post-election audits

Tag Archive

Editorials: Decertifying Virginia’s vulnerable voting machines is just the first step | Fredericksburg Free Lance Star

The Virginia State Board of Elections has belatedly decided that all electronic touchscreen voting machines still in use throughout the commonwealth cannot be used for the Nov. 7 general election because they are vulnerable to hacking, even though they are not connected to the internet. This revelation is not new. For more than a decade, computer scientists at Princeton, Johns Hopkins, and other top universities have demonstrated that hackers can surreptitiously change votes on these machines without leaving a trace. In 2005, Finnish computer programmer Harri Hursti successfully hacked into Diebold voting machines that were in a locked warehouse in Leon County, Fla., under the watchful eyes of elections officials, a feat still referred to today as the Hursti Hack. But it took another demonstration of successful hacking at the DEFcon cybersecurity conference in Las Vegas this summer to finally convince board members that they needed to immediately decertify all touchscreen voting machines still in use in Virginia. Better late than never, as the old saying goes, but that left 22 cities and counties that still use them to tabulate election results in the lurch. Decertification should have happened years ago. Read More

Rhode Island: Vote-tally audits on Rhode Island lawmakers’ agenda | Providence Journal

Amid national news reports about potential election-hacking by Russia — and a machine ballot miscount in North Kingstown last year — state lawmakers have added audits of vote tallies to their special-session agenda. At a rare Friday afternoon meeting in September, the House Judiciary Committee is also scheduled to vote on a criminal-sentencing overhaul that stalled out in the 2016 legislative session, and then got caught up in end-of-session chaos this past June. … That was expected. But the committee will also likely approve — and send along to the full House for action at Tuesday’s special session — a bill requiring post-election audits to make sure that the state’s voting machines — which are actually optical scanners — got the winners and losers right. The Senate has already passed a version of the bill, sponsored by Sen. James Sheehan. But that bill — and a matching House version with Republican and Democrat-sponsors — had not made it all the way when the regular session ended abruptly in June. Read More

Editorials: Alabama has the right approach to election security | Lt. Col. Tony Shaffer/AL.com

To stop cyberattacks on voting, America should follow the state’s lead on paper ballots. There’s no evidence that hacking impacted the 2016 elections. But there’s growing evidence that elections in 2018 and 2020 could be at risk. The threat could come from North Korea, Iran, or any of a host of foreign adversaries. The challenges are getting clearer. In August, Chicago’s Board of Elections reported that sensitive information about the city’s 1.8 million registered voters was left exposed online for an unknown period. Earlier in the summer, the Department of Homeland Security confirmed that foreign agents targeted voting systems in 21 states in the last election. Other news reports found that hackers successfully compromised election technology vendors who program voting systems. In the fight to secure America’s voting systems, Alabama is already employing the most crucial defensive weapon: paper ballots. The transparency and simplicity of the state’s system is tough to hack and relatively easy to verify. To guard against a foreign attack on our nation’s election systems, we need action to ensure others follow Alabama’s example. Read More

Kansas: Sedgwick County Commission Wants Election Audit Legislation Passed In 2018 | KMUW

The Sedgwick County Commission is seeking state approval to do voting machine audits regularly. The commission is working to get legislation passed in 2018 that will allow audits of election results. Currently, the state of Kansas does not allow a review of ballots, except as it relates to specific election challenges. Lawmakers failed to pass a bill on election audits last year. Commissioner Jim Howell says there is broad support for the legislation for the upcoming 2018 session. He says Sedgwick County’s new voting machines are designed for audits. “We would like to do random sample auditing across our county, and that would add a lot of transparency and a lot of confidence in our election process, and right now we don’t have that,” Howell says. Read More

Texas: Missing ballots spur calls for auditable vote system | Community Impact Newspaper

On the second day of early voting in the November election, Jacob Montoya cast a ballot at the Hays County Government Center. He was a San Marcos mayoral candidate and eager to cast his ballot in that race and other local contests. But his vote ultimately went uncounted, one of 1,816 votes stored on a memory card that was misplaced and discovered weeks after Election Day on Nov. 6. “Do you think the younger generation is going to vote after something like this?” Montoya said. “My vote didn’t matter. First of all, they didn’t count it, and then when they did find it, they didn’t count it anyway.” … The confusion regarding the November election has led many Hays County residents to call for the use of paper ballots, which advocates say could give voters peace of mind that their vote has been accurately recorded. Read More

Colorado: New vote checks could help discover a vote hack | Archer Security Group

You did your civic duty. You voted. You may even get a red, white and blue sticker to wear proudly on your T-shirt. But are you sure your vote will be counted — and counted properly? If your state uses computers for voting or counting results, there’s a chance it may not, experts say. “We know that computers can have some bugs or even cleverly-hidden malicious code called malware,” said Barbara Simons, president of Verified Voting, a non-profit, nonpartisan group encouraging secure and accurate elections. “As we learned in 2016, we also have to worry about the possibility of computers and voting systems being hacked,” she added. But if you live in Colorado, you’ll now have a better chance of finding out if your vote fell victim to a glitch or a hack. Read More

National: States ramping up defenses against election hacks | The Hill

States across the nation are ramping up their digital defenses to prevent the hacking of election systems in 2018. The efforts come in the wake of Russia’s interference in the 2016 presidential election, which state officials say was a needed wake up call on cybersecurity threats to election systems and infrastructure. … Security experts are still divided over the extent of hacking risks to actual voting machines. Some say that because many different voting machines are used across the country and because they are not connected to the internet, that would make any large scale attack hard to carry out. … But others contend that digital voting machines are vulnerable and could be targeted to influence actual election outcomes. “Some election functions are actually quite centralized,” Alex Halderman, a University of Michigan computer science professor, told the Senate Intelligence Committee in June. “A small number of election technology vendors and support contractors service the systems used by many local governments. Attackers could target one or a few of these companies and spread malicious code to election equipment that serves millions of voters.” Read More

Colorado: State hires startup to help audit digital election results | The Hill

The state of Colorado is moving to audit future digital election results, hiring a Portland-based startup to develop software to help ensure that electronic vote tallies are accurate. The startup Free & Fair announced on Monday that it had been selected by the state to develop a software system for state and local election officials to conduct what are called “risk-limiting audits.” A risk-limiting audit, or RLA, is a method that checks election outcomes by comparing a random sample of paper ballots to the accompanying digital versions. The development comes amid deepening fears on Capitol Hill about the possibility of foreign interference in future elections, following Russia’s use of cyberattacks and disinformation to influence the 2016 presidential election. According to the U.S. intelligence community, Moscow’s efforts also included targeting state and local election systems. Read More

Editorials: Combating a Real Threat to Election Integrity | The New York Times

Russia’s meddling in the 2016 election may not have altered the outcome of any races, but it showed that America’s voting system is far more vulnerable to attack than most people realized. Whether the attackers are hostile nations like Russia (which could well try it again even though President Trump has raised the issue with President Vladimir Putin of Russia) or hostile groups like ISIS, the threat is very real. The question is this: Can the system be strengthened against cyberattacks in time for the 2018 midterms and the 2020 presidential race? The answer, encouragingly, is that there are concrete steps state and local governments can take right now to improve the security and integrity of their elections. A new study by the Brennan Center for Justice identifies two critical pieces of election infrastructure — aging voting machines and voter registration databases relying on outdated software — that present appealing targets for hackers and yet can be shored up at a reasonable cost. … The report identifies three immediate steps states and localities can take to counter the threat. Read More

Verified Voting Blog: Our Voting System Is Hackable by Foreign Powers | David Dill

This article appeared originally in the March 2017 issue of Scientific American.

The FBI, NSA and CIA all agree that the Russian government tried to influence the 2016 presidential election by hacking candidates and political parties and leaking the documents they gathered. That’s disturbing. But they could have done even worse. It is entirely possible for an adversary to hack American computerized voting systems directly and select the next commander in chief.

A dedicated group of technically sophisticated individuals could steal an election by hacking voting machines in key counties in just a few states. Indeed, University of Michigan computer science professor J. Alex Halderman says that he and his students could have changed the result of the November election. Halderman et al. have hacked a lot of voting machines, and there are videos to prove it. I believe him.

Halderman isn’t going to steal an election, but a foreign nation might be tempted to do so. It needn’t be a superpower like Russia or China. Even a medium-size country would have the resources to accomplish this, with techniques that could include hacking directly into voting systems over the Internet; bribing employees of election offices and voting-machine vendors; or just buying the companies that make the voting machines outright. It is likely that such an attack would not be detected, given our current election security practices.

Read More