In 2009 a NJ judge banned hooking up voting machines to the internet, but that's exactly how ES&S's "airgapped" machines work

Connecting voting machines to the internet is a terrible idea: the machines are already notoriously insecure, and once they're online, anyone, anywhere in the world becomes a potential attacker. Read the rest

A bipartisan, GOP-led voting machine security bill that would actually fix vulnerabilities in US elections

The Secure Elections Act is a bipartisan Senate bill with six co-sponsors that reads like a security researcher's wish-list for voting machine reforms. Specifically, it reads like Matt Blaze's wishlist, hewing closely to the excellent recommendations laid out in his testimony to the House of Representatives' Committee on Oversight and Government Reform Subcommittee on Information Technology and Subcommittee on Intergovernmental Affairs Hearing on Cybersecurity, recounting his experiences as a security researcher and as the founder of Defcon's Vote Hacking Village. Read the rest

Someone wiped a key server in Georgia right after voters filed a lawsuit over insecure voting-machines

Georgia's voting machines are among the worst, most hackable in the nation, and that's why a "diverse group of election reform advocates" including the Coalition for Good Governance sued the state to purge its hoard of 27,000 AccuVote voting machines, whose defects were not patched though the state was warned of them six months prior to the election. Accuvote machines do not keep any kind of paper audit-tape that can be used to compare the electronic total to a hardcopy. Read the rest

How do you dump the firmware from a "secure" voting machine? With a $15 open source hardware board

One of the highlights of this year's Defcon conference in Vegas was the Voting Machine Hacking Village, where security researchers tore apart the "secure" voting machines America trusts its democracy to. Read the rest

Former CIA director: secure US elections with open-source voting machines

Former CIA director R. James Woolsey and legendary free software creator Brian "bash" Fox took to the New York Times's op-ed page to explain that proprietary software and voting machines don't mix, because unless anyone who wants to can audit the software that powers the nation's elections, exploitable bugs will lurk in them, ready to be used by bad guys to screw up the vote-count. Read the rest

Days before elections, the official in charge of Kenya's voting machines has been tortured and murdered

Chris Msando is the Kenyan electoral commission IT manager who oversaw the country's computerized voting systems; now, just days before a hotly contested election, his body has been found in the Kikuyu area in Nairobi's outskirts, and the Independent Electoral and Boundaries Commission says he was tortured and murdered. Read the rest

What's worse than shitty, hacked voting machines? Unauditable, shitty voting machines

The news of attempts by Russian hackers to compromise US voting systems will forever throw into question the results of close US elections -- but that's not just because voting machines are security tire-fires, it's because they're security tire-fires whose vote-counts cannot be audited. Read the rest

House Republicans just voted to defund the agency that fights election hacking

All of the GOP's bluster about election fraud couldn't save the budget for the Election Administration Commission, the federal agency that deals with software security risks in America's creating, Windows-2000-based voting machines. Read the rest

Alex Halderman: we will never know if the Wisconsin vote was hacked unless we check now

Alex Halderman has clarified his earlier remarks about the integrity of the Wisconsin election: in a nutshell: voting machine security sucks, hackers played an unprecedented role in this election; there are statistical irregularities in the votes recorded on software-based touchscreen machines and the votes registered with paper ballots counted by optical scanners, so why the hell wouldn't we check into this? Read the rest

Wisconsin: America's top voting-machine security expert says count was irregular; Fed judge says gerrymandering was unconstitutional

University of Michigan prof J Alex Halderman (previously) is one of America's top experts on voting machine security (see this, for example), and he's issued a joint statement with voting-rights attorney John Bonifaz to the Clinton campaign, advising them to ask for a recount of the Wisconsin votes. Read the rest

Electronic voting machines suck, the comprehensive 2016 election edition

It's been thirteen years since we started writing here about the shenanigans of the electronic voting machine industry, who were given a gift when, after the contested 2000 elections, Congress and the Supreme Court signaled that elections officials had to go and buy new machines. Read the rest

Russia and other states could hack the US election by attacking voting machines

It's been more than 16 years since faulty voting machine technology called into question a US presidential election, and in the ensuing 1.6 decades, the voting machine industry has used bafflegab, intimidation and salesmanship to continue selling faulty goods, whose flaws surface with despressing regularity. Read the rest

Voting expert tells The Awl: There are reasons to be concerned about voting machines, but vast conspiracies aren't one of them

Tagg Romney doesn't own Ohio's voting machines. And Joseph Lorenzo Hall, senior staff technologist at the Center for Democracy and Technology in D.C., says that a lot of the fears the public has about electronic voting are equally unfounded. The biggest thing to worry about, he tells The Awl's Maria Bustillos, is that we're so busy sending around email forwards about ostensible vast conspiracies that we're not paying enough attention to the very real security and tech problems that do exist in the voting system.

Maria Bustillos: I no longer know what to believe in media reports of electronic election tampering. What are professionals most worried about, at this point, in this election?

Joseph Lorenzo Hall: It's a very complex area and unfortunately one that lends itself to dearths of information and poor intuition… which is how Bello and Fitrakis get way out into left field. Extending email/fax voting to displaced NJ voters is making us very nervous… What I think we expect to see a lot of—and it's not as sexy as conspiracy theory—is the aging of this machinery, as much of it is 10- to 15-year-old computer equipment. Another not-so-sexy source of problems will be from newer online voter registration systems, an electronic version of pollbooks. We may see strange reports of people not being registered or being marked down as already voted. Much of that will seem to some like fraud, but it is more likely poorly checked voter registration rolls. People don't like having to cast provisional ballots, but they need to understand that if you're registered and at the right location, the ballot will count.

Read the rest