An anonymous reader quotes a report from Gizmodo: The Democratic nominee for governor of Colorado, U.S. Representative Jared Polis, wants to add blockchain to the list of items voters consider this year. Polis currently represents Colorado's 2nd district in the House, and he won the Democratic gubernatorial nomination last month. He's held his seat in the House for about a decade and has been a fairly solid progressive. On Wednesday, Polis added a set of limited proposals regarding blockchain to his gubernatorial platform that at least give us an idea of what it means for a politician to campaign on blockchain. Polis told us he would like to resolve some of the "ambiguity" in federal rules, encourage fintech company investment, remove some licensing requirements for token securities, and exempt cryptocurrencies from state money transition laws. He says these companies are "trying to fit what they're doing into an obsolete, outdated, and often obsolete federal law."

Polis also wants to explore how blockchain could be used for voting security. Polis isn't ready to necessarily endorse moving all voting to the blockchain system. He likes paper ballots and told us, "this would be more how the information is generated and stored from those paper ballots rather than doing so in a centralized database it would be done across a distributed ledger." The congressman also thinks that blockchain could be used to streamline the process for storing public records and making them available to the public. "We're talking more about everything from Colorado contracts, expenditures, titles, a lot of the data-intensive aspects of state government can be more secure and more accessible through distributed ledgers," he said.

Vice President Mike Pence on Thursday laid out details for President Donald Trump's proposed new branch of the U.S. military responsible for protecting national security in outer space. From a report: In a speech at the Pentagon, Pence said the new Space Force would be established by 2020. "As President Trump has said, in his words, it is not enough to merely have an American presence in space -- we must have American dominance in space. And so we will," Pence said. "Space is, in his words, a war-fighting domain just like land and air and sea." He added, "History proves that peace only comes through strength, and in the realm of outer space, the United States Space Force will be that strength in the years ahead." The Space Force would ultimately become the sixth branch of the U.S. Armed Forces and would be equal to the other five, Pence said. The Department of Defense has prepared a report laying out the phases of creating the new branch, which will ultimately have to be reviewed and approved by Congress.

"In Chicago, it used to be claimed that even death couldn't stop a person from voting," writes Slashdot reader lunchlady55. "But in the Deep South, there are new reports of discrepancies in voter turnout with the approval of new electronic voting systems." Ars Technica reports: [I]f any state is a poster child for terrible election practices, it is surely Georgia. Bold claims demand bold evidence, and unfortunately there's plenty; on Monday, McClatchy reported a string of irregularities from the state's primary election in May, including one precinct with a 243-percent turnout.

McClatchy's data comes from a federal lawsuit filed against the state. In addition to the problem in Habersham County's Mud Creek precinct, where it appeared that 276 registered voters managed to cast 670 ballots, the piece describes numerous other issues with both voter registration and electronic voting machines. (In fact it was later corrected to show 3,704 registered voters in the precinct.) Multiple sworn statements from voters describe how they turned up at their polling stations only to be turned away or directed to other precincts. Even more statements allege incorrect ballots, frozen voting machines, and other issues. "George is one of four states in the U.S. that continues to use voting machines with no ability to provide voters a paper record so that they can verify the machine counted their vote correctly," the report adds.

West Virginians serving overseas will be the first in the country to cast federal election ballots using a smartphone app, a move designed to make voting in November's election easier for troops living abroad. But election integrity and computer security experts expressed alarm at the prospect of voting by phone, and one went so far as to call it "a horrific idea." CNN: The state's decision to pioneer mobile voting comes even as the United States grapples with Russian interference in its elections. A recent federal indictment outlined Russia's attempts to hack US voting infrastructure during the 2016 presidential race, and US intelligence agencies have warned of Russian attempts to interfere with the upcoming midterm election. Still, West Virginia Secretary of State Mac Warner and Voatz, the Boston company that developed the app, insist it is secure. Anyone using it must first register by taking a photo of their government-issued identification and a selfie-style video of their face, then upload them via the app. Voatz says its facial recognition software will ensure the photo and video show the same person. Once approved, voters can cast their ballot using the Voatz app.

The Republican-controlled Senate has defeated a push by Democrats to set aside an additional $250 million for states to upgrade their voting systems to protect against hacking and other cyberattacks. From a report: An amendment offered by Vermont Sen. Patrick Leahy received 50 yes votes, 10 short of the 60 needed for approval. Leahy said securing U.S. elections and "safeguarding our democracy" is not a partisan issue. He said the Senate "must send a clear message to Russia and other foreign adversaries that tampering in our elections will not be tolerated. The president will not act. This duty has fallen to us." A similar effort was also rejected in the House.

An anonymous reader shares a report: Microsoft has launched a pilot program aimed at providing cybersecurity protection for political campaigns and election authorities. The pilot program -- named AccountGuard -- was launched at the end of July, Bleeping Computer has learned, and was set in motion for the 2018 US midterm elections. According to the pilot's website, AccountGuard "provides additional security and threat monitoring for Microsoft accounts belonging to participating US campaigns, political committees, campaign tech vendors, and their staff, who are likely to be at a higher risk in the lead up to elections."

Microsoft is now running a website where participants in the 2018 US midterm elections can sign up for this increased protection. According to the portal, participation is offered on a non-partisan basis and is by invitation only. Users from the following organizations are eligible to participate: (1) US-based political campaigns (2) US-based political committees (3) Select campaign technology vendors (4) Select individuals may also participate, if invited by eligible campaigns and affiliated organizations Last month, Microsoft said they had detected and helped block hacking attempts -- the first known example of cyber interference in the midterm elections -- against three congressional candidates this year. On Tuesday, Facebook said it was blocking more than two dozen pages that it believed were part of an ongoing political influence campaign.

The Department of Homeland Security announced on Tuesday the creation of a new center aimed at guarding the nation's banks, energy companies and other industries from major cyberattacks that could cripple critical infrastructure. From a report: The launch of the National Risk Management Center was unveiled by DHS Secretary Kirstjen Nielsen at a government-hosted cyber summit in New York City, at which Vice President Mike Pence and several other cabinet secretaries are expected to speak. In prepared remarks, Ms. Nielsen said that cyber threats now posed a greater threat to the country than physical attacks. DHS was founded 15 years ago to prevent another Sept. 11, 2001, Ms. Nielsen said, but "today I believe the next major attack is more likely to reach us online than on an airplane." The center's creation was motivated by a growing recognition in government that sophisticated cyberattacks, particularly those deployed by foreign adversaries, can not only harm a company or industry but can cause systemic failure across society, Chris Krebs, DHS's top cyber official, said in an interview.

Facebook is preparing to announce that it has identified a coordinated political influence campaign, with dozens of inauthentic accounts and pages that are believed to be engaging in political activity ahead of November's midterm elections, The New York Times reported Tuesday, citing three people briefed on the matter. From the report: In a series of briefings on Capitol Hill this week, the company told lawmakers that it detected the influence campaign as part of its investigations into election interference. It has been unable to tie the accounts to Russia, whose Internet Research Agency was at the center of an indictment earlier this year for interfering in the 2016 election, but company officials told Capitol Hill that Russia was possibly involved, according to two of the officials. Facebook is expected to announce its findings on Tuesday afternoon. The company has been working with the F.B.I. to investigate the activity. Like the Russian interference campaign in 2016, the recently detected campaign dealt with divisive social issues. Update: Facebook has confirmed the story, adding: Today we removed 32 Pages and accounts from Facebook and Instagram because they were involved in coordinated inauthentic behavior. This kind of behavior is not allowed on Facebook because we don't want people or organizations creating networks of accounts to mislead others about who they are, or what they're doing. We're still in the very early stages of our investigation and don't have all the facts -- including who may be behind this. But we are sharing what we know today given the connection between these bad actors and protests that are planned in Washington next week. We will update this post with more details when we have them, or if the facts we have change. It's clear that whoever set up these accounts went to much greater lengths to obscure their true identities than the Russian-based Internet Research Agency (IRA) has in the past. We believe this could be partly due to changes we've made over the last year to make this kind of abuse much harder.

On Monday, Senator Mark Warner published 20 proposals on how to regulate big tech platforms. What's interesting is that none of the proposals call for breaking up the pseudo-monopolies. Instead, they aim to start a substantive debate by laying out different paths to address problems posed by the platforms. Gizmodo reports: What may be more important than the individual proposals themselves is that the document is at least trying to organize a holistic way of thinking about the issues now on the table. It breaks down the areas that need addressing into the promotion of disinformation, privacy and consumer protection, and ensuring competition in the marketplace. Just to highlight a few of the good issues on the table, the white paper blessedly brings the conversation back to privacy and data ownership -- something that seems to have been lost as the conversation has turned to content moderation. The easiest recommendation is to implement what it calls "GDPR-like" data protection legislation that would give Americans similar data rights as EU citizens gained in May. The jury is still out on the long-term consequences of those reforms, but they require greater transparency and consent for a company's terms of service, along with many more tools for keeping track of what information a company collects on you.

On the competition side of things, the proposal suggests a data-transparency bill that would give users a more granular idea of how their data is being used and how much its worth to an individual platform. One concern it addresses is that platforms expand how they monetize a person's data while the user is often unaware of how much they're actually giving up, value-wise, when they agree to hand over their data in exchange for a particular service. Another benefit would be that regulators would have a better idea of what they're evaluating in antitrust enforcement cases. The proposals relating to disinformation are a little more worrisome. A requirement that platforms "clearly and conspicuously label bots" wouldn't be so bad, but it's a daunting task and opens up the potential for false positives. Likewise, demanding networks identify a user's true identity is unrealistic, and the option of anonymity online should be protected. Axios was first to publish the list of 20 proposals compiled by Warner's staff. Is there a proposal that resonates with you? If not, how would you regulate the Big Tech platforms?

"The UK parliament has provided another telling glimpse behind the curtain of Facebook's unregulated ad platform by publishing data on scores of pro-Brexit adverts..." reports TechCrunch, adding that the 2016 ads "were run prior to Facebook having any disclosure rules for political ads. So there was no way for anyone other than each target recipient to know a particular ad existed or who it was being targeted at." An anonymous reader quotes their report: The targeting of the ads was carried out on Facebook's platform by AggregateIQ, a Canadian data firm that has been linked to Cambridge Analytica/SCL... [I]t's not clear how many ad impressions they racked up in all. But total impressions look very sizable. While some of what runs to many thousands of distinctly targeted ads which AIQ distributed via Facebook's platform are listed as only garnering between 0-999 impressions apiece, according to Facebook's data, others racked up far more views. Commonly listed ranges include 50,000 to 99,999 and 100,000 to 199,999 -- with even higher ranges like 2M-4.9M and 5M-9.9M also listed....

The publication of the Brexit ads is, above all, a reminder that online political advertising has been allowed to be a blackhole -- and at times a cesspit -- because cash-rich entities have been able to unaccountably exploit the obscurity of Facebook's systemically dark ad targeting tools for their own ends, and operate in a darkness where only Facebook had oversight (and wasn't exercising any), leaving the public no right of objection let alone reply, despite it being people's lives that are indelibly affected by political outcomes.... The company has been making some voluntary changes to offer a degree of political ad disclosure, as it seeks to stave off regulatory rule. Whether its changes -- which at best offer partial visibility -- will go far enough remains to be seen.
Earlier this month the UK's data watchdog released a report titled "Democracy disrupted?" in which the UK's Information Commissioner recommends an "ethical pause" of political advertising on social media to allow key players "to reflect on their responsibilities in respect to the use of personal data..." And this weekend an interim report from the House of Commons' media committee "said democracy is facing a crisis because the combination of data analysis and social media allows campaigns to target voters with messages of hate without their consent," according to the Associated Press.

"Tech giants like Facebook, which operate in a largely unregulated environment, are complicit because they haven't done enough to protect personal information and remove harmful content, the committee said."

An anonymous reader quotes a report from VICE News: Twitter is limiting the visibility of prominent Republicans in search results -- a technique known as "shadow banning" -- in what it says is a side effect of its attempts to improve the quality of discourse on the platform. The Republican Party chair Ronna McDaniel, several conservative Republican congressmen, and Donald Trump Jr.'s spokesman no longer appear in the auto-populated drop-down search box on Twitter, VICE News has learned. It's a shift that diminishes their reach on the platform -- and it's the same one being deployed against prominent racists to limit their visibility. The profiles continue to appear when conducting a full search, but not in the more convenient and visible drop-down bar. (The accounts appear to also populate if you already follow the person.)

Democrats are not being "shadow banned" in the same way, according to a VICE News review. McDaniel's counterpart, Democratic Party chair Tom Perez, and liberal members of Congress -- including Reps. Maxine Waters, Joe Kennedy III, Keith Ellison, and Mark Pocan -- all continue to appear in drop-down search results. Not a single member of the 78-person Progressive Caucus faces the same situation in Twitter's search. Presented with screenshots of the searches, a Twitter spokesperson told VICE News: "We are aware that some accounts are not automatically populating in our search box and shipping a change to address this." Asked why only conservative Republicans appear to be affected and not liberal Democrats, the spokesperson wrote: "I'd emphasize that our technology is based on account *behavior* not the content of Tweets."

Russian President Vladimir Putin's gift of a soccer ball to U.S. President Donald Trump last week set off a chorus of warnings -- some of them only half in jest -- that the World Cup souvenir could be bugged. Republican Senator Lindsey Graham even tweeted, "I'd check the soccer ball for listening devices and never allow it in the White House." It turns out they weren't entirely wrong. From a report: Markings on the ball indicate that it contained a chip with a tiny antenna that transmits to nearby phones. But rather than a spy device, the chip is an advertised feature of the Adidas AG ball. Photographs from the news conference in Helsinki, where Putin handed the ball to Trump, show it bore a logo for a near-field communication tag. During manufacturing, the NFC chip is placed inside the ball under that logo, which resembles the icon for a WiFi signal, according to the Adidas website. The chip allows fans to access player videos, competitions and other content by bringing their mobile devices close to the ball. The feature is included in the 2018 FIFA World Cup match ball that's sold on the Adidas website for $165 (reduced to $83 in the past week).

Last month, Washington filed a lawsuit against Facebook (and Google) for failing to disclose political ad spending, as required by state law. Washington law requires that "political campaign and lobbying contributions and expenditures be fully disclosed to the public and that secrecy is to be avoided." Today, as reported by Reuters, Facebook has signed an agreement with the state to stop third-party advertisers in the U.S. from excluding protected groups from seeing their ads. From the report: Facebook confirmed the agreement with the state, and said the announcement is part of a long process to ensure that tools used to target ads on the social network are safe, civil, and fair. "We've removed thousands of categories related to potentially sensitive personal attributes -- like race, ethnicity, sexual orientation and religion -- from our exclusion targeting tools," the company said, pointing to its efforts from over a year-and-a-half. The legally binding agreement with Washington state requires Facebook to make the changes to its ad platform within 90 days, Washington Attorney General Bob Ferguson said.

"Russian hackers [...] broke into supposedly secure, "air-gapped" or isolated networks owned by utilities (Warning: source may be paywalled; alternative source) with relative easy by first penetrating the networks of key vendors who had trusted relationships with the power companies," reports The Wall Street Journal, citing officials at the Department of Homeland Security. "They got to the point where they could have thrown switches" and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS. The hacking campaign started last year and likely is continuing. From the report: DHS has been warning utility executives with security clearances about the Russian group's threat to critical infrastructure since 2014. But the briefing on Monday was the first time that DHS has given out information in an unclassified setting with as much detail. It continues to withhold the names of victims but now says there were hundreds of victims, not a few dozen as had been said previously. It also said some companies still may not know they have been compromised, because the attacks used credentials of actual employees to get inside utility networks, potentially making the intrusions more difficult to detect.

The attackers began by using conventional tools -- spear-phishing emails and watering-hole attacks, which trick victims into entering their passwords on spoofed websites -- to compromise the corporate networks of suppliers, many of whom were smaller companies without big budgets for cybersecurity. Once inside the vendor networks, they pivoted to their real focus: the utilities. It was a relatively easy process, in many cases, for them to steal credentials from vendors and gain direct access to utility networks. Then they began stealing confidential information. For example, the hackers vacuumed up information showing how utility networks were configured, what equipment was in use and how it was controlled. They also familiarized themselves with how the facilities were supposed to work, because attackers "have to learn how to take the normal and make it abnormal" to cause disruptions, said Mr. Homer. Their goal, he said: to disguise themselves as "the people who touch these systems on a daily basis."

The proliferation of digital tools that make text and email messages vanish may be welcome to Americans seeking to guard their privacy. But open government advocates fear they are being misused by public officials to conduct business in secret and evade transparency laws. From a report: Whether communications on those platforms should be part of the public record is a growing but unsettled debate in states across the country. Updates to transparency laws lag behind rapid technological advances, and the public and private personas of state officials overlap on private smartphones and social media accounts. "Those kind of technologies literally undermine, through the technology itself, state open government laws and policies," said Daniel Bevarly, executive director of the National Freedom of Information Coalition. "And they come on top of the misuse of other technologies, like people using their own private email and cellphones to conduct business." Some government officials have argued that public employees should be free to communicate on private, non-governmental cellphones and social media platforms without triggering open records requirements.

Ecuador is planning to hand over WikiLeaks founder Julian Assange to UK authorities in the "coming weeks or even days," RT editor-in-chief Margarita Simonyan said, citing her own sources. Simonyan reported the news in a recent tweet, which was reposted by WikiLeaks. Slashdot reader Okian Warrior first shared the news. Daily Express reports: Foreign Office minister Sir Alan Duncan is said to be involved in the diplomatic effort, which has come weeks ahead of a visit by new Ecuadorian president, Lenin Moreno, who called Mr Assange an "inherited problem." He also referred to the exiled WikiLeaks founder as a "stone in the shoe." Sources close to Assange claim he was not aware of the talks, but believe America is piling "significant pressure" on Ecuador to give him up, according to the Sunday Times. The sources claim that America has threatened to block a loan from the International Monetary Fund (IMF) if he is not removed from the embassy, based in Knightsbridge, west London. UPDATE 7/21/18: The Intercept also confirmed the news. Glen Greenwald, former reporter for The Guardian, writes: "A source close to the Ecuadorian Foreign Ministry and the President's office, unauthorized to speak publicly, has confirmed to the Intercept that Moreno is close to finalizing, if he has not already finalized, an agreement to hand over Assange to the UK within the next several weeks. The withdrawal of asylum and physical ejection of Assange could come as early as this week."

An anonymous reader shares a report: Microsoft detected and helped block hacking attempts against three congressional candidates this year, a company executive said Thursday, marking the first known example of cyber interference in the midterm elections. "Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks," said Tom Burt, Microsoft's vice president for security and trust, at the Aspen Security Forum. "And we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections."

Burt declined to name the targets but said they were "people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint." Microsoft took down the fake domain and worked with the federal government to block the phishing messages.

Kim Zetter, reporting for Motherboard: The nation's top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years, raising questions about the security of those systems and the integrity of elections that were conducted with them. In a letter sent to Sen. Ron Wyden (D-OR) in April and obtained recently by Motherboard, Election Systems and Software acknowledged that it had "provided pcAnywhere remote connection software ... to a small number of customers between 2000 and 2006," which was installed on the election-management system ES&S sold them.

The statement contradicts what the company told me and fact checkers for a story I wrote for the New York Times in February. At that time, a spokesperson said ES&S had never installed pcAnywhere on any election system it sold. "None of the employees -- including long-tenured employees, has any knowledge that our voting systems have ever been sold with remote-access software," the spokesperson said. ES&S did not respond on Monday to questions from Motherboard, and it's not clear why the company changed its response between February and April. Lawmakers, however, have subpoena powers that can compel a company to hand over documents or provide sworn testimony on a matter lawmakers are investigating, and a statement made to lawmakers that is later proven false can have greater consequence for a company than one made to reporters.

Rep. Mike Coffman (R-CO) today announced his support for a bill that would institute the basic outlines of the FCC's 2015 Open Internet order, which banned the throttling and blocking of content as well as harmful paid prioritization practices. He is also the first Republican to sign on to the Democrat-led discharge petition, which aims to force a vote on the House floor to roll back the FCC's December decision to repeal net neutrality. The Verge reports: The 21st Century Internet Act aims to restructure the current framework by which the internet has been governed since the '90s. Coffman's bill moves past this argument by amending the 1934 Telecommunications Act and adding the new Title VIII. This new classification would "permanently codify into law the 'four corners' of net neutrality" by banning providers from controlling traffic quality and speed and forbidding them from participating in paid prioritization programs or charging access fees from edge providers.

On top of providing stable ground for net neutrality rules to be upheld in the future, the legislation also makes it illegal for providers to participate in "unfair or deceptive acts or practices." It directs the FCC to investigate claims of anticompetitive behavior on behalf of consumers after receiving their complaints. Transparency requirements are heightened for providers as well, as companies must publicly disclose information regarding their network practices to allow consumers to "make informed choices regarding use of such services."

Special counsel Robert Mueller has obtained a new indictment charging 12 Russian intelligence officers with hacking Democrats to interfere with the 2016 presidential election, and with stealing information of about 500,000 American voters, the Justice Department announced Friday. From a report: The indictment lodged in Washington, D.C., accuses the Russian spies of hacking into the Democratic National Committee and the presidential campaign of Hillary Clinton, and of releasing emails obtained from that cybersnooping with a a goal of influencing the election. The accused also hacked into state boards of elections, secretaries of state, and into companies that provided software used to administer elections, according to Deputy Attorney Rod Rosenstein. Rosenstein said he briefed President Donald Trump about the case earlier in the week.