As the midterm congressional primaries heat up amid fears of Russian hacking, roughly 1 in 5 Americans will cast ballots on machines that do not produce a paper record of their votes. That worries voting and cybersecurity experts, who say lack of a hard copy makes it difficult to double-check results for signs of manipulation. “In the current system, after the election, if people worry it has been hacked, the best officials can do is say, ‘Trust us,’” said Alex Halderman, a voting machine expert who is director of the University of Michigan’s Center for Computer Security and Society.
National: Russia’s still targeting U.S. elections, King warns, and experts say we’re not prepared | Portland Press Herald
For weeks, U.S. Sen. Angus King has been telling anyone who’ll listen that the biggest, most worrisome thing about Russian interference in the 2016 election isn’t getting enough attention and has nothing to do with President Trump. King has warned in congressional hearings, television appearances and interviews with reporters that Moscow tried and is still trying to compromise American voting systems – and that if nothing’s done it might very well change the results of an election. … While intelligence officials say there is no evidence that vote counts were changed last November, a leading expert on security threats to voting machines said this possibility cannot be excluded without a forensic audit of the results. Even voting and vote counting machines that are not connected to the internet can be and could have been compromised when they received software programming them to display or recognize this year’s ballots, said J. Alex Halderman, director of the University of Michigan Center for Computer Security and Society.
A computer science professor told the Senate Intelligence Committee Wednesday that voting machines that create an electronic record of the voters’ decisions are open to fraud and computer hacking, vulnerabilities that are big enough to potentially change the outcome of some elections. J. Alex Halderman, professor of computer science at Michigan University, said he and his team began studying “direct-recording electronic” (DRE) voting machines 10 years ago and found that “we could reprogram the machine to invisibly cause any candidate to win. We also created malicious software — vote-stealing code — that could spread from machine-to-machine like a computer virus, and silently change the election outcome.” … As a computer science professor, Halderman has not only run academic trials on hacking voting machines, he has also run real-time examples.
Hackers can breach air-gapped voting machines and vote tallying systems – those not connected to internet – in an attempt to alter ballots to sway the outcome of an election, the Senate Select Committee on Intelligence has learned. “Our election infrastructure is not as distant from the internet as it may seem,” Alex Halderman, a University of Michigan computer science professor, testified Wednesday before the Senate Select Committee on Intelligence The Senate panel, as well as its House counterpart, held simultaneous hearings focused on the impact of Russian hacking on America’s election process (see Election Systems’ Hacks Far Greater Than First Realized ). At both sessions, lawmakers heard witnesses agree that Russian hackers did not alter votes in the 2016 presidential election.
As new reports emerge about Russian-backed attempts to hack state and local election systems, U.S. officials are increasingly worried about how vulnerable American elections really are. While the officials say they see no evidence that any votes were tampered with, no one knows for sure. Voters were assured repeatedly last year that foreign hackers couldn’t manipulate votes because, with few exceptions, voting machines are not connected to the Internet. “So how do you hack something in cyberspace, when it’s not in cyberspace?” Louisiana Secretary of State Tom Schedler said shortly before the 2016 election. But even if most voting machines aren’t connected to the Internet, says cybersecurity expert Jeremy Epstein, “they are connected to something that’s connected to something that’s connected to the Internet.” … While it’s unclear if any of the recipients took the bait in the email attack, University of Michigan computer scientist Alex Halderman says it’s just the kind of phishing campaign someone would launch if they wanted to manipulate votes.
The leaked NSA document published by The Intercept on Monday revealed a report that Russian military actors attacked one of the most especially vulnerable aspects of the American voting system: online voting registration databases. The classified document was leaked to the press by a 25-year-old intelligence contractor who has been arrested by the Department of Justice. The five-page report, which the AP has yet to authenticate, details a cyberattack that began in August 2016. The document does not reveal whether or not the Russian attempts at were successful, nor does it address if it could have affected voting outcomes in the presidential election. It does, however, validate the concerns of cybersecurity experts who have long considered the possibility of this type of attack as a potential threat to our voting process’ security.
A leaked intelligence document outlining alleged attempts by Russian military intelligence to hack into U.S. election systems is the latest evidence suggesting a broad and sophisticated foreign attack on the integrity of the nation’s elections. And it underscores the contention of security experts and computer scientists that the highly decentralized, often ramshackle U.S. election system remains profoundly vulnerable to trickery or sabotage. The document, purportedly produced by the U.S. National Security Agency, does not indicate whether actual vote-tampering occurred. But it adds significant new detail to previous U.S. intelligence assessments that alleged Russia-backed hackers had compromised elements of America’s electoral machinery. It also suggests that attackers may also have been laying groundwork for future subversive activity. The operation described in the document could have given attackers “a foothold into the IT systems of elections offices around the country that they could use to infect machines and launch a vote-stealing attack,” said J. Alex Halderman, a University of Michigan computer scientist. “We don’t have evidence that that happened,” he said, “but that’s a very real possibility.”
Thanks to the embarrassing incompetence of Humpty Trumpty and his virulent assault on America’s political institutions, many people are already looking forward to the 2018 elections as a way of throwing the Trump supporters out of Congress and putting America back on the path of being a true world leader and not a pale imitation of a banana republic. Much of the public anger focuses on deep cuts to programs like the Affordable Care Act, Medicare, and Social Security, but others are equally motivated by Trump’s obdurate ignorance about climate change. … J. Alex Halderman, a computer science professor at the University of Michigan, and Ph.D. student Matt Bernhard have assembled a number of reasons that they say render US voting machines susceptible to outside interference that could affect the accuracy of their tallies. In 2002, after the chaotic presidential election two years before, Congress passed the Help America Vote Act. The legislation provided funding for several private electronic voting machine manufacturers, including Diebold.
The FBI, NSA and CIA all agree that the Russian government tried to influence the 2016 presidential election by hacking candidates and political parties and leaking the documents they gathered. That’s disturbing. But they could have done even worse. It is entirely possible for an adversary to hack American computerized voting systems directly and select the next commander in chief.
A dedicated group of technically sophisticated individuals could steal an election by hacking voting machines in key counties in just a few states. Indeed, University of Michigan computer science professor J. Alex Halderman says that he and his students could have changed the result of the November election. Halderman et al. have hacked a lot of voting machines, and there are videos to prove it. I believe him.
Halderman isn’t going to steal an election, but a foreign nation might be tempted to do so. It needn’t be a superpower like Russia or China. Even a medium-size country would have the resources to accomplish this, with techniques that could include hacking directly into voting systems over the Internet; bribing employees of election offices and voting-machine vendors; or just buying the companies that make the voting machines outright. It is likely that such an attack would not be detected, given our current election security practices.
Five days after Donald Trump was elected president, Alex Halderman was on a United Airlines flight from Newark to Los Angeles when he received an urgent email. A respected computer scientist and leading critic of security flaws in America’s voting machines, Halderman was anxious to determine whether there had been foul play during the election. Had machines in Wisconsin or Michigan been hacked? Could faulty software or malfunctioning equipment have skewed the results in Pennsylvania? “Before the election, I had been saying I really, really hope there’s not a hack and that it’s not close,” he says. “Afterwards, I thought, ‘Wait a minute, there’s enough reason here to be concerned.’ ” Now, wedged into a middle seat on the cross-country flight, Halderman stared in disbelief at the email from Barbara Simons, a fellow computer scientist and security expert. Working with Amy Rao, a Silicon Valley CEO and major Democratic fundraiser, Simons had arranged a conference call with John Podesta, Hillary Clinton’s campaign chair, to make the case for taking a closer look at the election results. Could Halderman be on the call in 15 minutes? United’s wi-fi system didn’t allow for in-flight phone calls. But Halderman wasn’t fazed. “I’m blocked,” he emailed Simons, “but I can try.” Within minutes, Halderman had circumvented the wi-fi and established an interface with computers at the University of Michigan, where at 36 he is the youngest full professor in the history of the computer science department. He dialed in to the call but did not speak, afraid of drawing attention to the fact that he was violating the airline’s phone ban.
National: Not Okay: Professor Smeared After Advocating for Election Integrity | Electronic Frontier Foundation
Imagine if someone, after reading something you wrote online that they didn’t agree with, decided to forge racist and anti-Semitic emails under your name. This appears to be what happened to J. Alex Halderman, a computer security researcher and professor of computer science at the University of Michigan. Halderman is one of many election security experts—along with EFF, of course—who has advocated for auditing the results of the 2016 presidential election. The recent attempts to smear his name in retaliation for standing up for election integrity are a threat to online free speech. Halderman, who is a frequent collaborator and sometimes client of EFF, published a piece on Medium in November 2016 arguing that we should perform recounts in three states—Wisconsin, Michigan, and Pennsylvania—to ensure that the election had not been “hacked.” To be clear, despite a report in New York Magazine, Halderman never stated that there was hard evidence that the election results had in fact been electronically manipulated. He just stated that we should check to be sure:
The only way to know whether a cyberattack changed the result is to closely examine the available physical evidence — paper ballots and voting equipment in critical states like Wisconsin, Michigan, and Pennsylvania.
After partial vote recounts in certain states, US election officials found no evidence that votes had been manipulated by a cyberattack on voting machines, security researchers told an audience at the Chaos Communication Congress hacking festival on Wednesday. But, the researchers called for a vast overhaul in voting machine security and related legislation, warning that an attack is still possible in a future election. “We need this because even if the 2016 election wasn’t hacked, the 2020 election might well be,” said J. Alex Halderman, a professor of computer science at the University of Michigan, during a presentation with Matt Bernhard, a computer science PhD student. Halderman’s and other security experts’ concerns made headlines in November when he participated in a call with the Clinton campaign about a potential recount in some states. Green Party candidate Jill Stein subsequently held a crowdfunding campaign to finance the recounts. “Developing an attack for one of these machines is not terribly difficult; I and others have done it again and again in the laboratory. All you need to do is buy one government surplus on eBay to test it out,” Halderman, who has extensively researched voting machine security, said during the talk.
National: Clinton camp remains mum as 3-state recount urged over hacking questions | The New York Times
Hillary Clinton’s lead in the popular vote is growing. She is roughly 30,000 votes behind Donald Trump in the key swing states of Michigan and Wisconsin, a combined gap that is narrowing. Some of her impassioned supporters are urging her to challenge the results in those two states and Pennsylvania, grasping at the last straws to reverse Trump’s decisive majority in the Electoral College. In recent days, the supporters have seized on a report by a respected computer scientist and other experts suggesting that Michigan, Pennsylvania and Wisconsin, the keys to Trump’s Electoral College victory, need to manually review paper ballots to ensure the election was not hacked. “Were this year’s deviations from pre-election polls the results of a cyberattack?” J. Alex Halderman, a computer-science professor at the University of Michigan who has studied the vulnerabilities of election systems at length, wrote on the online-publishing platform Medium on Wednesday as the calls based on his conclusions mounted. “Probably not.” More likely, he wrote, pre-election polls were “systematically wrong.” But the only way to resolve the lingering questions would be to examine “paper ballots and voting equipment in critical states,” he wrote.
Since hackers have targeted the election systems of more than 20 states, cyber-security experts say Michigan should change its policy and routinely audit a sample of its paper ballots to protect against election fraud. Voter registration lists were hacked recently in Arizona and Illinois. The U.S. Department of Homeland Security would not acknowledge whether those particular systems were breached, but Secretary Jeh Johnson said hackers “in a few cases … gained access to state voting-related systems.” The department would not disclose whether Michigan was one of “a large number of state systems” scanned by hackers in preparation for possible attacks, but the Michigan Secretary of State’s office said the state’s voter registration lists have not been targeted or affected. … Audits in Michigan are only triggered in certain circumstances, according to the Secretary of State’s office. Automatic recounts for presidential ballot results happen when the leading candidates are 2,000 or fewer votes apart, while a losing candidate can request a recount for a district or certain precincts, according to the Secretary of State’s office. “It should be done routinely in order to provide a strong degree of confidence,” said University of Michigan cyber-security expert Alex Halderman. “That’s an opportunity for Michigan to improve its election procedures. You should audit every election.”
One in four registered voters in the United States live in areas that will use electronic voting machines that do not produce a paper backup in the November presidential election despite concerns that they are vulnerable to tampering and malfunctions, according to a Reuters analysis. The lack of a paper trail makes it impossible to independently verify that the aging touch-screen systems are accurate, security experts say, in a year when suspected Russian hackers have penetrated political groups and state voting systems and Republican presidential candidate Donald Trump has said the election may be “rigged.” Election officials insist the machines are reliable, but security experts say they are riddled with bugs and security holes that can result in votes being recorded incorrectly. A Reuters analysis of data from the U.S. Census Bureau, the Election Assistance Commission and the Verified Voting Foundation watchdog group found that 44 million registered voters, accounting for 25 percent of the total, live in jurisdictions that rely on paperless systems, including millions in contested states such as Georgia, Pennsylvania and Virginia.
The U.S. election system will likely face a significant trial this year, thanks to a summer of startling revelations including nation-state-linked attacks targeting the Democratic National Committee and state voter databases, along with a statement of no-confidence by the Republican nominee. The result has been a slew of media stories positing how the election could be hacked. The ongoing cyber-attacks and raised doubts will put states’ choice of voting technology under the microscope, with a focus on the security of voting systems and the ability to audit the results produced by those balloting systems, according to election security experts. Unfortunately, while all but five states now have at least some systems with a verifiable paper trail, more than half do not have meaningful post-election audits, according to Verified Voting, a group focused on improving election-system integrity and accuracy. “We would like to see post-election audits everywhere,” Pamela Smith, director of the group, told eWEEK. “There is actual research showing that being able to conduct a robust audit in a public way brings confidence in the election. A voter-verifiable paper ballot is a tool to instill confidence that the election has come to true result.”
In the aftermath of the 2 July federal election, Prime Minister Malcolm Turnbull and opposition leader Bill Shorten both indicated support for the potential use of eVoting to avoid drawn-out post-election ballot counting. However, the eVoting platform used in Australia’s most populous state — New South Wales’ iVote system — has again come under fire. The iVote system supports telephone and Internet-based voting in the state. The current version of iVote was produced by Scytl in partnership with the NSW Electoral Commission (NSWEC) and used in the 2015 state election. The robustness, privacy and verification method of the system have been questioned by two university researchers, one of whom was previously instrumental in uncovering a security vulnerability in iVote.
National: More than 30 states offer online voting, but experts warn it isn’t secure | The Washington Post
The popularity of voting online is growing and will be in place for the presidential election in more than 30 states, primarily for voters living overseas or serving in the military. But security experts and some senior Obama administration officials fear there is not enough protection for any ballots transmitted over the Internet. They are warning…
We are the pioneers of the secret ballot electoral system, but when it comes to electronic voting, Australia has long been behind the pack. Kazakhstan, India, Brazil and Estonia are among the countries who long ago swapped pencil-and-paper ballots for e-voting at polling stations or over the internet. Meanwhile, in Australia, most of us continue to bemoan the chore of queuing for hours at the polling booth. … During the NSW state election in March, residents who were vision impaired, disabled or out of town on election day were able to cast their vote with the remote voting system, iVote, in what was the biggest-ever test of e-voting in the country. … But the success of iVote was marred by reports two security experts had exposed a major security hole that could potentially affect huge numbers of ballots and maybe even change the election outcome. University of Melbourne research fellow Vanessa Teague said she and Prof Alex Halderman from the University of Michigan found iVote had a vulnerability to what’s called a man-in-the-middle attack when they tested the system with a practice server in the lead-up to the election. “We could expose how the person intended to vote, we could manipulate that vote, and we could interfere with the return of the receipt number and thus prevent the person from logging into the verification server afterwards,” she told news.com.au.
Last month, the New South Wales Electoral Commission’s ongoing battle to defend the integrity of its online voting system took chief information officer Ian Brightwell all the way to Switzerland — the last bastion of modern direct democracy. After requests from commissioner Colin Barry were knocked back by two other academic conferences, Brightwell finally got his chance to explain the NSW experience of implementing iVote in direct response to a pair of crusading academics who have doggedly attacked the online voting platform both in Australia and abroad. The organisers of the VoteID 2015 conference, held last month in Bern, Switzerland, deemed the claims and counter-claims interesting enough to design a special session around them. By now, most people who’ve heard about online voting in NSW would have also heard the persistent warnings of Vanessa Teague, a research fellow at the University of Melbourne, and J. Alex Halderman, an associate professor of computer science and engineering from the University of Michigan.
In 2010, the District of Columbia decided to test its online absentee voter system. So officials held a mock election and challenged the public to do their best to hack it. It was an invitation that Alex Halderman, a computer-security expert at the University of Michigan, couldn’t resist. “It’s not every day that you’re invited to hack into government computers without going to jail,” he says. In less than 48 hours, Halderman and his students gained complete control of the system and rigged it to play the Michigan fight song each time a vote was cast. The students were ecstatic, but Halderman, who has a long history of exposing cybersecurity weaknesses, takes a more sober view. “This is the foundation of democracy we’re talking about,” he says.
“Internet voting” means different things to different people. To many folks, it might mean “click a button, submit, done.” To some—and for our purposes—it means anytime a voted ballot is transmitted in any way, shape or form via the Internet. Whatever the definition, computer scientists tell us that secure online voting is still many years, or even decades, away. For now, they say, using the Internet to return voted ballots can’t be done with confidence. Like it or not, Internet voting is on the minds of legislators and other policymakers. We say that, based on the 13 states that have had legislation in 2015 that deals in some way with permitting Internet voting. Only one has been enacted, Maine SB 552. So voters’ needs and technical expectations may push policymakers toward Internet voting—and at the same time security concerns are holding it back.
As many as 66,000 votes in the New South Wales state election 2015 could have been tampered with. The election was held on 28 March 2015 and is now closed. Voters used the iVote system which is described by its makers as “private, secure and verifiable” in its operation. Further, the Australian Electoral Commission insists that all Internet votes are and were “fully encrypted and safeguarded” at this time. The iVote system is a form of voting where eligible voters can vote over the Internet or telephone as an alternative to voting at a physical polling station. Security is provided using an 8-digit iVote number, a 6-digit PIN and a 12-digit receipt number for each individual. Australia is arguably a perfect test case for electronic voting with its vast distances that prevent some voters from getting to a polling location. A system like this also benefits the disabled and other less mobile voters. However, the system has been derided by non-profit digital rights group the Electronic Frontier Foundation (EFF), “The problem is that the system was not ready to be one of the biggest online voting experiments in the world.” EFF’s Farbod Faraji says that a FREAK flaw has been discovered in the Australian system by Michigan Computer Science Professor J Alex Halderman and University of Melbourne Research Fellow Vanessa Teague.
New South Wales Electoral Commission (NSWEC) CIO Ian Brightwell has defended the state’s online iVote system for the second time in as many weeks, after concerns were raised that a ballot error could put the state’s Legislative Council results in question for some seats. In the first two days of voting for the NSW state election, which was held on March 28, an error on the electronic ballot paper used for the online iVote system saw voters unable to vote above the line for two parties. … Brightwell’s defence of the NSW iVote system comes just two weeks after he fended off claims by online security researchers that the system had been vulnerable to a range of potential attacks, including those using the FREAK vulnerability. At the time, Brightwell played down the findings of the two researchers, Michigan Computer Science professor J Alex Halderman and University of Melbourne research fellow Vanessa Teague, saying that the vulnerability claims had been “overstated”.
Australia: New South Wales Attacks Researchers Who Found Internet Voting Vulnerabilities | Electronic Frontier Foundation
A security flaw in New South Wales’ Internet voting system may have left as many as 66,000 votes vulnerable to interception and manipulation in a recent election, according to security researchers. Despite repeated assurances from the Electoral Commission that all Internet votes are “fully encrypted and safeguarded,” six days into online voting, Michigan Computer Science Professor J. Alex Halderman and University of Melbourne Research Fellow Vanessa Teague discovered a FREAK flaw that could allow an attacker to intercept votes and inject their own code to change those votes, all without leaving any trace of the manipulation. (FREAK stands for Factoring RSA Export Keys and refers to the exploitation of a weakness in the SSL/TLS protocol that allows attackers to force browsers to use weak encryption keys.) But instead of taking the researchers’ message to heart, officials instead attacked the messengers.
As Chicagoans trek to the polls Tuesday for the city’s first-ever mayoral runoff election, some may wonder why they can’t yet vote from the palms of their hands. “For me the biggest benefit of online voting would be convenience,” said K.C. Horne, a 26-year-old accountant from Edgewater. “If I can file my taxes from my phone, I should be able to vote from my phone.” But so far, both technological and legislative hurdles have sharply limited the use of online voting. One major difference: The need to keep the user’s identity secret makes filing ballots different from other secure online transactions. “It’s an unconventional transaction where you have to be able to do business with me, but I can’t know exactly what you’re buying,” said Chicago Board of Election Commissioners spokesman Jim Allen.
Australia: NSW iVote security flaw may have affected thousands of votes: Researchers | Computerworld
United Kingdom: Security bug in Australia’s online voting system throws doubt on Britain’s digital election goal | Information Age
Britain’s hopes of enabling online voting in general elections by 2020 have faced a dose of reality after a security vulnerability in an Australian system was exposed. The iVote system was introduced for the New South Wales (NSW) State Election in 2011 for voters who are more than 20 kilometres from a polling station, and has also been used in subsequent state by-elections. But its use in NSW’s state election this month has faced intense scrutiny after researchers discovered a major security hole that could allow a hacker to read and manipulate votes. With 66,000 online votes already cast by the time Vanessa Teague and J. Alex Halderman, of the University of Melbourne and University of Michigan respectively, disclosed their revelation, the legitimacy of the entire election has been called into doubt.
Australia: International experts warn of the risks of Australian online voting tools | Sydney Morning Herald
Australia and other countries are a decade or longer away from safe methods of online voting in state and national elections and current tools pose a serious risk to democratic processes, people at a public lecture heard on Monday night. University of Michigan researcher J Alex Halderman and University of Melbourne research fellow Vanessa Teague said online voting in Saturday’s New South Wales election could have been seriously compromised through security weaknesses in the iVote system, being used in the upper house. The pair, in a a public lecture at the Australian National University, said that internet voting continued to raise some of the most difficult challenges in computer security and could not be considered completely safe. They reported faults in the NSW system to electoral authorities last week, ahead of as many as 250,000 voters using online systems to participate in the ballot.
Next weekend, voters in the Australian State of New South Wales go to the polls to elect a new government. Some have already cast their votes online, with a system that may be running the FREAK bug. So say Vanessa Teague and J. Alex Halderman, respectively a research fellow in the Department of Computing and Information Systems at at the University of Melbourne and an assistant professor of computer science and engineering at the University of Michigan and director of Michigan’s Center for Computer Security and Society. The system in question is called iVote system and was launched in 2011 to assist voters who live 20 kilometres or more from a polling station, or those will be overseas or interstate on election day. But Teague and Halderman say their proof-of-concept probe on a “practice” system showed it is possible to “… intercepts and manipulate votes … though the same attack would also have succeeded against the real voting server,” the pair wrote in analysis.