We can't secure banking, there are just a lot of undo processes, holds, and internal processes and cross-comms that make it so people don't lose all their money all at once and potential losses can generally be reversed, insured, bailed out, covered by someone else, or balanced out / hedged against. Even with that, fraud is rampant and heists worth billions do still occur digitally[1]. And these are financial systems that evolve constantly over centuries at this point. And the attackers still win sometimes.
The biggest thing the measures do is significantly decrease the known ROI on a target. For example, a credit card can be cancelled. Even if the bank doesn't notice and the person doesn't notice and you do get 100k off it, the fact attackers don't know that still reduces the value of the stolen credit card and therefore the incentive to steal them. Further the gain of 100k by an attacker may be split amongst cardholder, card issued, insurance, merchants, etc. so no one person actually loses 100k. These things all matter when building and securing new systems.
If you look at the cryptocurrency space in general, you can see what happens when you replace a credit card or swift with transactions that are similtaneously immutable, very valuable, and easily anonymous enough. The monetary value on anyone's Coinbase account, let alone all the Coinbase accounts, is so high that we've seen attacks[2] usually reserved for nation-state actors and by actual nation state actors[3], including sophisticated + targetted zero-days and bgp hijacks and all sorts of fun stuff. Not to mention the very high density of attacks that require lower effort and talent like sim swaps, phishing, spear-phishing, impersonation, typosquatting, on and on.
Regardless, if the potential gains to hack a bank are level 1, and crypto exchanges or private keys are a 10, then voting is 1,000,000.
The zero-sum nature of winning an election coupled with the potential gains from doing so are so large and so unfathomable that we have to assume that the lengths people will go to are unfathomably more than everything else we've ever tried to secure. Bc if you can gaurentee a win for a candidate or choose the candidate or change the candidate, you can do anything. You can own anything. You can control anything. You can make any amount of money. The limit is only your talents, abilities, moral compass, and appetite for risk.
To protect against a huge number of attackers, including nation state ones with essentially unlimited resources and the incentive to use those unlimited resources is…it's never been done. Again, back to Coinbase, they secure their crypto with...wait for it…paper. Generated and printed using randomly chosen, single-time, fully-airgapped machines. In a random location. In a Faraday cage.[4] That's how you secure billions when you don't have an undo button. With paper. While not even trusting the electricity flowing thru the cable.
As we saw in the 2016 election, Brexit, and lesser know elections across the globe, it takes very little to secure a win. With the right data (which is even more accessible today than it was in 2016) you only need to manipulate relatively small amount of voters. I'm too lazy to look it up but the numbers were insane when you looked at who was targeted by VoteLeave and Trump's campaign. They may have served 40m ads but it was only to like 40k people.
And that wasn't hacking anything. And those were huge-scale elections. And we still don't know who gained what from their outcomes, just that a lot of people spent a decent amount of money and a huge amount of effort to do so. And it wasn't selfless.
Small towns make gains more obvious. If small town mayor decides who gets the contract for building the new 10M town hall and if you can build it for 5M, you have 4.9M to spend on winning that contract. (Well 5M - resources to rig election - gain required for you to take the risk and put in the effort.) And, given the size of government contracts and their ongoing nature, the financial gains alone are massive. Military contractors: trillions and trillions.[5]
Even securing a single contract early on can ensure your success down the line. Maximus handles tons of Los Angeles welfare programs and now all sorts of programs around the globe. They have for 40+ years. They have billions in annual revenues from doing so. E.g. "In September 2012, the Illinois Department of Healthcare and Family Services awarded Maximus Health Services a two-year, $76.8 million contract to help the state with its Medicaid program. That same month, Maximus announced a $23.5 million contract with the State of Oklahoma."[6] Most of these contracts are decided not by the president but a random group of 5-7 officials at a meeting no one knows about where there is no competition and no real discussion.
Again, these are just a few very, very, very simple incentives people have to manipulate votes. Again, go look at 2016 Trump election or Brexit in depth to understand truly what is currently known about the number of people and the lengths they went to to get an election won. Without hacking. Check back in 40 years after more details emerge. We just don't even know yet.
The reason I have zero faith in any tech being successful in the nearish term with regards to voting is not that I think programmers suck or that politics is corrupt. It's that it's truly unprecedented on an incentives level and risk level. And, it's not just that the risk and potential loss for society or potential gain for attackers is so huge, it's also that we don't even know what it is, and even if we did, we wouldn't be able to comprehend it. How do you secure that when that's what you're up against?
The scope of what we do know about banking fraud, crypto fraud, and paper voting fraud is so great and we are always one step behind attacks and mitigate risk in millions of little ways because we can't fully reduce it. But you can't hedge against election fraud. There's no insurance. There's no undo button. There's no time travel.
And that means that, very unlike financial services, the amount you have to spend to secure an app of this nature is actually one resource more than the attackers are willing to spend to get their way in an election. Or one resource less than the amount lost if an attacker wins. But what even is the value of people, our future, our literal lives? Society, war, money, peace, contracts, the fed, interest rates, all the markets, all the debt, n95 masks, new buildings, old buildings, corruption, legitimacy? We can't know which of these attackers are going after therefore you have to protect against all. And there literally isn't enough resources in the world for that.
Zooming back down to simple: there isn't enough money to even secure an app for a single small town that has a single contract for $10M and will never have another contract and there is, impossibly, no other possible gain for rigging the election. I mean, there literally is enough money. But why spend $1M or $2M or $5M on that app? Why even spend a dollar? Why do so when it doesn't actually reduce all the other risks of election manipulation and corruption that are currently in practice while adding a whole new variety of known and unknown attack surfaces and exacerbates existing ones? You wouldn't. Period.
Why would a company try to build an app knowing this? Well, either they're optimistic and altruistic as fuck and don't know it. Or, second, they are taking advantage of you. Or, third and most terrifying, is the act of building a voting app itself is actually the way to rig the election.
Voatz, without a shadow of a doubt, is not the first. Perhaps the second. But the third? When you consider the timing of Voatz' fundraise, who they raised money from, the goddamn timing, the fact they didn't die when it was discovered they were using old ass php and plesk in 2018, and the fact the app is actually still this fucking completely worthless and insecure and hasn't improved, well, I can't say that it's not an attempt to rig an election but it's def not the US who's doing the rigging. They would go to far greater lengths.[7]
All of this doesn't undermine the fundamentals of the model I'm approaching the problem of online voting with. What is the potential upside, and is a system that reaps those benefits without compromising on security possible? I believe there are answers to most of these problems, providing you can restructure some aspects of voting.
It's not something I would advocate implementing in the nearish term, but I do think work can and should be done on it's fundamental problems.
One if the best/most frequent arguments against online voting is that there will be exploits and individual votes can and will be tampered with. So, lets take that in isolation for a second. Lets say I have to cast a vote a month in advance. I can change it for another month, but perhaps only in person. Is that enough fraud mitigation? What if that period is a year long? What if my political positions have been known by this app for years, and a dramatic shift in their distribution sends an alert prompting confirmation processes?
Essentially, is there some level of triage/verification process at which the online vote is considered acceptably secure? Well, if so, then can it be made compatible with a system that ensures ballot secrecy?
To flesh out my overall thinking of this problem domain – my kind of dream/ideal future of democracy is a system in which the positions of the electorate are "simply known". Right now we clumsily take a partial pulse every 2-4 years. But, if we had a system where voting (and polling) was "passive", then we could see the shift in sentiment way easier. Tampering would show in the data, or else have to be maintained for long periods of time. Essentially, the further we move from instantaneous votes, the better the process should get across the board.
To get a bit soap-boxy, if representation is a right as opposed to a privilege, then deepening and broadening it is an obligation of the state. More aggressively accessible in-person voting options would be good, but in the long run nothing will beat technologically-enabled democracy... if we can figure it out.
It sounds like you have it under control but I typically point people to Dave @ https://walletrecoveryservices.com/ for the less tech-savvy. He's pretty good. You can look at his site for what he can and can't crack. I know he's super super busy but it never hurts to give him a shout and ask him if he has any pro-tips or open-source code somewhere. A ping from someone who has a basic understanding of encryption might be refreshing.
Here are a random assortment of links I have saved regarding recovering presales:
I used to be part of a forum that had a massive list of the default login and unprotected cams. There were maybe 10k-20k per document, maybe 5 or 6 documents. As far as I could tell, all were working cams but 99% of the time there was nothing happening. Either they were too dark to see much, pointed at a front door, or showing rooms with no one in them. I personally never saw any movement on any of the cams except for a sleeping puppy.
On the rare occasion someone found a not-empty cam, there would be screencaps immediately. It was like crowdsourced voyeurism before crowdsourcing was a thing. The best one was a guy who was using the camera to monitor his weed grow op. Apparently, according to more knowledgable users on this forum, he was using the lights inefficiently. It sparked a massive debate on the intricacies of grow lights and that's when the thread died.
It was creepy but far less creepy or exciting than I imagined when I first stumbled upon the thread. Still, change your passwords people.
This article is much more about the journey of his life and the journey of a journalist to answer the question. The final answer means very little; there are a myriad of reasons he quit. Perhaps you should read the article. It's very enjoyable.
I'm on OSX Chrome V 29.0.1547.57 and they are loading. Do you want to upload a screenshot and I'll pass it on to the smart programmer guys to see if it can be fixed?
If you just want to explore some of the content without following any users or tags you can use the links in the nav bar, in particular the badges[1], tags[2], and community[3] links. You can also use the different hubwheels to see all of the posts with the same number of shares (the dots on the hubwheel, ranging from 0 to 8).
I signed up a couple weeks ago and was turned off by being asked to follow various users whom I didn't know- in some follow-based communities it almost feels like giving a tacit endorsement.
Given that I didn't yet understand Hubski's dynamics or model, I was just sort of staring at the page as my interest-momentum at moving through the site dwindled.. and I'm currently on the [rather passive] search for a new community-based site. Many of your new users likely will not be as eager.
Somehow the abstraction provided by 'lists' (a la Twitter) that you can follow seems to break some of the psychological barriers.
Perhaps you could provide a few topical, curated lists of 'editor-picked' users to follow and have a brief sampling of what sort of content you're going to end up seeing by choosing to follow it.
anyways, looks really cool and hope my unsolicited advice doesn't come across as discouraging. best of luck!
Thanks for the feedback. I'm actually in the midst of a new user flow redesign. We also have some new ideas for non-feed browsing that we will be trying out.
We've tried a few approaches to make the site a bit easier to ease into. Obviously we have room for improvement. I appreciate the advice.
Chatroulette is too notorious. It would be easier to build a new site with the same basic concept and advertise as SFW.
Plus, instant bans for anything inappropriate. That is what tinychat.com had to do when they wanted to new advertisers. Don't know how they did it but you get IP banned within a minute of getting naked.
Get him a 12 step book? Be there for him. He can't and won't quit until he wants to. He must make the decision. Aside from throwing him in rehab (like some do here in the US) there isn't much you can do. All you can do is let him know that you love and support him and want him to get better.
Therapy might help him work out his other personal issues which in turn might help curb the binges.
The biggest thing the measures do is significantly decrease the known ROI on a target. For example, a credit card can be cancelled. Even if the bank doesn't notice and the person doesn't notice and you do get 100k off it, the fact attackers don't know that still reduces the value of the stolen credit card and therefore the incentive to steal them. Further the gain of 100k by an attacker may be split amongst cardholder, card issued, insurance, merchants, etc. so no one person actually loses 100k. These things all matter when building and securing new systems.
If you look at the cryptocurrency space in general, you can see what happens when you replace a credit card or swift with transactions that are similtaneously immutable, very valuable, and easily anonymous enough. The monetary value on anyone's Coinbase account, let alone all the Coinbase accounts, is so high that we've seen attacks[2] usually reserved for nation-state actors and by actual nation state actors[3], including sophisticated + targetted zero-days and bgp hijacks and all sorts of fun stuff. Not to mention the very high density of attacks that require lower effort and talent like sim swaps, phishing, spear-phishing, impersonation, typosquatting, on and on.
Regardless, if the potential gains to hack a bank are level 1, and crypto exchanges or private keys are a 10, then voting is 1,000,000.
The zero-sum nature of winning an election coupled with the potential gains from doing so are so large and so unfathomable that we have to assume that the lengths people will go to are unfathomably more than everything else we've ever tried to secure. Bc if you can gaurentee a win for a candidate or choose the candidate or change the candidate, you can do anything. You can own anything. You can control anything. You can make any amount of money. The limit is only your talents, abilities, moral compass, and appetite for risk.
To protect against a huge number of attackers, including nation state ones with essentially unlimited resources and the incentive to use those unlimited resources is…it's never been done. Again, back to Coinbase, they secure their crypto with...wait for it…paper. Generated and printed using randomly chosen, single-time, fully-airgapped machines. In a random location. In a Faraday cage.[4] That's how you secure billions when you don't have an undo button. With paper. While not even trusting the electricity flowing thru the cable.
As we saw in the 2016 election, Brexit, and lesser know elections across the globe, it takes very little to secure a win. With the right data (which is even more accessible today than it was in 2016) you only need to manipulate relatively small amount of voters. I'm too lazy to look it up but the numbers were insane when you looked at who was targeted by VoteLeave and Trump's campaign. They may have served 40m ads but it was only to like 40k people.
And that wasn't hacking anything. And those were huge-scale elections. And we still don't know who gained what from their outcomes, just that a lot of people spent a decent amount of money and a huge amount of effort to do so. And it wasn't selfless.
Small towns make gains more obvious. If small town mayor decides who gets the contract for building the new 10M town hall and if you can build it for 5M, you have 4.9M to spend on winning that contract. (Well 5M - resources to rig election - gain required for you to take the risk and put in the effort.) And, given the size of government contracts and their ongoing nature, the financial gains alone are massive. Military contractors: trillions and trillions.[5]
Even securing a single contract early on can ensure your success down the line. Maximus handles tons of Los Angeles welfare programs and now all sorts of programs around the globe. They have for 40+ years. They have billions in annual revenues from doing so. E.g. "In September 2012, the Illinois Department of Healthcare and Family Services awarded Maximus Health Services a two-year, $76.8 million contract to help the state with its Medicaid program. That same month, Maximus announced a $23.5 million contract with the State of Oklahoma."[6] Most of these contracts are decided not by the president but a random group of 5-7 officials at a meeting no one knows about where there is no competition and no real discussion.
Again, these are just a few very, very, very simple incentives people have to manipulate votes. Again, go look at 2016 Trump election or Brexit in depth to understand truly what is currently known about the number of people and the lengths they went to to get an election won. Without hacking. Check back in 40 years after more details emerge. We just don't even know yet.
The reason I have zero faith in any tech being successful in the nearish term with regards to voting is not that I think programmers suck or that politics is corrupt. It's that it's truly unprecedented on an incentives level and risk level. And, it's not just that the risk and potential loss for society or potential gain for attackers is so huge, it's also that we don't even know what it is, and even if we did, we wouldn't be able to comprehend it. How do you secure that when that's what you're up against?
The scope of what we do know about banking fraud, crypto fraud, and paper voting fraud is so great and we are always one step behind attacks and mitigate risk in millions of little ways because we can't fully reduce it. But you can't hedge against election fraud. There's no insurance. There's no undo button. There's no time travel.
And that means that, very unlike financial services, the amount you have to spend to secure an app of this nature is actually one resource more than the attackers are willing to spend to get their way in an election. Or one resource less than the amount lost if an attacker wins. But what even is the value of people, our future, our literal lives? Society, war, money, peace, contracts, the fed, interest rates, all the markets, all the debt, n95 masks, new buildings, old buildings, corruption, legitimacy? We can't know which of these attackers are going after therefore you have to protect against all. And there literally isn't enough resources in the world for that.
Zooming back down to simple: there isn't enough money to even secure an app for a single small town that has a single contract for $10M and will never have another contract and there is, impossibly, no other possible gain for rigging the election. I mean, there literally is enough money. But why spend $1M or $2M or $5M on that app? Why even spend a dollar? Why do so when it doesn't actually reduce all the other risks of election manipulation and corruption that are currently in practice while adding a whole new variety of known and unknown attack surfaces and exacerbates existing ones? You wouldn't. Period.
Why would a company try to build an app knowing this? Well, either they're optimistic and altruistic as fuck and don't know it. Or, second, they are taking advantage of you. Or, third and most terrifying, is the act of building a voting app itself is actually the way to rig the election.
Voatz, without a shadow of a doubt, is not the first. Perhaps the second. But the third? When you consider the timing of Voatz' fundraise, who they raised money from, the goddamn timing, the fact they didn't die when it was discovered they were using old ass php and plesk in 2018, and the fact the app is actually still this fucking completely worthless and insecure and hasn't improved, well, I can't say that it's not an attempt to rig an election but it's def not the US who's doing the rigging. They would go to far greater lengths.[7]
---
1: https://en.wikipedia.org/wiki/Bangladesh_Bank_robbery or great podcast on it for audio lovers https://www.stitcher.com/podcast/mugshot-podcast/mugshot
2: “Responding to Firefox 0-days in the wild” by Philip Martin https://link.medium.com/x8tNj2rc14
3: https://blog.chainalysis.com/reports/cryptocurrency-exchange...
4: https://www.wired.com/story/coinbase-physical-vault-to-secur...
5: https://247wallst.com/special-report/2019/02/21/20-companies...
6: https://en.wikipedia.org/wiki/Maximus_Inc.
7: https://archive.nytimes.com/www.nytimes.com/interactive/2013...