of a plan to fight disinformation on social media, the companies signed on to a voluntary proposal to crack down on the problem last year, which included making plans to increase transparency and fight fake accounts," reports The Verge. "The European Commission is now publicizing monthly progress reports on the topic, and has released the first, covering January." From the report: In the statement, the officials criticized the companies' responses, saying "we need to see more progress." "Platforms have not provided enough details showing that new policies and tools are being deployed in a timely manner and with sufficient resources across all EU Member States," the statement said. "The reports provide too little information on the actual results of the measures already taken."

Facebook, Twitter, and Google were each singled out for not providing enough information in their reports to officials, who said in today's statement that they remain "concerned by the situation." The statement pressed the platforms to move faster ahead of European Parliament elections in May. In an accompanying op-ed in The Guardian this week, EU commissioners said, "if we do not see sufficient long-term progress, we reserve the right to reconsider our policy options -- including possible regulation."

The New York Times reported Thursday that an open letter will be published in the Times on Friday that asks Amazon to reconsider its decision to walk away from its plan to build a 25,000-employee campus in Long Island City, Queens. The company pulled the plug on the project, dubbed HQ2, following vocal and persistent opposition to the plan after it was announced three months ago. CNET reports: The letter was signed by the CEOs of Mastercard, Warby Parker, Goldman Sachs, Tishman Speyer and Jetblue, among others. The presidents of the Building & Construction Trades Council of Greater New York and state AFL-CIO, which were expecting thousands of construction jobs to come from the project, also signed, as did U.S. Reps. Hakeem Jeffries and Carolyn Maloney. "We know the public debate that followed the announcement of the Long Island City project was rough and not very welcoming," the letter stated. "Opinions are strong in New York -- sometimes strident. We consider it part of the New York charm! But when we commit to a project as important as this, we figure out how to get it done in a way that works for everyone."

New York Gov. Andrew Cuomo has also had several conversations with Amazon, including CEO Jeff Bezos, about bringing back the project, the Times said. The letter and Cuomo's behind-the-scenes efforts are part of the latest fallout since Amazon abandoned HQ2 in New York. The opposition has celebrated the exit as a victory for grassroots campaigns and a stand against lavish government incentives for new development plans. Amazon was slated to get about $3 billion in tax breaks for building the project. Supporters, who weren't as vocal during the run-up to Amazon leaving, expressed shock and consternation about Amazon's decision and worried that New York would appear unfriendly to new businesses. While the business community was broadly seen as in favor of the project, the letter shows how both the camps supporting and opposing HQ2 included unions and Democratic U.S. congress members.

The tension between Huawei and the U.S. government took a new turn Tuesday after the Chinese networking giant's rotating chairman Guo Ping poked fun at the massive surveillance programs maintained by the United States. "Prism, prism on the wall, who's the most trustworthy of them all?" Ping said onstage at Mobile World Congress tradeshow. From a report: Ping first appeared to attempt to make light of the ongoing row -- "There has never been more interest in Huawei, we must be doing something right," he said -- but later took a more direct aim at the US and some of its own issues with cybersecurity and surveillance. "Prism, Prism on the wall, who is the most trustworthy of them all?" he said, referencing the previously secret National Security Agency surveillance project, telling the audience to ask Edward Snowden -- the whistleblower who revealed the activity -- if they didn't understand what he meant. Ping also took aim at the US Cloud Act, arguing that the legislation allows the US government to demand access data held by US companies, even if it is stored in different countries. "The Cloud Act allows them to access data cross-borders. So for best technology and for greater security, please choose Huawei," he said.

An anonymous reader shares a report: The U.S. military blocked Internet access to an infamous Russian entity seeking to sow discord among Americans during the 2018 midterms, several U.S. officials said, a warning that the group's operations against the United States are not cost-free. The strike on the Internet Research Agency in St. Petersburg, a company underwritten by an oligarch close to President VladiÂmir Putin, was part of the first offensive cyber campaign against Russia designed to thwart attempts to interfere with a U.S. election, the officials said. "They basically took the IRA offline," according to one individual familiar with the matter who, like others, spoke on the condition of anonymity to discuss classified information. "They shut 'em down." The operation marked the first muscle-flexing by U.S. Cyber Command, with intelligence from the National Security Agency, under new authorities it was granted by President Trump and Congress last year to bolster offensive capabilities.

Earlier this week, the FCC proclaimed that broadband connectivity saw unprecedented growth last year thanks to the agency's policies like killing net neutrality. But, as Motherboard points out, that's not entirely true. The lion's share of improvements highlighted by the agency "are courtesy of DOCSIS 3.1 cable upgrades, most of which began before Pai even took office and have nothing to do with FCC policy," the report says. "Others are likely courtesy of build-out conditions affixed to AT&T's merger with DirecTV, again the result of policies enacted before Pai was appointed head of the current FCC." Also, last year's FCC report, which showcased data up to late 2016, "showed equal and in some instances faster growth in rural broadband deployment -- despite Pai having not been appointed yet." From the report: The broadband industry's biggest issue remains a lack of competition. That lack of competition results in Americans paying some of the highest prices for broadband in the developed world, something the agency routinely fails to mention and does so again here. [...] Still, Pai was quick to take a victory lap in the agency release. "For the past two years, closing the digital divide has been the FCC's top priority," Pai said in a press release. "We've been tackling this problem by removing barriers to infrastructure investment, promoting competition, and providing efficient, effective support for rural broadband expansion through our Connect America Fund. This report shows that our approach is working." One of those supposed "barriers to broadband investment" were the former FCC's net neutrality rules designed to keep natural monopolies like Comcast from behaving anti-competitively.

"Overall, capital expenditures by broadband providers increased in 2017, reversing declines that occurred in both 2015 and 2016," the FCC claimed, again hinting that the repeal of net neutrality directly impacted CAPEX and broadband investment. A problem with that claim: the FCC's latest report only includes data up to June 2018, the same month net neutrality was formally repealed. As such the data couldn't possibly support the idea that the elimination of net neutrality was responsible for this otherwise modest growth. Another problem: that claim isn't supported by ISP earnings reports or the public statements of numerous telecom CEOs, who say net neutrality didn't meaningfully impact their investment decisions one way or another. Telecom experts tell Motherboard that's largely because such decisions are driven by a universe of other factors, including the level of competition (or lack thereof) in many markets.

An anonymous reader quotes a report from Ars Technica: A controversial overhaul of Europe's copyright laws overcame a key hurdle on Wednesday as a majority of European governments signaled support for the deal. That sets the stage for a pivotal vote by the European Parliament that's expected to occur in March or April. Supporters of the legislation portray it as a benign overhaul of copyright that will strengthen anti-piracy efforts. Opponents, on the other hand, warn that its most controversial provision, known as Article 13, could force Internet platforms to adopt draconian filtering technologies. The cost to develop filtering technology could be particularly burdensome for smaller companies, critics say.

Online service providers have struggled to balance free speech and piracy for close to two decades. Faced with this difficult tradeoff, the authors of Article 13 have taken a rainbows-and-unicorns approach, promising stricter copyright enforcement, no wrongful takedowns of legitimate content, and minimal burdens on smaller technology platforms. But it seems unlikely that any law can achieve all of these objectives simultaneously. And digital-rights groups suspect that users will wind up getting burned -- both due to wrongful takedowns of legitimate content and because the burdens of mandatory filtering will make it harder to start a new online hosting service.

hackingbear writes: In a tweet, President Trump said he wanted "5G, and even 6G, technology in the United States as soon as possible. I want the United States to win through competition, not by blocking out currently more advanced technologies. American companies must step up their efforts, or get left behind." While he did not specifically mention China's Huawei, many interpreted the comments as Mr Trump taking a softer stance on the firm. The U.S. has been pressuring allies to block out the Chinese telecom giant from their future 5G mobile networks, but the tactic meets considerable resistance. "Mr. President. I cannot agree with you more. Our company is always ready to help build the real 5G network in the U.S., through competition," Huawei President Ken Hu replied in a tweet, mocking Trump's frequent usages of the word "real." Huawei is the second biggest holder of 5G patents after Samsung and the top contributor to the 5G standard, and is setting its sight on 6G.

An anonymous reader quotes a report from Ars Technica: The legislator in question is Republican Joe Read, who represents an area north of Missoula, home of many fine scientists at the University of Montana. Read has eight bills under consideration in the current session of the legislature, and two of those focus on climate change. One of them focuses on his state's role in any greenhouse gas regulatory program that would be instituted under a future president. Read is apparently unaware of past legal precedent indicating that the federal government has the legal ability to regulate pollutants. Instead, the preamble of the bill seemingly argues that Montana's emissions are all due to commerce that takes place within the state, and thus "any federal greenhouse gas regulatory program in the form of law or rule violates the 10th Amendment of the Constitution of the United States."

As a result, the bill would prohibit state agencies, officials, and employees from doing anything to cooperate with federal efforts to limit greenhouse gas emissions. If passed, the Montana government "may not implement or enforce in any way any federal regulation, rule, or policy implementing a federal greenhouse gas regulatory program." But if you thought Read's grasp of constitutional law was shaky, you should check out his reason for objecting to doing anything about climate change. That's laid out in his second bill, which targets both science education and in-state programs designed to reduce carbon emissions. And it doesn't mince words, suggesting that pretty much all the scientists have it wrong: "the [US] National Climate Assessment makes the same errors as the Intergovernmental Panel on Climate Change, and the National Academy of Sciences is also fundamentally wrong about climate change."

Microsoft said today it had discovered hacking targeting democratic institutions, think tanks and non-profit organizations in Europe and plans to offer a cyber security service to several countries to close security gaps. From a report: The hacks occurred between September and December 2018, targeting employees of the German Council on Foreign Relations and European offices of The Aspen Institute and The German Marshall Fund, the company said. Microsoft said it found out about the hacks through the company's Threat Intelligence Center and Digital Crimes Unit, and the hacks targeted 104 employee accounts in Belgium, France, Germany, Poland, Romania, and Serbia. Hackers in most cases create malicious weblinks and spoofed email addresses that look legitimate, aiming to gain access to employee credentials and deliver malware, the company said.

technology_dude writes: One by one, thresholds are being crossed where the collection and storage of personal data is accepted as routine. Being recorded by cameras at business locations, in public transportation, in schools, churches, and every other place imaginable. Recent headlines include "Singapore Airlines having cameras built into the seat back of personal entertainment systems," and "Arizona considering a bill to force some public workers to give up DNA samples (and even pay for it)." It seems to be a daily occurrence where we have crossed another line in how far we will go to accept massive surveillance as normal. Do we even have a line the sand that we would defend? Do we even see anything wrong with it? Absolute power corrupts absolutely and we continue to give knowledge of our personal lives (power) to others. If we continue down the same path, I suppose we deserve what we get? I want to shout "Stop the train, I want off!" but I fear my plea would be ignored. So who out there is more optimistic than I and can recommend some reading that will give me hope? Bill 1475 was introduced by Republican State Senator David Livingston and would require teachers, police officers, child day care workers, and many others to submit their DNA samples along with fingerprints to be stored in a database maintained by the Department of Public Safety. "While the database would be prohibited from storing criminal or medical records alongside the DNA samples, it would require the samples be accompanied by the person's name, Social Security number, date of birth and last known address," reports Gizmodo. "The living will be required to pay [a $250 processing fee] for this invasion of their privacy, but any dead body that comes through a county medical examiner's office would also be fair game to be entered into the database."

An anonymous reader quotes a report from The New York Times: President Trump's former national security adviser and other White House officials pushed a venture to bring nuclear power plants to Saudi Arabia over repeated legal and ethical warnings that potential conflicts of interest around the plan could put American security at risk, concluded a new report from House Democrats released on Tuesday. The 24-page report from the House Oversight and Reform Committee outlined actions taken in the early weeks of the Trump administration to secure government backing to have American companies build dozens of nuclear power plants across Saudi Arabia, potentially at the risk of spreading nuclear weapons technology. But House Democrats said there was evidence that as recently as last week, the White House was still considering the proposal.

Claims presented by whistle-blowers and White House documents obtained by the committee show that the company backing the nuclear plan, IP3 International, and its allies in the White House were working so closely that the company sent a draft memo to the former national security adviser, Michael T. Flynn, to circulate just days after the inauguration. Mr. Flynn had worked on the plan for IP3 during the Trump campaign and transition, the Democrats said, and continued to advocate for it in the White House. Even after Mr. Flynn left the White House in February 2017, officials on the National Security Council pushed ahead, the Democrats said, ignoring advice from the N.S.C.'s ethics counsel and other lawyers to cease all work on the plan because of potentially illegal conflicts. At a March 2017 meeting, a National Security Council aide tried to revive the IP3 plan "so that Jared Kushner can present it to the President for approval," the Democratic report said, a reference to Mr. Trump's son-in-law and top adviser. The draft memo also referenced another close Trump associate, Thomas J. Barrack, who served as chairman of the president's inaugural committee. It said that Mr. Trump had appointed Mr. Barrack as a special representative to implement the plan, which it called "the Middle East Marshall Plan." The memo also directed agencies to support Mr. Barrack's efforts.