Securely Opening PDFs Gotten By Email (or Fax?

Lots of election administrators in U.S. counties and states require to get and open PDF files from citizens. A few of these administrators get these PDFs as e-mail accessories. These might be filled-out citizen registration types, and even voted tallies from UOCAVA (abroad and military) citizens. All of us understand that malware can prowl in e-mail accessories; how can those election authorities safeguard themselves from being hacked?

Web return of voted tallies is naturally insecure; that’s a different concern and I’ll discuss it listed below. In the meantime, how can one securely open a PDF accessory?

I discussed this concern with Dan Guido, cybersecurity expert and CEO of trailofbits.com. The safe method to see a PDF is inside the Chrome or Firefox internet browser. Printing a PDF straight from Chrome (or Firefox) to your printer is fairly safe. The risky method to see a PDF is with your preferred PDF-viewer app such as Adobe Reader.

The factor is basic: Google (for Chrome) and Mozilla (for Firefox) have actually put huge effort into making their PDF audiences safe, putting them inside a “sandbox” that the hackers can’t leave – and they have actually mostly been successful.

The PDF file format has numerous odd functions and intricate performance that are not required for basic files. Chrome and Firefox do not trouble to comprehend the unknown functions: they focus on getting the typical functions showed securely. On the other hand, Adobe Reader does deal with all the functions of PDF; that’s a much bigger thing to get completely right, and (maybe) security is not Adobe’s greatest top priority.

Often that suggests that Chrome or Firefox do not render your file effectively; however this is not likely to be an issue for basic files such as voter-registration types or optical-scan tallies.

In some methods that’s a bit frustrating. I like Adobe Reader’s navigation and document-viewing centers far more than I like the web browser’s integrated PDF screen. However I must beware to utilize Adobe tools just for files whose provenance I understand, or that have actually been otherwise vetted.

If you do conserve your PDF to a file, and are lured to open it later on: once again, you can utilize Chrome or Firefox to open it. (See likewise: PDF.js) If you wish to open it in a full-featured (however less safe) tool, initially utilize a PDF “triage tool” such as PDFid, which will scan the file and inform you if anything looks suspicious.

Is it safe to utilize Fax?

Lots of jurisdictions still allow (or need) types and tallies to be sent out to them by Fax. Is that safe?

As soon as upon a time, a “fax maker” was linked to a “land line” that went through the “phone network.” How safe that remained in 1985 is no longer appropriate today, when no one has a “Fax it fast device” and the “phone network” is the Web.

Many citizens, and lots of election administrators, utilize online fax services such as HelloFax. The citizen logs in and publish a PDF file; the fax service transforms it to a fax-format bitstream and sends it into the part of the Web called “the phone system”; the receiver logs in (possibly to a various online fax service) and downloads a PDF file that has actually been transformed from the bitstream.

This has so lots of points of insecurity: the sender’s online-fax service business might be basically susceptible to hackers (or experts); the receiver’s online-fax service, ditto; and the fax-format bitstream is transferred unencrypted, unauthenticated throughout the phone network.

On the other hand, email can be a lot more safe than that. If you utilize a significant e-mail supplier (such as gmail, Microsoft, fastmail) that understands what it’s doing; and if the recipient likewise utilizes a trusted e-mail service provider, then: your email is published encrypted (and validated) to an SMTP server, which goes encrypted (and validated) to another SMTP server, which is downloaded encrypted (and validated) to the recipient’s mail reader. The huge bulk of Web e-mail traffic is secured this method.

So e-mail your things, do not fax it.

Is e-mail safe and secure? Can we vote that method?

If email is a lot more protected than it was thirty years earlier, can we securely vote by email?

Sadly, no. Even if Web messages (by email or other procedures) are safe in transmission, the greatest security lapses remain in the server computer systems and specifically in the customer’s (citizen’s) computer systems. Hackers who can permeate the security of those systems can alter votes prior to they’re sent out, or after they’re gotten (however prior to they’re counted).

Additionally, email is sent out from the citizen’s computer system to the SMTP server (at Google, or Microsoft, or fastmail …) where it is unencrypted and reencrypted for sending out to the receiver’s SMTP server (at Microsoft, or fastmail, or Google, …). It resembles, you mail your absentee tally to your proprietor, who takes it out of its envelope, puts it in a fresh envelope, and mails it to an election authorities. Even if we trust our property manager (and I anticipate Google, Microsoft, and fastmail are doing a great task), should we require to trust this intermediary? The citizenry choose their federal government; we do not delegate this procedure to a couple of huge tech business.

And lastly, 6% of e-mail (that’s either outbound or incoming from gmail.com) is still unencrypted-that is, insecure. 6 percent might not look like a lot, however it’s countless users.

Is e-mail voter-registration safe enough?

Web return of voted tallies, which is not securable by any recognized innovation. However voter-registration can fairly be done by email: the citizen sends out in a kind, maybe a scan-to-PDF of their printed and signed registration kind. The factor this can work, when it can’t work for voted tallies, is the capability to examine the specific deal: after a couple of days, the citizen can examine the status of their registration with the election authorities, or the election authorities can get in touch with the citizen to examine up. So even if there’s hacking in the customer or server computer system, it can be found and fixed. With tallies, we have the secret tally: no one is expected to discover how you voted. Without the capability to examine and fix later on, “did my tally get counted for the individual I chose?”, web ballot is insecurable.