The University of Pennsylvania's Matt Blaze (previously) is a legendary figure in cryptography and security circles; most recently he convened Defcon's Vote Hacking Village where security experts with no particular knowledge of voting machines repeatedly, fatally hacked surplus voting machines of the sort routinely used in US elections.
Read the rest
Georgia's voting machines are among the worst, most hackable in the nation, and that's why a "diverse group of election reform advocates" including the Coalition for Good Governance sued the state to purge its hoard of 27,000 AccuVote voting machines, whose defects were not patched though the state was warned of them six months prior to the election. Accuvote machines do not keep any kind of paper audit-tape that can be used to compare the electronic total to a hardcopy.
Read the rest
Princeton computer scientist and former White House Deputy CTO Ed Felten (previously) writes about the security lessons of the 2016 election: first, that other nation-states are more aggressive than generally supposed, and second, that you don't need to hack the vote-totals to effect devastation on an adversary -- it's sufficient to undermine the election's legitimacy by messing with voter rolls, "so there is uncertainty about whether the correct people were allowed to vote." Read the rest
The news of attempts by Russian hackers to compromise US voting systems will forever throw into question the results of close US elections -- but that's not just because voting machines are security tire-fires, it's because they're security tire-fires whose vote-counts cannot be audited. Read the rest
It's been thirteen years since we started writing here about the shenanigans of the electronic voting machine industry, who were given a gift when, after the contested 2000 elections, Congress and the Supreme Court signaled that elections officials had to go and buy new machines. Read the rest
Ever since the Supreme Court ordered the nation's voting authorities to get their act together in 2002 in the wake of Bush v Gore, tech companies have been flogging touchscreen voting machines to willing buyers across the country, while a cadre computer scientists trained in Ed Felten's labs at Princeton have shown again and again and again and again that these machines are absolutely unfit for purpose, are trivial to hack, and endanger the US election system. Read the rest
In this 20 minute video, Princeton computer science prof Andrew Appel lays out the problems with Internet-based voting in crisp, nontechnical language that anyone can understand. Read the rest
Republican Ohio Secretary of State Jon Husted has asked voting machine giant ES&S to install last-minute, unverified, custom firmware updates on the state's voting machines. This is highly irregular, and the details of it are shrouded in secrecy and silence -- the few, terse statements from Husted's office on the matter have been self-contradictory and unhelpful. On Salon, Brad Friedman tries to untangle the mess, and concludes that it's impossible to say what the new software in Ohio's voting machines actually does, nor why unaudited, unapproved software should be added to voting machines in a critical swing-state at the last minute, but that it's highly suspicious and possibly illegal.
Read the rest
I’d like to have been able to learn much more before running anything on this at all, frankly. But the lack of time between now and Tuesday’s election — in which Ohio’s results are universally believed to be key to determining the next president of the United States — preclude that.
So, based on the information I’ve been able to glean so far, allow me to try to explain, in as simple terms as I can, what we currently know and what we don’t, and what the serious concerns are all about.
And, just to pre-respond to those supposed journalists who have shown a proclivity for reading comprehension issues, let me be clear: No, this does not mean I am charging that there is a conspiracy to rig or steal the Ohio election. While there certainly could be, if there is, I don’t know about it, nor am I charging there is any such conspiracy at this time.