A US senator is holding the nation’s biggest voting machine maker to account following a recent article that reported it has sold equipment that was pre-installed with remote-access software and has advised government customers to install the software on machines that didn’t already have it pre-installed. Use of remote-access software in e-voting systems was reported last month by The New York Times Magazine in an article headlined “The Myth of the Hacker-Proof Voting Machine.” The article challenged the oft-repeated assurance that voting machines are generally secured against malicious tampering because they’re not connected to the Internet. Exhibit A in the case built by freelance reporter Kim Zetter was an election-management computer used in 2016 by Pennsylvania’s Venango County. After voting machines the county bought from Election Systems & Software were suspected of “flipping” votes―meaning screens showed a different vote than the one selected by the voter―officials asked a computer scientist to examine the systems. The scientist ultimately concluded the flipping was the result of a simple calibration error, but during the analysis he found something much more alarming―remote-access software that allowed anyone with the correct password to remotely control the system.
… On Tuesday, US Senator Ron Wyden (D-Ore.) sent ES&S Chief Executive Tom Burt a letter that in essence asked two questions:
- Has ES&S sold any products on which remote-access software was pre-installed?
- Have ES&S officials or technical support personnel ever recommended that customers install remote-access software on voting machines or other election systems?
“The American public has been repeatedly assured that voting machines are not connected to the Internet and, thus, cannot be remotely compromised by hackers,” Wyden wrote. “However, according to a recent article in The New York Times Magazine, election systems sold by your company frequently include pre-installed remote-access software, which exposed elections systems to remote attack and compromise.”
Full Article: US senator grills CEO over the myth of the hacker-proof voting machine | Ars Technica.