No, this isn’t a story about Donald Trump’s most recent comments on his election prospects, but rather the potential vulnerability of the electronic voting machines in use around many portions of the country. Sadly, this isn’t a new threat, but it’s also one which hasn’t generated much in the way of reform over the past four years. With the hacks of DNC computer systems (and likely Hillary Clinton’s email server as well) on everyone’s minds, at least some attention should be paid to the question of whether or not our E-voting systems are secure before we go to the polls in November. This report from Wired Magazine provides a worrying indication that we’re not even close to any reasonable level of comfort.
After the hanging chad debacle of 2000, the Help America Vote Act pushed many states into the electronic voting arena, but the new technology was rather raw and not heavily focused on security. And in many cases, that hasn’t changed at all since the initial installations.
“People weren’t thinking about voting system security or all the additional challenges that come with electronic voting systems,” says the Brennan Center’s Lawrence Norden. “Moving to electronic voting systems solved a lot of problems, but created a lot of new ones.”
The list of those problems is what you’d expect from any computer or, more specifically, any computer that’s a decade or older. Most of these machines are running Windows XP, for which Microsoft hasn’t released a security patch since April 2014. Though there’s no evidence of direct voting machine interference to date, researchers have demonstrated that many of them are susceptible to malware or, equally if not more alarming, a well-timed denial of service attack.
If you want a real world example of these vulnerabilities, look no further than Virginia, where they decertified thousands of WinVote machines just last year.
The extent of vulnerability isn’t just hypothetical; late last summer, Virginia decertified thousands of insecure WinVote machines. As one security researcher described it, “anyone within a half mile could have modified every vote, undetected” without “any technical expertise.” The vendor had gone out of business years prior.
The WinVote systems are an extreme case, but not an isolated one. Other voting machine models have potentially vulnerable wireless components; Virginia’s just the only one where a test proved how bad the situation was.
The technically interesting portion of the analysis is the conclusion that you really don’t need to be a computer genius capable of switching votes in an effort to change the election results in order to cause havoc. With systems still running on Windows XP (which hasn’t had a security update in years) how much geek expertise would you need to pull off a denial of service attack on a state’s voting system? Apparently there are more than a few 8th grade students out there who could manage the feat. Fortunately, only three states have purely electronic voting systems with no paper trail, but how much use is the existing paper trail for machines which generate or store a paper ballot?
Our voting machines here in New York have left me with my own suspicions since they first showed up. With our system, you fill out a paper ballot and then feed it into a scanner on the voting machine. If the device is unable to determine your choices (made by filling in ovals next to the printed choices) then it spits it out and asks you to try again. But if it accepts the ballot, there is a “chunk” sound and the ballot is swallowed. There is no indication provided to the voter confirming your choices. For all you know it registered every one of your selections incorrectly. Yes, there’s a paper ballot inside the machine which could be checked later, but they only spot check a handful of machines after the election has already been called. Unless the results are so wildly outside of the predicted norm that it’s unbelievable, those paper ballots will never be audited.
The system is flawed and open to mischief. And the real problem here may be that it could happen and we might never know about it because there’s simply no provision built in to process to ensure that it didn’t.