A group of technology experts said Tuesday that Georgia’s top elections officials should stop using electronic voting machines as the FBI reviews a suspected data breach. Secretary of State Brian Kemp and Kennesaw State University this month confirmed a federal investigation focused on the school’s Center for Election Systems. The center tests and certifies Georgia’s voting machines and electronic polling books used to check in voters at polling locations. Employees also format ballots for every election held in the state. The center isn’t part of Kemp’s office or connected to its networks, including Georgia’s database of registered voters maintained by the secretary of state’s office. The Atlanta Journal-Constitution first reported the investigation into the suspected cyberattack. In a letter to Kemp on Tuesday, 20 technology experts and computer science professors affiliated with the national Verified Voting organization said paper ballots will preserve voters’ confidence in the results of an upcoming special election to fill Georgia’s 6th District congressional seat. The letter said using equipment maintained by the center while it is the focus of a criminal investigation “can raise deep concerns.”
Verified Voting in the News
Georgia: Experts push paper ballot trail after alleged breach of Georgia data | Atlanta Journal Constitution
A group of 20 computer scientists and security experts called on Georgia to overhaul its elections system and begin using a system with a paper audit trail, saying it would assure accuracy and public confidence following an alleged breach of confidential data that could affect millions of Georgia voter records. In a letter sent Tuesday to Georgia Secretary of State Brian Kemp, the group acknowledged that the breach is now under federal investigation and that much is still unknown. But, it said, potential findings “could have dire security consequences for the integrity of the technology and all elections carried out in Georgia” depending on their severity. “While we understand that this investigation is ongoing and that it will take time for the full picture to emerge, we request that you be as forthcoming and transparent as possible regarding critical information about the breach and the investigation, as such leadership not only will be respected in Georgia but also emulated in other states where such a breach could occur,” the group said. Most members of the group are involved with the voting-accuracy organization Verified Voting.
Editorials: Want Secure Elections? Then Maybe Don’t Cut Security Funding | Dan S. Wallach and Justin Talbot-Zorn/WIRED
Last Week, the House Administration Committee voted on party lines to defund the Election Administration Commission, the leading federal agency responsible for helping states run smooth elections and preventing hacking. Republicans justified the move as a way to save money and shrink the size and scope of government: “We don’t need fluff,” said Rep. Gregg Harper (R-MS), the committee chairman, explaining his vote. But the move wasn’t just Capitol Hill budget politics as usual. It’s evidence of a radical disconnect between a handful of influential House Republicans and nearly everyone else—including the scientific community, leading cybersecurity experts, and even the White House—who contend that voting vulnerabilities are a serious problem. On the morning of the election, Donald Trump called Fox News to give his views on the state of voting in the United States: “There’s something really nice about the old paper ballot system—you don’t worry about hacking.” Trump wasn’t going rogue. While his “voter fraud” comments have gotten serious attention of late, he has also, like many conservatives, expressed concern about the vulnerability of voting systems.
National: Professor Who Urged an Election Recount Thinks Trump Won, but Voting Integrity Still Concerns Him | The Chronicle of Higher Education
In the days after November’s election, a news report described a professor of computer science and engineering at the University of Michigan at Ann Arbor, J. Alex Halderman, as having a made a provocative discovery. The report suggested he had found “persuasive evidence” of voting anomalies in three key swing states, each barely won by Donald J. Trump, that gave him the margin of his surprise victory, and asked whether computer hacking could have been responsible. Claims that Hillary Clinton’s vote totals were suspiciously lower in counties that relied on computerized voting machines helped fuel recount demands by Jill Stein, the Green Party’s presidential nominee, that later were joined by Mrs. Clinton’s campaign.
Five days after Donald Trump was elected president, Alex Halderman was on a United Airlines flight from Newark to Los Angeles when he received an urgent email. A respected computer scientist and leading critic of security flaws in America’s voting machines, Halderman was anxious to determine whether there had been foul play during the election. Had machines in Wisconsin or Michigan been hacked? Could faulty software or malfunctioning equipment have skewed the results in Pennsylvania? “Before the election, I had been saying I really, really hope there’s not a hack and that it’s not close,” he says. “Afterwards, I thought, ‘Wait a minute, there’s enough reason here to be concerned.’ ” Now, wedged into a middle seat on the cross-country flight, Halderman stared in disbelief at the email from Barbara Simons, a fellow computer scientist and security expert. Working with Amy Rao, a Silicon Valley CEO and major Democratic fundraiser, Simons had arranged a conference call with John Podesta, Hillary Clinton’s campaign chair, to make the case for taking a closer look at the election results. Could Halderman be on the call in 15 minutes? United’s wi-fi system didn’t allow for in-flight phone calls. But Halderman wasn’t fazed. “I’m blocked,” he emailed Simons, “but I can try.” Within minutes, Halderman had circumvented the wi-fi and established an interface with computers at the University of Michigan, where at 36 he is the youngest full professor in the history of the computer science department. He dialed in to the call but did not speak, afraid of drawing attention to the fact that he was violating the airline’s phone ban.
Despite finding no signs of foul play during the 2016 elections’ actual ballot-casting, state officials told the Election Assistance Commission they are looking to shore up the cybersecurity of voting systems to ensure that Americans are confident in their election results. Director of the New Jersey State Department’s division of elections Bob Giles said at an EAC meeting Feb. 13 that although “cybersecurity wasn’t as big a concern” entering the 2016 election because his state’s voting machines were not connected to the internet, the attention garnered by Russia’s reported electoral influence has led to a rethinking of his agency’s cybersecurity protocols. Giles said cyber hygiene practices such as improving password strength and multifactor authentication will be included in the state’s plan to modernize its voter registration system.
National: Not Okay: Professor Smeared After Advocating for Election Integrity | Electronic Frontier Foundation
Imagine if someone, after reading something you wrote online that they didn’t agree with, decided to forge racist and anti-Semitic emails under your name. This appears to be what happened to J. Alex Halderman, a computer security researcher and professor of computer science at the University of Michigan. Halderman is one of many election security experts—along with EFF, of course—who has advocated for auditing the results of the 2016 presidential election. The recent attempts to smear his name in retaliation for standing up for election integrity are a threat to online free speech. Halderman, who is a frequent collaborator and sometimes client of EFF, published a piece on Medium in November 2016 arguing that we should perform recounts in three states—Wisconsin, Michigan, and Pennsylvania—to ensure that the election had not been “hacked.” To be clear, despite a report in New York Magazine, Halderman never stated that there was hard evidence that the election results had in fact been electronically manipulated. He just stated that we should check to be sure:
The only way to know whether a cyberattack changed the result is to closely examine the available physical evidence — paper ballots and voting equipment in critical states like Wisconsin, Michigan, and Pennsylvania.
Blockchain technology can safely be used to authenticate e-voting by shareholders at a company’s annual general meeting, Nasdaq said this week, following a pilot project in Estonia. … Voting security experts in the U.S. were skeptical about the pilot project’s wider applicability, especially with regard to national elections. “Blockchain solves a small part of the overall set of problems [with e-voting], but nowhere near all,” said Pamela Smith, president of election integrity advocacy group Verified Voting. “If you have a boat with many leaks, plugging one of them should not make you assume the others won’t swamp you,” she told CyberScoop via email.
The U.S. Department of Homeland Security designated the nation’s election technology and systems as critical infrastructure, giving state election officials access to technical and policy aid from the agency. The move, announced Jan. 6, makes the election infrastructure in the United States part of the government-facilities critical infrastructure sector, one of the 16 sectors deemed crucial by the U.S. government. Other sectors include health care, energy and the defense industrial base. While some states have reportedly opposed the designation, the DHS assured election officials that states would still have full oversight and responsibility for running elections. … Election-security groups have long called for the infrastructure to be designated critical. Verified Voting, a group of voting experts, pushed for election systems to be deemed critical since 2013, Pamela Smith, president of Verified Voting, told eWEEK in an e-mail.“Voting systems should receive at least as much attention and care as other critical infrastructure systems do,” Smith said.
While Dave Jacobsen’s introduction hung in the air, more than 60 people rose to their feet for a standing ovation for Ion Sancho. Jacobsen had said the Leon County Elections Supervisor will be long remembered for his efforts to make voting easier and the ability to run a problem-free election. Sancho’s term as supervisor ends Tuesday. While Sancho was not available for comment for this story because his wife passed away on Wednesday, his decades-long career speaks for itself. Back in May 2016, Sancho beamed as he walked to the lectern at the Leon County Public Library. He wore an American flag bow tie. He’s an internationally-recognized elections experts and was featured in an HBO documentary 10 years ago. “The most basic civil right, no other right stands if you don’t get to vote for who represents you in government,” he said earlier when asked what he was going to talk about. Sancho has been strumming the same chord for 30 years — leafing through notebooks and recordings of radio, television or newspaper interviews the song remains the same. On this particular afternoon in May the chorus he wrote for the mix of retirees, downtown office workers, and university students was a ditty about career politicians and their bureaucratic henchmen attacking democracy’s foundation — fair, transparent elections.