BC POLITICS
Saved by @ThomassRichards

Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

 Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?
Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!
Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton
One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
The voting process
* significant advances in recent years (e.g. paper ballots, risk-limiting audits, end-to-end verifiability)
* research needed in integrating these technologies
* expanding to mail-in voting?
But there's also internet voting
* we can't do it securely today [oh no voatz reference]
* we have to combat malware, authentication etc.
* if we could solve them, that would be great. But in the meantime voting has to be successful for everyone
* can improve accessibility through things like getting ballot online, filling it out, then returning through the mail
Election support systems
* less researched. Probably because they look boring
* Voter registration databases aren't working. Russians breached at least 2 states, targeted all 50 states
* little to no public scrutiny of these systems
* election night reporting -- this is a picture of one where there was a bug in reporting. [It was fixed but freaked a lot of people out]
A lot of the trouble with the security of election support systems is not that we don't know how to do it -- it's that we have to do it
Campaign security
* biggest unknown (see Sunny Consolvo's talk!)
* we must view campaign security as non-partisan and increase resources and services available
Public confidence
* major damage from domestic actors
* widespread mis/dis-information
* technical election security measures helps to debunk rumours floating around
Misinformation-fighting supply measures:
* platforms: downranking and deplatforming
* trusted institutions
* debunking & fact checks
Misinformation-fighting demand measures:
* media literacy
* increased civics education

[ Also note that @katestarbird will be giving a talk on misinformation don't miss it: https://t.co/a0PutRnHaI]
Let's fix election support systems!
* Much of this is applying security things we already know
[ Note: a lot of organizations have this problem 😭 ]
* engage in public research. Have a vuln disclosure policy so people can confidently help
Election security is a problem that can only be solved by working together: elections officials, security people, everyone

[end of talk]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Lea Kissner
Lea Kissner
@LeaKissner
Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.


But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework


We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law

But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
TECH , TEACH
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE
Lea Kissner
Lea Kissner
@LeaKissner
Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.

Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.

How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering

We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
TECH
Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD

More from Politics

Seth Abramson
Seth Abramson
@SethAbramson
(THREAD) The Whitaker scandal is deepening, as it becomes clear that Sessions' Russia recusal was a coordinated sham and his firing an act of obstruction—and that his replacement is a White House plant inside the Mueller probe. I hope you'll retweet and read on for more details.


1/ From 2014-17 Whitaker worked for World Patent Marketing—which during his tenure defrauded consumers out of $26 million and was successfully prosecuted by the feds. His involvement in the scam confirmed he had loose morals and that the feds would never want to employ him again.

2/ Despite the seeming impossibility of a man with Whitaker's background getting a job at Justice ever again—he'd been found to have used his former title as a US attorney to fraudulently threaten consumers with valid complaints with criminal penalties—Whitaker found an opening.

3/ Within 60 days of parachuting out of World Patent Marketing as it was being fined $26 million by the feds, Whitaker was working for CNN and telling a fellow attorney panelist that his purpose in working for CNN was to get noticed by one man—Donald Trump—and thereby get a job.

4/ Whitaker spent his time at CNN making ludicrous statements about the Mueller probe: there was no obstruction or collusion, he said; Mueller had no authority to look into any aspect of Trump's finances or to subpoena him, he said. All the while, he hoped Trump was watching him.
POLITICS
Washington Pundit \xa9
Washington Pundit ©
@TWPundit
THREAD (WOW!)

1) If you want to watch a Coordinated Media Disinformation Campaign play out (just like the Trump-Russia Collision Hoax), there's one playing out right now in real

2) @TWPundit Exclusively Reported 10/13

"expect to see multiple...stories related to Turkey which will...be tied together by a massive “bombshell” piece in the @nytimes ...near election day in a well-coordinated smear campaign"
Yep, the piece just

3) The Turkey Disinformation Campaign is following the exact same playbook as the 2016 Trump-Russia Collision Hoax, and with all the same

4) In 2016, there were 3 separate stories related to Russia’s connection to @realDonaldTrump that dropped on Oct 31st.

Article #1 from Soros-funded @MotherJones by @DavidCornDC about @carterwpage alleging he was a secret Russian operative. Fake

5) Article #2 from @FinancialTimes about @SergeiMillian and his connection to Trump Tower projects
POLITICS
Advertisement
Brian Cates
Brian Cates
@drawandstrike
So let's see a show of hands: how many of you even knew Huber was digging into the Clinton Foundation? While he was assisting Horowitz in his digging into the FISC/Steele Dossier/Fusion GPS/Perkins Coie/DNC/Hillary campaign stuff?


I'm sure Huber is coming to DC *only* to discuss Clinton Foundation things with Meadows and his committee.

He for certain, like, won't be huddling with Horowitz or that new guy, Whitaker while he's in town. That would NEVER HAPPEN. [wink wink wink!] 😉

I just spent a year and a half telling you they will SHOW YOU what they are REALLY DOING when they are READY.

Not before.

No matter how much whining is done about it.

I'm exhausted but it's worth it.

Now you know why they're f**king TERRIFIED of Whitaker, the closer tapped by Trump to come in late for the hysterical fireworks that will ensue soon.

Look who's suddenly fund raising for his legal defen- er, I mean, ha ha - his reelection campaign!
POLITICS
Reed Hundt
Reed Hundt
@rehundt
1/Zach has the history right (again). I doubt the current political leadership read the book where Summers et al explained what they did, unless they look at borrowed copies. Here it is: https://t.co/4gyFiagaj3

2/ But the summary is that Summers, Geithner, Orszag, Emanuel agreed on telling Obama and Biden in December 2008 that about $800b was an adequate stimulus. Would lower unemployment just below 8% by late 2010. Romer thought $2.1T or $1.7T was needed to achieve full employment.

3/ They wouldn't let her make the case in writing for $1.2T because her number could leak. The reasons for $800b were: they wanted the bill passed by February, so they could move on to health care reform and cap and trade; they had no ways to spend more;

4/ spending more might kick off inflation or cause markets to fall for fear of inflation; that might lead to more bank runs; more bank runs might require a second TARP so they couldn't ask Congress for too much for recovery; Pelosi would give them whatever they asked

5/ for but they didn't think they could get the needed 1 or 2 R Senators quickly if they asked for more; they wanted 60 but had only 58 D Senators; popular "moonshots" or signature items in the package would take too long (Biden asked for that);
POLITICS
Julia Azari
Julia Azari
@julia_azari
This idea - that elections should translate into policy - is not wrong at all. But political science can help explain why it's not working this way. There are three main explanations: 1. mandates are constructed, not automatic, 2. party asymmetry, 3. partisan conpetition 1/


First, party/policy mandates from elections are far from self-executing in our system. Work on mandates from Dahl to Ellis and Kirk on the history of the mandate to mine on its role in post-Nixon politics, to Peterson Grossback and Stimson all emphasize that this link is... 2/

Created deliberately and isn't always persuasive. Others have to convinced that the election meant a particular thing for it to work in a legislative context. I theorized in the immediate period of after the 2020 election that this was part of why Repubs signed on to ...3/

Trump's demonstrably false fraud nonsense - it derailed an emerging mandate news cycle. Winners of elections get what they get - institutional control - but can't expect much beyond that unless the perception of an election mandate takes hold. And it didn't. 4/

Let's turn to the legislation element of this. There's just an asymmetry in terms of passing a relief bill. Republicans are presumably less motivated to get some kind of deal passed. Democrats are more likely to want to do *something.* 5/
POLITICS

You May Also Like

Dr. Thomas Binder, MD
Dr. Thomas Binder, MD
@Thomas_Binder
1/12

RT-PCR corona (test) scam

Symptomatic people are tested for one and only one respiratory virus. This means that other acute respiratory infections are reclassified as


2/12

It is tested exquisitely with a hypersensitive non-specific RT-PCR test / Ct >35 (>30 is nonsense, >35 is madness), without considering Ct and clinical context. This means that more acute respiratory infections are reclassified as


3/12

The Drosten RT-PCR test is fabricated in a way that each country and laboratory perform it differently at too high Ct and that the high rate of false positives increases massively due to cross-reaction with other (corona) viruses in the "flu


4/12

Even asymptomatic, previously called healthy, people are tested (en masse) in this way, although there is no epidemiologically relevant asymptomatic transmission. This means that even healthy people are declared as COVID


5/12

Deaths within 28 days after a positive RT-PCR test from whatever cause are designated as deaths WITH COVID. This means that other causes of death are reclassified as
CATEGORY C19
Vibhu Vashisth
Vibhu Vashisth
@VIBHU_Tweet
हिमालय पर्वत की एक बड़ी पवित्र गुफा थी।उस गुफा के निकट ही गंगा जी बहती थी।एक बार देवर्षि नारद विचरण करते हुए वहां आ पहुंचे।वह परम पवित्र गुफा नारद जी को अत्यंत सुहावनी लगी।वहां का मनोरम प्राकृतिक दृश्य,पर्वत,नदी और वन देख उनके हृदय में श्रीहरि विष्णु की भक्ति अत्यंत बलवती हो उठी।


और देवर्षि नारद वहीं बैठकर तपस्या में लीन हो गए।इन्द्र नारद की तपस्या से घबरा गए।उन्हें हमेशा की तरह अपना सिंहासन व स्वर्ग खोने का डर सताने लगा।इसलिए इन्द्र ने नारद की तपस्या भंग करने के लिए कामदेव को उनके पास भेज दिया।वहां पहुंच कामदेव ने अपनी माया से वसंतऋतु को उत्पन्न कर दिया।


पेड़ और पौधों पर रंग बिरंगे फूल खिल गए और कोयलें कूकने लगी,पक्षी चहकने लगे।शीतल,मंद,सुगंधित और सुहावनी हवा चलने लगी।रंभा आदि अप्सराएं नाचने लगीं ।किन्तु कामदेव की किसी भी माया का नारद पे कोई प्रभाव नहीं पड़ा।तब कामदेव को डर सताने लगा कि कहीं नारद क्रोध में आकर मुझे श्राप न देदें।

जैसे ही नारद ने अपनी आंखें खोली, उसी क्षण कामदेव ने उनसे क्षमा मांगी।नारद मुनि को तनिक भी क्रोध नहीं आया और उन्होने शीघ्र ही कामदेव को क्षमा कर दिया।कामदेव प्रसन्न होकर वहां से चले गए।कामदेव के चले जाने पर देवर्षि के मन में अहंकार आ गया कि मैने कामदेव को हरा दिया।

नारद फिर कैलाश जा पहुंचे और शिवजी को अपनी विजयगाथा सुनाई।शिव समझ गए कि नारद अहंकारी हो गए हैं और अगर ये बात विष्णु जी जान गए तो नारद के लिए अच्छा नहीं होगा।ये सोचकर शिवजी ने नारद को भगवन विष्णु को ये बात बताने के लीए मना किया। परंतु नारद जी को ये बात उचित नहीं लगी।
ALL
Advertisement
Jaya_Upadhyaya
Jaya_Upadhyaya
@Jayalko1
SRI LALITHAMBIGAI, THIRUMEYACHUR (TN)
#bharatmandir #navratri2021

Kshetram where Shiva is worshipped as Meghanatha and his consort is Lalithambigai seen in Abhay mudra.
Once, a demon Pandasura was harassing the Devas who went to Devi Parashakti for protection. 
@GunduHuDuGa


Devi rose from a Yaga Gunda, mounted on the Sri Chakra Rath with the name Lalithambika, waged a war against Pandasura and destroyed him.  When her fury did not subside, Shiva asked her to go to Earth, assume the name Manonmani, perform penance and shed her fury.


Shiva blessed Devi to be Shanta nayagi. There is a sculpture here depicting Shiva pacifying Devi. If you observe closely, you can see that from your left hand side there will be a smile on Her face and if you see from your right hand side you can see anger in Her face.


Hayagriva taught the greatness of Lalitha Sahasranama to Rishi Agasthya. Pleased with his devotion, Ma Lalithambikai appeared before Agastya. He is believed to have then sung Lalita Navaratnamala in praise of Devi. He has also composed a hymn named Rahasyanamasahasram.
ALL
Suhas S. Hardutt
Suhas S. Hardutt
@HarduttSuhas
THE BATTLE OF TALIKOTA and the destruction of Vijaynagar (Hampi)
26 January 1565

A tale of valor, deception and decimation.

A grim reminder that if we fail to protect our heritage, it will eventually crumble under the onslaught of "forces of anarchy".
(Elaborate thread)


This decisive battle was fought between the Vijayanagara empire and the Deccan sultanates resulting in a rout of Vijayanagara and ending the last major medieval era Hindu kingdom in south India.(1)

The seeds of 1565 encounter were sown more than 250 years earlier when the forces of the Delhi Sultanate, during the time of Alauddin Khilji and later Md Bin Tughlaq swept through southern India in an expansion spree.(2)

By middle of the 14th century, facing rebellions, Tughlaq withdrew to Delhi, leaving behind 2 empires, Bahmani, which ruled the Deccan from Kalaburagi, and Vijayanagara, which ruled most south India with its capital at Vijayanagar.(3)

The Raichur Doab, between the Krishna and Tungabhadra rivers, existed as a natural boundary between these two kingdoms, with wars often breaking out over control of this territory.(4)
HISTORY
Anu Satheesh
Anu Satheesh
@AnuSatheesh5
Story of Thumba Poo and Shiva

Thumba poo is a tiny white flower which grows in all areas. These flowers are used for treatment for sinus. Small children who have polyps in Nose are told to crush tumbha leaves and apply in nose part.
There is an interesting story of Thumba and


Mahadeva. Thumba flowers were not taken for Shiva Pooja. Saddened to this Thumba prayed sincerely and Mahadeva appeared before her.
She was surprised that Shiva had appeared before her. Instead of saying that she wants to under his feet always, she said
@SriramKannan77


She said that her feet should be on his head. Shiva accepted her prayers. It is because of this Thumba flower is placed in the head of Shiva Linga.
Shambo Mahadeva
Om Namah Sivaye
🙏🕉🙏
ALL