National: What if: Hacks, email leaks could sway election weeks away | Associated Press

Brace for a stream of digital leaks and shenanigans by Election Day. Whether it’s newly disclosed Democratic Party emails or someone tampering with voting machines, this year’s presidential election could come with hacking intrigue like none before it. Consider messages stolen from the Democrats by suspected Russian-linked hackers and posted online in the summer by the self-described…

National: Security Experts Voice Fears About Election Result Accuracy, Integrity | eWeek

The U.S. election system will likely face a significant trial this year, thanks to a summer of startling revelations including nation-state-linked attacks targeting the Democratic National Committee and state voter databases, along with a statement of no-confidence by the Republican nominee. The result has been a slew of media stories positing how the election could be hacked. The ongoing cyber-attacks and raised doubts will put states’ choice of voting technology under the microscope, with a focus on the security of voting systems and the ability to audit the results produced by those balloting systems, according to election security experts. Unfortunately, while all but five states now have at least some systems with a verifiable paper trail, more than half do not have meaningful post-election audits, according to Verified Voting, a group focused on improving election-system integrity and accuracy. “We would like to see post-election audits everywhere,” Pamela Smith, director of the group, told eWEEK. “There is actual research showing that being able to conduct a robust audit in a public way brings confidence in the election. A voter-verifiable paper ballot is a tool to instill confidence that the election has come to true result.”

National: Hackers hit Arizona, Illinois voter databases | USA Today

A suspected Russian hacker probed a voter registration database in Arizona and another unidentified attacker gained entry to one in Illinois this summer, election officials said, prompting the FBI to warn states their election boards should conduct vulnerability scans. The systems that count votes in elections were not compromised, officials said, and the hacks don’t appear to be politically motivated. Still, the breaches add to concerns such attacks could exploit the personal data of millions of voters for monetary or political gain. Those worries have been running high after July reports that the Democratic National Committee’s email system had been hacked, a breach U.S. intelligence officials believe was perpetrated by the Russian government. “We’re all very aware that it’s less than 80 days before an important election,” said Pamela Smith with Verified Voting, a non-partisan, non-profit organization that advocates for election transparency.

National: Hacks of state voting systems reveal US vulnerabilities in 2016 | CS Monitor

Soon after the 2000 presidential elections went to a recount, Americans got acquainted with an exotic new vocabulary – hanging chads and butterfly ballots – and what lawmakers saw as a modern solution to the nightmare of punchcard voting systems: electronic voting machines. In 2002, Congress passed the Help America Vote Act, pouring nearly $3 billion into an effort to get states to adopt those machines. More than a decade and a half later, those same electronic machines are still around in many states. And the system arising from the 2002 congressional fix is now at the heart of growing concerns over the integrity of this year’s elections, with cybersecurity experts suggesting that it is an easy target for hackers. Federal authorities are beginning to get involved. But the best insurance for election integrity – a system that uses paper to back up electronic results – may require new federal funding. Not all of the country is on equally precarious footing. Partly because of bad experiences with glitches in electronic voting machines, some localities have been shifting in recent years toward paper-backed systems.

National: Did Russia really hack U.S. election systems? | Foreign Policy

When an FBI alert to state election authorities warning them of hacking leaked to the media this week, the result was one of studied panic. Two voter registration databases in Arizona and Illinois had been penetrated, and some experts saw it as confirmation that Russia had escalated its campaign of hacking U.S. political organizations. Russian President Vladimir Putin just “unleashed the hounds” on the U.S. election system, one industry executive declared. So far, there is scant evidence that hackers working on behalf of Russian intelligence penetrated two fairly inconsequential voter databases in Arizona and Illinois. The FBI told election authorities in Arizona that Russian hackers were responsible for stealing a set of user credentials but provided no details about whether it was a criminal or state-sponsored group. In a letter to the FBI on Monday, Senate Minority Leader Harry Reid asked the bureau to investigate whether Russia is attempting to manipulate results of November’s elections. Russian efforts to do so are “more extensive than is widely known and may include the intent to falsify official election results,” he wrote.

National: Analysis: Could hackers tip an American election? You bet | Chicago Tribune

Reports this week of Russian intrusions into U.S. election systems have startled many voters, but computer experts are not surprised. They have long warned that Americans vote in a way that’s so insecure that hackers could change the outcome of races at the local, state and even national level. Multibillion-dollar investments in better election technology after the troubled 2000 presidential election count prompted widespread abandonment of flawed paper-based systems, such as punch ballots. But the rush to embrace electronic voting technology – and leave old-fashioned paper tallies behind – created new sets of vulnerabilities that have taken years to fix. “There are computers used in all points of the election process, and they can all be hacked,” said Princeton computer scientist Andrew Appel, an expert in voting technologies. “So we should work at all points in that system to see how we make them trustworthy even if they do get hacked.”

National: FBI says foreign hackers penetrated state election systems | Yahoo

The FBI has uncovered evidence that foreign hackers penetrated two state election databases in recent weeks, prompting the bureau to warn election officials across the country to take new steps to enhance the security of their computer systems, according to federal and state law enforcement officials. The FBI warning, contained in a “flash” alert from the FBI’s Cyber Division, a copy of which was obtained by Yahoo News, comes amid heightened concerns among U.S. intelligence officials about the possibility of cyberintrusions, potentially by Russian state-sponsored hackers, aimed at disrupting the November elections. Those concerns prompted Homeland Security Secretary Jeh Johnson to convene a conference call with state election officials on Aug. 15, in which he offered his department’s help to make state voting systems more secure, including providing federal cyber security experts to scan for vulnerabilities, according to a “readout” of the call released by the department.

National: Stealing Voter Files Was Shockingly Easy for These Hackers | The Daily Beast

The FBI says that computer hackers accessed, and in one case stole, voter registration files in two states, potentially compromising personal information and putting crucial election data at risk just three months before voters head to the polls. And if that weren’t unsettling enough, the techniques that the hackers used were neither sophisticated nor particularly hard to employ, proving that it’s not just high-end hackers from foreign governments, like the ones believed to be targeting U.S. political organizations, that elections officials need to worry about in the runup to November. “I don’t think anyone can assume that these vulnerabilities would be unique to these states,” Pamela Smith, the president of Verified Voting, a nonprofit group that advocates transparency and security in U.S. elections, told The Daily Beast. “This is a time when assuming is not the best thing to do.”

National: Two swing states decline DHS security for voting machines | The Hill

Two swing states, Pennsylvania and Georgia, are declining an offer from the Department of Homeland Security (DHS) to scan their voting systems ahead of the 2016 elections. In August, DHS offered to help states thwart potential hacking amid cybersecurity concerns about just how easily a U.S. election could be manipulated. Georgia and Pennsylvania, however, have opted out. Instead, the two states will rely on their own systems to monitor potential election hacking, reports NextGov. Georgia Secretary of State Brian Kemp cited state sovereignty concerns. “The question remains whether the federal government will subvert the Constitution to achieve the goal of federalizing elections under the guise of security,” he told Nextgov in an email. “Designating voting systems or any other election system as critical infrastructure would be a vast federal overreach, the cost of which would not equally improve the security of elections in the United States.”

National: Elections security: Federal help or power grab? | Politico

The federal government wants to help states keep hackers from manipulating the November election, amid growing fears that the U.S. political system is vulnerable. But Georgia’s top election official is balking at the offers of assistance — and accusing the Obama administration of using exaggerated warnings of cyberthreats to intrude on states’ authority. Georgia Secretary of State Brian Kemp’s objections add to a bumpy start for the Department of Homeland Security’s attempt to shore up safeguards for the election, during a summer when cyberattacks on the Democratic National Committee have called attention to weaknesses across the electoral system. Cybersecurity experts call tougher protections long overdue for parties, political advocacy groups and voting machinery, but DHS’ efforts risk becoming caught in the same partisan arguments about state sovereignty that have hung up programs such as President Barack Obama’s Medicaid expansion. “It seems like now it’s just the D.C. media and the bureaucrats, because of the DNC getting hacked — they now think our whole system is on the verge of disaster because some Russian’s going to tap into the voting system,” Kemp, a Republican, told POLITICO in an interview. “And that’s just not — I mean, anything is possible, but it is not probable at all, the way our systems are set up.”

National: Data Shows Trump’s Election-Rigging Claim is Unlikely | Government Technology

… At a campaign rally in Altoona, Pa., on Aug. 12 [Trump] alleged that a poor showing could only mean one thing: “The only way we can lose, in my opinion — I really mean this, Pennsylvania — is if cheating goes on. I really believe it.” Trump said, alluding to political subterfuge from the Clinton campaign. Since that rally, Trump has held to these assertions of foul play while his critics have cast them as highly dangerous for the democratic process. However, for those close to the matter — voting officials and voters’ rights groups — the conspiracy theory is a bit bewildering. Pamela Smith, the president of VerifiedVoting.org, is among these. Her organization — a nonpartisan voting advocacy, accountability and research group — has gained notoriety since it was founded in 2003 for its work tracking election tech, legislation and voting procedures. In this time, Smith said incidents of voter fraud and rigged elections have been nearly nonexistent. “It’s frustrating because I think a lot of people may get the mistaken impression that there are some major areas of vulnerability,“ Smith said. “But they may not be aware of things election officials do already, or the true scope of the issue.” A look at current and historical data, said Smith, indicates that the potential for cheating is uniquely limited. Voter ID fraud is nearly nonexistent; purchasing votes is too tricky to cover up, at least at a national or county level; and hacking voting machines and software is ineffectual since usage of the systems is low and controlled. “Because our elections are really decentralized, it’s also not like there’s a single point of vulnerability out of 9,000 jurisdictions we have in the U.S.,” Smith said.

National: There’s work to be done to make US elections secure — and it has nothing to do with voter ID | Public Radio International

Recently, Homeland Security Secretary Jeh Johnson said the government was considering classifying voting systems part of the nation’s “critical infrastructure,” a designation currently held by systems such as the electric grid and banking networks. The announcement comes on the heels of reports of a vast infiltration of Democratic Party servers. “Everything we know about voting machines — electronic ones, computerized ones, is they’re not very secure,” says tech security expert Bruce Schneier. “They are not tested, they are not designed rigorously and in many cases there’s no way to detect or recover from fraud. So there really is a disaster waiting to happen.” Aviel Rubin, a professor of computer science at the Johns Hopkins University, agrees. “Unfortunately, I think the thing that’s improved the most in the last 10 years is the sophistication of the hackers and the number of incidents that we see that are occurring daily. If you look at the news you see that ransomware is becoming pretty common,” Rubin says. “The big change that I’ve seen has been just how sophisticated the hackers are today. And they’re sponsored by countries like Russia and China, which is a much more formidable adversary than we had in the past.”

Australia: Victorian Parliamentary Inquiry into online voting to begin public hearings | news.com.au

Just weeks after the trouble-plagued first online Census, Victoria is pressing forward with public hearings to examine the effectiveness of electronic voting as part of a Parliamentary Inquiry into the matter. Beginning today, the Electoral Matters Committee will hear from electoral commissions, technology specialists and community advocacy groups. The inquiry will hear from experts and stakeholders during sessions on Monday and Wednesday this week as they examine what has become an increasingly contentious issue. In the fallout from the bungled online Census, many commentators lamented the damage it had done on the movement towards online voting. … Plenty of advocates remain undeterred and would like to see the government explore ways to deliver comprehensive electronic voting in the future. But according to those who have provided submission to the inquiry, there are plenty of pitfalls to consider.

National: Voting Should Be Easier—But Not Like This | Mother Jones

The internet is the worst ballot box of all, according to three research and public-interest groups who are slamming states’ use of online voting and urging people to protect their privacy by physically mailing in their ballots instead. “Internet voting creates a second-class system for some voters—one in which their votes may not be private and their ballots may be altered without their knowledge,” write the authors of The Secret Ballot at Risk: Recommendations for Protecting Democracy. Caitriona Fitzgerald of the Electronic Privacy Information Center, Pam Smith of the Verified Voting Foundation, and Susannah Goodman of the Voting Integrity Campaign of Common Cause, who were the authors of the report, point out that states either have constitutional provisions or state statues guaranteeing the right to secret ballots, but that “because of current technological limitations…it is impossible to maintain separation of voters’ identities from their votes when Internet voting is used.”

National: Online voting could be really convenient. But it’s still probably a terrible idea. | The Washington Post

Election Day can sometimes feel like more of a headache than a patriotic celebration. Long lines and scheduling conflicts may leave voters wondering why there isn’t an easier way to cast their ballots. Some say there already is: online voting. Why head to the polls if you can vote from anywhere using your laptop or smartphone? But even as online voting is on the rise in the United States and elsewhere, experts warn its convenience isn’t worth its costs. Casting your vote online could mean sacrificing the right to a secret ballot and leaving elections more vulnerable to fraud, according to a report released Thursday by the Electronic Privacy Information Center, the Verified Voting Foundation and the Common Cause Education Fund. Security researchers also warn that online voting could be vulnerable to hackers who could digitally hijack elections. “The Internet is already as messed up as we can imagine, and adding critical electoral systems is just a bad idea,” said Joseph Lorenzo Hall, chief technologist at the Center for Democracy and Technology.

National: Voting Machines Are a Mess—But the Feds Have a (Kinda) Plan | WIRED

America’s voting machines are a patchwork of systems spread across thousands of districts, with widely varying degrees of accountability. It’s a mess. One that the Department of Homeland Security has finally committed to helping clean up. This week, DHS chief Jeh Johnson held a call with state election officials to outline, very roughly, the kind of assistance that DHS will provide to help prevent cyber attacks in this fall’s elections. For now, details are vague, and whatever DHS plans to do will need to happen quickly; election day may be November 8, but in some states, early voting starts in just six weeks. That’s not enough time to solve all of America’s voting machine issues. Fortunately, there’s still plenty DHS can accomplish—assuming the districts that need the most help realize it. The problems with America’s electronic voting machines are extensive, but also easily summarized: Many of them are old computers, and old computers are more vulnerable to disruptions both purposeful (malware) and benign (bugs).

National: Voting Online Means You’re Giving Up Privacy, Researchers Warn | Vocativ

Online voting—currently a limited option in 32 states and Washington, D.C.—usually forces voters to give up their legal right to a guaranteed private ballot, a new study shows. The study, a joint effort by nonprofit advocacy groups including the Verified Voting Foundation and the Electronic Privacy Information Center, notes that a right to a guaranteed private ballot is the law in every state in the U.S., and that in all but six, it’s protected by a state constitution—specifically because the integrity of a vote is predicated on the voter’s trust that they’re making their decision in private. Alabama’s Constitution reads, for instance, that “The right of individuals to vote by secret ballot is fundamental.”

National: Hacking the US Election ‘Possible’ But Difficult, Experts Say | VoA News

As recently as 2014, you could drive into the parking lot at certain Virginia polling places, connect to the voting machines inside by Wi-Fi and have your way with the vote tallies. That gaping hole in election security has been plugged. Virginia dropped these machines last year. But with Republican presidential nominee Donald Trump suggesting the November election may be rigged, and security officials blaming Russia for a politically sensitive hack of the Democratic National Committee, election cybersecurity is getting a closer look. The risks are real, experts say, though it’s another question how likely they are to happen. “It’s possible for a sophisticated attacker to hack the machines and start stealing votes,” says University of California at Berkeley computer science professor David Wagner. Wagner worked on a 2007 statewide review of California’s voting system. “Every voting machine that’s been studied is susceptible,” he says. “It would be challenging,” he adds. “It would require considerable technical sophistication. And it would require someone to be physically present in each county, tampering with at least one machine.

National: Experts Fear Possible Voting Machine Tampering in November | CNC News

A group of cyber security experts say they fear that voting machines in the U.S. could be a target for hackers. “Coming out of the [Democratic National Committee] hack … I think there’s a lot of us trying to call more attention to the election machines,” Jason Healey, a Columbia University senior research scholar and non-resident senior fellow at the Atlantic Council’s Cyber Statecraft Initiative said on Wednesday. Healey, who was in Washington, D.C., as part of the council’s “Cyber Risk Wednesday” series, pointed out the difference between how gambling machines in Las Vegas are secured compared to voting machines. “Someone tweeted out: ‘Here’s how Las Vegas handles gambling machines.’ It covered all these controls that Las Vegas includes for [them]… “Someone can inspect it. If you as a player think that the [gambling] machine is fraudulent, you can go talk to the inspector. There are rules. There [is] independent testing to see if it’s right,” Healey said.

National: Pants on Fire!: Donald Trump’s baseless claims about the election being ‘rigged’ | PolitiFact

Donald Trump preemptively challenged the results of the November presidential election, claiming in media appearances and rallies that the entire system is “rigged.” Trump’s charges of election fraud are not new to his campaign. He’s tweeted about dead voters delivering President Barack Obama’s victory in 2012, floated charges about multiple voting in the primaries, and suggested…

Editorials: The Election Won’t Be Rigged. But It Could Be Hacked. | Zeynep Tufecki /The New York Times

Voting isn’t a game, of course, and we need to trust the machines that count our votes. Especially this year. Donald J. Trump, the Republican presidential nominee, raised the possibility of “rigged” elections, and his former adviser Roger J. Stone Jr. has warned of a “blood bath” in such a case. A recent poll found that 34 percent of likely voters believed the general election would be rigged. It’s unclear what mechanism the Trump campaign envisions for this rigging. Voter fraud through impersonation or illegal voting is vanishingly rare in the United States, and rigging the election by tampering with voting machines would be nearly impossible. As President Obama pointed out in a news conference last week, where he called charges of electoral rigging “ridiculous,” states and cities set up voting systems, not the federal government. That’s true, and it means the voting machine landscape is a patchwork of different systems, which makes the election hard to manipulate in a coordinated way. But it’s still a bleak landscape.

National: Recent Breaches Raise Fears of Voting System Hacks | Roll Call

In an already topsy-turvy presidential campaign, the recent breaches of Democratic Party computer networks have fueled fears about potential foreign meddling and raised questions about how secure the electronic systems that record and tally votes across the country are from sophisticated hackers. For years, computer security experts have warned that electronic voting is vulnerable to hacking that could alter vote tallies and theoretically swing an election. The intrusions that compromised the Democratic National Committee and the House Democrats’ fundraising campaigns’ systems — both of which cybersecurity experts have blamed on groups linked to Russian intelligence agencies — have only heightened those concerns. Even a minor breach could wreak havoc by undermining the public’s faith in the integrity of the balloting, particularly in a campaign as contentious as this year’s presidential race. “We cannot function without the leadership that is elected via the democratic process, and attacks on our election system could undermine all of the confidence that voters have in the legitimacy of our leadership,” said J. Alex Halderman, a computer science professor at the University of Michigan who has studied security in electronic and internet voting.

National: These States Are At the Greatest Risk of Having Their Voting Process Hacked | MIT Technology Review

The recent cyberattack on the Democratic National Committee has raised the specter of an Internet-based assault on the democratic process in the U.S., and has led computer security experts to call on the federal government to do more to protect the voting process from hackers.Since national elections involve some 9,000 separate jurisdictions, and they use a variety of technologies, the problem at first appears to be hopelessly complex. But there is a simple way to manage the risk of cybercrime: keep voting off the Internet. … Congress passed a law in 2009 that made it mandatory for states to electronically deliver blank ballots to voters in the military and overseas. But it said nothing about the electronic return of completed ballots. The authors of the legislation “knew there were unsolved security issues,” says Pamela Smith, president of Verified Voting, a group that advocates for the accuracy and transparency of elections. But if the law had gone so far as to issue a blanket restriction on online voting, it may not have passed. Instead, the door remained open for more states to begin offering voters the option to return their completed ballots using the Internet.

National: Just how secure are electronic voting machines? | CNN

It’s no secret, given the hacks that have plagued the Democratic National Committee and the Clinton campaign. But security researchers warn that it’s just the beginning. “There’s not even a doubt in my mind that there are other actors out there that have yet to be found,” Crowdstrike CEO George Kurtz told CNNMoney. “I’m sure there will be other hacks that come out over the course of this election and certainly beyond that.” Kurtz, whose firm was brought in by the DNC to investigate the hack, called the hack a watershed moment. He said Crowdstrike has been fielding calls from Washington as political parties wrap their heads around a new type of threat: Hackers trying to manipulate the U.S. election. Far from Washington, hackers descended on Las Vegas to show off their party tricks at Black Hat, the annual conference that puts security on the frontlines. They hacked cars, ATMs and mobile devices. This year, there was a new addition: a simulated version of a hackable electronic voting machine, assembled by security firm Symantec. Brian Varner, a security researcher at Symantec, said the electronic voting machine is another frontier for hackers.

National: Will the US elections be hacked? It’s doubtful, but machines could be ‘rigged’ | The Guardian

It’s been a topic of debate ever since hackers – presumably working for Russia – stole thousands of private emails from the Democratic National Committee and leaked them on the net. Could a nation state or other adversary hack our elections and determine the next president of the United States? The answer depends on how they try to go about it, says Avi Rubin, computer science professor at Johns Hopkins University and technical director of the university’s Information Security Institute. Election hacking is highly unlikely, he says. Attackers reaching into the ballot box from thousands of miles away won’t happen, simply because the vast majority of election machines are not connected to the internet. Some 31 states offer voting via internet, email, or fax, but nearly all only allow it as an option for military families and Americans living overseas – a very small percentage of the electorate. Only Alaska allows any voter to cast a ballot across the net, according to Verified Voting. But election rigging is a potential threat, says Rubin. That’s where adversaries attack the electronic voting machines themselves, altering the software inside the machines to favor one candidate. “There are a thousand points of vulnerability,” says Rubin. “Anyone with access to the machines at any stage could attack them.”

National: Could the Presidential Election Be Stolen? | Newsweek

America’s election is at risk of being stolen: That, in essence, is what some news reports, as well as Republican presidential nominee Donald Trump and his allies, have been suggesting lately. … Election integrity and cybersecurity experts say there are real security vulnerabilities in America’s election system—or, more accurately, systems, as there are more than 9,000 separate state and local jurisdictions that conduct elections around the country. A number of states and municipalities continue to use insecure electronic and/or online voting technologies, despite years of warnings that these systems have bugs and poor security. It’s also true that a motivated individual could, in theory, go to the polls and pretend he or she is someone else, or lie on an absentee ballot. There are, however, two important caveats. One: Evidence of outright voter fraud of the sort Trump is warning about is extremely rare. Two: Even if a malevolent actor did succeed in meddling with an election—either by hacking into an electronic system or via lower-tech identity fraud—that doesn’t mean he or she could affect the outcome. Doing so would be extremely difficult in large part because of how fragmented the U.S. voting system is. … Pam Smith, president of Verified Voting, a nonprofit group that advocates for accurate and fair elections, says Ohio and Florida, in particular, have “been making all the moves in the right direction” after grappling with major voting crises last decade. Many counties in Ohio still use electronic voting machines, which provide the potential for hacking. But they require physical paper records of voters’ ballots, known as voter verifiable paper audit trails, which allow voters to confirm their votes were recorded correctly and also allow election officials to audit the vote tallies.

Australia: NSW’s e-Voting system under fire | Computerworld

In the aftermath of the 2 July federal election, Prime Minister Malcolm Turnbull and opposition leader Bill Shorten both indicated support for the potential use of eVoting to avoid drawn-out post-election ballot counting. However, the eVoting platform used in Australia’s most populous state — New South Wales’ iVote system — has again come under fire. The iVote system supports telephone and Internet-based voting in the state. The current version of iVote was produced by Scytl in partnership with the NSW Electoral Commission (NSWEC) and used in the 2015 state election. The robustness, privacy and verification method of the system have been questioned by two university researchers, one of whom was previously instrumental in uncovering a security vulnerability in iVote.

National: America’s Electronic Voting Machines Are Sitting Ducks | WIRED

This week, GOP presidential candidate Donald Trump openly speculated that this election would be “rigged.” Last month, Russia decided to take an active role in our election. There’s no basis for questioning the results of a vote that’s still months away. But the interference and aspersions do merit a fresh look at the woeful state of our outdated, insecure electronic voting machines. We’ve previously discussed the sad state of electronic voting machines in America, but it’s worth a closer look as we approach election day itself, and within the context of increased cyber-hostilities between the US and Russia. Besides, by now states have had plenty of warning since a damning report by the Brennan Center for Justice about our voting machine vulnerabilities came out last September. Surely matters must have improved since then. Well, not exactly. In fact, not really at all. … So electronic voting machines aren’t ideal. The good news is, it’s entirely possible to mitigate any potential harm they might cause, either by malice or mistake. First, it’s important to realize that electronic voting machines aren’t as commonplace as one might assume. Three-quarters of the country will vote on a paper ballot this fall, says Pamela Smith, president of Verified Voting, a group that promotes best practices at the polls. Only five states—Delaware, Georgia, Louisiana, South Carolina, and New Jersey—use “direct recording electronic” (DRE) machines exclusively. But lots of other states use electronic machines in some capacity. Verified Voting also has a handy map of who votes using what equipment, which lets you drill down both to specific counties and machine brands, so you can see what’s in use at your polling station.

National: How to Hack an Election in 7 Minutes | Politico

When Princeton Professor Andrew Appel decided to hack into a voting machine, he didn’t try to mimic the Russian attackers who hacked into the DNC’s database last month. He didn’t write malicious code, or linger near a polling place where the machines can go unguarded for days. Instead, he bought one online. With a few cursory clicks of a mouse, Appel parted with $82 and became the owner of an ungainly metallic giant called the Sequoia AVC Advantage, one of the oldest and vulnerable, electronic voting machines in the United States (among other places it’s deployed in Louisiana, New Jersey, Virginia, and Pennsylvania). No sooner did a team of bewildered deliverymen roll the 250-pound device into a conference room near Appel’s cramped, third-floor office than the professor set to work. He summoned a graduate student named Alex Halderman, who could pick the machine’s lock in seven seconds. Clutching a screwdriver, he deftly wedged out the four ROM chips—they weren’t soldered into the circuit board, as sense might dictate—making it simple to replace them with one of his own: A version of modified firmware that could throw off the machine’s results, subtly altering the tally of votes, never to betray a hint to the voter. The attack was concluded in minutes. To mark the achievement, his student snapped a photo of Appel—oblong features, messy black locks and a salt-and-pepper beard—grinning for the camera, fists still on the circuit board, as if to look directly into the eyes of the American taxpayer: Don’t look at me—you’re the one who paid for this thing. Appel’s mischief might be called an occupational asset: He is part of a diligent corps of so-called cyber-academics—professors who have spent the last decade serving their country by relentlessly hacking it. Electronic voting machines—particularly a design called Direct Recording Electronic, or DRE’s—took off in 2002, in the wake of Bush v. Gore. For the ensuing 15 years, Appel and his colleagues have deployed every manner of stunt to convince the public that the system is pervasively unsecure and vulnerable.

National: What the DNC Hack Says about Cyber-Based Threats to Democracy | MIT Technology Review

It’s widely believed that Russian hackers were behind the recent attack on the Democratic National Committee’s e-mail servers. While the consequences of the attack for this year’s presidential election remain to be seen, it’s not hard to imagine how hackers could influence or disrupt our elections—and that could undermine our national stability and security. That’s why the government should take the advice of security experts who say it must intervene to protect the voting system from cyberthreats. As Bruce Schneier, a technologist and lecturer at Harvard’s Kennedy School of Government, argued recently in the Washington Post, the government should act quickly in the wake of the DNC hack. “If foreign governments learn they can influence our elections with impunity,” he wrote, “this opens the door to future manipulations, both document thefts and dumps like this one that we see and more subtle manipulations that we don’t see.”