Election Systems and Software is America's leading voting machine vendor, a category notorious for buggy, insecure software and rampant manufacturer misconduct. As the 2018 elections loom, voting machine companies are coming under scrutiny, and when veteran security reporter Kim Zetter asked them, on behalf of the New York Times, if their products shipped with backdoors allowing remote parties to access and alter them over the internet, they told her unequivocally that they did not engage in this practice.
Read the rest
Connecting voting machines to the internet is a terrible idea: the machines are already notoriously insecure, and once they're online, anyone, anywhere in the world becomes a potential attacker.
Read the rest
The Secure Elections Act is a bipartisan Senate bill with six co-sponsors that reads like a security researcher's wish-list for voting machine reforms. Specifically, it reads like Matt Blaze's wishlist, hewing closely to the excellent recommendations laid out in his testimony to the House of Representatives' Committee on Oversight and Government Reform Subcommittee on Information Technology and Subcommittee on Intergovernmental Affairs Hearing on Cybersecurity, recounting his experiences as a security researcher and as the founder of Defcon's Vote Hacking Village.
Read the rest
Georgia's voting machines are among the worst, most hackable in the nation, and that's why a "diverse group of election reform advocates" including the Coalition for Good Governance sued the state to purge its hoard of 27,000 AccuVote voting machines, whose defects were not patched though the state was warned of them six months prior to the election. Accuvote machines do not keep any kind of paper audit-tape that can be used to compare the electronic total to a hardcopy.
Read the rest
One of the highlights of this year's Defcon conference in Vegas was the Voting Machine Hacking Village, where security researchers tore apart the "secure" voting machines America trusts its democracy to. Read the rest
Former CIA director R. James Woolsey and legendary free software creator Brian "bash" Fox took to the New York Times's op-ed page to explain that proprietary software and voting machines don't mix, because unless anyone who wants to can audit the software that powers the nation's elections, exploitable bugs will lurk in them, ready to be used by bad guys to screw up the vote-count. Read the rest
Chris Msando is the Kenyan electoral commission IT manager who oversaw the country's computerized voting systems; now, just days before a hotly contested election, his body has been found in the Kikuyu area in Nairobi's outskirts, and the Independent Electoral and Boundaries Commission says he was tortured and murdered. Read the rest
The news of attempts by Russian hackers to compromise US voting systems will forever throw into question the results of close US elections -- but that's not just because voting machines are security tire-fires, it's because they're security tire-fires whose vote-counts cannot be audited. Read the rest
All of the GOP's bluster about election fraud couldn't save the budget for the Election Administration Commission, the federal agency that deals with software security risks in America's creating, Windows-2000-based voting machines. Read the rest
Alex Halderman has clarified his earlier remarks about the integrity of the Wisconsin election: in a nutshell: voting machine security sucks, hackers played an unprecedented role in this election; there are statistical irregularities in the votes recorded on software-based touchscreen machines and the votes registered with paper ballots counted by optical scanners, so why the hell wouldn't we check into this? Read the rest
University of Michigan prof J Alex Halderman (previously) is one of America's top experts on voting machine security (see this, for example), and he's issued a joint statement with voting-rights attorney John Bonifaz to the Clinton campaign, advising them to ask for a recount of the Wisconsin votes. Read the rest
It's been thirteen years since we started writing here about the shenanigans of the electronic voting machine industry, who were given a gift when, after the contested 2000 elections, Congress and the Supreme Court signaled that elections officials had to go and buy new machines. Read the rest
It's been more than 16 years since faulty voting machine technology called into question a US presidential election, and in the ensuing 1.6 decades, the voting machine industry has used bafflegab, intimidation and salesmanship to continue selling faulty goods, whose flaws surface with despressing regularity. Read the rest
Tagg Romney doesn't own Ohio's voting machines. And Joseph Lorenzo Hall, senior staff technologist at the Center for Democracy and Technology in D.C., says that a lot of the fears the public has about electronic voting are equally unfounded. The biggest thing to worry about, he tells The Awl's Maria Bustillos, is that we're so busy sending around email forwards about ostensible vast conspiracies that we're not paying enough attention to the very real security and tech problems that do exist in the voting system.
Read the rest
Maria Bustillos: I no longer know what to believe in media reports of electronic election tampering. What are professionals most worried about, at this point, in this election?
Joseph Lorenzo Hall: It's a very complex area and unfortunately one that lends itself to dearths of information and poor intuition… which is how Bello and Fitrakis get way out into left field. Extending email/fax voting to displaced NJ voters is making us very nervous… What I think we expect to see a lot of—and it's not as sexy as conspiracy theory—is the aging of this machinery, as much of it is 10- to 15-year-old computer equipment. Another not-so-sexy source of problems will be from newer online voter registration systems, an electronic version of pollbooks. We may see strange reports of people not being registered or being marked down as already voted. Much of that will seem to some like fraud, but it is more likely poorly checked voter registration rolls. People don't like having to cast provisional ballots, but they need to understand that if you're registered and at the right location, the ballot will count.