Last Sunday’s New York Times review section dismissed GOP presidential candidate Donald Trump’s contention that the election would be rigged if he didn’t win, but correctly noted results are subject to hackers.
Voting machines, especially those connected to the Internet, fall under a category of products called the Internet of Things (IoT); if you have a Nest thermostat in your home, you are a part of it. Each device has its own IP address. IoT is found in cars, homes, businesses, and government. With the right add, a person can control these devices via a smart phone from anywhere in the world.
And anything with it’s own IP address can be hacked. The Department of Homeland Security has announced plans to help states guard against election day hacking that might propel Donald Trump to the White House.
From NextGov.com, this:
Homeland Security Secretary Jeh Johnson has promised state election officials his department’s assistance addressing cybersecurity risks within each state’s election systems.
Johnson made the remarks in a conference call with representatives from National Association of Secretaries of State, U.S. Election Assistance Commission and representatives from various federal agencies, including the Justice Department and the National Institute of Standards and Technology.
In an Aug. 15 readout of the call published by DHS, Johnson encouraged state election officials to implement recommendations from NIST and other bodies, such as ensuring electronic voting machines are disconnected from the internet during voting. Johnson said DHS has been exploring whether to designate electoral systems as critical infrastructure—and thus elevating its priority for protecting—in its discussions.
From the NY Times story:
Voter fraud through impersonation or illegal voting is vanishingly rare in the United States, and rigging the election by tampering with voting machines would be nearly impossible. As President Obama pointed out in a news conference last week, where he called charges of electoral rigging “ridiculous,” states and cities set up voting systems, not the federal government. That’s true, and it means the voting machine landscape is a patchwork of different systems, which makes the election hard to manipulate in a coordinated way.
But it’s still a bleak landscape.
Over the years, the team at Princeton, cooperating with other researchers, has managed to disable and tamper with many direct recording electronic systems that use touch-screen computers without a verifiable paper trail.
The mere existence of this discussion is cause for alarm. The United States needs to return, as soon as possible, to a paper-based, auditable voting system in all jurisdictions that still use electronic-only, unverifiable voting machines.
In this case, though, we need to stick with methods that allow a paper trail that is verifiable after the election. No matter how you vote, there should be a tightly guarded paper record that can be used for audits, if not for the initial counting. This is not just because paper verification is more tamper-resistant than our insecure voting machines. Our elections need to be open to oversight without the need for voters to understand how encryption works. We can’t tell them to simply trust the experts, especially when people are deliberately sowing distrust.
There is another upside to relying on paper. Audits of such systems can require something else that, at first glance, seems like a hindrance: People need to show up to do them. As the “hanging chads” debacle in Florida demonstrated in the 2000 election, paper systems, too, can be badly designed. However, in a healthy democracy, requiring people to show up is a good thing.
There are already minefields ahead for this election. Georgia, for example, relies on electronic systems that leave no paper trail. The machines in Georgia are also quite old, and a Brennan Center for Justice report found that their software was “outdated” — primarily using operating systems like Windows 2000. This not only puts them at risk for crashes and lost votes, but also leaves them more vulnerable to hacking, as such older software no longer receives fixes for security flaws.
Since 1996, Georgia has voted for the Republican candidate in presidential elections, but this year a batch of recent polls have painted a tight race — with some polls even indicating that the Democratic nominee, Hillary Clinton, may have an edge. If the race is close, and the outcome questioned, voters in Georgia will have no means to audit the results. Other potential swing states, like Pennsylvania and North Carolina, also use electronic machines with no paper trail, at least in some counties. According to the nonprofit Verified Voting, people in at least a dozen states could encounter that same situation.
Let’s not forget the talented group of hackers from Russia, China, and North Korea and how they might impact election day.
But its clearly time for state governments to invest in better and encrypted voting machines that produce a paper ballot. Our democracy is far too important not to invest in this critical infrastructure for liberty.