INF529: Security and Privacy In Informatics Elections, Politics, Other Topics
Prof. Clifford Neuman
Lecture 14 24 April 2020 Online via Webex Course Outline
• What data is out there and how is it used • Technical means of protection • Identification, Authentication, Audit • The right of or expectation of privacy • Social Networks and the social contract – February 21st • Criminal law, National Security, and Privacy – March 6th • Big data – Privacy Considerations – March 13th • International law, Jurisdiction, Privacy Regulations • Privacy Regulation (civil) and also Healthcare – April 3rd • The Internet of Things – April 10th • Technology – April 17th • Elections, Politics, Other Topics – April 24th • The future – What can we do – may 1st May 1st Presentations
Biometrics and related technologies • Vaidhyanathan S - Privacy Concerns for Biometrics • Yi-Ting Lin - Privacy of Facial Recognition • Haotian Mai - Access and use of DNA database by government agencies especially for criminal investigation. Today’s Presentations
Elections and Politics • John Melloy – Why Aren’t Elections Online • Carlin Cherry – American Campaign Data Security • Ashwin Nirantar - Security and Privacy in Election Campaigns • Glenn Johnson – Elections and Privacy It’s 2020, Why Aren’t Elections Online? John R Melloy III CSCI 555 – 4/24/20 Current System
Different by state, district Votes are counted locally or reported to central location Backups, paper trails, and chain of custody Accuracy: Not as simple as recounting Much of this is public (all but matching identity to vote) Requirements
Accuracy Auditability Security factors heavily here Anonymity Prove identity, but vote anonymously Scalability Expectations: Speed, Trustworthiness, Accessibility Online System
Login from any internet connected device Prove state registration, cast vote Accuracy: Electronic verification, security Anonymity: Report vote and voter separately Scalability: Potentially large amounts of users at once Speed, Trust, Accessibility Benefits
Increased turnout, accessibility Faster vote counting, reporting Long term decrease in costs Can still vote amidst a pandemic Improves 2/3 expectations, lots of problems with requirements Accuracy: Chain of Custody and Auditing
Internet completely violates chain of custody No physical paper record Voter cannot confirm ballot Possible solution: Print copies of votes at server location How to confirm? No way around chain of custody problem Popup for voter to confirm Anonymity: Identity
Must prove identity, vote anonymously How to prevent multi-voting How to prevent identity theft voting – especially in case of mass identity data breach How to handle provisional ballots Possible Solution: Separate authentication and voting servers Must be atomic! Provisional is unclear Scalability (and Security): State vs Local Level
States in charge of rules, registration databases If statewide systems, how to handle local elections? If local systems, enough bandwidth? Over internet, threats become national level (i.e. nation state) Possible solution: Statewide system with local capabilities Must have appropriate security measures, fault tolerance Expectation: Voter Confidence
Increase in turnout only with trust Must publically prove system works Beyond just auditing – must prove system has not been tampered with Fake sites / scams Possible solution: Trusted computing and education Open source software, lots of testing Voters must be aware Other Issues
Initial high cost (development, deployment, training, etc.) Security of personal computers Accessibility issues Case Study: Voatz
Has been used in West VA, Denver, Utah County Uses facial recognition to authenticate Uses blockchain to record votes Security Researchers: Tons of problems, not trustworthy! Case Study: Estonia
World’s first general online elections in 2007 Uses ID-card and pin number QR Code to verify correct vote Security Researchers: Huge flaws, demonstrated attacks against system However – Estonia saw huge increase in turnout, saved working days Summary
Online voting is possible, but not feasible yet Too many uncontrollable variables How to fix election after it has been compromised? Until solutions can be found, the risk is too great References
Dybdahl, Taylor, et al. 27 June 2019, www.ncsl.org/research/elections-and-campaigns/voting-system-paper- trail-requirements.aspx.
Electronic Voting. 16 Apr. 2020, en.wikipedia.org/wiki/Electronic_voting.
Fact Sheet: U.S. Elections Process and Voting Machine Security. 8 Nov. 2016, www.democracyfund.org/publications/fact-sheet-us-elections-process-and-voting-machine-security.
Ghose, Tia. Election Day 2016: Haow Are Votes Counted? 8 Nov. 2016, www.livescience.com/56787-how-are- votes-counted.html.
Harris, Bev. "Man in the Middle" Attacks to Subvert the Vote. web.archive.org/web/20150721233505/electiondefensealliance.org/man_in_the_middle.
Harris, Bev. About Chain of Custody. 14 Feb. 2016, blackboxvoting.org/about-chain-of-custody/.
Hinkle, Brian, and Wendy Underhill. 24 Mar. 2020, www.ncsl.org/research/elections-and-campaigns/all-mail- elections.aspx.
Hubler, Katy Owens, and Wendy Underhill. 6 Aug. 2018, www.ncsl.org/research/elections-and- campaigns/voting-system-standards-testing-and-certification.aspx.
i-Voting - e-Estonia. e-estonia.com/solutions/e-governance/i-voting/.
Independent Report on E-Voting in Estonia. estoniaevoting.org/.
Jefferson, David, et al. What We Don’t Know About the Voatz “Blockchain” Internet Voting System. 1 May 2019, cse.sc.edu/~buell/blockchain-papers/documents/WhatWeDontKnowAbouttheVoatz_Blockchain_.pdf.
Lynch, Dylan, et al. Election Security: Cybersecurity: What Legislators (and Others) Need to Know. 4 Feb. 2019, www.ncsl.org/research/elections-and-campaigns/election-security.aspx. References (cont.)
Mearian, Lucas. Why Blockchain-Based Voting Could Threaten Democracy. 12 Aug. 2019, www.computerworld.com/article/3430697/why-blockchain-could-be-a-threat-to-democracy.html.
Orcutt, Mike. Why Security Experts Hate That "Blockchain Voting" Will Be Used in the Midterm Elections. 2 Apr. 2020, www.technologyreview.com/2018/08/09/2425/why-security-experts-hate-that-blockchain-voting-will-be- used-in-the-midterm-elections/.
Perrigo, Billy. Estonia Election: What U.S. Can Learn From Electronic Voting. 1 Mar. 2019, time.com/5541876/estonia-elections-electronic-voting/.
Philanthropies, Tusk. National Cybersecurity Center Successfully Completes Third Party Security Audit for Denver's Mobile Voting Pilot. 5 Aug. 2019, www.prnewswire.com/news-releases/national-cybersecurity-center- successfully-completes-third-party-security-audit-for-denvers-mobile-voting-pilot- 300896234.html?tc=eml_cleartime.
Schneier, Bruce. Schneier on Security. 9 Nov. 2004, www.schneier.com/essays/archives/2004/11/whats_wrong_with_ele.html.
Stokes, Jon. Analysis: e-Voting's Success Rests on Chain-of-Custody Issue. 21 Feb. 2008, arstechnica.com/information-technology/2008/02/analysis-evotings-success-rests-on-chain-of-custody-issue/.
Underhill, Wendy. 2 Aug. 2019, www.ncsl.org/research/elections-and-campaigns/election-security-state- policies.aspx.
Voluntary Voting System Guidelines: U.S. Election Assistance Commission. www.eac.gov/voting- equipment/voluntary-voting-system-guidelines.
Voting Equipment in the United States. www.verifiedvoting.org/resources/voting-equipment/.
Voting Methods and Equipment by State. ballotpedia.org/Voting_methods_and_equipment_by_state. Title
Carlin
AMERICAN POLITICAL CAMPAIGN DATA SECURITY Carlin Cherry INF 529 | Dr. Neumann April 24, 2020
Agenda
1. 2016: Cambridge Analytica scandal 2. Data Types 3. Data Usage 4. Data Transfer 5. Data in 2020 Campaigns 6. Protect your data Cambridge Analytica
● Scandal involving Facebook and other data to target voters known as “persuadables” with political ads ● Cambridge Analytica claimed to have 5,000 data points on each American voter ● Not just in America -- Brexit, Trinidad and Tobago, Kenya, India, Australia, and others also used data ● Came to a head when David Carroll requested to see the data they’d collected about him Types of data collected
● Voter file ● Campaign data collection encompasses a few kinds of information: ○ Data voluntarily given to a political campaign ○ Data from credit card transactions ○ Data from internet browsing history 5,900,000
During the 2016 campaign, President Trump ran over 5.9 million unique ads. The 2020 data battleground: location data
1. Apps you’ve downloaded sell your data to data brokers. 2. Data brokers sell that information to bidders like political campaigns. 3. Campaigns harness that data to send the user targeted, optimized campaign messaging. What Do They Collect?
https://joebiden.com/privacy-policy/ https://www.donaldjtrump.com/privacy-policy/
● Lays out data usage guidelines ● “We may use your data” ● Make it very clear that they collect, ● Makes it very clear that they collect, use, and have the authority to use, and have the authority to distribute your data distribute your data Security of your political data
● Many campaign officials decline to comment on cybersecurity and data protection measures taken because revealing their measures would render them less effective ● Campaigns generally lack cybersecurity best practices ● Campaigns are targets by their very nature because they are prone to change, pressed for money, and often lack clear management structures Defending Digital Democracy
● The Defending Digital Democracy Project (D3P) aims to identify and recommend strategies, tools, and technology to protect democratic processes and systems from cyber and information attacks. How to make your political data more secure
1. Do not share your personal information with a political campaign and ask your friends not to as well. 2. Be considerate about the information you share over social media. 3. Configure your privacy settings to protect your personal data. 4. Be aware of permissions given to apps you download onto your cell phone. 5. Use an end-to-end encrypted messaging to keep your communications private. Title
Carlin Works Cited
● The Great Hack: https://bit.ly/2Kj7mfO ● Vox: https://bit.ly/2VkGfXI ● The Atlantic: https://bit.ly/3bqNHGq ● Defending Digital Democracy: https://bit.ly/2Khg79Y ● CNN: https://cnn.it/2KjhPaK Security and Privacy in Election Campaigns
Ashwin Nirantar Overview
• Voter Files • Voter Privacy • Breaches and Leaks • Around the World • Voter Privacy Act • Proposals Voter Files
• Profiles of Individual voters • Collected for Political Campaigning • Basically, a list of people who could potentially vote in the next election • Publicly accessible information combined with more detailed data • Acquired from outside sources and polling • Governments use for managing voter eligibility • Political parties use it in campaign strategizing. Why is this data important?
• Political actors require access to this data to: • Communicate with voters • Ensure that all and only eligible voters cast a ballot • Geo-targeting: Refers to the practice of delivering different content or advertisements to consumers based on their geographic locations. Sources of voter data
1) Voter Registration Records: Gathered from an electoral register as a record of who is registered to vote. 2) Polls or surveys: Gathered by surveying methods 3) Campaign web sites: Interactive websites to let people know more about the campaign. 4) State and National voter files State Voter Registration Databases
• Types of data collected • 48 of the 50 states require voters to submit: • Name • Address • Signature • All but 1 also require: • Date of Birth • Majority of them require: • Phone number • Gender • All or part of SSNs • Party affiliation • Most states also keep track of: • Voter History Campaign Websites
1) Required Data: Information any visitor must input to create a registered user account. Needed to gain access to a host of web tools for online political engagement. • Local events • Contacting undecided voters who reside nearby. • Posting messages on the campaign blog. • Allows the campaigns to link voters in the physical world with their email addresses, thereby creating a very cheap and efficient channel of mass communication to known supporters. • Helps in building profiles of individual voters who use the site’s services. Campaign Websites
2) Observed Data: • Data generated whenever a user’s browser accesses the website. e.g. IP addresses. • Analyzed to determine the user’s location. • Browsing patterns • Further used for targeted advertisements. • Every interaction is an opportunity to collect data. Obama Campaign
1) Website: barackobama.com 2) 3 million donors made a total of 6.5 million online donations 3) Adding up to more than $500 million. 4) 13 million voters shared their email addresses 5) Campaign sent more than 1 billion emails with about 7,000 different messages 6) 1 million people signed up for Obama’s text-messaging program 7) 2 million people created profiles on Obama’s own social network (MyBO) 8) 200,000 offline events planned 9) 400,000 blog posts were shared 10) 8.6 million visitors for the website NationBuilder
1) Helps individuals and organizations cast their influence into the wider world. 2) Helps for organizing events, sending out communications via email and on social media, and keeping a campaign’s website up to date. 3) Political campaigns can request voter files from NationBuilder, gaining a frequently updated pool of information that includes voter history and contact details, like email addresses and phone numbers. 4) Data encompasses more than 190 million people in the United States who possess the right to vote. 5) Once an individual is added to a campaign’s database, they can be sent messages via social media, or emailed directly from the web client. 6) Trump’s campaign used NationBuilder to coordinate volunteer efforts. How easy it is to get data How easy it is to get data
• In Chile: The electoral register is freely accessible online as a PDF after the Chilean electoral service declared that it should be made public. The database contains information for all Chileans over 17 years old. Includes names, unique voting number, gender and address. • In Kenya: Various sources to help political parties and candidates in Kenya to form their own voter files. Mass voter registration in 2017 by Kenya's Independent Electoral and Boundaries Commission. National ID card, fingerprints and photo taken at the local polling station. Made publically available, in printed form - and placed somewhere central to each voting region. • In UK: Each party maintains it's own voter file, therefore they differ greatly depending on the resources and technical expertise of the party itself. Vote with Me
Source: https://www.businessinsider.com/vote-with-me-shows-contacts-voting-record-2018-10 Vote with Me • How it works: Users give some basic personal information. • This allows the application to pull your voting information. • Tells you your voting record. • Users sync their contacts with the application. • Allows people to know who amongst their contacts hasn’t voted. • This is then used for nudging other people to vote. • Unknown to many people that all the voter registration information is public. • This application changes the whole dynamic of nudging. What is the problem with this? • Solove’s Taxonomy of Privacy Problems: Solove’s Taxonomy of Privacy Problems • Aggregation: The problem with aggregation is that combining data reveals facts about a person, that he/she/they did not expect to be known when providing data. • Secondary use: The use of information that was collected for one purpose for a different purpose without the individual’s consent. • Exclusion: This creates additional harms by heightening uncertainty over why a decision was taken and making people feel powerless and alienated from the forces that determine their chances in life. Is voter data secure?
1. Just like any form of big data, large databases are formed of voter data. 2. Modern privacy laws are based on Fair Information Practices (FIPs), but most state voting laws fail to satisfy the basic requirements of these principles. 3. For e.g. No/incomplete notices are required regarding the collection of SSNs. 4. Campaigns lack concise and clear description of campaign data practices. 5. Ideally, whenever data is used on such a large scale transparency should be high, but political campaigns often implement secrecy instead. Is voter data secure in USA?
1. Chicago: Chicago’s voter database was hacked to demonstrate it’s inadequate security measures, and contained data including SSNs and DOBs of 1.35 million residents. 2. Tennessee: Tennessee election office’s computer containing voter data including SSNs of 337,000 voters was stolen. 3. Pennsylvania: A web programming error forced one of the websites of the state’s election office to shut down after sensitive data of 30,000 voters was exposed (visitors) Is voter data secure Around the World?
1. France: Around 9GB data linked to Emmanuel Macron was posted online hours before the presidential election. Emmanuel was elected as the President. 2. Hong Kong: Laptops belonging to Registration and Electoral Office were stolen. Included data of 3.78 million voters 3. Philippines: Website of the Election Commission was hacked. Included 340 GB data on 55 million registered voters. 4. Lebanon: Lebanese embassy made available the personal data of Lebanese citizens living abroad. Reasons for minimizing privacy concerns
• Political parties often prioritize secrecy in their operations over transparency, which is ideal for protecting voter data privacy. • Reason for this is they perceive this secrecy as a competitive advantage. According one spokesperson for the Obama campaign, their digital strategies are their nuclear codes. • Privacy notices exist, but lack of clarity in terms of transfer of voter data. • Collection of voter data is addressed, but how the data is handled is often missing from these policies. • It is often claimed that highest commercial standards are being practiced, which is seldom true. • The fact that micro-targeting is a common practice means that in addition to the public data, a wide range of private data is being aggregated, which these campaigns are not transparent about. Government’s role?
• In Canada, political parties are exempt from privacy laws. • Each party can keep voter files without needing to adhere to the same laws that regulate the collection of data by businesses. • This data is then used by these parties to create scales to rate how much each individual supports them. • In the United States of America, currently there is no federal law regulating the collection and use of voter data by political organizations. • But in July 2019, Senator Dianne Feinstein of California introduced a bill to give voters control over how their personal information is used by political candidates and campaigns in federal elections. Voter Privacy Act of 2019
• This bill would give voters basic rights regarding their personal information:
• Right of access • Right of notice • Right of deletion • Right to prohibit transfer • Right to prohibit targeting
• What this bill doesn’t apply to: • Publically available state and local voter registration databases which includes only the voters’ names, addresses and party affiliations.
A link to the bill: https://www.congress.gov/bill/116th-congress/senate-bill/2398/text Section 352. Voter’s Right of Access
• Talks about how an individual shall have the right to direct an entity that obtains an individual’s personal information to disclose that to that individual the categories of personal information that the entity has obtained with respect to that individual. • An entity that receives a verifiable requires from an individual to access an individual’s personal information shall provide the requested information • The entity that receives a verifiable request has to comply to the request within 10 calendar days. • The information should be provided in a concise, and easily accessible form, using clear and plain language. • Should be delivered free of charge. • Shall not be required to provide an individual’s personal information not more than two times in a 12-month period. • Third parties cannot submit verifiable requests on behalf of individuals. Section 353. Voter’s Right of Erasure
• An individual shall have the right to direct any entity collecting his/her/their data to delete any personal information. • The entity should immediately cease processing such personal information and as soon as practicable permanently delete such information. • Shall not re-collect or otherwise obtain any of the individual’s personal information. • Does not apply to publically available information. • Confirmation of deletion shall be provided to the individual’s deletion request. Section 354. Voter’s Right of Erasure to Prohibit Transfer
• An individual shall have the right to direct any entity collecting personal information to not sell or otherwise transfer any of that to any third party. • If such request is made, the entity should comply to the request and not transfer that individual’s personal information directly or indirectly to a third party. • Any intent to sell or transfer personal information should have a notice to do so. • It shall be unlawful to knowingly transfer outside of the United States any individual’s personal information, publicly available information or anonymized information. • Anyone who violates the above point shall be fined under title 18, United States Code, imprisoned not more than 3 years, or both. Section 355. Notice of Receipt of Voter’s Personal Information
• An entity that receives any individual’s personal information from a third party shall inform such individual as to the scope and purpose of receiving such personal information. • The notice shall be provided: • Within a reasonable period of time. • At no cost • In a concise, easily accessible form using clear and plain language. What can be done better
• The Government is moving in the right direction with bills like the Voter Privacy Act. • In it’s most basic form, any practice that protects the privacy of any data source should be followed. • More specifically, political parties and campaigns should involve the following: • Political parties which collect personal data from voters should have disclosures of how the data is being used, and if it is being handed off to any secondary uses. • Providing notices on their websites of the data processing practices. • Notices directed at voters and not any regulation body. • Providing disclaimers wherever necessary. References
• https://ourdataourselves.tacticaltech.org/posts/voter-files • https://privacyinternational.org/state-privacy/28/state-privacy-chile • https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2447956 • https://ourdataourselves.tacticaltech.org/posts/overview-chile • https://ourdataourselves.tacticaltech.org/posts/breaches-leaks-hacks • https://www.greenwichct.gov/609/Is-My-Voter-Information-Private • https://ourdataourselves.tacticaltech.org/posts/overview-kenya/ • https://www.vox.com/2016/2/10/11587716/donald-trumps-secret-weapon-in-winning-new- hampshire • https://www.congress.gov/bill/116th-congress/senate-bill/2398/text • https://slate.com/technology/2018/11/vote-with-me-app-friends-shaming.html • “Voter Privacy in the age of big data”, Ira Rubinstein, Wisconsin Review. Questions? Elections and Privacy Glenn Johnson
61 Elections and Privacy
I learned much more in preparing this presentation than I expected to, and went in a completely different direction from where I originally intended.
62 Scope: Which Elections?
Elections for Democratic representation in our Republic:
City Council and Mayors up through President of the United States
Not President of the Stamp Club
63 Privacy vs. Security in General
Election Security, especially Integrity, is a big deal, but not in scope for this presentation.
64 My Memory and Expectation
Secret ballot:
Everyone goes into booth and closes curtain behind them
65 Expectations in Literature
National Academy of Science published “Securing the Vote - Protecting American Democracy” in 2018.
● Assumes that privacy is expected ● “the casting of a ballot is an anonymous one-time event” EFF: “The right to an anonymous vote is a cornerstone of the U.S. democratic process.”
66 Turns out we didn’t start that way
● United States: Our first election processes copied from the British ● Voting was often viva voce, by voice
○ Or by casting a bean in a hat
○ Ballotta - Italian for small ball ● Voting was in public ● There was no expectation of privacy ● Also called “Open Ballot System”
67 Why?
Some say the colonists considered the secret ballot cowardly, underhanded, and despicable;
As one South Carolinian put it, voting secretly would “destroy that noble generous openness that is characteristick of an Englishman.”
68 Problems without secret ballots
● Corruption and voter intimidation were rampant ● Election day riots were common
○ Mid 19th century decades: 89 American killed at the polls ● One congressional election protest dismissed after violence:
○ “any ‘man of ordinary courage’ could have made his way to the polls” ● New York City’s notorious Tammany Hall prospered without secret ballots
69 History of the Secret Ballot
● Ancient Greece and Rome ● 1795 - France: "All elections are to be held by secret ballot”. ● 1838 - 1857 - United Kingdom: Chartism movement demanded secret ballot ● 1856 - 1877 - Australia implemented secret ballot
○ Secret Ballot is also known as the Australian Ballot ● 1888 - United States - Massachusetts is first state to adopt secret ballot
○ 1896 - most other states do the same
○ 1950 - South Carolina is last state to adopt secret ballot
70 Some say we should abandon secret ballots
● They say earlier need is diminished ● Did some “hold their nose and vote” in 2016?
○ Did they tell pollsters, family, and friends one thing then vote differently?
○ Would they vote differently if it was public?
○ Or would some not vote at all if it were public? ● In Doe vs. Reed, Justice Antonin Scalia wrote:
○ “Requiring people to stand up in public for their political acts fosters civic courage, without which democracy is doomed.”
71 How secret are our ballots now?
● Voter registration records are for available
○ Name, address, party affiliation
○ Not votes cast ● Political contributions are public ● Not hard to correlate these and predict votes
72 Is there a “Constitutional Right” for a Secret Ballot?
● Not in the US Constitution ● But voting is a State thing ● 44 states protect secret ballot in state constitution ● 6 states have legal reference to secrecy in voting ● So it is required in 50 states
73 Are things really better?
● Targeted minority voter suppression by volunteer “election monitors” is not better ● Since 1982, “better” has been in part due to a Consent Decree preventing party affiliated election monitors ● The Consent Decree was lifted in 2018
○ Like waiting 24 hours after Tylenol to see if fever is gone, we need to wait ● OK, the waiting is over:
74 April 11, 2020 Headline
Political Operatives Float Plan to Place Retired Military, Police Officers as Political Party Poll Watchers on Election Day
[modified to be depoliticized]
75 So…. If poll monitors are disenfranchising voters with secret ballots, imagine what they would do with open ballots.
Conclusion: The Secret Ballot Is Still Needed;
Privacy is still important
76 Technical Threats to Ballot Secrecy: Voatz
● MIT researchers found multiple vulnerabilities in Voatz voting app including privacy issues. ● Voatz uses an external vendor for voter ID verification, Jumio ● Voatz privacy policy doesn’t indicate PII data flowing to 3rd party ● If Jumio security is lax, voters photo, driver’s license data, and other forms of ID could be exposed
Feb 13,2020 77 Technical Threats to Ballot Secrecy: Remote Voting
From the National Academies Press report “Securing the Vote: Protecting American Democracy” in 2018,
Remote voting (by mail, fax, or via the Internet) bring a privacy risk:
“individuals can be coerced or paid to vote for particular candidates outside the oversight of election administrators.”
78 Technical Threats to Ballot Privacy: Location
● Company tracked Iowa caucusgoers’ phones in 2016. ● A company named Dstillery tracked the location of 16,000 devices ● Correlated multiple data sources to profile users supporting different candidates; for example
○ Young couples expecting a baby or with a young baby tended to be Republican and support Sen. Marco Rubio
○ Sports Fans tended to support Rubio and Sanders
■ Except NASCAR fans supported Trump and Clinton
79 Elections and Privacy
Election privacy and secret ballots clearly still matters: “The right to an anonymous vote is a cornerstone of the U.S. democratic process.”
But I learned in research for this presentation that
It is as important to understand and defend WHY privacy matters as it is to defend against unintentional technical threats (vulnerabilities) to privacy.
Without defending the WHY, we could be back to open ballots and political influence machines like Boss Tweed and Tammany Hall by just policy.
80 Questions?
81 References - 1
Securing the Vote: Protecting American Democracy (2018) Chapter: 5 Ensuring the Integrity of Elections The National Academies Press https://www.nap.edu/catalog/25120/securing-the-vote-protecting-american-democracy https://www.nap.edu/read/25120/chapter/7#87 Page 87
Voter Privacy: What You Need to Know About Your Digital Trail During the 2016 Election BY DAVE MAASS FEBRUARY 29, 2016 https://www.eff.org/deeplinks/2016/02/voter-privacy-what-you-need-know-about-your-digital-trail-during-2016-election
Oral Voting in America from Colonial Times to the Late 19th Century Posted on February 26, 2019 https://brewminate.com/oral-voting-in-america-from-colonial-times-to-the-late-19th-century/
Rock, Paper, Scissors - How we used to vote. By Jill Lepore in The New Yorker - Annals of Democracy October 13, 2008 Issue https://www.newyorker.com/magazine/2008/10/13/rock-paper-scissors 82 References - 2
Secret ballot - Wikipedia https://en.wikipedia.org/wiki/Secret_ballot
Australian ballot - ENCYCLOPÆDIA BRITANNICA https://www.britannica.com/topic/Australian-ballot
Doe vs. Reed https://www.supremecourt.gov/opinions/09pdf/09-559.pdf
Access To and Use Of Voter Registration Lists 8/5/2019 https://www.ncsl.org/research/elections-and-campaigns/access-to-and-use-of-voter-registration-lists.aspx
Is voting a public or a private act? (Your ballot is not as secret as you think) Ellen K. Boegel in American Magazine, August 11, 2017 https://www.americamagazine.org/politics-society/2017/08/11/voting-public-or-private-act-your-ballot-not-secret-you-think
83 References - 4
Want to improve democracy? Abolish the secret ballot. - Make voters stand up for their choices. By Yoav Fromer in The Washington Post, Jan. 6, 2017 at 3:00 a.m. PST https://www.washingtonpost.com/posteverything/wp/2017/01/06/want-to-improve-democracy-abolish-the-secret-ballot/
The Secret Ballot at Risk https://secretballotatrisk.org/ https://secretballotatrisk.org/i/right-map.png
Judge ends consent decree limiting RNC 'ballot security' activities https://www.politico.com/story/2018/01/09/rnc-ballot-security-consent-decree-328995
Conservative Operatives Float Plan to Place Retired Military, Police Officers as GOP POLL Watchers on Election Day Lee Fang, Nick Surgey in The Intercept, April 11 2020, 3:00 a.m https://theintercept.com/2020/04/11/republican-poll-watchers-vote-by-mail-voter-fraud/
84 References - 5
Abby Abazorius | MIT News Office - February 13, 2020 MIT researchers identify security vulnerabilities in voting app http://news.mit.edu/2020/voting-voatz-app-hack-issues-0213
Michael A. Specter MIT, James Koppel MIT, Daniel Weitzner MIT The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections https://internetpolicy.mit.edu/wp-content/uploads/2020/02/SecurityAnalysisOfVoatz_Public.pdf
Company tracked Iowa caucusgoers’ phones Donovan Slack in USA TODAY - Feb. 8, 2016 https://www.usatoday.com/story/news/politics/onpolitics/2016/02/08/company-tracked-iowa-caucusgoers-phones/80005966/
85 Election Cybersecurity Initiative
Dr. Clifford Neuman Director, USC Center for Computer Systems Security Information Sciences Institute / Computer Science Viterbi School of Engineering University of Southern California
April 23, 2020 | Wyoming Who is at Risk? Candidates Election Officials Campaigns Government Bodies Politicians Journalists Voters News Sites Democracy Social Media Organization and Personal Devices at Risk How does an Adversary Hack an Election and Who’s Responsible to Protect Our Elections?
We are all responsible, but some users have greater impact in defending some kinds of attacks. We will discuss the best defenses throughout the day. Roadmap
M Media V Voters DisruptHack an an C Campaign Officials U Workers Election E Election Officials U Workers S Social Media / Sites / Services
Create Manipulate Discourage/ Manipulate Distrust of Voters Prevent Voting Vote Tallies Outcome
Ineligible / Nonexistent/ Dead Voters MicroTargetin Disinformatio Create g Ads n Regarding S Errors in Send out E Manipulate Incidents Published Incorrect S Voter Rolls S E Returns Poll M M Release E Locations or E M Subvert Demonstrat Unflattering Dates Subversion Election e Hacks and Stolen Data E of Voting Create C DoS to Staff Fraud in C Confusion M M U Shutdown Systems E Some among Selected U U Districts E Voters Poling E Intercept V Locations E Disinformatio Comms or n Transport of S Votes / C M Ballots E
Source: Clifford Neuman Attack Goals achieved by Attacks
• Release of Data • Poor Passwords • Changing or • Malicious software Destroying Data • Viruses, Spyware, Ransomware or Systems • Phishing/Social • Preventing Access to Engineering Systems or Data • Disinformation and Misinformation What can I do
Defense in Depth Use Strong Password
• Think of passwords as the first gatehouse in the castle • Use Passphrases as an easy way to create easy to remember passwords • KeepTh3m0utOfRsystems! • Do not reuse passwords between accounts! • Do not use simple passwords! • Do not use the password above. 2-STEP VERIFICATION
An additional layer of security on your account Security Keys
2-Step Verification • Place MultiFactor Authentication on EVERYTHING you can! • Email • Website content creators • Laptops • Social Media Two-Factor or Multi-Factor Authentication Protect your Mobile Phones
• Prevent remote takeover of your phone • All key staff need to have a PIN/Passcode setup on their cell phone accounts • Available on all major carriers (AT&T/Verizon/Sprint/T-Mobile) • This will help to prevent some motivated individuals from move your cell phone number to their phone • Intercepting texts including those used by some second factors Phishing
• Phishing is a method of gathering personal information (e.g. passwords) using deceptive e-mails, websites, apps, text messages, etc. • Once your click on a link or provide a password, the hacker accesses your account or infects your machine Phishing / Social Engineering
• EVERYONE is a target, including you! • #1 way hackers gain access to systems • Some people ALWAYS click on links • When in doubt, call trusted individuals • THINK BEFORE YOU CLICK Is Phishing effective? 45% 20% The most believable Hackers move fast: ⅕ of phishing sites trick the accounts are accessed almost half of the within 30 minutes after being users. phished. Phishing/Social Engineering
https://www.goggle.com Hi Elisa
[email protected] Phishing / Social Engineering
Check sender Fraudulent email Hackers will often send emails that look *myaccount.google.com-securitypage.ml- legit, so it’s important security.org/sign Mouse over to to check the sender check destination* and the destination of any embedded links. Phishing Quiz
g.co/phishingquiz Ransomware
• Ransomware is when the contents of your system is locked and held for ransom • Or threaten to leak the data • Typically “installed” on computers because: • Someone clicked on a bad link (phishing) • Did not patch their computers/servers • Downloaded “Free” software • Plugged in “Free” USB Drives • Always keep a disconnected backup of your data Protect Your Communications
• Wi-Fi networks • Downloads • Encrypt files and conversations Downloads Always download apps only from trusted sources
✓ Install ONLY the apps you really need.
✓ Each new app is potential risk. Cyber-Hygiene in the Age of COVID-19
We are using “alternate” infrastructure • We work from home, creating plausible exceptions for criminals Five security tips for working at home: • Use your organizations VPN • Don’t use same systems for “entertainment” • Be conscious of where you store sensitive data • Be vigilant about links, emails, software and apps • Use your organizations IT Resources (email, desktops)
• Source https://viterbischool.usc.edu/news/2020/03/5-tips-to-stay-cyber-secure-when-working-remotely/
getoutline.org Resources • State of Wyoming government has a list of great free resources for campaigns to use: • http://cybersecurity.wyo.gov/ • http://ets.wyo.gov/inside-ets • http://soswy.state.wy.us/Elections/Default.aspx • DHS is here to help • https://www.cisa.gov/election-security • Technology companies have some great FREE resources for campaigns, journalist and advocacy groups • Facebook • Google • Microsoft
Encrypting your devices: Secure your equipment
01
If your device is ever lost or stolen, no one else will be able to access your files if they are encrypted 02
Your iPhones and Android devices are encrypted by default. Make sure your laptop/desktop is encrypted as well. 03
Ensure you set and remember your recovery options so you don’t lose access to your data in case you want to recover your information Protect your mobile devices
Here’s a few ways to protect your phone and your data from unauthorized access:
● Lock your screen with a passcode or fingerprint lock
● Remotely locate or lock your Android or iOS device by visiting myaccount.google.com and selecting “Find Your Phone”
● Protect your data by reviewing and editing the information each app has access to in device settings
● Delete apps you don’t use!
● Enable device encryption Keep your software up-to-date
One way to protect yourself from security vulnerabilities is by keeping your internet browser, operating system, plugins and document editors up-to-date.
Here’s how: ● Install software updates whenever you receive a trusted notification. ● Check to make sure you’re running the latest version via the app store or enabling auto-updates.
Ensure you have the right software to protect your devices
● Install a trusted antivirus software to protect your device. Some come bundled with a firewall, VPN, parental controls, or password manager, and often cover multiple types of devices and operating systems Facebook Protect
https://www.facebook.com/gpa/facebook-protect Advanced Protection Program (APP)
APP is Google’s strongest security offering, designed to protect users who face an elevated risk of sophisticated and highly-targeted online attacks.
Activists Politicians & Journalists Business GSuite & Cloud Campaign teams executives Identity Microsoft Defending Democracy
https://www.microsoftaccountguard.com/en-us/ Responding to a Pandemic
Quarantine Enforcement
Free Speech
Impact on Computer Security
Contact Tracing
Current Events Quarantine Enforcement
HANGZHOU, China — As China encourages people to return to work despite the coronavirus outbreak, it has begun a bold mass experiment in using data to regulate citizens’ lives — by requiring them to use software on their smartphones that dictates whether they should be quarantined or allowed into subways, malls and other public spaces.
But a New York Times analysis of the software’s code found that the system does more than decide in real time whether someone poses a contagion risk. It also appears to share information with the police, setting a template for new forms of automated social control that could persist long after the epidemic subsides. Free Speech during a Pandemic
Free Expression and the Coronavirus Pandemic In the US – National Coalition Against Censorship
If China valued free speech, there would be no coronavirus crisis – The Guardian – 8 February – Verna Yu The death of the whistleblower Chinese doctor Li Wenliang has aroused strong emotions across China. Social media is awash with posts mourning the death of a martyr who tried to raise alarm over the coronavirus but was taken into a police station instead for “spreading false rumours” and “disrupting social order”.
Grief quickly turned into angry demands for free speech. The trending topic “we want freedom of speech”, which attracted millions of views, and links to Do You Hear the People Sing, a song popularised in recent Hong Kong protests, were quickly censored by police. Impact on Security
Common scams: phishing, malware.
The fact that we are all doing things differently provides an adversary with a plausible explanation that helps them convince you to do things you might not otherwise do, and hence provide them with a path into our systems. Contact Tracing
Let’s start with some current events… CDC Outlines Concepts From Contact Tracing Contact Tracing in the manual realm
Issues: Fear of being forced into quarantine Other use of the data Have you been exposed to ideas, guilt by association Technology Used of data already collected Techniques that Preserve Privacy Apple/Google Contact Tracing
FAQ On April 10, 2020, Google and Apple announced a two-phase exposure notification solution that uses Bluetooth technology on mobile devices to aid in contact tracing efforts. Both phases of the solution harness the power of Bluetooth technology to aid in exposure notification. Once enabled, users’ devices will regularly send out a beacon via Bluetooth that includes a privacy-preserving identifier — basically, a string of random numbers that aren’t tied to a user's identity and change every 10-20 minutes for additional protection. Other phones will be listening for these beacons and broadcasting theirs as well. When each phone receives another beacon, it will record and securely store that beacon on the device. At least once per day, the system will download a list of beacons that have been verified as belonging to people confirmed as positive for COVID-19 from the relevant public health authority. Each device will check the list of beacons it has recorded against the list downloaded from the server. If there is a match between the beacons stored on the device and the positive diagnosis list, the user may be notified and advised on steps to take next. USC Activities in Contact Tracing
USC Computer Science Professor Cyrus Shahabi and his team are working on a contact-tracing app that aims to answer the question: based on my location trails, what is my risk of being infected with coronavirus? For the COVID-19 contact tracing app, the team is initially focusing on simpler privacy enhancements to mitigate privacy risks, while ensuring immediate public health impact. Specifically, users can choose frequency of tracking, or manual check-in, as well as specificity of uploaded locations— for instance, downtown LA versus Grand Central Market—as their risk evolves. Other Privacy Preserving Technologies
File Sharing End to end Encryption Anonymization TOR More on the Dark Web Storage Encryption
• File Sharing (not necessarily encrypted) • TrueCrypt • PGP File Sharing • Freenet, bitTorrents, and related protocols and applications support the decentralized storage and distribution of files on the internet. • Originally intended to provide repositories for data that could not be “silenced”, the content of files are spread across many servers, with duplicate pieces. These pieces are reassembled when users request access to the files. • They are often used to share protected content in violation of copyright. Bittorrent (figure from Wikipedia) • Dangers to users of file sharing services: • Most are configured by default to make your machine a distribution point. Download a file, and other may get that file from you. • Or worse, files you never requested can be loaded onto your computer and retrieved by others. • Comparison with TOR File Encryption
• There are many tools and packages available to encrypt individual files or entire drives. Among these are the whole drive encryption discussed in the intro class, but software tools are also available. • PGP file encrypt – part of the PGP package discussed earlier allows encryption of files or folders using the public key of an intended recipient (or yourself). • TrueCrypt was for some time the best option for file encryption, but the last release removed the ability to encrypt files, and was accompanied by statements urging that it not be used. It is widely believed that the previous version is safe. This Week The Dark Web • Readings: – Time Magazine The Secret Web: Where Drugs, Porn and Murder Live Online November 11, 2013. – It’s About To Get Even Easier to Hide on the Dark Web, Wired 1/28/2017. – https://www.vice.com/en_us/article/ezv85m/problem-the- government-still-doesnt-understand-the-dark-web – US government funds controversial Dark Web effort Anonymization
• For internet communication (email, web traffic) even if contents are protected, traffic analysis is still possible, providing information about what sites one visits, or information to the site about your identity.
• Tools are available that will hide your addresses – Proxies – Networks of Proxies – Onion Routing and TOR Anonymizer and similar services
• Some are VPN based and hide IP addressed. • Some of proxy based, where you configure your web browser. • Need the proxy to hide cookies and header information provided by browser. • You trust the provider to hide your details. • Systems like TOR do better because you don’t depend on a single provider. TOR • Originally developed by US Navy to protect Internet communications • The problem: • Internet packets have two parts – header and payload • Even if payload is encrypted, header is not • Header lists originator and destination nodes – all nodes along the way can read this information • Why might this be a problem: • Law enforcement may not want it known they are visiting a site • General privacy protection. TOR TOR
• Continued development and improvement with US funding (Dept of State) • SAFER project: • Develop improvements or similar technologies that are less vulnerable to persistent attempts to track users, e.g. dissidents, etc. TOR
From Engadget, 7/28/2014 Russia offers a $110,000 bounty if you can crack Tor Countries that have less-than-stellar records when it comes to dissenting voices must really, really hate Tor. Coincidentally, Russia's Interior Ministry has put out a bounty of around $110,000 to groups who can crack the US Navy-designed privacy network. After the country's vicious crackdown on dissenting voices back in 2012, protestors who hadn't escaped or been jailed began using anonymous internet communication as their first line of defense against the Kremlin. If you're considering taking part in the challenge (and earning yourself a tidy stack of cash to quell your conscious), be warned -- the bounty is only open to organizations that already have security clearance to work for the Russian government. TOR - Fundamentals
• Origin node accesses list of TOR nodes and creates the packet: • Starts by creating a packet consisting of payload and header – header contains desired destination node and final TOR node in zigzag route • Now treats the above packet as a payload and creates a header with origin and destination consisting of two TOR nodes • This is repeated until final packet contains a header with original source node and first TOR node identified • …Hence the term “Onion Routing” TOR - Fundamentals TOR – Fundamentals
Source cybersolutons.ga and yourdictionary.com TOR - Fundamentals
Source Node T
T
T T
T
Destination Node TOR - Fundamentals
• List of TOR nodes periodically changes • Zigzag route is periodically changed
• Not totally fool proof: • If non-TOR browser opened within TOR browser, security measures are void – basically going back to “direct routing” • Someone monitoring source and destination node may note synchronization of packets being sent/received. • …to avoid: increase TOR traffic
Deep Web – TOR (These are old addresses)
• TOR (https://www.torproject.org/about/overview.html.en)
• http://deepweblinks.org/ - Lists sites in deep web
• http://ybp4oezfhk24hxmb.onion/ - lists a hitman website
• http://xfnwyig7olypdq5r.onion/ - lists a USA Passport site
• http://jv7aqstbyhd5hqki.onion/ - a hackers site
• http://2ogmrlfzdthnwkez.onion/ - rent-a-hacker
• http://www.infosniper.net/ TorSearch - http://kbhpodhnfxl3clb4.onion/ http://deepweblinks.org/ http://2ogmrlfzdthnwkez.onion/ - use inside TOR http://ybp4oezfhk24hxmb.onion/ - use inside TOR http://xfnwyig7olypdq5r.onion/ - use inside TOR http://jv7aqstbyhd5hqki.onion/ - use inside TOR Discussion
• Readings: – Society deserves privacy, but at what cost. – Who defines “good use” – Dark v. Deep Web – How to control the dark web (technically) INF529: Security and Privacy In Informatics A Bit More on IoT
Prof. Clifford Neuman
Lecture 14 24 April 2020 Online via Webex Good Practices / Isolation
• For manipulators • How we connect – Pairing with local controller – Security of Controller then becomes issue • Local Governor – No override to unsafe states • Problems arise from conflict between always on access and need to protect. • Push data from device, rather than pull/poll. – But that creates power/efficiency issues Accessible Telemetry
• GP Devices (smartphones, tablets laptops) – More vulnerable to malware and other compromise – If compromised can collect event more data than we have configured them to collect. • Telemetry: – Audio, Video, Location, Vibration Camera Access
• Disable Your Laptop's Built-in Webcam to Protect Your Privacy – Mark Wilson – Lifehacker – 6/27/14 • Windows: Webcams offer a window into your home, and they've been known to targets for malware. If you have a built-in camera, here's how disable it and protect yourself. • Malware can take over webcams, so there is potential for your camera to spy on you. You can easily disable an external webcam just by unplugging it, but things are a little different for integrated cameras. • The simple solution is to just pop a piece of tape over the lens, but this is not ideal. Sticky residue is left behind, and there is a risk that your improved privacy shield could fall off. You could turn to third party software, but you can also disable a webcam from within Device Manager. Turning Devices Off
• How the NSA can 'turn on' your phone remotely – CNN Money June 6 2014 - Jose Pagliery
• Even if you power off your cell phone, the U.S. government can turn it back on. • That's what ex-spy Edward Snowden revealed in last week's interview with NBC's Brian Williams. It sounds like sorcery. Can someone truly bring your phone back to life without touching it? • No. But government spies can get your phone to play dead. • It's a crafty hack. You press the button. The device buzzes. You see the usual power- off animation. The screen goes black. But it'll secretly stay on -- microphone listening and camera recording. Monitoring Vibration
• iPhone Accelerometer Could Spy on Computer Keystrokes – Olivia Salon - Wired UK – 10/19/11 • The accelerometers in many smartphones could be used to decipher what you type into your PC keyboard — including passwords and e-mail content — according to computer scientists at Georgia Tech. • The technique depends on the person typing at their computer with their mobile phone on the desk nearby. The vibrations created by typing onto the computer keyboard can be detected by the accelerometer of the phone and translated by a program into readable sentences with as much as 80 percent accuracy. • The technique involves working through probability by detecting pairs of keystrokes, rather than individual keys. It models “keyboard events” in pairs and then works out whether the pair of keys pressed is on the left or the right side of the keyboard and whether they are close together or far apart on the QWERTY keyboard. Once it has worked this out, it compares the results to a preloaded dictionary where each word has been broken down in the same way. Back to Internet of Things
• At Home – HVAC (Climate Control) – Internet Web Cameras – Television and Entertainment Devices – Alarm Systems – Doors and Locks – Routers and Wifi – SAN (Storage Area Networks) network disks – Coffee Makers, Toasters, Refrigerators – Home Automation, Lights, etc – Garage Door Openers
IoT Devices
Hom e l Persona Vehicles Work or On-the- Go
Slide by Veronica Molina IOT in Home Security Systems
Slide by Veronica Molina What is the role of IOT here ?
• Embedded devices with minimum CPU, memory and power resources and able to connect to internet. • Ability of devices to perform actions and not just sense the surroundings. • Ability to integrate into existing electronic systems at home such as smart phone, computer and other devices.
Slide by Veronica Molina What are the attack surfaces ?
• Insecure web interfaces - Cross site scripting, SQL injection, session management etc. • Insufficient Authentication / Authorization - Multifactor authentication, secure password recovery mechanism. • Insecure network services - Open ports, Buffer overflow, Denial-of-Service. • Lack of data encryption - Unencrypted services via local or internet. SSL/TLS implementation • Insecure mobile interfaces - Account lock-out, Unencrypted data transfer over network. • Insufficient security configurations - Granular access control, strong passwords. • Insecure software / firmware - Updateable software / firmware, Encrypted update files, Update file integrity verification. • Privacy concern - End to end data encryption, Avoid collection of unnecessary user data, Secure storage of PII information.
Slide by Veronica Molina Standards (or lack of any)
• By default no set rules/standards in designing architecture • Developments from past year https://www.forbes.com/sites/aarontilley/2016/07/27/two- major-internet-of-things-standards-groups-strike- alliance/#1b42c1cd4520
• This year, US Department of Commerce finally took note of the issue that IoT standards cannot be left to market. www.zdnet.com/article/iot-standards-cannot-be-left-to- the-market-us-department-of-commerce/
Slide by Apurv Tiwari
157 How can I protect myself ?
• As we have seen, its not just the device or the network or clients contributing to vulnerabilities. • There are many attack surfaces involved and each of them need to be evaluated and secured. • Understand the security aspects considered by the service provider and the response time to discovered vulnerabilities and frequency of updates to device software or firmware.
Slide by Veronica Molina Major Issues Many Home IoT Devices
• Many of these devices are general purpose – GP interface is hidden, and user only sees application running on top of Linux or other platform. – Many IoT devices are not updated/patched regularly to address new vulnerabilities that are discovered. Or updates occur automatically without permission of owner. – Many devices enable inbound access through your Firewall. – IoT Device is full fleged device on your home network, and if compromised from outside, allows attacker node inside your firewall to attack observe other activity. – Many users leave their devices with the default passwords or access controls. – May devices enable “open access” to users within local network segement. (open or hacked wifi and other IoT devices can be an issue) How easy is it to hack a home network?
Mark Ward - BBC News – 25 February 2016 My home is under attack - Right now, skilled adversaries are probing its defences seeking a way in. They are swift, relentless and smart. No weakness will escape their notice. But I am not without defences. I've tried to harden the most vulnerable devices to stop them being compromised and I've set up warning systems that should alert me if the attackers get inside. In the end, all that effort was for nothing because the attackers found so many ways to get at me and my home network. And, they said, even if the technology had defeated them, the weakest link of all - me - would probably have let them in. Swiss cheese - I found out just how severely compromised my home network was in a very creepy fashion. I was on the phone when the web-connected camera sitting on the window sill next to me started moving. The lens crept round until it pointed right at me. I knew that the attackers were on the other end watching what I was doing, and potentially, listening to the conversation. It is a gadget my children and I have used to see if any wildlife passes through our garden and one which many people have for home security or as an alternative baby monitor. I was lucky that I knew my attackers who, at that moment, were sitting in my living room waiting to show me how straightforward it was to subvert these domestic devices. The picture they took of me via the camera was evidence enough. Inferences from Home Sensors
• Your daily Routine – When you leave, get home, what is the best time to burglarize your house. • What television programs you watch. – No more “Nielson families” – your TV or set top box collects this data and sends it to your provider. • Power consumption can tell a lot about your activities too. At Work and “On the Road”
• We pair with devices all the time – For printing, beaming data – NFC for payment • Attaching to WiFi Hotspots – We broadcast the SSID’s with which we usually connect. – Evil twin or Rogue free WiFi • Whenever we attach, it creates a path for malware infection, or for data to be collected by “peer”. – E.g. contact list on bluetooh connected audio in rental car. In Our Vehicles
• Our vehicles are part of the IoT – OBDII – Wifi Hotspots – Entertainment systems – Blue tooth connectivity to our cellphones • Discussed earlier – Navigation • Is your car Spying on You – NBC LA – November 15 2015 • Consider multi-step attacks – Cellphone malware – Entertainment - OBDII Mid-term Exam Discussion – Q1
Expectations of Privacy (30 points) Although intended by US courts to apply to governments’ access to business records, the “third party doctrine” is actually a very accurate statement of what happens to our data today when we provide the data to third parties. Although privacy regulations and communicated privacy policies may tell us otherwise, there is always the danger (and expectation) that our data will get out if we provide it to third parties. In this question I am concerned with out actual expectation of privacy, specifically with respect to whom our information may be provided (including for government and commercial purposes) and how it may be used. a) List some data (or actions that you might take) that leave you with zero expectations of privacy with respect to the data you have provided. For some of the examples of this “non- private” data, can you think of examples of ways that we expect the data should not be used.| (10 points) b) Explain some of the changes to technology that have resulted in the disclosure of data that is ‘non-private’ (i.e. in plain view) having a significant impact on our privacy when combined with similar data. (10 points) c) Provide several examples (possibly from current events) where data that has been entrusted to a third party (and which is not in plain view) has been used in unexpected ways, violating the user’s privacy expectations. (10 points) Mid-term Exam Discussion – Q2
The most common manner by which adversaries steal our personal data is through impersonation. When our data is stored on our local device, or on the servers of social media and cloud services, the data is supposed to be accessed only by authorized users. If an adversary can pose as a different user for the purpose of making requests, then they can use the privileges associated with the identity that has been impersonated. (30 points) a) List some of the ways that an adversary is able to make request posing as a different user. There are at least two significantly different ways that this can be accomplished. (10 points) b) What are some of the approaches by which you can mitigate the impact of such impersonation activities? (by mitigate, I specifically do NOT mean prevent the impersonation from occurring, what I mean is that you should take steps to ensure the least resulting impact when impersonation does occur). (10 points) c) What are the three main approaches that computer systems can use to confirm identity (authentication). What are the tradeoffs between the different approaches and what steps can a system designer or an end user take to improve the effectiveness of the authentication process? (20 points) Mid-term Exam Discussion – Q3
One definition of privacy discussed in class is that privacy is the right to be let alone. By its nature, social media is intrusive. In this question I want you to discuss some of the ways that social media is problematic for our security and privacy. a) When we use social media, we voluntarily provide information to that reveals our most sensitive characteristics: our likes and dislikes, who our friends are (i.e. our social network itself), our daily schedule, planned travels, the food we eat, etc. Discuss some of the ways that this data is used (i.e. for the purposes that we choose to use these sites) and mis-used (how the sites use this data in ways that are not necessary to the benefit of the end-user, including ways that the user is “monetized”). (10 points) b) Discuss some ways that social media may be used to control us, i.e. how can it more effectively influence our actions and our speech than other media? Consider how it can also affect the actions and speech of those that are not actively using such social media platforms. Specifically consider the incentives and disincentives provided through the social media platform itself. (10 points) c) Social media platforms touch many of our devices and our social media “timelines” are often integrated with our other internet connected activities. How does this integration with our “timeline” affect the privacy of the data associated with our other activities? (10 points)