Ever since the Supreme Court ordered the nation's voting authorities to get their act together in 2002 in the wake of Bush v Gore, tech companies have been flogging touchscreen voting machines to willing buyers across the country, while a cadre computer scientists trained in Ed Felten's labs at Princeton have shown again and again and again and again that these machines are absolutely unfit for purpose, are trivial to hack, and endanger the US election system.
Felten has moved on to the White House, where he's deputy CTO, while his grad students have fanned out across the country to take positions at some of America's top universities, where they and their students continue to mercilessly attack the unsound computers that America has put its democracy inside of.
Ben Wofford's comprehensive account of the war on shitty voting machines in Politico is by turns frightening and enraging, and even though the touchscreen voting era appears to finally be drawing to its inevitable close, the remaining machines in the field are, if anything, even more vulnerable to remote attacks, and, worryingly, many are clustered in hotly disputed districts in key battleground states for the 2016 presidential race.
It's not for lack of trying to raise alarms. Felten's team and proteges have gone to far as to meet mysterious whistleblowers in dark New York alleys to take receipt of smuggled-out voting machines to run tests on, and then produced some of the most mediagenic, easy-to-understand videos and articles detailing their findings that you could ask for.
Combine this indifference with North Korea's attack on Sony, China's attack on the Office of Personnel Management, and Russia's (presumptive) attack on the DNC, and you've got a situation where it's all-too-plausible that the coming election will be hacked, and where it's certain that any irregularities will be blamed on hackers, domestic and foreign.
After all, Virgina took 13 years to ditch its wifi-connected Winvote machines, whose crypto key is now known to be "abcde," and which runs a version of Windows that hasn't been updated since 2005. Jeremy Epstein, the whistleblower who fought for the machines' removal for all that time, says of the elections that were balloted on Winvote systems, "If these machines and elections weren’t hacked, it was only because no one tried."
To make things worse, many of the same vendors who denied, threatened, and obfuscated when caught selling defective voting machines are now trying to sell online voting systems that will have every problem of the worst voting machines, times a thousand.
The Princeton group has no shortage of things that keep them up at night. Among possible targets, foreign hackers could attack the state and county computers that aggregate the precinct totals on election night—machines that are technically supposed to remain non-networked, but that Appel thinks are likely connected to the Internet, even accidentally, from time to time. They could attack digitized voter registration databases—an increasingly utilized tool, especially in Ohio, where their problems are mounting—erasing voters’ names from the polls (a measure that would either cause voters to walk away, or overload the provisional ballot system). They could infect software at the point of development, writing malicious ballot definition files that companies distribute, or do the same on a software patch. They could FedEx false software to a county clerk’s office and, with the right letterhead and convincing cover letter, get it installed. If a county clerk has the wrong laptop connected to the Internet at the wrong time, that could be a wide enough entry window for an attack.
“No county clerk anywhere in the United States has the ability to defend themselves against advanced persistent threats,” Wallach tells me, using the parlance of industry for highly motivated hackers who “lay low and stick around for a while.” Wallach painted an unseemly picture, in which a seasoned cyber warrior overseas squared off against a septuagenarian volunteer. “In the same way,” continues Wallach, “you would not expect your local police department to be able to repel a foreign military power.”
In the academic research, hacks of the machines are far more pervasive; digitized voting registrations or tabulation software are not 10 years old and running on Windows 2000, unlike the machines. Still, they present risks of their own. “There are still plenty of computers involved” even without digital touch screens, says Appel. “Even with optical scan voting, it’s not just the voting machines themselves—it’s the desktop and laptop computers that election officials use to prepare the ballots, prepare the electronic files from the OpScan machines, panel voter registration, electronic poll books. And the computers that aggregate the results together from all of the optical scans.”
“If any of those get hacked, it could could significantly disrupt the election.”
The digital touch screens, even with voter verified paper trail, will still be pervasive this election; 28 states keep them in use to some degree, including Ohio and Florida, though increasingly in limited settings. Pam Smith, the director of Verified Voting—a group that tracks the use of voting equipment by precinct in granular detail—isn’t sure how many digital touch screens are left; no one I spoke with seemed to know. Nor is it clear where they’ll be deployed, a decision left up to county administrators. Smith confirms that after 2007, the number of states that adopted the machines plateaued, and has finally begun to shrink. The number of states using paperless touch screens—and nothing else—is five: South Carolina, Georgia, Louisiana, New Jersey and Delaware. But the number of states with a significant number of counties with the easily hacked machines is much larger, at 13, including Indiana, Virginia, and Pennsylvania. For hacking purposes, there’s little difference: In a close election, only a few precincts with paperless touch screens would be required to deflate vote totals, says Appel, even if the majority of counties are still in the Stone Age. Many of Felten’s mad-scientist experiments were designed to metastasize the nefarious code once it gained entry into a machine system.
How to Hack an Election in 7 Minutes
(via Memex 1.1)
(Image: Andrew Appel, by Alex Halderman)