Vanessa Teague

@VTeagueAus

Cryptographer with a focus on privacy and election security CEO, Thinking Cybersecurity Associate Prof (Adj.) & virtual visitor She/her

Wurundjeri land (Melbourne).
Joined February 2013
135 Photos and videos Photos and videos

Tweets

You blocked @VTeagueAus

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @VTeagueAus

  1. Pinned Tweet
    Jan 1

    I'm kicking off 2021 by starting a conversation about how Aus could build better open government tech. Help me make a plan We can borrow some ideas from @noneuclideangrl Who else is in?

    12 replies . 71 retweets 116 likes
    Show this thread
    Show this thread
    Undo
  2. 22 hours ago

    and asked him nicely whether everyone else can see his letter too. (Transparency is a big theme.)

    1 retweet 6 likes
    Show this thread
    Show this thread
    Undo
  3. 23 hours ago

    So I asked the commissioner to clarify.

    1 reply . 2 retweets 7 likes
    Show this thread
    Show this thread
    Undo
  4. 23 hours ago

    Update: I just received an email from , in which they decline to acknowledge that their tiebreaking bug is a bug, without explicitly saying whether they will fix it or not. Decide for yourself by examining our code and report:

    1 reply . 2 retweets 5 likes
    Show this thread
    Show this thread
    Undo
  5. 24 hours ago

    8/8: Open scrutiny & post-election audits are a positive way of improving public trust. It's not a partisan issue - it deserves everyone's support. (e.g. this bill from ) Public trust in Aus elections should be supported by evidence.

    2 replies . 4 retweets 9 likes
    Show this thread
    Show this thread
    Undo
  6. 24 hours ago

    7/8: We need a rigorous, open, public audit of a random sample of paper ballots against the digitized preferences, to show everyone that the votes are accurately recorded. This would improve, not undermine, public confidence in the process.

    1 reply . 6 retweets 8 likes
    Show this thread
    Show this thread
    Undo
  7. 24 hours ago

    6/8: My concern is the part of the software that digitizes our paper ballots - there's a serious risk that undetected bugs or security problems could cause discrepancies between the paper ballots and the electronic preferences. There is now no meaningful scrutiny of this process.

    1 reply . 1 retweet 6 likes
    Show this thread
    Show this thread
    Undo
  8. 24 hours ago

    5/8: Is this _general attitude_ a serious problem? Hugely. I can't believe that even some of our best Senators continue to express faith in secret software even after it has been demonstrated to be buggy. The real risk is in the parts of the system that are not scrutinisable.

    3 replies . 3 retweets 7 likes
    Show this thread
    Show this thread
    Undo
  9. 24 hours ago

    4/8: Is this _particular bug_ a serious problem? Not really - it's unlikely to change the outcome and, even if it did, it's in the part of the process that is amenable to independent double-checking: the part that runs the STV count to assign seats based on digitized preferences

    1 reply . 2 likes
    Show this thread
    Show this thread
    Undo
  10. 24 hours ago

    3/8: We told the Electoral Commissioner back in August but he hasn't yet had the time to reply. You can double-check our reasoning here and let us know if you think we've got it wrong.

    1 reply . 4 likes
    Show this thread
    Show this thread
    Undo
  11. 24 hours ago

    2/8: No software is perfect, including 's software - our submission explicitly referred to a bug Andrew Conway and I recently found in the way the Senate counting code breaks ties:

    1 reply . 1 retweet 8 likes
    Show this thread
    Show this thread
    Undo
  12. 24 hours ago

    1/8: Monday's Senate debate on Aus election security concerns me because of excessive faith in secret software. Demanding open scrutiny is a way of increasing public confidence, not undermining it. Sen Farrell is mistaken in the value he places on ASD's imprimatur.

    1 reply . 11 retweets 28 likes
    Show this thread
    Show this thread
    Undo
  13. Retweeted
    Oct 18
    Replying to

    The new certs implement the spec as expected, exactly what they said they were going to do a few weeks ago. A reduced version of this (i.e. without passport details, perhaps without embedded intermediary signing cert) would have been perfect for the domestic system.

    3 retweets 3 likes
    Undo
  14. Retweeted
    Oct 18

    Debate (unfinished) of the Commonwealth Electoral Amendment (Integrity of Elections) Bill 2021 yesterday 1/5

    Senate transcript for Monday 18 October 2021 published in full
    1 reply . 1 retweet 3 likes
    Show this thread
    Show this thread
    Undo
  15. Oct 17

    I almost admire the audacity of "our visible digital seal is world-leading", which translates to "for once, after a delay, under pressure, we implemented an open international standard instead of making up some other rubbish that didn't work." But truly I'm grateful.

    Australia’s international welcomed by digital security experts |
    4 replies . 26 retweets 73 likes
    Undo
  16. Retweeted
    Oct 17
    Replying to

    DFAT chose the ICAO standard. ICAO and EU were aware of each other’s efforts and were developed on a similar time-frame (EU may have been slightly earlier). Pic from For further confusion, IATA endorsed EU certificates in August:

    1 reply . 4 retweets 4 likes
    Undo
  17. Oct 14

    It was pretty sobering writing this with a bunch of Americans and UK/EU citizens, realising that when they write "In jurisdictions where bulk intercept is prohibited, bulk CSS must be prohibited as well," that no longer includes Aus for all practical purposes.

    A new white paper on the risks of client-side scanning, by Hal Abelson, , Josh Benaloh, , , Whit Diffie, Susan Landau, Peter Neumann, Ron Rivest, Jeff Schiller, , , and , and myself:
    1 reply . 8 retweets 36 likes
    Undo
  18. Retweeted
    Oct 14

    If you build it, they will come: a detailed analysis of the risks of client-side scanning, which the intelligence agencies are working hard to mandate

    1 reply . 42 retweets 65 likes
    Undo
  19. Retweeted
    Oct 14

    Don’t encode SSNs of people in the HTML of publicly available webpages. And if you do, don’t call the cops if someone notices and (quite responsibly) warns you.

    Through a multi-step process, an individual took the records of at least three educators, decoded the HTML source code, and viewed the SSN of those specific educators. We notified the Cole County prosecutor and the Highway Patrol’s Digital Forensic Unit will investigate.
    Show this thread
    42 replies . 376 retweets 2,168 likes
    Show this thread
    Show this thread
    Undo
  20. Retweeted
    Oct 14

    Strongly recommend this panel discussion on the effect of computing to and transitioning to post-quantum era. No need to have prior knowledge in the area. Incredible panel members: Julian Fay and Ron Steinfeld

    In celebration of Awareness Month, we're hosting a topical event on and supercharged . 📆 20 October 2021, 12:30PM (AEDT) 🔗 Join us to hear from an incredible panel!
    7 retweets 9 likes
    Undo
  21. Retweeted
    Oct 13

    The report (published today) of the Senate Committee that examined the Commonwealth Electoral Amendment (Integrity of Elections) Bill 2021

    1 reply . 2 retweets 8 likes
    Undo

@VTeagueAus hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·