Structure News: Forget hanging chads; get ready for election hacking

Your weekly tech news roundup, with a little bit of Structure.   Where Your Vote Will Always Count August 5th, 2016 / by Tom Krazit This week, we'll talk about the scary possibility of a hacked election, how Okta's Todd McKinnon has put his company in a very interesting position, and another small step for quantum computing. BIG PICTURE As if this election year wasn't disconcerting enough, some U.S. government officials think it could be the first election (that we know of, anyway) in which hackers might attempt to influence the outcome. We talked about the hubbub surrounding the Democratic National Convention last week, and the U.S. government still has yet to officially comment on whether or not it believes Russia was behind the theft of thousands of emails from Democratic National Committee staffers. But as reported by Buzzfeed, Homeland Security Secretary Jeh Johnson said this week that his agency is also looking into ways to secure the electronic voting machines used in many precincts around the U.S. He's wondering if voting machines should be considered critical infrastructure, the same way we think about the electrical grid or the interstate highway system. None of the steps Johnson is considering will happen this year. For one thing, the election is just three months away, and nationalizing our voting infrastructure is a project that could take years assuming it can overcome what is likely to be fierce opposition from some states and local communities, which generally have oversight over voting methods. Yet it seems pretty obvious that there are some parties out in the world that would love to exploit electronic voting machines. Think past the shadowy quasi-national hacking groups looking to overturn the world order; what about individuals or corporations that want to influence a tax initiative in their state or county? Or ballot propositions in states like California, which have enormous ramifications depending on their outcome? By next week we'll probably get a better sense of what the security community is thinking with regards to security of voting machines and the general political-security climate, as soon as Black Hat and Defcon attendees purge the cigarette smoke and cocktails of a week in Las Vegas. And well be sure to ask Arlette Hart, CISO of the FBI, about the prospect of a very new type of election fraud at Structure Security this September. STRUCTURE NEWS OKTA CEO TODD MCKINNON IS BUILDING TOOLS THAT HELP SECURE THE CLOUD AND MOBILE REVOLUTIONS   Speaking of Structure Security, I got a chance this week to sit down with Okta CEO Todd McKinnon (pictured), who will be speaking at the event in San Francisco. After a tepid 18 months or so for tech IPOs, Okta is widely believed to be preparing for such an event this fall. McKinnon, of course, didnt want to get into that for some reason, but he did share some interesting details about the insights that led him to found the company in 2009 to help CIOs secure and manage the growing list of cloud and mobile applications being used by their employees. Check out the post on our new Structure Events blog, where you'll find a lot of our new stuff over the next six months. Structure Security will take place September 27th and 28th at the Golden Gate Club in San Franciscos beautiful Presidio district. In addition to Hart and McKinnon, we've confirmed several other great speakers, including industry legend Art Coviello, formerly of RSA, and Adrian Ludwig, head of security for Google's Android operating system. More details on the show are available here, and you can register for tickets here. INDUSTRY NEWS MESOSPHERE'S CONTAINER 2.0 UNITES STATELESS AND STATEFUL WORKLOADS A week after the Apache Mesos project officially released Mesos 1.0, Mesosphere is already planning for Container 2.0. The company is working with Confluent and Datastax -- the maintainers of Kafka and Cassandra, respectively -- to let Mesosphere users orchestrate multiple workloads in ways it says are more efficient, as analyzed by The New Stack. ATTIC LABS RAISES $8.1 MILLION TO PUSH ITS NOMS OPEN SOURCE DATABASE Maybe it's a little too simple to call it a Github for data, but Attic Labs has developed a new type of database that lets multiple people work on a shared data set in new ways, according to Venturebeat. The company, founded by some of the people who created Googles Chrome browser, now has the backing from Greylock Ventures and others to tinker with what it thinks could be a breakthrough in data management. HACKER DUMPS SENSITIVE PATIENT DATA FROM OHIO UROLOGY CLINICS Its actually kind of amazing this doesnt happen more with medical records, but that's no consolation to the patients at several Ohio medical offices whose personal data was dumped on the internet by some jerk. Motherboard looks into the breach this week, which leaked personal health information alongside name and address data for no apparent reason. NEW ATTACK STEALS SSNS, E-MAIL ADDRESSES, AND MORE FROM HTTPS PAGES One of the first scary presentations out of Black Hat this week involves a vulnerability in HTTPS, which Google and others have been pushing everyone to adopt for security and encryption purposes. Ars Technica reports that the exploit, which has already been disclosed to Google and Microsoft, allows attackers to steal sensitive data from users of websites running HTTPS through malicious code running in an advertisement or on the page itself. APPLE ANNOUNCES LONG-AWAITED BUG BOUNTY PROGRAM Apple very rarely participates in industry-wide events like Black Hat, and even more rarely makes news in venues outside of its control. But it did both of those things in Las Vegas this week, announcing that it will pay up to $200,000 for the successful identification of flaws in iOS and other Apple products, according to Techcrunch.  RESEARCHERS UNVEIL WORLD'S FIRST PROGRAMMABLE QUANTUM PROCESSOR We've been tracking the slow-but-steady process of the tech industry's quest to develop a working quantum computer, and researchers from The University of Maryland appear to have made a huge breakthrough. Previous experiments with quantum computers required processors that had been given very specific instructions, but the demonstration of a programmable processor (under completely unrealistic operating conditions, to be sure) paves the way for quantum computers to process multiple algorithms, as reported by Silicon Angle. QUOTE OF THE WEEK Election security is now a national security issue; federal officials need to take the lead, and they need to do it quickly.” -- Bruce Schneier, security researcher     Learn how @Okta raised $200 million to beat legacy players to the punch @toddmckinnon https://t.co/iB4wHId9sh9:10AM Why does outside feedback make your engineering team stronger? @caseyjohnellis @Bugcrowd #structuresecurity https://t.co/iB4wHId9sh11:50AM With over a billion active users, what's the current and future state of @Android security? Adrian Ludwig @google https://t.co/iB4wHId9sh8:10AM   Click here to unsubscribe from this list. Our mailing address is: Structure 405 El Camino Real, #215 Menlo Park, CA 94025 Add us to your address book Copyright (C) 2016 Structure All rights reserved. Forward this email to a friend. Update your profile.