In 2006, Princeton computer science professor Edward Felten received an anonymous message offering him a Diebold AccuVote TS, one of the most widely used touch-screen voting machines at the time. Manufacturers like Diebold touted the touch-screens, known as direct-recording electronic (DRE) machines, as secure and more convenient than their paper-based predecessors. Computer experts were skeptical, since any computer can be vulnerable to viruses and malware, but it was hard to get ahold of a touch-screen voting machine to test it. The manufacturers were so secretive about how the technology worked that they often required election officials to sign non-disclosure agreements preventing them from bringing in outside experts who could assess the machines. Felten was intrigued enough that he sent his 25-year-old computer science graduate student, Alex Halderman, on a mission to retrieve the AccuVote TS from a trenchcoat-clad man in an alleyway near New York’s Times Square. Felten’s team then spent the summer working in secrecy in an unmarked room in the basement of a building to reverse-engineer the machine. In September 2006, they published a research paper and an accompanying video detailing how they could spread malicious code to the AccuVote TS to change the record of the votes to produce whatever outcome the code writers desired. And the code could spread from one machine to another like a virus.
That was more than a decade ago, but Georgia still uses the AccuVote TS. The state is one of five ― the others are Delaware, Louisiana, New Jersey and South Carolina ― that rely entirely on DREs for voting. Ten other states use a combination of paper ballots and DRE machines that leave no paper trail. Many use a newer version of the AccuVote known as the TSX ― even though computer scientists have demonstrated that machine, too, is vulnerable to hacking. Others use the Sequoia AVC Advantage, which Princeton professor Andrew Appel demonstrated could be similarly manipulated in a 2007 legal filing. Appel bought a Sequoia machine online for $82 and demonstrated that he could remove 10 screws and easily replace the Sequoia’s memory card with a modified version that would alter the outcome of an election.
Election security, typically a niche topic, emerged as a mainstream concern last summer after the Democratic National Committee announced that Russian hackers had penetrated their computer systems. The DNC hack was an early indication that Moscow had decided to interfere with the U.S. presidential election, raising alarms that their efforts could extend to the vulnerable touch-screen machines that record millions of votes around the country. By the time the cyberattack became public, it was too late to replace them, but in the year since the DNC hack revelations, there has been little tangible progress in securing America’s voting machines.
“Basically nothing has changed, except that we are now at least more aware of the threat,” said Halderman, who is now a computer science professor at the University of Michigan. “Ten years ago, had you said a foreign government is going to try to hack U.S. election equipment, I’d say it’s technically possible but so unlikely. But what we saw in 2016 was a concerted attempt by a foreign power to attack election infrastructure.”