City

Is democracy ready for the Internet age?

Lancaster-County-Sample-Ballot-November-6-2012-Page-1IT technology is infiltrating almost every area in our society, but there is one front where the progress is notably slow. Democracy. Why?

We still use representative democracy and elect politicians for several years at a time. This is largely done using pen and paper and the votes are counted manually. Processing the votes seems like a task well suited for computers. And why do we even need to elect representatives when we could vote directly over the net in the big and important questions? Representative democracy was after all invented thousands of years ago when people had to gather physically to hold a meeting. Then it made sense to send someone to represent a group of people, but now we could involve a whole nation directly using the net. So what’s stopping us from doing that?

Let’s first look at IT as an aid in representative democracy. First, voting machines have already been used for a long time in some countries, including the US. But there have been many controversies and elections have even been declared invalid by court (link in Finnish) due to problems in electronic handling of votes.

Handling an election seems like a straightforward IT problem, but it really isn’t. Let’s keep in mind the fundamental requirements for an election: 1. The identity of voters and their right to vote must be verified. 2. It must be ensured that no one votes more than once. 3. It shall not be possible to determine how a person has voted. 4. The integrity of the result must be verifiable. The big problem is that these requirements conflicts with each other. You must know the person who votes but still store the data in a way that makes it possible to verify the result but not identify the voter. This leads to complex designs involving cryptography. It’s no doubt possible to develop systems that fulfill these needs. The hard part is to verify the systems thoroughly enough to make sure they really work.

And here psychology enters the scene. We all know pens and paper well and we have learned to trust the traditional election system. There is a fairly large number of unclear votes in every election and we have accepted that as a fact. But people are a lot more suspicious against computerized systems. Most of us lack the ability to understand how electronic voting works. And the requirements described above causes complexity that makes it hard even for many professionals. Only crypto experts have the true ability to audit it. This makes it hard to build a chain of trust between ordinary people and the voting system.

Is our suspicious attitude justified? Yes and no. We should be suspicious against complex electronic systems and put them through thorough scrutiny before using them in elections. We must demand that their design is open and audited by independent experts. But we are at the same time forgetting the fact that traditional security measures are far from perfect. Written signatures is a very weak method to prove identity and a photo ID is not much better. A nice example is a friend of mine who keeps using an expired ID card just to test the system. The card is his own and he still looks like the picture. The only problem is that the card expired 11 years ago. During these years the card has only been rejected once! It has been used several times when voting in elections. Needless to say, an electronic signature would not pass even once. Despite this, people typically trust written signatures and ID cards a lot more than computerized security measures. The same attitude is visible when discussing electronic voting.

Another real reason to be suspicious against electronic voting is the computers’ ability to process massive amounts of data very quickly. There are always minor errors in the traditional voting systems, but massive manipulation of the result is hard. In a computerized system, on the other hand, even a fairly small glitch may enable someone to make a big impact on the result.

The other side of the coin is the question if we need representative democracy at all anymore. Should we have net polls about the important questions instead? Well, representative democracy has an important benefit, continuity. The same people are given at least some time to achieve results before people can decide if they should continue. But a four to six year term is really too short to change the big things and our politicians tend to focus on smaller and easier issues. Imagine how it would be if the people had a more direct say in decision making? That could lead to an even bigger lack of focus and strategic direction. Probably not a good idea after all.

But representative democracy can be complemented instead of replaced. Crowd sourcing is one area that is taking off. A lot of things can be crowd sourced and legislative proposals is one of them. Many countries already have a Constitution that allows ordinary citizens to prepare proposals and force the parliament to vote on them, if enough people support the proposal. Here in Finland a crowd sourced copyright act proposal made headlines globally when it recently passed the 50 000 supporter threshold (1,2 % of the voting population). This is an excellent example of how modern Internet-based schemes can complement the representative democracy. Finland’s current copyright legislation is almost 10 years old and is heavily influenced by entertainment industry lobbyists. It was written during a time when most ordinary people had no clue about copyright issues, and the politicians knew even less. For example, most ordinary people probably thinks that downloading a song illegally from the net is less severe than selling a truckload of false CDs. Our current copyright law disagrees.

Issues like this can easily become a politically hot potato that no one want to touch. Here the crowd sourced initiatives comes in really handy. Other examples of popular initiatives in Finland are a demand for equal rights for same-sex couples and making a minority language optional in the schools. Even Edward Snowden has inspired a proposal: It should be possible to apply for political asylum remotely, without visiting the target country. Another issue is however that these initiatives need to pass the parliament to become laws. The representative democracy will still get the final word. Even popular crowd sourced initiatives may be dismissed, but they are still not in vain. Every method to bring in more feedback to the decision makers during their term in office is good and helps mitigate the problems with indirect democracy.

So what will our democracy look like in ten or twenty years? Here’s my guess. We still have representative democracy. Electronic voting machines takes care of most of the load, but we may still have traditional voting on paper available as an alternative. Well, some countries rely heavily on voting machines already today. The electronic machines are accepted as the norm even if some failures do occur. Voting over Internet will certainly be available in many countries, and is actually already in use in Estonia. Direct ways to affect the political system, like legislative proposals, will be developed and play a more important role. And last but not least. Internet has already become a very powerful tool for improving the transparency of our legislative institutions and to provide feedback from voters. This trend will continue and actually make the representative democracy blend into some kind of hybrid democracy. The representatives do in theory have carte blance to rule, but they also need to constantly mind their public reputation. This means that you get some extra power to affect the legislative institutions if you participate in the monitoring and express your opinion constantly, rather than just cast a vote every 4th year.

Safe surfing,
Micke

More posts from this topic

iphone untrackable

Update your iPhone right now — especially if you’re an activist

A little iPhone history was made this month -- a iOS device was infected by just clicking on a link. This sort of attack had previously only worked on devices where the owner had purposely installed a "jailbreak" hack. So before you do anything -- even read the rest of this post -- you should update your iOS software to the latest version of iOS 9, or iOS 10 beta, which has some nice new privacy features. Here's how this historic attack happened, according to The Verge: Earlier this month, an Emirati human rights activist named Ahmed Mansoor got a suspicious text. It promised new details of torture in the country’s state prisons, along with a link to follow if he was interested. If Mansoor had followed the link, it would have jailbroken his phone on the spot and implanted it with malware, capable of logging encrypted messages, activating the microphone and secretly tracking its movements. To our cyber security advisor Erka Koivunen, this is a glaring example of a threat that is not "advanced" -- as in APT, advanced persistent threat. Think about what goes into a real APT. "They do reconnaissance properly and understand what the victim is susceptible to. They have good timing and only create visible noise when it suits their interest," he told us. "And they have a plan B ready in case someone starts snooping their activities." Here, the the most exploitable iPhone vulnerability ever known has now been exposed and patched -- for what? It's a bit baffling to Erka who compares it to throwing "expensive exploits at this guy like kids throwing rocks." You just don't see zero-day vulnerabilities like this -- especially on what had been one of the more secure platforms available -- that often. This has some security researchers thinking: Perverse incentives: Should I take up political activism so I get more interesting 0day sent my way? /me wonders — halvarflake (@halvarflake) August 26, 2016 //platform.twitter.com/widgets.js So, if you haven't already, update now. And if you're involved in politics in *any way* whatsoever, realize that someone will try to hack you -- sooner or later. So beware of those links in strange texts and email attachments in general. [Image by Sean MacEntee via Flickr]

August 26, 2016
BY 
ransomware gangs, cybercrime unicorn

Could Criminals Make A Billion Dollars With Ransomware?

Bitcoin has not only changed the economics of cybercrime by providing crooks with an encrypted, nearly anonymous payment system autonomous from any central bank. It's also changed researchers' ability to track how much money criminals are making. "Bitcoin is based on Blockchain, and Blockchain is a public ledger of transactions. So all Bitcoin transactions are public," explains Mikko Hyppönen, F-Secure's Chief Research Officer. "Now, you don’t know who is who. But we can see money moving around, and we can see the amounts." Every victim of Ransomware -- malware that encrypts files and demands a payment for their release -- is given a unique wallet to transfer money into. Once paid, some ransomware gangs move the bitcoins to a central wallet. "We've been monitoring some of those wallets," Mikko says. "And we see Bitcoins worth millions and millions. We see a lot of money." Watching crooks rake in so much money, tax-free, got him thinking: "I began to wonder if there are in fact cybercrime unicorns." A cybercrime unicorn? (View this as a PDF) A tech unicorn is a privately held tech company valued at more than a billion dollars. Think Uber, AirBNB or Spotify -- only without the investors, the overhead and oversight. (Though the scam is so profitable that some gangs actually have customer service operations that could rival a small startup.) "Can we use this comparison model to cybercrime gangs?" Mikko asks. "We probably can’t." It's simply too hard to cash out. Investors in Uber have people literally begging to buy their stakes in the company. Ransomware gangs, however, have to continually imagine ways to turn their Bitcoin into currency. "They buy prepaid cards and then they sell these cards on Ebay and Craigslist," he says. "A lot of those gangs also use online casinos to launder the money." But even that's not so easy, even if the goal is to sit down at a online table and attempt to lose all your money to another member of your gang. "If you lose large amounts of money you will get banned. So the gangs started using bots that played realistically and still lose – but not as obviously." Law enforcement is well aware of extremely alluring economics of this threat. In 2015, the FBI’s Internet Crime Complaint Center received "2,453 complaints identified as Ransomware with losses of over $1.6 million." In 2016, hardly has a month gone by without a high-profile case like Hollywood Presbyterian Medical Center paying 40 Bitcoin, about $17,000 USD at the time, to recover its files. And these are just the cases we're hearing about. The scam is so effective that it seemed that the FBI was recommending that victims actually pay the ransom. But it turned out their answer was actually more nuanced. "The official answer is the FBI does not advise on whether or not people should pay," Sean Sullivan, F-Secure Security Advisor, writes. "But if victims haven’t taken precautions… then paying is the only remaining alternative to recover files." What sort of precautions? For Mikko, the answer obvious. "Backups. If you get hit you restore yesterday’s backup and carry on working. It could be more cumbersome if it’s not just one workstation, if your whole network gets hit. But of course you should always have good, up to date, offline backups. And 'offline' is the key!" What's also obvious is that too few people are prepared when Ransomware hits. Barring any disruptions to the Bitcoin market, F-Secure Labs predicts this threat will likely persist, with even more targeted efforts designed to elicit even greater sums.  If you end up in an unfortunate situation when your files are held hostage, remember that you're dealing with someone who thinks of cybercrime as a business. So you can always try to negotiate. What else do you have to lose?

August 24, 2016
BY 
Father lecturing son in bedroom

F2P can cost parents thousands of Euros – read this to avoid it

This is really an old problem, but it’s in the headlines again. Pokémon Go is yet another example of a “free” game with a business model based on in-app purchases. These games are also known as F2P, standing for free-to-play. You can start playing, and get hooked, for free. But soon you run into a situation where you can’t proceed without buying virtual stuff in the game. The stuff you buy is virtual but the payment is very real money. This is no doubt a profitable model. Pokémon Go went straight to the top and for example Finland-based Supercell, maker of Clash of Clans, has constantly reported nice profits. This can naturally cause trouble for addicted adults, but the real problems arise when kids get hooked. There are numerous public stories about kids making purchases for hundreds or even thousands of Euros, often without even understanding how much they have spent. And the sinister part is that this can go on for a while until you get the credit card bill, and it’s too late. Your chances to get a refund are somewhere between slim and none. But how can this happen? Let’s take a look at the most common scenarios. Your kid has set up the new device and created the needed account with Apple or Google. Everything is fine until he or she needs an app that isn’t free. You enter your credit card on the kid’s device and make the purchase, but you don’t pay any attention to the security settings. This may give your kid carte blanche to buy anything he or she likes, and you pay the bill. You have entered your credit card but set up the kid’s store account so that a password only you know is required for every purchase. But there are some convenient settings that allow purchases without a password within a limited time window after the password has been entered. Kids learn very quickly to utilize this opportunity. Let’s assume the same setup as in the previous point, but with the correct security settings. Now the password is needed for every purchase. But the store account is still owned by the kid and the password can be reset. The password reset link will be sent to the kid’s mail or phone number. It’s carte blanche again with the new password. Ok, you create an account you own for the kids phone. It’s tied to your mail and phone number, so the password reset trick shouldn’t work anymore. You put down your phone and head for the toilet. Your kid has been waiting for the opportunity and initiates the password reset request. Your phone is there on the table wide open, with the reset link in the mail. You can figure out the rest yourself. And of course the simple alternative. You think the store password on your kid’s device is secret. But in reality it is either too easy to guess or someone has been looking over your shoulder. So there’s many things that can go wrong, but what can we do to avoid it? There are many ways to fight this problem, but this is in my opinion the best approach: Let the kid set up the store account on the device and set own passwords. Just like an adult would use a phone, except that there’s no payment method registered. Never enter your credit card number on the kid’s device. On Android, get familiar with Google Play Family. This feature enables you to purchase stuff for your kid on your own device. On iPhone, send apps or money as gifts. There may be applications that bypass the store and handle credit card transactions directly. This can typically be handled with vouchers or other prepaid payment methods instead. The application usually guides the users and list all supported methods. Let’s also take a look at the hard way. Follow these instructions if you for some reasons must have your credit card registered as a payment method on the kid’s device. Make sure the store is protected with a good password that only you know. Make sure the kid isn’t watching too closely when you enter it. Make sure the store is set up to require the password every time a purchase is made. Make sure the store account is attached to an e-mail only you have access to. Make sure the e-mail password is decent and not known to your kid. Make sure your phone’s security settings are decent. Use a PIN or password your kid doesn’t know and make sure it locks automatically quickly enough. Even better, do not have the e-mail of your kids store account on your phone. Access it through web mail when needed. So this is after all a quite complex issue. There are many variations and other ways to deal with the problem. Did I miss some simple and clever way? Write a comment if you think I did. And finally. Yes, there’s also many ways to lock the kids out of the store completely. This does no doubt solve some problems, but I don’t think it’s a good idea. They will after all live their lives in a world where digital devices and services are as natural as breathing. They deserve the opportunity to start practicing for that right now. Let them browse the store and discover all the fun stuff. And be part of the group and use all the same apps as their friends. Let them have fun with the phone and learn, even if they will learn some things the hard way. Don’t ruin it for them.     Safe surfing, Micke  

August 16, 2016
BY