Media Release: Verified Voting Outlines Steps Voters Can Take to Report Problems on Election Day

Recent reports of possible threats to voting systems and registration databases are alarming, but voters should not be deterred from voting this Election Day. Election officials at the state-level are more prepared for cybersecurity threats or problems with computers than they were two years ago.

“The only way to ensure your vote doesn’t count is if you don’t vote,” said Marian K. Schneider, president of Verified Voting.

Verified Voting urges voters who notice anything wrong with their voter registration or at their polling place to call the Election Protection Hotline: 866-OUR VOTE / 1-888-Ve-y-vota or check out 866OURVOTE.org. Voters should also report any problems to their local county board of elections or to the Secretary of State’s office or both. Doing so will allow officials to understand how widespread the issue is and assist in efforts to pinpoint the cause.

For statewide information about polling place equipment, please visit the Verifier.

Editorials: Voting Machines: What Could Possibly Go Wrong? | Jennifer Cohn/NYR Daily | The New York Review of Books

Since the 2016 election, there has been a good deal of commentary and reporting about the threats to American democracy from, on the one hand, Russian interference by Facebook and Twitterbot-distributed propaganda, and on the other, voter ID laws and other partisan voter suppression measures such as electoral roll purges. Both of these concerns are real and urgent, but there is a third, yet more sinister threat to the integrity of the November 6 elections: the vulnerability of the voting machines themselves. This potential weakness is critical because the entire system of our democracy depends on public trust—the belief that, however divided the country is and fiercely contested elections are, the result has integrity. Nothing is more insidious and corrosive than the idea that the tally of votes itself could be unreliable and exposed to fraud. 

National: How the Election Assistance Commission Came Not to Care So Much About Election Security | ProPublica

In a rush of preparation for this year’s midterm elections, scores of state and local governments have been working to safeguard their election systems from being hacked or otherwise compromised. At the same time, according to interviews with more than a dozen national, state and local election officials, the federal commission responsible for providing assistance to them has either been missing in action or working to thwart their efforts. The Election Assistance Commission has ceded its leadership role in providing security training, state and local officials say, forcing them to rely on the help of the U.S. Department of Homeland Security, which lacks the same level of experience in the issues confronting the country’s voting systems. One of the EAC’s commissioners has dismissed the threat of foreign governments undermining American elections in private meetings with state election officials, and often personally appealed to individual officials not to waste their time on the idea that election systems might be vulnerable to outside meddling.

National: New technologies could actually eliminate common voting controversies in the U.S. | Salon

As voting in 2018’s midterms ends on Tuesday, November 6, there will be contests with surprising results, races separated by the slimmest of margins, or even ties. How will voters know what to believe without falling prey to partisan angst and conspiracies? What if, as Dean Logan, Los Angeles County’s voting chief, retweeted this week, “the weakest link in election security is confidence”in the reported results? The factual answers lie in the voting system technology used and the transparency — or its lack — in the vote counting, count auditing and recount process. These steps all fall before outcomes are certified and the election is legally over. … In the past decade, two differing approaches to answering that question have emerged and evolved. The first to surface is what’s called a risk-limiting audit (RLA). Jerome Lovato, now an election technology specialist with the U.S. Election Assistance Commission, was present at the start of developing and implementing RLAs a decade ago when Colorado hired him to improve their audit process. Colorado had been sued for a lack of transparency surrounding its testing and certification after buying new machines in 2006. Back then, Colorado — like many states today — grabbed and examined hundreds of ballots after every election to see if they matched the announced winners.

National: Dozens of states tighten election security — by going back to paper | UPI

As key midterm elections approach, U.S. authorities are taking measures to make sure the balloting is secure and free of foreign influence. For years, a number of polling places have gone more high-tech with electronic voting machines. Fears about vulnerabilities in the systems, however, are turning eyes to a strikingly low-tech option — paper ballots. The United States largely moved away from paper ballots after the 2004 Help America Vote Act replaced lever and punch-card voting machines with Direct Recording Electronic, or DRE, systems. The reform was a direct result of the notoriously contested 2000 presidential election, which triggered weeks of recounts and multiple complaints about paper ballots in Florida. … The committee said many of the electronic voting systems are now outdated, and recommended all states go back to paper ballots — or, at least mandate that electronic machines produce a paper hard copy that can be audited.

National: Hackers are using malware to find vulnerabilities in U.S. swing states. Expect cyberattacks. | The Washington Post

The Pentagon has launched a preemptive strike against the Russian hackers who may have attacked the 2016 presidential election with social media influence campaigns. Numerous initiatives, including Harvard University’s Defending Digital Democracy Project, have educated officials on how to fortify elections against cyberattacks and encouraged social media companies to take down fake accounts. Despite these efforts, 67 percent of Americans consider that a foreign influence campaign, either by Russia or other governments, during the midterm elections is “very or somewhat” plausible. Their worry might have some basis. There’s another threat that few have worked to defend against: malware, or malicious software, designed to steal, deny or alter information. And our research strongly suggests that these attacks are underway in U.S. swing states, as we explain below.

National: Complaints Allege Cruz, Kemp Benefitting from Faulty Voting Machines That Change Dem Ballots to GOP | Law & Crime

Early voters submitting ballots for hotly contested races in Texas and Georgia claim that their states’ paperless voting machines are changing their votes for Democratic candidates to Republican, or deleting them altogether. According to Politico, individuals, as well as civil rights groups, have filed complaints alleging that glitches are resulting in votes for Republican Sen. Ted Cruz (R-Texas) instead of his Democratic challenger Beto O’Rourke. There have also been complaints that votes have gone to Georgia’s Republican candidate for governor, Brian Kemp, instead of his Democratic opponent Stacey Abrams. Voting technology experts have said that this is not the result of foul play, but outdated, faulty systems that don’t even leave a paper trail of what happened. Kemp, who is currently the Georgia Secretary of State, has resisted past calls for the state to change voting systems. His state has used the same system since 2002. Texas only uses electronic machines in some counties, but there have been reports of ballots that were intended to be “straight ticket” votes for one party were changed to the other party.

National: Voting Machine Manual Instructed Election Officials to Use Weak Passwords | Motherboard

States and counties have had two years since the 2016 presidential election to educate themselves about security best practices and to fix security vulnerabilities in their election systems and processes. But despite widespread concerns about election interference from state-sponsored hackers in Russia and elsewhere, apparently not everyone received the memo about security, or read it. An election security expert who has done risk-assessments in several states since 2016 recently found a reference manual that appears to have been created by one voting machine vendor for county election officials and that lists critical usernames and passwords for the vendor’s tabulation system. The passwords, including a system administrator and root password, are trivial and easy to crack, including one composed from the vendor’s name. And although the document indicates that customers will be prompted periodically by the system to change the passwords, the document instructs customers to re-use passwords in some cases—alternating between two of them—and in other cases to simply change a number appended to the end of some passwords to change them. Harri Hursti, founder of Nordic Innovation Labs and a longtime election security expert, told me he and his colleagues were conducting a risk-assessment in a county when they found the binder containing loose-leaf pages in an election office. The vendor, California-based Unisyn Voting Solutions, makes an optical-scan system called OpenElect Voting System for use in both precincts and central election offices.

National: How to Hack an Election | GQ

There is a voting machine in J. Alex Halderman’s office, not a particularly large one, just an oversize computer tablet set into a plastic frame balanced on tubular legs. But Halderman’s office isn’t especially large, either, so the machine takes up an inordinate, almost clumsy, amount of space. The machine is a Diebold AccuVote-TSX. In the jargon of election machinery, it is a DRE, which is short for direct recording electronic: Voters touch the screen to make their choices, which are then logged in the AccuVote’s memory. This is not exotic technology. DREs have been used in American elections for three decades, and the AccuVote and similar machines are being used in some 30 states this fall, when voters are determining, among other things, which party will control one or both houses of the United States Congress and whether there will be any reasonable checks on the current administration. Halderman got his AccuVote-TSX on eBay. It cost him $94.90 from a seller in North Canton, Ohio, who by last spring had sold at least 40 other used AccuVote-TSXs and had at least 10 more for sale (by the last week of October, he either had sold out or gone out of business, as his listing was gone). Because Halderman is a computer scientist at the University of Michigan, he programmed his AccuVote to tally a two-candidate election for “greatest university” between Michigan and, of course, Ohio State.

National: What to Do When Voting Machines Fail | Electronic Frontier Foundation

With Election Day just hours away, we are seeing reports across the country that electronic voting machines are already inaccurately recording votes and questions are being raised about potential foreign interference after 2016. While the responsibility to deal with these issues falls to state election officials, here is a quick guide for how to respond to some issues on Election Day, along with a handy resource from our friends at Verified Voting indicating what equipment is used in each polling place across the nation. 866-OUR-VOTE: If you experience voter machine glitches, see voters being turned away from the poll, or run into other issues, report them to the nonpartisan Election Protection network. This is the only way that we can spot patterns, put pressure on election officials to respond and, in the long run, make the case for paper ballots and risk limiting audits. Since the first electronic voting machines were introduced, security experts have warned that they pose a risk of interference or simple malfunction that cannot be easily detected or corrected. If someone hacks the machines, they hack the vote. If the machines fail, the vote is wrong. The fix is clear: all elections must include paper backups and a settled-on process for real risk limiting audits. If voting machines are down, you should ask for an emergency paper ballot. Do not simply accept that you cannot vote—broken machines should not result in disenfranchisement.

National: The cyber-hardened voting booth | The Fifth Domian

Protecting our elections from cyber meddling is a long-term effort; there is no silver-bullet answer. Yet the security of the 2018 midterm elections has practically made more headlines than the candidates have. A report from the the Center for Strategic and International Studies, in partnership with Raytheon, found that since the 2016 elections, 40 states have invested more than $75 million to improve election security. The center compiled the report from multiple sources and a survey it conducted with its network of cybersecurity experts. Robert “Bob” Kolasky, National Risk Management Center director at the Department of Homeland Security, expressed his confidence in the security of our election systems at an event ahead of the midterms elections. The event was hosted by CSIS on Oct. 30, in Washington, D.C.

National: U.S. Girds for Possible Russian Meddling on Election Day | Wall Street Journal

Two years ago, Rob Silvers arrived at a nondescript federal building in the Virginia suburbs of Washington on election day, afraid America was about to be hit by a catastrophic cyberattack. An alleged Russian operation to hack Democratic emails and peddle divisive disinformation was months in the making; election systems across the country had been probed by suspected Russian hackers; and one state—Illinois—had seen its voter registration database breached. “There was no playbook,” said Mr. Silvers, then a senior official at the Department of Homeland Security, now a partner at the law firm Paul Hastings. “We were writing the playbook as we were executing it.“ His worst fears never materialized, but Russia’s alleged actions convinced officials that cybersecurity would be a critical aspect of any future election. This year, voters will be casting ballots in what experts say will be the most secure U.S. election since the birth of the internet, thanks to steps taken since 2016. “States all across the country are more prepared,” said Wayne Williams, the Republican secretary of state of Colorado, who has been among the most active in adopting electoral cybersecurity measures.

National: Legal fights over voting rights tighten already-close races | The Hill

Legal battles over voting laws are poised to play a decisive role Tuesday in some states with tight races. Controversial statutes in Arizona and North Dakota have been challenged in federal court in recent months, with judges handing down rulings that are expected to keep thousands of voters from casting a ballot on Election Day. And while voting rights groups were able to get relief for Georgia voters in high-profile disputes over the state’s “exact match” registration verification process, the courtroom drama has catapulted a hotly contested gubernatorial race into the national spotlight. If elected, Stacey Abrams (D) would become the first black female governor in U.S. history. Edward Foley, director of the Election Law program at Ohio State University’s Moritz College of Law, said voting procedures perceived to be hostile to minority voters have backfired in the past. “It can actually increase turnout among groups that are purportedly targeted,” he said.

Arizona: Why new technology at polling sites could be a blessing or a curse this Election Day | Arizona Republic

Experts warn new technology intended to make voting on Election Day faster and easier also comes with new risks that could contribute to the problems it was intended to solve. And some of those experts say the Maricopa County Recorder’s Office hasn’t demonstrated it’s prepared for the myriad things that can go wrong. “Every other jurisdiction that I know of, except for Maricopa it sounds like, has a backup plan … to make sure you’re not just turning voters away or making them stand in line until you figure out what the technical problem is,” said Joe Hall, chief technologist at the Center for Democracy and Technology. “It sounds like (the recorder’s office) isn’t doing the right kind of contingency planning.” The recorder’s office has come under scrutiny since August’s primary election when 62 voting centers failed to open on time because the machines used to check in voters at the polling sites, known as electronic “SiteBooks,” hadn’t been set up.

District of Columbia: DC files suit to get votes in Congress | WTOP

A lawsuit was filed Monday on behalf of D.C. residents in a new bid to put legal pressure on Congress to give the District of Columbia full voting rights and representation on Capitol Hill. As millions of Americans head to the polls on Tuesday, advocates pointed out that District residents are still not able to cast votes for both a Senator and member of the House of Representatives. “This lawsuit says that it’s not just unfair and un-American, but it’s unconstitutional that people who live in the District of Columbia do not have the vote,” said Walter Smith, executive director of the DC Appleseed Center for Law & Justice. “It’s time to fix that.”

Georgia: Brian Kemp under scrutiny after announcing probe of Democrats | Atlanta Journal-Constitution

Secretary of State Brian Kemp has had two roles this year: Running Georgia’s elections and running for governor of the state. Democrats, including former President Jimmy Carter, have called on him to step aside, warning repeatedly of potential conflicts of interest. Kemp is now facing renewed scrutiny after his office announced Sunday — without providing evidence and doing so just hours before Election Day — that it is investigating the Georgia Democratic Party for an alleged hack of the state’s voter registration system. The move to publicly disclose the probe appeared to break with tradition in the office, which oversees voting integrity, as it differed from how Kemp’s team handled an earlier cyber breach at Kennesaw State University. Edgardo Cortés, Virginia’s former elections commissioner, called Sunday’s announcement “bizarre” and said the timing of it is “problematic,” adding he wouldn’t have done it had he been in Kemp’s shoes. Such public statements, Cortés said, could depress voter turnout by making people question the reliability of the election system.

Georgia: Brian Kemp Was Warned of a Cyber Vulnerability. He Weaponized It—Again | Route Fifty

Georgia Secretary of State and Republican gubernatorial nominee Brian Kemp’s office seems to have a cybersecurity problem. With less than 48 hours before voters go to the polls in Georgia, Kemp announced his office was investigating the Georgia Democratic Party for an alleged failed hack of the secretary of state’s voting website. The leader of an organization that claims to have disclosed these cyber vulnerabilities to his office says the blaming of his political opponents is both “fabricated and preposterous.” It is part of a pattern of Kemp not securing voting systems, then politicizing and weaponizing his cybersecurity vulnerabilities against those who report them. … The organizations that received the information about the alleged problems are among those suing the secretary of state for the high rate of rejections of absentee mail ballots in Georgia, as well as the Democratic Party. Marks told Route Fifty the organizations had six cybersecurity experts of “national preeminence” in the computer science world review the data. All of them came to the same conclusion that the vulnerability was real and significant. “The experts who did look at it immediately recognized the problem with a quick look and realized delving in further could be problematic from a legal standpoint,” Marks said. “And these aren’t people that come at this from a political standpoint, they’re scientists.”

Georgia: Election observers looking out for problems in Georgia | Atlanta Journal-Constitution

Georgia’s high-profile election on Tuesday will be closely watched — not just to see who wins, but to ensure that voters’ rights are protected and their ballots are counted. Election observers from several nonprofits are fanning out across the state to assist voters and report problems with long lines, voter registration and the state’s 16-year-old electronic voting machines. Well over 1 million voters are expected to cast ballots at their local precincts on Election Day, building on the 2.1 million voters who already participated in early voting over the past three weeks — a record number for a midterm election year. Voters are motivated to decide the race at the top of the ballot for governor between Democrat Stacey Abrams and Republican Brian Kemp. Voters should be prepared by checking their registration information online at www.mvp.sos.ga.gov, verifying their precinct locations and bringing photo ID to the polls, according to organizations promoting voting rights.

Editorials: Brian Kemp, if you’re running in an election, you shouldn’t be running the election | Joshua Douglas/CNN

American democracy is exceptional for many reasons. One of the most concerning but least understood is that partisan, elected officials run our elections. Instead of having nonpartisan, professional election administrators — the norm in most other democracies — self-interested politicians dictate the rules of the game. Elections should be won on ideas, not election rules. Having election officials dictate the rules for the very elections where they are on the ballot is like allowing an umpire in a baseball game to hit cleanup for his or her preferred team while also calling balls and strikes. Three secretaries of state are running for higher office this year while still administering the elections where they appear on the ballot. Republican Brian Kemp of Georgia and Republican Kris Kobach of Kansas are both running for governor in their respective states while also serving as secretary of state. Ohio Secretary of State Republican Jon Husted of Ohio is running for lieutenant governor. These officials have used their offices to promulgate rules that could affect their elections.

North Dakota: Federal judge rejects lawsuit, lets North Dakota disenfranchise Native American voters | Salon

federal judge has rejected a North Dakota tribe’s emergency motion to stop a voter ID law that it argued disproportionately affects Native Americans in Tuesday’s midterm elections. “The federal courts are unanimous in their judgment that it is highly important to preserve the status quo when elections are fast approaching,” U.S. District Judge Daniel Hovland wrote in his order. The judge said the lawsuit by the Spirit Lake Tribe gives “great cause for concern” and will need a “a detailed response from the Secretary of State as this case proceeds,” but decided that “a further injunction on the eve of the election will create as much confusion as it will alleviate, and is foreclosed by precedent which is hesitant to permit ‘eleventh-hour changes to election laws.’” The Spirit Lake Tribe sued to block the state from enforcing a voter ID law that they argued would disenfranchise hundreds if not thousands of Native Americans ahead of next week’s elections. The law requires all voters to present an ID with their street address, but many Native Americans who live on reservations do not have traditional street addresses and rely on post office box addresses.

Editorials: A Slow-Motion Coup in Tennessee | Margaret Renkl/The New York Times

Emblazoned on the front page of the website for Vote.org, which was founded in 2008 to increase voter turnout, there’s a quotation from Ronald Reagan: “For this Nation to remain true to its principles, we cannot allow any American’s vote to be denied, diluted, or defiled. The right to vote is the crown jewel of American liberties, and we will not see its luster diminished.” The Party of Reagan no longer shares this particular ideal, at least not here in the South. In Tennessee, transparent voter suppression efforts have included an array of tactics: Confiscating the driver’s licenses of citizens who can’t afford to pay traffic fines. This onerous law prevents the impoverished not only from voting but also from working — 93.4 percent of working Tennesseans need cars to get to their jobs — and being unable to work prevents them from paying their fines. “Since 2012, at least 250,000 driver’s licenses have been suspended for nonpayment of traffic fines and costs,” according to a class-action lawsuit filed against the state. Last month, a federal judge issued a preliminary injunction in the case, ordering Tennessee to stop the practice of revoking licenses and requiring the state to allow people to apply to get their licenses back. The state is appealing the decision.

Afghanistan: More than 50 people killed during Afghanistan elections: UN | Al Jazeera

The number of civilians harmed in last month’s parliamentary elections was higher than in four previous elections in Afghanistan, the United Nations Assistance Mission in Afghanistan said in a report. At least 435 civilian casualties were recorded, out of which 56 people were killed and 379 wounded, on election day on October 20, and during days when delayed polling was conducted in some provinces. The numbers do not include casualties from attacks during the three-week election campaign. “This report documents grave concerns over the organised campaign of numerous attacks by anti-government elements, mainly Taliban, directed at civilian objects and in civilian populated areas during the elections, including attacks against schools used as polling centres,” the report said. 

Australia: Minority government confirmed as critical by-election result announced | Reuters

Australia’s conservative government has lost its parliamentary majority after an independent candidate was on Monday confirmed the winner in a critical by-election. Voters in the wealthy seaside constituency of Wentworth, in Sydney’s east, went to the polls on Oct 20 to chose a replacement for former prime minister Malcolm Turnbull, who quit politics in August after he was ousted by his own party. Widespread voter anger at Turnbull’s demise saw the ruling Liberal party hemorrhage votes, though the race narrowed to come down to a several thousand postal votes.

Madagascar: Ex-rulers favourites in Madagascar’s high-stakes election | AFP

Madagascar votes on Wednesday in a high-stakes election with three ex-presidents the front-runners to lead the large Indian Ocean island rocked by tensions earlier this year. Attempts by the most recent president, Hery Rajaonarimampianina, to change electoral laws backfired and sparked nearly three months of protests in the capital Antananarivo. The demonstrations forced Rajaonarimampianina to accept a “consensus” government tasked with organising the election in the poor country with a history of coups and civil unrest.

Switzerland: Flaw reported in Switzerland’s biggest e-voting system | SWI

A hacker claims to have discovered an important weakness in canton Geneva’s e-voting system to attacks that could redirect online voters to malicious websites. The canton says it is aware of the issue and introduced countermeasures years ago.  Last week, Volker Birk of the Chaos Computer Club Switzerland said he had discovered that the Geneva online voting system – the biggest in Switzerland – uses an insecure procedure to protect its web address. Birk told Swiss public television, SRF, that it took only a few minutes to discover the system’s weakness to so-called DNS cache poisoning – an attack that exploits vulnerabilities in the domain name to divert internet traffic away from legitimate servers and towards fake ones. He added that the problem had been known for decades. In a public statement on Saturdayexternal link, canton Geneva said it had been informed by SRF about the fake site, which it admitted “did not allow people to vote electronically”. 

United Kingdom: The 8 million pound hole in Brexit: smoking gun or damp squib? | Reuters

Britain’s serious crime agency has started an investigation into Brexit backer Arron Banks over the source of 8 million pounds ($10.4 million) in loans to groups including Leave.EU which campaigned to leave the European Union. Banks has said the investigation is part of an attempt to undermine Brexit. He has repeatedly insisted that the money came from him and that no Russian funding was involved. But if criminal offences or foreign funding are proven, that could cast doubt on the legitimacy of the whole Brexit vote. The groups that received the loans ran emotive publicity campaigns to persuade people to vote to leave the EU – and the final result was close. In the June 23, 2016 referendum, 17.4 million voters, or 51.9 percent, backed Brexit while 16.1 million, or 48.1 percent, backed staying in the bloc. The focus is 8 million pounds in loans provided to Leave.EU and Better for the Country Limited (BFTC), which Banks controls and which ran Leave.EU’s campaign.