As the United States gears up for next year’s presidential election, concerns over the security of the nation’s voting systems are mounting.
One issue that’s absorbing much attention in Washington, D.C., and beyond: whether to require states to use voting machines that produce paper ballots. Proponents of federal legislation mandating the requirement claim it would allow for greater election auditability, making possible hacks or errors detectable. Critics, like Senate Majority Leader Mitch McConnell, argue that this is a matter for states and local governments to figure out, not the federal government.
It’s hard to argue against the enhanced security of paper ballots. At the DEFCON conference in Las Vegas on Friday, Chris Krebs, the Department of Homeland Security’s top cybersecurity official, expressed his view. “I’ll say it, gotta have a paper ballot backup,” he told the audience. Krebs followed this up by saying that “a lot of these policy suggestions are not my job to answer—Congress has a role here.”
Progress toward overhauling voting systems has been spotty, reports Politico. The Beltway-focused news outlet published a helpful data graphic that shows which jurisdictions have succeeded in revamping their voting systems and which have not. It’s clear the pace needs to quicken.
With security experts warning of foreign interference already aimed at the next presidential race, the issue of election security should be a top—if not the top—priority for the U.S. This is not a partisan issue. The nation would do well to secure the foundations upon which its democracy rests.
Let’s figure out how to get there, together.
Robert Hackett | @rhhackett | robert.hackett@fortune.com
THREATS
Laying down the law. A security researcher showed that he could to obtain his fiance's Social Security number and other sensitive information by tricking companies into sending the details under cover of European data privacy laws. Lawmakers in the U.S. are, meanwhile, working to cobble together federal data privacy bill, despite the August Congressional recess.
Getting physical. IBM researchers are hyping a new hacking technique called "warshipping" that involves breaking into corporate networks using a cheap Wi-Fi device sent in the mail. A hacker has turned a Tesla vehicle into a mobile surveillance station capable of storing facial imagery and license plate numbers. Elevator "phone freaking" is the latest hacker fad.
Bounteous bugs. Apple is distributing special, hacker-friendly iPhones to a cadre of security researchers. The devices are designed to give greater access to the phones' internals, ideally helping the researchers to discover more vulnerabilities. Apple also says anyone can now participate in its bug bounty program, not just pre-approved experts, and the company will pay up to $1.5 million for the most severe iOS security holes.
Anti antivirus. Months after the White House blocked its bid for chipmaker Qualcomm, Broadcom is acquiring the enterprise security business of Symantec for $10.7 billion. Broadcom has plans to diversify beyond its core semiconductor business. Meanwhile, McAfee, Symantec's big rival, bought NanoSec, a "cloud container" cybersecurity startup.
Share today’s Cyber Saturday with a friend: http://fortune.com/newsletter/cybersaturday/
Looking for previous Data Sheets? Click here.
ACCESS GRANTED
Nine lives. Cloudflare, an Internet infrastructure startup, has pulled the plug on 8chan, a hate-filled website haunted by white nationalists, after mass shootings in Texas and Ohio earlier this week. The online message board is known as the outlet where multiple mass killers have published deranged manifestos. Here is Matthew Prince, Cloudflare's CEO and cofounder, discussing why his company has terminated the forum's service.
We just sent notice that we are terminating 8chan as a customer effective at midnight tonight Pacific Time. The rationale is simple: they have proven themselves to be lawless and that lawlessness has caused multiple tragic deaths. Even if 8chan may not have violated the letter of the law in refusing to moderate their hate-filled community, they have created an environment that revels in violating its spirit....
We reluctantly tolerate content that we find reprehensible, but we draw the line at platforms that have demonstrated they directly inspire tragic events and are lawless by design. 8chan has crossed that line. It will therefore no longer be allowed to use our services.
FORTUNE RECON
Swing State Voting Systems Were Left Connected to the Internet for Months, Report Says by David Z. Morris
Class Action Lawsuit Accusing Facebook of Using Biometric Data Without Consent Will Move Ahead, Court Says by Joel Rosenblatt
What You Need to Know About 8chan, the Controversial Site Tied to the El Paso Shooting by Chris Morris
8chan Owner Heads to US After Lawmakers Tweet to Meet With Him About White Supremacists and the Site by Frank Bajak
Researchers Discovered a Big Security Flaw In This Important Microsoft Product by Jonathan Vanian
Twitter May Have Shared User Data Without Permission by Chris Morris
Security Researchers Find ‘Worst Case Scenario’ in LeapFrog Kids Tablet by Alyssa Newcomb
Meet the Humble CEO Who Wants to Build the Biggest Cybersecurity Company Ever by Robert Hackett
Apple, Google, and Amazon May Have Violated Your Privacy by Reviewing Digital Assistant Commands by Natalia Drozdiak and Giles Turner
ONE MORE THING
Save the Tubes. The Central Intelligence Agency used to ferry messages around its original offices in Langley, Virginia, through a vacuum-powered workplace mail system comprising thirty miles of four-inch steel tubing. The New Yorker discusses this and the history of intra-office communications in an entertaining feature that asks, "Was e-mail a mistake?" (Answer: yes.)
