Congress provided $380 million in election security funding as part of its massive spending bill, a move that reflects the growing consensus in Washington that more needs to be done to ensure the integrity of America’s elections. The funding would go to the Election Assistance Commission, which then must distribute the funds to states within 45 days to replace aging voting machines, implement post-election audits, and provide cybersecurity training for state and local officials, among other election security related improvements. “In this challenging political time, this has to be seen as a win and a recognition that [election security] is an important responsibility,” Adam Ambrogi, the director of the Elections Program at the Democracy Fund, told Business Insider. “The federal government needs to aid the states. The states don’t have this money laying around.”
Editorials: The Senate has released election-security recommendations. Now it’s time to act. | The Washington Post
The House Intelligence Committee voted on party linesThursday to release a one-sided report on the panel’s hastily closed Russia investigation, deepening the partisan morass and enabling President Trump to undermine law enforcement and the intelligence community. The Senate Intelligence Committee, meanwhile, has taken Russia’s continuing attacks on the nation’s democracy more seriously than its House counterpart. The Senate probe continues in a bipartisan — and, as of now, constructive — manner. The panel on Tuesday released preliminary recommendations on election security, the first of several documents the committee will release on Russia’s meddling in the country’s elections. It will take some time to get the committee’s full analysis, which must undergo declassification review. But with primary elections already starting, acting on the recommendations is urgent.
Georgia: Bill to replace Georgia’s electronic voting machines advances | Atlanta Journal-Constitution
A proposal to replace Georgia’s electronic voting machines passed a subcommittee Tuesday despite concerns that the legislation doesn’t go far enough to safeguard elections. The measure calls for the state to begin using a new voting system with paper ballots in time for the 2020 presidential election. State lawmakers say the state’s all-digital election system, in use since 2002, is outdated and needs to be scrapped after tech experts exposed security vulnerabilities last year in the same type of voting machines as those used in Georgia. … Critics of the voting legislation say the touch-screen machines, which the state tested during a Conyers election in November, are vulnerable to tampering because they use bar codes for tabulation purposes. Voters wouldn’t be able to tell whether the bar codes matched the candidates they chose, which would also be printed on the ballot.
Florida lawmakers want to expand the use of digital voting and tallying machines. Many of the state’s election managers are behind the plan. But critics don’t want to leave the paper ballot behind. … Leon County Elections Supervisor Mark Earley supports the bill. He says digital recounts would be more effective and efficient. “We would’ve not only been able to find the paper very quickly because of the digital ballot sorting that is inherent in this audit system, the great power of it, it’s very visual and transparent. We could’ve seen the problem ballots, assessed the images. And if the county commission or canvasing board so desired, they could have immediately said, ‘Let’s go see these 60 ballots or these 38 ballots’ or whatever it was that were in dispute, and we could’ve pulled the paper very easily out of the box,”Earley said.
This oped was originally published in the York Dispatch on February 1, 2018.
An oversight in York County, Pennsylvania on the eve of last November’s Election Day questioned the rightful winner of the election, but thankfully the potential damage stopped there. Still, the discovery of a technical error — one that allowed voters to cast multiple votes for a candidate in races with cross-filed candidates — risked the integrity of the election. This could’ve been easily preventable with paper ballots.
Most Pennsylvania voters are using paperless electronic voting machines to cast their ballot. The problem is that these outdated machines — also known as direct recording electronic (DRE) systems —are unverifiable. DREs, or voting machines without paper ballot back-up, have been the source of controversy for years because of their inability to allow anyone to verify the results. Instilling confidence in election outcomes can only occur by replacing these systems with newer ones that provide a software independent record of voter intent and implementing statistically meaningful audits of those records.
We know there was foreign interference during the 2016 election cycle, and that similar acts to undermine faith in America’s democratic systems are a possibility. Security experts agree that safeguarding and protecting election systems is important and that no system is completely secure. That’s why security experts recommend ensuring that all computer-based systems, including voting machines are resilient, that is, they have the ability to identify a problem and recover from it. Replacing the outdated voting systems with resilient machines is imperative before the 2018 elections because, for more than 80 percent of Pennsylvania voters in 50 counties, no one has any way of knowing whether the paperless voting machines correctly captured voter intent.
Verified Voting Public Commentary: Verified Voting Testimony before the Pennsylvania State Senate Senate State Government Committee: Voting System Technology and Security
The security of election infrastructure has taken on increased significance in the aftermath of the 2016 election cycle. During the 2016 election cycle, a nation-state conducted systematic, coordinated attacks on America’s election infrastructure, with the apparent aim of disrupting the election and undermining faith in America’s democratic institutions. Intelligence reports that have been published in 2017 demonstrate that state databases and third-party vendors not only were targeted for attack, but were breached.1 Regardless of the success of hacking attempts in 2016, the consensus among the intelligence community is that future attacks on American elections are inevitable.2 The inevitability of attacks is a key concept in cyber security, that is, it’s not whether a system will be attacked, but when.
The existence and national significance of this threat have escalated the priority of securing Pennsylvania’s elections infrastructure. Two primary areas that require immediate and sustained attention are 1) securing both the state and county networks, databases and data transmission infrastructure that touch elections; and 2) instilling confidence in election outcomes by replacing legacy voting systems with new systems that permit reliable recounts and audits.
During the time that I served the Commonwealth as Deputy Secretary for Elections and Administration and Special Advisor to the Governor on Election Policy, I worked with the Office of Administration-Office of Information Technology to protect the Commonwealth’s networks that touch elections and to implement procedures to recover from any potential attacks. These efforts complied with cyber security best practices to monitor, detect, respond and recover. OA-OIT’s experienced staff is continuing this effort, and along with the Department of State, they have engaged county CIOs and technology staff to coordinate similar efforts at the counties working through the Commonwealth’s relationship with the County Commissioners Association of Pennsylvania (CCAP). Assuming the administration receives support from the General Assembly, the Commonwealth is on the right track to taking the necessary steps to monitor, detect, respond and recover from cyber attacks.
Verified Voting Blog: Testimony of Verified Voting to the Georgia House of Representatives House Science and Technology Committee
Georgia’s voting machines need an update. The lifespan of voting machines has been estimated at 10-15 years.1 Purchased in 2002 Georgia’s voting machines are at the outside of that estimate. As voting systems age they are more susceptible to error, malfunction or security threats potentially losing or miscounting votes.
Georgia is one of only a handful of States that is still casting votes on entirely electronic voting systems, known as Direct Record Electronics (DREs). These machines record votes only in digital form; if the digital records are corrupted, either by benign error or malicious attack, there are no backup records and no way to know whether votes have been corrupted. When Georgia purchased these machines in 2002, the national trend was toward paperless touchscreen voting machines. Since then, however, most states moved away from paperless voting systems, driven by mounting research establishing these machines’ security flaws and some high profile and costly machine failures.2 Most of the nation has adopted voting systems that rely on a voter-marked paper ballot, an election safeguard recognized as essential by election officials and computer security experts alike.
A paper ballot provides a durable, physical record that is out of reach of a cyber attack and cannot be lost by a digital malfunction or programming error. Paper ballots can be used in a recount or to perform a post-election audit or check on the election results to help ensure the election outcome is correct. Today roughly 70% of voters in our nation mark a paper ballot which is counted by an electronic scanner.
North Carolina: Forsyth County seeks voting machine extension from General Assembly | Winston Salem Chronicle
Forsyth County Board of Elections is hoping the General Assembly will give counties an extension on getting new voting machines. Currently the county is under a state deadline to switch to a paper-based ballot system by next year. The county had planned to replace its current touchscreen voting machines used for early voting with new machines that will produce paper ballots. Plans to test the machines and have them ready by 2018, were sidelined by a legal battle over proposed changes to the makeup of election boards in the state. As North Carolina awaits a ruling, the State BOE’s term expired and the board is currently vacant. Without a state board, there is no one to certify new voting machines for use in the state, so Forsyth can’t get new machines and its current ones will no longer be certified after year’s end.
Nearly a year after the 2016 presidential election, many Americans have been forced, some for the very first time, to look critically at their voting protections, and recognize that US balloting systems are not nearly as impregnable as they once thought. Clearly, the US intelligence reports about Russia hacks provided a long-overdue wake up call for this issue. The good news: some progress has been made in some jurisdictions in the last year. The bad news: that progress hasn’t been as widespread or comprehensive as the problem would seem to demand. “I think we’re moving in the right direction,” said Larry Norden, of NYU’s nonpartisan Brennan Center for Justice. “I’m heartened by the fact that, for instance, we’re seeing, in both House and Congress, bipartisan proposals to invest in increased election system security.” … Election consultant Pam Smith agreed that there has “definitely [been] a pattern towards more secure elections” across the country. Some states appear to be ahead of the game. Virginia, for example, recently earned praise for decertifying all its touchscreen, paperless Direct Record Electronic (DRE) voting machines ahead of the termination date required by its own legislation.
DEFCON Report on Machine Vulnerabilities Critical First Step in Raising Awareness, But to Secure Election Systems, States Must Adopt Paper Ballots
A new report on cyber vulnerabilities of our elections systems raises awareness of a critical issue, but in order to secure our elections, we need fundamental changes made at the state and local level. Verified Voting collaborated on the DEFCON Hacker Village to raise awareness of a chilling reality: our enemies have the will, intention and ability to tamper with our election infrastructure, potentially delegitimizing our elections and destabilizing our government. Verified Voting has known of this frightening possibility for years—we were founded in 2004, in the wake of election irregularities, to secure our democracy by ensuring that Americans’ votes would be counted the way they intended to cast them.
We know from deep experience: protecting our election infrastructure is a national security issue, and if we don’t act now, as former FBI Director James Comey has stated, ‘They’ll be back.’ That’s why Verified Voting has worked continuously with state election officials to safeguard their systems. Just last month, Verified Voting worked closely with Virginia’s Board of Elections in their move to decertify and remove its insecure, untrustworthy paperless voting machines and replace them with voter-marked paper ballots.