Iowa Caucus - Are our elections secure enough?

Quite often, the appearance of a problem can be much worse than an actual problem.

The Democratic party is still licking their wounds after reporting inconsistencies as well as clogged phone lines causing reporting delays resulted in many questioning the validity of the Iowa Democratic Caucus for the 2020 Presidential primaries.

But first, how does a caucus work? Time has an excellent write-up of how the Iowa Democratic caucus was supposed to work this year. In a nutshell, the caucus works by having people physically move to different parts of a room based upon which candidate they support. If their candidate it determined to be a "viable candidate" (typically around 15% of those present), their vote is "locked in" and they're free to leave. Everyone who voted for a non-viable candidate must then choose to locate themselves for a viable one, or convince enough other non-viable candidate supporters to pick a non-viable candidate and make them viable. These numbers then get tallied and sent to a central reporting location, which releases the official caucus results.

So what happened? Long story short, the new mobile app which the Iowa caucus used for centralized reporting was plagued by multiple technical problems. But to make matters worse, the app was found after-the-fact to have multiple security vulnerabilities, including the lack of HTTPS encryption when transmitting caucus results as well as reports that the app would display error messages including SQL code, possibly paving the way for further vulnerabilities to be discovered.

To make matters much worse, manual reporting over the phone was then severely delayed by an organized "denial of service" attack of sorts - Internet trolls clogged the caucus phone lines to prevent reporting of results. This further delay of course resulted in many theories that the caucus had actually been hacked, though the Iowa Democratic Party has insisted the system was secure and only suffered from software glitches and clogged phone lines.

Unfortunately, the damage has been done. There are now many who believe nationwide, just like they believed in 2016, that the Democratic primaries are rigged and the party has already chosen the winner. The result? Voter disenfranchisement may result in lower voter turnout, which could prove disastrous at Federal, State, and local levels for the Democratic Party.

Ken is currently writing a book on election security and digital threats to democracy in the 21st Century. You can read more about his book at LeanPub.

All views expressed in this post are my own. This post does not reflect the opinions or views of my employer or clients.

Brushing off the Dust

It's been at least three years since I updated my personal website. With a lot of recent interest in my writing between LeanPub interviewing me about my upcoming book Hacking of the Free, or Frederick News Post's article on my satirical antics making fun of Frederick County's balloon release ban, I figured it was time to brush off the dust.

I'm consolidating my blog activities, and brushing the dust off some of the projects I put on hold at Caffeine Security.

So what am I up to these days? Well, I'm when I'm not writing my books or working on building a radio telescope, I've been revisiting my photography, as well as trying to help grow the economy of Hagerstown and Washington County.

What should you expect on this revised blog? Well, I'm planning on dipping back into my roots and talk about cyber security, especially as it applies to today's events. But I'm also going to talk more about life, more about my community, and more about everything really.

What a wild and crazy trip it's been so far, and how much more there is in store!

Blog. Recaffeinated.

Several years ago, I found myself too busy to work on my cyber security research blog, Caffeine Security.

I really truly enjoyed working on that blog and the research projects which went with it. However, over time, the blog lost its energy, lost its focus.

So welcome to the new beginning.

I'm going to go far beyond just Cyber Security. I'm going to talk business, tourism, and the struggles of a small town trying to redefine itself decades after the decline of its manufacturing boom.

Don't worry, I'll stay true to my roots. I'm currently working on a rather important book on digital threats to democracy, and cyber security will always be my passion. But just like Hagerstown and Washington County must do, it's time for me to grow, but also focus on what matters.

Stay tuned, it's going to be a wild and crazy ride.