Not Quite a Blog

arrears
money that is owed and should have been paid earlier *: he was suing the lessee for the arrears of rent.*

I thought this was a typo in the NYT Daschle story...

Since the terrorist attacks of September 11, 2001, observers have expressed concern that an attack during the presidential inauguration ceremony might lead to the death or disability of most or all officials in the line of presidential succession. This concern takes particular note of the fact that there are generally few, if any, duly confirmed cabinet members at that time. One potential remedy for this situation would be for an official in the line of succession to be absent from the ceremony. Another might be for a cabinet secretary from the outgoing Administration to remain in office until after the inauguration; alternatively, a cabinet secretary-designate of the new administration might be nominated by the incumbent President, confirmed by the Senate, and installed prior to the inauguration. Either action would avoid a gap in the line of presidential succession under these circumstances.

(RS2292, via OpenCRS)

The Judiciary, including the Supreme Court, other federal courts, the Administrative Office of the United States Courts, and the Federal Judicial Center, received a total appropriation in fiscal year 2008 of $6.2 billion. That represents a mere two-tenths of 1% of the United States’ total $3 trillion budget. Two-tenths of 1%! That is all we ask for one of the three branches of government—the one charged “to guard the Constitution and the rights of individuals.” Alexander Hamilton, Federalist No. 78. (C.J. John Roberts, 2008 Year-End Report on the Federal Judiciary)

The iSchool's Geoff Nunberg was asked recently by the SF Chronicle what he thought of the presidential candidates' reading lists ("Local literati rate candidates' reading lists"). Here, he pulls out a quote that perfectly describes the feelings that I've heard a number of Democrats express:

But if he wins on Tuesday, I hope he'd read it again, particularly Emerson's warning against seeking validation in public approval: "A political victory ... raises your spirits, and you think good days are preparing for you. Do not believe it. It can never be so."

San Mateo. 'Nuff said.

How is San Mateo County using new media?

Starting today, the San Mateo County Elections Office is using Twitter, a microblogging application, to try to educate first-time voters about the voting process, what to expect at the polls and to share general information about election events, in almost real time. “We are offering snippets of election information tailored to this generation, many of whom will be voting for the very first time,” said Slocum. “Simple 160 character message updates that offer vital bits of information to the new voter - snippets that can be subscribed to, even on a cell phone.”

Slocum has also produced a video invitation to Election Central and has posted that on You Tube (). More videos will be produced in the next few days. Topics will include what to expect at the polls, common election myths, questions and answers and instructional material for poll workers.

Another important part of Web 2.0 is blogging. In 2007, the Elections Office started a blog () — the first elections office blog in California to introduce visitors to the election office preparations underway for the historic Presidential Election cycle. Updated nearly everyday, Inside Elections: The blog behind the San Mateo County Vote, invites readers into the Elections Office to see what’s going on. A recent post shares information with visitors on voting by mail and how to track ballots online.

The Elections Office My Space page () was designed to attract student poll workers, impart information and build community. It was set-up and shared among those student poll workers who signed up to work in the February 2008 Presidential Primary and kept in place for the November Presidential General.

Cable television also plays a part in this overall educational strategy. Anatomy of Election ’08, a special election night broadcast, will air never before seen footage of an election as it is being conducted — from the preparatory stages to the culmination of the election on election night — from inside the secured access walls of the elections center. And in the “Ask the Registrar” portion of the broadcast, voters can email their questions directly to the Registrar and get them answered on air. The email address is: asktheregistrar@smcare.org . For voters that want to watch the broadcast online while they check for results, they can see the simulcast at:

Thad Hall has a post up at Election Updates that talks about the need to factor in the implementation environment during voting system evaluation (“E-Vote 2008 Conference — Certification and Security”).

Thad says,

The point here is that, when we think about paper ballots and absentee voting, we do not typically think about or evaluate them “naked” but within an implementation context yet we think nothing of evaluating e-voting “naked” and some almost think it “cheating” to think about e-voting security within the context of implementation. However, if we held both systems to the same standard, the people in California probably would not be voting using any voting system; given its long history, it is inconceivable that paper ballots would fail to meet the standards to which e-voting is held, absent evaluating its implementation context.

I can make a number of points here but I'll stick to the following:

(I speak for myself.)

The systems included in the CA TTBR were not necessarily evaluated “naked”; each was analyzed within a threat model including possible threats from different levels of access. Unfortunately, often the access required to exploit found vulnerabilities was trivial. As part of the OH EVEREST review, we not only confirmed the TTBR findings but even extended them, in some cases with attacks that could be accomplished by a voter without raising any suspicion from even the most vigilant pollworker. (Note: in the EVEREST review, we had access to a panel of election officials we could query.)

There is a mountain of non-public evidence, reportage and findings from the TTBR that will never see the light of day. I've heard a number of people express dismay at the red team reports from the TTBR, which were supposed to evaluate the practicality of attacks on found vulnerabilities. People criticized them, the first reports released, as thin and without much detail, regardless of the fact that the source code review, document review and accessibility review reports were not yet released. Well, suffice it to say that the private red team reports from the TTBR are voluminous and include extensive consideration of environmental and implementation factors. These reports won't see the light of day for a long time, if ever, so it's difficult to even speculate on what they found. Of course, to get some idea of the gravity of those findings, all one has to do is to look at the requirements levied by the CA SoS on each system for it to be recertified; the new requirements were no joke and designed to minimize exposure of vulnerable systems to possible threats.

Working with the implementation environment is a difficult task, no matter how you try to do it. The environment changes each election and it changes from precinct to precinct and across jurisdictions. To even describe the environment (in terms of resources, procedures, etc.) one would have to do an extensive combination of surveying and observing; that's no small feat. Even then, mis-specifying even the slightest detail can have profound consequences for security evaluation. Finally, it's difficult if impossible, as we've seen from voting system usability work, to replicate the environment of an election day. This is all to say that we need more efforts geared toward understanding this.

With paper ballot and absentee voting systems at least we have extensive experience, as Thad notes, with methods of subverting known processes. Current procedures and technology for paper ballots and absentee voting are a direct result of centuries of responding to fraud, among other things. With computerized voting systems, it's clear we've essentially "jumped the gun"; that is, we were too quick to accept the efficiency and enfranchisement gains of this technology, without also recognizing its weaknesses and special requirements. The vendors have been learning a hard lesson this decade that certain ingredients in robust, critical systems -- usability, accessibility, security -- must be designed into the systems instead of spackled on after R&D is mostly complete.

I'm not arguing that the TTBR or EVEREST results are perfect, in fact, they're far from that. They do represent technical findings from panels of some of the best experts that work on these issues, but arrived at under ridiculous time, resource and scope constraints. The flaws found in all of those reviews are likely the tip of an unknown iceberg. I can only hope that all of us working on this issue -- researchers, vendors, election officials, advocates -- can concentrate on catalyzing improvements in these systems as well as the environments in which they're designed and operated.

I’m here this morning to warn that, whatever gloss might be put on it, the so-called “compromise” on immunity for phone companies that broke the law is anything but a compromise, and that Congress appears poised to needlessly toss the rule of law out the window and deprive these millions of ordinary Americans of their day in court. My one simple message is that no matter how they spin it, this is still immunity, period.

Indeed, there’s an easy litmus test that everyone can use when evaluating this proposal or any other: does it allow the court to rule on the legality of the surveillance? That is, does it allow the plaintiffs to obtain a public decision on whether the companies broke the law, and if they did, to get an injunction to stop them from breaking the law again? If the answer is “no”, then it’s still immunity, plain and simple.

The EFF's Kevin Bankston in a prepared statement. (emphasis mine)

(Press Release: EFF Speaks Out Against Telecom Immunity Deal)

I am no longer in New York during passover and a papal visit (which means the chance of my actually being able to say “Good yontiff, pontiff”, has now dropped back from astonishingly faint to none).

-- Neil Gaiman (“Fair Use and other things”)

...from the current New Yorker where he discusses his affinity for spiders (April & Paris):

There have been other Tegenaria since then, a new population every summer, and though I still feed them and monitor their comings and goings, it’s with a growing but not unpleasant distance, an understanding that spiders, unlike mammals, do only what they’re supposed to do. Whatever drives the likes of April is private and severe, and my attempts to humanize it only moved me further from its majesty. I still can’t resist the fly catching, but in terms of naming and relocating I’ve backed off considerably, though Hugh would say not enough.

David Sedaris, Reflections, "April & Paris," The New Yorker, March 24, 2008, p. 38