National: Voting machines touted as secure option are actually vulnerable to hacking, study finds | Joseph Marks/The Washington Post
New voting machines that hundreds of districts will use for the first time in 2020 don’t have enough safeguards against hacking by Russia and other U.S. adversaries, according to a study out this morning from researchers at the University of Michigan. The study marks the first major independent review of the machines called ballot-marking devices, or BMDs, which at least 18 percent of the country’s districts will use as their default voting machines in November. The results are a major blow for voting machine companies and election officials, who have touted BMDs as a secure option in the wake of Russia’s 2016 efforts to compromise U.S. election infrastructure. “The implication of our study is that it’s extremely unsafe [to use BMDs], especially in close elections,” Alex Halderman, a University of Michigan computer science professor and one of seven authors of the study, said in an interview. People who use BMDs cast their votes using a computer touch screen, but the machine spits out a paper record of those votes. That is usually used to tally the results and can be saved for audits that ensure votes were tallied correctly. The machines were touted by election officials as a compromise between paperless voting machines, which experts uniformly agree are far too vulnerable to hacking, and hand-marked paper ballots, which serious cybersecurity hawks favor but which can be tougher to tally and are inaccessible for many people with disabilities. But only a handful of people who vote on BMDs are likely to check that their votes were recorded accurately, the researchers found – meaning that if hackers succeed in altering even a small percentage of electronic votes, they might be able to change the outcome of a close election without being detected.