As the Obama administration took tough action against Russia for interfering with the 2016 U.S. election this week, two experts in U.S. voting-machine security offered evidence at Europe’s largest annual hacker conference here they say proves that while the voting machines used in the November presidential election were not hacked, U.S. voting systems remain “shockingly” exposed to hackers. “We knew on November 8 that hacking was possible,” J. Alex Halderman, a University of Michigan computer science professor who specializes in testing voting-machine security, said Wednesday in front of a crowd of more than 1,000 attendees of the 33rd annual Chaos Communication Congress. … “Shockingly—at least shockingly to me and many other people, even under these circumstances—approximately zero U.S. states were going to look at enough paper ballots to know whether the computers had been hacked,” Halderman said. “This is a major gap in our system.”
Flaws in U.S. voting systems are myriad and complicated, argue Halderman and Matt Bernhard, his co-researcher. The biggest flaw, they say, is the reluctance of states to commit to vote recounts after elections apparently decided by small margins.
Within the 70 percent of states that require a paper trail to accompany electronic votes, paper recounts can ensure that voters’ will has been recorded without tampering. Without a literal paper trail, conversely, verifying the existence of a cyberattack on voting machines—not to mention actual voter intent—would be quite challenging.
“The purpose of a recount, of any examination of the paper ballots, is to gather evidence of whether the outcome was correct or not,” Halderman said. “Without looking at them, we don’t have the evidence to begin with. All we can do is say that it would be possible for an attack to change the result without leaving any visible evidence.”