In 2011, the election board in Pennsylvania’s Venango County — a largely rural county in the northwest part of the state — asked David A. Eckhardt, a computer science professor at Carnegie Mellon University, to examine its voting systems. In municipal and state primaries that year, a few voters had reported problems with machines ‘‘flipping’’ votes; that is, when these voters touched the screen to choose a candidate, the screen showed a different candidate selected. Errors like this are especially troubling in counties like Venango, which uses touch-screen voting machines that have no backup paper trail; once a voter casts a digital ballot, if the machine misrecords the vote because of error or maliciousness, there’s little chance the mistake will be detected. Eckhardt and his colleagues concluded that the problem with the machines, made by Election Systems & Software (ES&S), was likely a simple calibration error. But the experts were alarmed by something else they discovered. Examining the election-management computer at the county’s office — the machine used to tally official election results and, in many counties, to program voting machines — they found that remote-access software had been installed on it.
Most people would not expect a 13-year-old computer to function properly, yet Illinois has allowed its voting technology to become just as obsolete, said Sarah Brune, executive director of the Illinois Campaign for Political Reform. The nonprofit political advocacy group is working with Illinois officials to raise awareness of the state’s aging voting equipment and the need for new voting machines. Some voting jurisdictions are still using floppy disks, and election administrators have to search the internet for replacement parts, according to Brune. The last time Chicago purchased voting equipment was in 2005, said Jim Allen, spokesman for the Chicago Board of Elections. While the current system has not had security issues, new equipment would improve election transparency and auditing processes. Suburban Cook County is in need of an update too, he added.
Despite some lawmakers leaving early, 59 representatives happened to still be in the House on Friday afternoon when Rep. Nancy York stood to talk. She explained what’s behind changes sought for parts of South Dakota’s election laws. York, R-Watertown, said election officials in different states are backing away from direct electronic recording of votes. South Dakota law allows it but it hasn’t been used. Security of a person’s ballot is the main reason. HB 1013 would repeal references to direct electronic recording from state law, she said.
Six U.S. senators have filed a bipartisan bill that would provide grants to states to help them move from paperless voting machines to paper ballots in an effort to make voting systems less vulnerable to hackers. In September, the U.S. Department of Homeland Security notified election officials in nearly two dozen states that their voter registration systems had been targeted by Russian hackers during the 2016 presidential election. While the hackers failed to breach most of the systems, in Illinois, they succeeded in accessing the voter database, and nearly 90,000 records were compromised. And in Arizona, hackers stole an election employee’s username and password, but the system wasn’t compromised, according to the Arizona secretary of state.
Following the recent declaration by the U.S. National Security Agency that Russian hackers tried to infiltrate the electronic voting machines used in the last U.S. presidential election, many people are calling for a lot of things especially for the electronic voting machines to be scrapped. Although the Russians did not succeed, more questions are still left on the table. U.S. senators looking for answers have constituted a committee and is hoping to pass a bipartisan bill called the Securing America’s Voting Equipment (SAVE) Act. The bill will enlist help from the Department of Homeland Security to organize an event like the one held at the DEFCON hackers conference in July, themed the “Voting Machine Hacking Village.”
National: Hacking the vote: Threats keep changing, but election IT sadly stays the same | Ars Technica
The outcome of the 2016 presidential election is history. But allegations of voter fraud, election interference by foreign governments, and intrusions into state electoral agencies’ systems have since cast a pall over the system that determines who makes the laws and enforces them in the United States. Such problems will not disappear no matter what comes out of a presidential commission or a Congressional hearing. “Amazon will not go out of business because one percent of its transactions are fraudulent,” said David Jefferson, a visiting computer scientist at Lawrence Livermore National Laboratory and chairman of the Verified Voting Foundation, a non-governmental organization working toward accuracy, integrity, and verifiability of elections. “That’s not the case for elections.” Jefferson’s words came during his talk at the latest edition of DEFCON, the annual infosec event. Election hacks naturally became something of an overarching theme within the Caesar’s Palace convention center this summer. In fact, there was an entire room dedicated solely to testing the reliability of US electronic voting systems. Called “Voting Village,” the space was filled with more than 25 pieces of electoral hardware—voting machines and other electronic election-management equipment—in various stages of deconstruction. Any curious conference attendee, no matter where they fell within the conference’s wide technical skill spectrum, could contribute to the onslaught of software and hardware hacks targeting the machines in this de facto lab.
With Election Day rapidly approaching, poll workers in roughly a dozen localities all over the Commonwealth, including bigger cities like Norfolk and small ones like Hopewell, frantically train on brand new voting machines. On September 8, the Virginia Board of Elections voted to immediately de-certify all paper-less voting machines in the state. Those were the machines that allowed voters to vote by touching the screen. “We’ve had concerns in Virginia about the paper-less equipment for a while, and we’ve been kind of on a path to replacing them state-wide,” Edgardo Cortes, the state Commissioner of Elections, said.
Boardwalk “claw” machines. Laundry scales. Boiled linseed oil. All three are subject to more state regulation than voting machines in New Jersey. And with Tuesday’s election for governor — one of the first two statewide contests in the U.S. since last year’s presidential race — some voting-rights activists are expressing concern that New Jersey’s vote could be vulnerable. Despite consumer-protection laws that mandate testing of pharmacy scales, gas pumps, amusement park rides and hundreds of other types of equipment — and regulations governing everything from the size of peach baskets to the temperature at which commercial linseed oil must be boiled — the state has comparatively few regulations on voting machines. It does not require machines to leave a verifiable paper trail. Nor does it mandate audits of elections. New Jersey does limit the types of voting machines counties can choose from, but leaves it to counties to test the machines.
Connecticut: UConn’s Center for Voting Technology Research supports fair and free elections | The Daily Campus
The University of Connecticut’s Center for Voting Technology Research (VoTeR Center) is working to keep state elections fair and fraud free, a topic recently brought to light by Secretary of State Denise Merrill in a statement released Friday. “(On Oct. 26th), along with representatives from the state’s information technology and public safety departments, I met with regional officials from the United States Department of Homeland Security to discuss how we can work together to ensure that Connecticut elections are safe from outside interference or manipulation,” Merrill said. The center aids this mission by advising state agencies in the use of electronic voting equipment and investigating voting solutions, according to its website. “We’ve been in existence since 2006 and we’ve been working with the Secretary of the State’s Office since then,” said Dr. Alexander Schwarzmann, professor and head of the UConn computer science and engineering department. “Our work was motivated by the nationwide change in the way that elections are conducted with the help of technology.”
Georgia: Former Gov. Roy Barnes’ firm to represent Georgia in lawsuit | Atlanta Journal Constitution
Former Gov. Roy Barnes’ law firm will represent Georgia Secretary of State Brian Kemp in a lawsuit that a national election transparency advocacy group filed to force the state to overhaul its election system. The Department of Administrative Services has replaced Attorney General Christopher Carr with Barnes Law Group to represent Kemp, the state Election Board and others named in the case, Kemp spokeswoman Candice Broce said. The Charlotte-based Coalition for Good Governance, led by Executive Director Marilyn Marks, has said that reported security lapses show the state’s system is “vulnerable and unreliable” and should not have been used for the 6th Congressional District runoff race in June — nor should it be used in next week’s election. Kennesaw State University runs the Center for Elections Systems and is also a defendant in the lawsuit. … KSU said the server that had been examined by the FBI was wiped so it could be repurposed, and that the FBI had a copy of the data that were on the server.