National security experts say hackers backed by foreign governments are trying to influence the U.S. election, and the nation’s voting infrastructure is dangerously vulnerable. Time for an overhaul, they say. But when county officials in Austin, the capital of Texas, wanted to replace their voting equipment in 2012, they didn’t like what they saw. Electronic machines on the market had security problems. Voter-marked paper ballots can leave room for interpretation. So County Clerk Dana DeBeauvoir called Rice University computer science professor Dan Wallach, who has been poking holes in voting-machine security for years. He’s testified before Congress on the subject. Now DeBeauvoir wanted him to design a new one. “Wow,” he says. “That doesn’t happen very often.”
When an FBI alert to state election authorities warning them of hacking leaked to the media this week, the result was one of studied panic. Two voter registration databases in Arizona and Illinois had been penetrated, and some experts saw it as confirmation that Russia had escalated its campaign of hacking U.S. political organizations. Russian President Vladimir Putin just “unleashed the hounds” on the U.S. election system, one industry executive declared. So far, there is scant evidence that hackers working on behalf of Russian intelligence penetrated two fairly inconsequential voter databases in Arizona and Illinois. The FBI told election authorities in Arizona that Russian hackers were responsible for stealing a set of user credentials but provided no details about whether it was a criminal or state-sponsored group. In a letter to the FBI on Monday, Senate Minority Leader Harry Reid asked the bureau to investigate whether Russia is attempting to manipulate results of November’s elections. Russian efforts to do so are “more extensive than is widely known and may include the intent to falsify official election results,” he wrote.
Voting machines are so 20th century. Shouldn’t we able to vote on our smart phones by now? Here’s where a cornerstone of American democracy runs smack dab into the limits of computer science, say experts. Internet voting is “completely not ready for prime time. The security and reliability issues are significant,” says Marc Rotenberg, of the Electronic Privacy Information Center, a non-profit in Washington D.C. Despite that, about 3 million Americans will be eligible to vote online this election, according to Verified Voting, a non-profit that promotes election accuracy, transparency and verifiability. Most are members of the armed services who are deployed overseas. According to Dan Wallach, an expert on electronic voting system and professor of computer science at Rice University, no Internet voting systems are secure. “It turns out to be really hard to build a network system that’s hard to break into.” JPMorgan, Target and Home Depot have learned that lesson, and they have far more money and expertise available to them than local election officials, Wallach says.
At the urging of county election officials in Austin, Texas, a group of Rice University engineers and social scientists has pulled together a team of U.S. experts to head off a little-known yet looming crisis facing elections officials nationwide. According to a January report from the Presidential Commission on Election Administration, U.S. elections officials are facing an “impending crisis” as they look to replace the aging voting systems they purchased after Florida’s flawed 2000 election. The commission concluded that elections officials “do not have the money to purchase new machines, and legal and market constraints prevent the development of machines they would want even if they had the funds.” But a STAR (Secure, Transparent, Auditable and Reliable) voting system is on the horizon.
Editorials: Could Romney-Linked Electronic Voting Machines Jeopardize Ohio’s Vote Accuracy? | Keith Thomson/Huffington Post
In 2006, a group of computer hackers reprogrammed a Dutch electronic voting machine to play chess. The Dutch government subsequently imposed a moratorium on the use of electronic voting machines. In 2009, German Federal Constitutional Court ruled the country’s electronic voting systems unreliable to the point that their use was deemed unconstitutional. In June, Ireland paid a metal recycling company €70,267 to dismantle and recycle the country’s €55 million worth of electronic voting machines. In the United States, 35% of this year’s general election votes will be cast on electronic voting machines that, “in terms of effort required to compromise the systems, are in the same ballpark as the Irish voting machines,” according to Dan Wallach, a professor in Rice University’s Department of Computer Science and a computer systems security specialist. “The current voting machines were designed with insufficient attention to computer security.”