Department of Energy Invests $50 Million To Improve Critical Energy Infrastructure Security
Orome1 shares a report from Help Net Security:
Today, the Department of Energy (DOE) is announcing awards of up to $50 million to DOE's National Laboratories to support early stage research and development of next-generation tools and technologies to further improve the resilience of the Nation's critical energy infrastructure, including the electric grid and oil and natural gas infrastructure. The electricity system must continue to evolve to address a variety of challenges and opportunities such as severe weather and the cyber threat, a changing mix of types of electric generation, the ability for consumers to participate in electricity markets, the growth of the Internet of Things, and the aging of the electricity infrastructure. The seven Resilient Distribution Systems projects awarded through DOE's Grid Modernization Laboratory Consortium (GMLC) will develop and validate innovative approaches to enhance the resilience of distribution systems -- including microgrids -- with high penetration of clean distributed energy resources (DER) and emerging grid technologies at regional scale. The project results are expected to deliver credible information on technical and economic viability of the solutions. The projects will also demonstrate viability to key stakeholders who are ultimately responsible for approving and investing in grid modernization activities. In addition, the Department of Energy "is also announcing 20 cybersecurity projects that will enhance the reliability and resilience of the Nation's electric grid and oil and natural gas infrastructure through innovative, scalable, and cost-effective research and development of cybersecurity solutions."
Why Bats Crash Into Windows
According to a new report
published in the journal Science, Bats slam into vertical structures such as steel and glass buildings
because they appear invisible to bats' echolocation system. Nature reports:
Bats rely on echolocation to navigate in the dark. They locate and identify objects by sending out shrill calls and listening to the echoes that bounce back. Greif and his colleagues tested the echolocation of 21 wild-caught greater mouse-eared bats (Myotis myotis) in the lab. The researchers placed a featureless metal plate on a side wall at the end of a flight tunnel. The bats interpreted the smooth surface -- but not the adjacent, felt-covered walls -- as a clear flight path. Over an an average of around 20 trials for each bat, 19 of them crashed into the panel at least once. The researchers also put up smooth, vertical plates near wild bat colonies, and saw similar results. The animals became confused owing to a property of smooth surfaces called "acoustic mirroring." Whereas rough objects bounce some echoes back towards the bat, says Greif, a smooth surface reflects all echolocation calls away from the source. This makes a smooth wall appear as empty space to the bats, until they are directly in front of it. Only once a bat is facing the surface are their perpendicular echoes reflected back, which alerts the bat to its mistake. This explains why some bats attempted to swerve out of harm's way at the last second -- but often too late.
Researchers Catch Microsoft Zero-Day Used To Install Government Spyware
An anonymous reader quotes a report from Motherboard:
Government hackers were using a previously-unknown vulnerability in Microsoft's .NET Framework, a development platform for building apps, to hack targets and infect them with spyware, according to security firm FireEye. The firm revealed the espionage campaign on Tuesday, on the same day Microsoft patched the vulnerability. According to FireEye, the bug, which until today was a zero-day, was being used by a customer of FinFisher, a company that sells surveillance and hacking technologies to governments around the world. The hackers sent a malicious Word RTF document to a "Russian speaker," according to Ben Read, FireEye's manager of cyber espionage research. The document was programmed to take advantage of the recently-patched vulnerability to install FinSpy, spyware designed by FinFisher. The spyware masqueraded as an image file called "left.jpg," according to FireEye.
J.J. Abrams To Direct Star Wars: Episode IX; Premiere Date Pushed To December 2019
A week after Jurassic World's Colin Trevorrow was ousted from the Star Wars: Episode IX director's chair, a familiar face has stepped in to replace him: J.J. Abrams, the man responsible for successfully rebooting the new trilogy in 2015 with Star Wars: The Force Awakens. From a report:
Disney just pushed back the release of Star Wars: Episode IX from May 2019 to December 2019, Deadline reports. The news comes after an announcement today that J.J. Abrams is taking over from Colin Trevorrow as director of the movie. Episode IX, originally slated to premiere on May 24th, 2019, was supposed to be a return to May release dates for the Star Wars franchise. Back in 2015, The Force Awakens was also originally supposed to be released in the summer, but was moved to a December release after Abrams took over screenwriting duties with Lawrence Kasdan (The Empire Strikes Back, Return of the Jedi) and needed more time.
Intel Cuts Cord On Its Current Cord-Cutting WiGig Products
An anonymous reader shares a ZDNet report, which also has some clarification from Intel:
It looks like you can add WiGig wireless docking to Intel's dustbin (along with IoT products axed earlier this summer), as the company has discontinued existing products using the 802.11ad wireless standard, according to Anandtech. [Since publishing this report, we've received a statement from Intel clarifying its WiGig support: "We continue to offer current versions of our 802.11ad products, such as the Intel Tri-band Wireless AC 18265 and Gigabit Wireless 10101R antenna module. We remain committed to WiGig and think it has exciting potential for a number of applications, including enabling VR to become wireless, mesh networking and as part of Intel's leading products for 5G."] WiGig was developed several years ago with faster speeds than then-current Wi-Fi standards, but because it relied on the 60GHz channel, its high throughput could only travel over short distances. As a result, it eventually became marketed as a feature for wireless laptop docking stations, and while it received some support from enterprise laptop manufactures like Dell and Lenovo, the technology didn't make a big dent against standard wired laptop docks.
Apple Is Releasing macOS High Sierra On September 25
After updating its website for the iPhone launch event, Apple has confirmed that macOS High Sierra
will be released on September 25th. TechCrunch provides a brief rundown of the major changes, most of which are under the hood:
The Photos app is still receiving some new features to keep it up to date with the iOS version. There are more editing tools, you can reorganize the toolbar and you can filter your photos by type. If you're a Safari user, my favorite change is that there is a new feature in the settings that lets you automatically block autoplaying videos around the web. Many websites have abused autoplaying video, it's time to stop it. And then, there's a new file system that should make your Mac snappier if you're using an SSD. Mail is compressing messages, Metal 2 should take better advantage of your GPU, Spotlight knows about your flight status, etc. The free update to macOS High Sierra will be available in the Mac App Store.
'Operational Limitations' In Tesla Model S Played a 'Major Role' In Autopilot Crash, Says NTSB
Mr D from 63 writes from a report via Reuters:
The chairman of the U.S. National Transportation Safety Board (NTSB) said on Tuesday "operational limitations" in the Tesla Model S played a "major role" in a May 2016 crash that killed a driver using the vehicle's semi-autonomous "Autopilot" system. Reuters reported on Monday that the NTSB is expected to find that the system was a contributing factor because it allows drivers to avoid steering or watching the road for lengthy periods of time. The NTSB is also expected to find that Tesla Inc could have taken additional steps to prevent the system's misuse and will fault the driver for not paying attention. "Today's automation systems augment, rather than replace human drivers. Drivers must always be prepared to take the wheel or apply the brakes," NTSB Chairman Robert Sumalt said. The system could not reliably detect cross traffic and "did little to constrain the use of autopilot to roadways for which it was designed," the board said. Monitoring driver attention by measuring the driver's touching of the steering wheel "was a poor surrogate for monitored driving engagement." At a public hearing Tuesday on the crash involving Brown, NTSB said the truck driver and the Tesla driver "had at least 10 seconds to observe and respond to each other."
BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices
An anonymous reader quotes a report from Bleeping Computer:
Security researchers have discovered eight vulnerabilities -- codenamed collectively as BlueBorne -- in the Bluetooth implementations used by over 5.3 billion devices. Researchers say the vulnerabilities are undetectable and unstoppable by traditional security solutions. No user interaction is needed for an attacker to use the BleuBorne flaws, nor does the attacker need to pair with a target device. They affect the Bluetooth implementations in Android, iOS, Microsoft, and Linux, impacting almost all Bluetooth device types, from smartphones to laptops, and from IoT devices to smart cars. Furthermore, the vulnerabilities can be concocted into a self-spreading BlueTooth worm that could wreak havoc inside a company's network or even across the world. "These vulnerabilities are the most serious Bluetooth vulnerabilities identified to date," an Armis spokesperson told Bleeping Computer via email. "Previously identified flaws found in Bluetooth were primarily at the protocol level," he added. "These new vulnerabilities are at the implementation level, bypassing the various authentication mechanisms, and enabling a complete takeover of the target device." Consumers are recommended to disable Bluetooth unless you need to use it, but then turn it off immediately. When a patch or update is issued and installed on your device, you should be able to turn Bluetooth back on and leave it on safely. The
BlueBorne Android App on the Google Play Store will be able to determine if a user's Android device is vulnerable. A technical report on the BlueBorne flaws is available
A New Way to Learn Economics
John Cassidy, writing for The New Yorker:
With the new school year starting, there is good news for incoming students of economics -- and anybody else who wants to learn about issues like inequality, globalization, and the most efficient ways to tackle climate change. A group of economists from both sides of the Atlantic, part of a project called CORE Econ, has put together a new introductory economics curriculum, one that is modern, comprehensive, and freely available online. In this country, many colleges encourage Econ 101 students to buy (or rent) expensive textbooks, which can cost up to three hundred dollars, or even more for some hardcover editions. The project is a collaborative effort that emerged after the world financial crisis of 2008-9, and the ensuing Great Recession, when many students (and teachers) complained that existing textbooks didn't do a good job of explaining what was happening. In many countries, groups of students demanded an overhaul in how economics was taught, with less emphasis on free-market doctrines and more emphasis on real-world problems.
Equifax Lobbied For Easier Regulation Before Data Breach
Equifax was lobbying lawmakers and federal agencies to ease up on regulation of credit-reporting companies in the months before its massive data breach. Equifax spent at least $500,000 on lobbying Congress and federal regulators in the first half of 2017, according to its congressional lobbying-disclosure reports. Among the issues on which it lobbied was limiting the legal liability of credit-reporting companies. That issue is the subject of a bill that a panel of the House Financial Services Committee, which oversees the industry, discussed the same day Equifax disclosed the cyberattack that exposed personal financial data of as many as 143 million Americans. Equifax has also lobbied Congress and regulatory agencies on issues around "data security and breach notification" and "cybersecurity threat information sharing," according to its lobbying disclosures. The amount Equifax spent in the first half of this year appears to be in line with previous spending. In 2016 and 2015, the company's reports show it spent $1.1 million and $1.02 million, respectively, on lobbying activities. While the company had broadly similar lobbying issues in those years, the liability matter was new in 2017.
Boffins Fear We Might Be Running Out of Ideas
Innovation, fetishized by Silicon Valley companies and celebrated by business boosters, no longer provides the economic jolt it once did. From a report:
In order to maintain Moore's Law -- by which transistor density doubles every two years or so -- it now takes 18 times as many scientists as it did in the 1970s. That means each researcher's output today is 18 times less effective in terms of generating economic value than it was several decades ago. On an annual basis, research productivity is declining at a rate of about 6.8 percent per year in the semiconductor industry. In other words, we're running out of ideas. That's the conclusion of economic researchers from Stanford University and the Massachusetts Institute of Technology. In a paper published this week through the National Bureau of Economic Research, "Are Ideas Getting Harder to Find?", economics professors Nicholas Bloom, Charles Jones, and John Van Reenen, and PhD candidate Michael Webb, defy Betteridge's Law of Headlines by concluding that an idea drought has indeed taken hold. "Across a broad range of case studies ... we find that ideas -- and in particular the exponential growth they imply -- are getting harder and harder to find," the authors declare in their paper.
Apple Announces iPhone X With Edge-To-Edge Display, Wireless Charging and No Home Button
At its event in Cupertino, California today, Apple
unveiled the iPhone X to mark the 10th anniversary of the iPhone. It brings several new features including an edge-to-edge screen, Qi wireless charging, and Face ID. The Verge reports:
Because of its edge-to-edge display, the iPhone has no place for a conventional home button, relying instead on a complex facial recognition system to unlock the phone. Called FaceID, the new system will replace TouchID, the home button sensor that's enabled fingerprint logins since 2013's iPhone 5S. Users can wake the phone by swiping up from the button instead of hitting the button. The same gesture will open the control panel once the phone is awake. The updated iPhone 8 will continue unchanged, including both the home button and TouchID. Apple also
unveiled the iPhone 8 and 8 Plus, which are updated versions of the iPhone 7 and 7 Plus released last year. These new devices feature glass backs with support for wireless charging. The Verge provides some additional specs and features in its report:
Apple has improved the display on the iPhone 8 line, adding the same True Tone technology it offers on the 10.5-inch iPad Pro to automatically adjust the screen based on the ambient light in the room to offer more accurate colors. Internally, Apple has upgraded the processor from the A10 Fusion found in the 7 to the A11 Bionic. It's a six-core chip with two performance cores that are 25 percent faster than the A10, and four performance cores that the company says are 70 percent faster that the old model. There's also a new Apple-designed GPU that's 30 percent faster, with the same performance as the A10 at half the power. On the camera front, there's a new 12-megapixel sensor on the iPhone 8 that is larger, faster, and finally has optical image stabilization. The iPhone 8 Plus also has new sensors, and offers f/1.8 and f/2.8 apertures now. The dual cameras on the 8 Plus also have a new "Portrait Lighting" feature to adjust the lighting for portrait shots. And Apple says that the improvements apply to video, too, with Apple executive Phil Schiller claiming that the new devices have the "highest quality video capture ever in a smartphone," with support for 4K/60fps video. Slow motion videos now support up to 1080p resolution at 240fps, doubling the the iPhone 7's 120fps option. The iPhone 8 will start at $699 for a 64GB model, while the 8 Plus will start at $799 for 64GB of storage. You can preorder these devices starting Friday, September 15th, and they will be released a week later on September 22nd.
UPDATE 9/12/17: The iPhone X will be priced starting at $999 for the 64GB variant. Pre-order will be available October 27th with shipments starting November 3rd.
Are Top US Startups Really Startups?
Veteran technology reporter and columnist Om Malik writes:
Pitchbook, a data research company has come up with a list of top 14 most valuable startups in the United States. There are no real surprises -- they are all ranked by valuation and they all are valued at north of $4 billion. They are all household names -- barring Outcome Health and Samumed. And they have been around forever. They have thousands of employees and many have billions in revenue. What they are not is liquid on public markets. They have not IPO'd. In a different Silicon Valley, they will all be public companies and they won't be deemed startups. Revenue, growth, relative size, market share -- pick a metric (except for lack of profits in many cases) and you know they aren't really startups. So can we stop calling them startups -- and instead maybe call them VC-backed private companies -- otherwise the label startup loses its meaning.
The New Apple Watch Series 3 Has Cellular Built-In
The first big product unveiling at Apple's Event at the Steve Jobs Theater in Cupertino, California was the
Apple Watch Series 3 with built-in support for cellular. TechCrunch reports:
Wireless cellular LTE connectivity provided by a built-in chip means the new Apple Watch will be able to stay connected even when it's not tethered to an iPhone, which is a huge step forward in terms of making it an independent mobile device. Pricing for the Series 3 Cellular starts at $399, and a version without cellular starts at $329. Pre-orders begin on September 15, and they'll be available on September 22. The new Apple Watch is visually quite similar to the existing version, with backwards compatibility with existing straps and bands. There's a new Blush Gold color to match the new iPhone color option, and a new ceramic Dark Gray for the higher-end models that joins the existing white. Plus, the cellular version sports that red crown for an extra bit of visual flare. The non-cellular version doesn't have the new red crown.
Inside, it has a new dual-core processor with 70 percent better performance, as well as a new W2 chip that improves Bluetooth and wireless connectivity and power efficiency. The cellular antenna is actually the display itself, and there's an electronic SIM card inside for connectivity. The device is the same physical size as the Series 2, despite adding everything needed for cellular and LTE connectivity -- though the back crystal is extended 0.25 mm, which is incredibly thin. It's still got GPS like Series 2, and it's swimproof, plus it packs in all-day battery life still.
The Only Safe Email is Text-Only Email
Sergey Bratus, Research Associate Professor of Computer Science, Dartmouth College, and Anna Shubina, Post-doctoral Associate in Computer Science, Dartmouth College write:
The real issue is that today's web-based email systems are electronic minefields filled with demands and enticements to click and engage in an increasingly responsive and interactive online experience. It's not just Gmail, Yahoo mail and similar services: Desktop-computer-based email programs like Outlook display messages in the same unsafe way. Simply put, safe email is plain-text email -- showing only the plain words of the message exactly as they arrived, without embedded links or images. Webmail is convenient for advertisers (and lets you write good-looking emails with images and nice fonts), but carries with it unnecessary -- and serious -- danger, because a webpage (or an email) can easily show one thing but do another. Returning email to its origins in plain text may seem radical, but it provides radically better security. Even the federal government's top cybersecurity experts have come to the startling, but important, conclusion that any person, organization or government serious about web security should return to plain-text email (PDF).
Why Must You Pay Sales People Commissions?
An anonymous reader shares an article:
Sales is highly competitive work. That word -- "competitive" -- is the key to a high-performing sales organization. In order to be great at sales, you must outsell the competition. The competition might be a product from another company; it might be an internal project at the target company; or it might be the undying desire of the target customer to do absolutely nothing, which is often the toughest competitor of them all. At the end of the day, it's all a fight. And how do you get the most fight out of an organization? By offering a prize. As the old boxing saying goes, "This is prize fighting. No prize, no fight." Prizes and competition are critical to building a healthy sales culture. So what's an unhealthy sales culture? One that's governed by politics. Sales people must sell into highly political environments to succeed and that's why they don't want to live in one. If you do not evaluate and pay on what sales people sell, then what do you evaluate and pay on? Getting along with others? Kissing the boss' butt? Talking a big game but delivering nothing? Sounds like politics and sales people instinctively know it. When a CEO says, "we're going to evaluate you on things consistent with the culture" the sales person hears: "we are going to toss out objective financial metrics for the subjective will of the king." Great entrepreneurs are great innovators, and innovators love to innovate. But before you innovate on sales compensation, make sure you understand the strengths of the old system.
Rotten Tomatoes Scores Don't Correlate To Box Office Success or Woes, Research Shows
Depending on who you ask, Rotten Tomatoes is the reason some movies don't perform at the box office. From a report:
Countless movie executives, including producers, have told Deadline and the New York Times that the number atop a movie's page on Rotten Tomatoes signifying whether the majority of critics enjoyed or disliked a movie rules the box office. Director Brett Ratner was quoted as saying "I think it's the destruction of our business" while others have called for its demise. According to research conducted by Yves Bergquist, director of the Data & Analytics Project at USC's Entertainment Technology Center, that's not correct. Bergquist collected data from 150 movies this year that made more than $1 million at the box office. Using those Box Office Mojo numbers and comparing them to the critic and audience score on Rotten Tomatoes, Bergquist then "looked at [the] correlation between scores and financial performance" to determine if there was a linear line that could be drawn between low scores and bad box office performance. Or, more simply, did a lower "rotten" rating on Rotten Tomatoes equate to box office woes? The short answer is no, it didn't. Bergquist's findings confirmed that of the 150 movies surveyed, there was only a 12 percent correlation between a movie receiving a bad score and not performing well at the box office. Summer films saw even less of a correlation, with seven percent of lower-scored movies not performing at the box office.
Google Rival Yelp Claims Search Giant Broke Promise Made to Regulators
Online-reviews firm Yelp alleged that Google is breaking a promise it made as part of a 2012 regulatory settlement to not scrape content from certain third-party sites including Yelp, escalating its yearslong battle against the search giant. Yelp said in a letter late Sunday to Federal Trade Commission Chairwoman Maureen Ohlhausen that
Google is using Yelp photos for local-business listings in its search results, despite Yelp's formal request that Google not pull such content from its site. From a report:
As part of a December 2012 settlement to end an FTC investigation into Google, the tech giant agreed to not use content, including photos and user reviews, from third-party sites that opted out of such scraping. Google's commitment lasts through 2017 and applies to a variety of its products, including its local-business listings. "This is a flagrant violation of Google's promises to the FTC, and the FTC should reopen the Google case immediately," said Luther Lowe, Yelp's public-policy chief. Yelp has emerged as a leading critic of Google because the site believes the search giant unfairly uses its influence to stifle competitors.
Android Always Beats the iPhone To New Features, Qualcomm Says
An anonymous reader shares a report:
Qualcomm has published a somewhat self-congratulatory blog post that lauds the company and its Android partners for achieving a series of industry firsts that include wireless charging, dual-camera systems, OLED smartphone screens, edge-to-edge displays, and more -- features that the upcoming iPhone is expected to have. Apple and Qualcomm are currently embroiled in what's turning into a vicious, global patent licensing dispute. So the timing of this adulation for Android -- hours before Apple's big September event -- doesn't really strike me as coincidental. It can't be. Qualcomm never mentions Apple by name; the closest the company ever comes is with this line: Inventions from Qualcomm lay the foundation for so many technologies and experiences we value in our smartphones today -- on Android and other platforms.
Equifax's App Has Disappeared From Apple's App Store and Google Play
From a report:
Equifax's mobile app has been removed from both the iOS and Google Play app stores. According to data from AppAnnie, the app was taken down the same day Equifax announced its massive security breach (September 7). Now customers no longer have access to Equifax Mobile. For example, when iOS users attempt to access the app, they receive a pop-up requiring them to update the program. The pop-up directs users to the App Store -- where they are informed the Equifax app is no longer available. We don't know why the app came down, though Fast Company has confirmed Apple was not involved with the decision to remove Equifax from the App Store.
Amazon's Whole Foods Price Cuts Brought 25 Percent Jump In Shoppers
According to Foursquare Labs, which compiled location information from shoppers' mobile devices during the first two days after Amazon completed its acquisition of Whole Foods and compared the data with the same period a week earlier, the electronic commerce company
boosted customer traffic to Whole Foods by 25 percent. Bloomberg reports:
Amazon acquired the upscale chain last month for $13.7 billion, a move that has brought turmoil to the supermarket industry and sent shares of grocery rivals tumbling. The same day it completed the acquisition, the e-commerce giant cut prices by as much as 43 percent on a range of items. Organic fuji apples were marked down to $1.99 a pound from $3.49 a pound, for instance. Organic avocados dropped to $1.99 each from $2.79. The traffic data is an optimistic sign that Amazon can succeed in the brick-and-mortar world. In some areas, the jump in customers was dramatic. At stores in Chicago, 35 percent more shoppers visited Whole Foods stores, Foursquare found. It's not surprising that curious shoppers visited the stores immediately after the takeover, particularly after a bevy of media coverage, according to Jennifer Bartashus, an analyst at Bloomberg Intelligence. What's left to be seen is whether they will start consistently shopping more at Whole Foods stores.
Chatbot Lets You Sue Equifax For Up To $25,000 Without a Lawyer
Shannon Liao reports via The Verge:
If you're one of the millions affected by the Equifax breach, a chatbot can now help you sue Equifax in small claims court, potentially letting you avoid hiring a lawyer for advice. Even if you want to be part of the class action lawsuit against Equifax, you can still sue Equifax for negligence in small claims court using the DoNotPay bot and demand maximum damages. Maximum damages range between $2,500 in states like Rhode Island and Kentucky to $25,000 in Tennessee. The bot, which launched in all 50 states in July, is mainly known for helping with parking tickets. But with this new update, its creator, Joshua Browder, who was one of the 143 million affected by the breach, is tackling a much bigger target, with larger aspirations to match. He says, "I hope that my product will replace lawyers, and, with enough success, bankrupt Equifax."
Not that the bot helps you do anything you can't already do yourself, which is filling out a bunch of forms -- you still have to serve them yourself. Unfortunately, the chatbot can't show up in court a few weeks later to argue your case for you either. To add to the headache, small claims court rules differ from state to state. For instance, in California, a person needs to demand payment from Equifax or explain why they haven't demanded payment before filing the form.
Google Publicly Releases Internal Developer Documentation Style Guide
BrianFagioli shares a report from BetaNews:
The documentation aspect of any project is very important, as it can help people to both understand it and track changes. Unfortunately, many developers aren't very interested in documentation aspect, so it often gets neglected. Luckily, if you want to maintain proper documentation and stay organized, today, Google is releasing its internal developer documentation style guide. This can quite literally guide your documentation, giving you a great starting point and keeping things consistent.
Jed Hartman, Technical Writer, Google says, "For some years now, our technical writers at Google have used an internal-only editorial style guide for most of our developer documentation. In order to better support external contributors to our open source projects, such as Kubernetes, AMP, or Dart, and to allow for more consistency across developer documentation, we're now making that style guide public. If you contribute documentation to projects like those, you now have direct access to useful guidance about voice, tone, word choice, and other style considerations. It can be useful for general issues, like reminders to use second person, present tense, active voice, and the serial comma; it can also be great for checking very specific issues, like whether to write 'app' or 'application' when you want to be consistent with the Google Developers style." You can access Google's style guide
Virginia Scraps Electronic Voting Machines Hackers Destroyed At DefCon
DefCon demonstration in July that showed how quickly Direct Recording Electronic voting equipment could be hacked, Virginia's State Board of Elections has
decided it wants to replace their electronic voting machines in time for the gubernatorial election due on November 7th, 2017. According to The Register, "The decision was
announced in the minutes of the Board's September 8th meeting: 'The Department of Elections officially recommends that the State Board of Elections decertify all Direct Recording Electronic (DRE or touchscreen) voting equipment." From the report:
With the DefCon bods showing some machines shared a single hard-coded password, Virginia directed the Virginia Information Technology Agency (VITA) to audit the machines in use in the state (the Accuvote TSX, the Patriot, and the AVC Advantage). None passed the test. VITA told the board "each device analyzed exhibited material risks to the integrity or availability of the election process," and the lack of a paper audit trail posed a significant risk of lost votes. Local outlet The News Leader notes that many precincts had either replaced their machines already, or are in the process of doing so. The election board's decision will force a change-over on the 140 precincts that haven't replaced their machines, covering 190,000 of Virginia's ~8.4m population.