This weekend, attendees at a large cybersecurity conference were invited to try their hands at hacking 30 voting machines. The conference had acquired the machines and set up a “voting machine village“.
Every single machine was hacked. The first ones in less than 90 minutes. Some were hacked with no physical contact. And remember that these are machines that are still in use in actual elections around the country.
I’ve said it before, and I’ll say it again. I am a computer scientist and have worked on projects related to computer security. There is no way to secure voting machines. Period. But don’t take my word for it. The site Electoral-Vote is run by a famous computer scientist, and he says “The only solution is to decommission all voting machines immediately and return to paper ballots.”
Unless we do this, the integrity of every election is in doubt. And unless the government does something about it, they are complicit.
The Republicans pretend to be concerned about voter fraud, which has been shown to be virtually nonexistent over and over, but is used as an excuse to disenfranchise voters they don’t like. Trump even created yet another commission to study it. But there is no commission studying security flaws in voting machines, which is demonstrably a real concern. Sad.
8 Comments
CS and other folks have been screaming about this for a long time now. For starters, see:
Brave New Ballot (2006)
Hacking Democracy (2006)
Security Analysis of India’s Electronic Voting Machines (2010)
Attacking the Washington, D.C. Internet Voting System (2012)
Even if the implementation is perfectly free of software and configuration vulnerabilities (haha, yeah, right!), the system is impossible to design because of the incentives involved. For instance (and there are many other issues), the robust system should reconcile these two contradictory properties:
A citizen should be able to validate that their vote was correctly included in the final tally and was not corrupted.
A citizen should not be able to prove to a third party how they voted, as this enables vote selling, blackmail, extortion, etc.
It can’t be done with computer-only technology.
Even though we cannot secure voting machines, it is possible to secure the vote by providing a verifiable paper receipt of each vote. Something the manufacturer’s of voting machines have strongly resisted.
Paper ballots optically scanned (and rescanned by humans if necessary during a close recount) seems so obviously the way to go, and is cheaper and easier to manage than voting machines. It leaves a paper trail, and the scanners don’t need to be connected to any network, so little chance of hacking. If you want to be really sure, use spot recounts, performed by multiple people, one from each party, to make sure nothing fishy is going on. It also allows vote-by-mail, which I love.
So simple. So obvious. Why aren’t we doing this?
IK, we are not doing this for exactly the same reason we have private prisons and for-profit health insurance.
Follow the money.
Ik, I too like vote by mail but I would like to add a little twist. A option of adding a password by the voter allowing them to be able to go online to verify the vote was recieved, tallied, and correctly applied. This would merge the convenience of vote by mail, means of voter verification, and means to have a hard copy for recounts. A little new tech mixed with old tech to make a better product.
You are so right. Back to Paper Ballots. ALWAYS require paper ballots.
I like getting my ballot in the mail. I have time to study the issues fill it out and then…take it to the county clerks office my very self. Easy and I know that it got to the right place at the right time.
I’ve never voted absentee. For a long time and perhaps still, you have to give a valid reason for wanting to vote early, travel, medical etc. I would not lie, so I didn’t do it. I have friends who have done it for years. They are Repubs so I guess lying is not a problem for them.
I’ve always worried that my candidate might be dead by the time of the election, which actually happened here in 2000 when our governor was running against Ashcroft for a senate seat and was killed in a plane crash. They could not remove his name from the ballot so his wife ran in his place and won a narrow victory but was unseated later in a special election by Jim Talent. That was when Dems won elections once in a while in this state.
Now we have some sort of early voting, but I see lines at the few places where you can vote and figure I might as well vote on the day at a school up the road instead of traipsing across the country to wait in line some place else. At the school they have some folding chairs sitting around and my husband and I can take turns sitting as the line moves if it’s very long. I always ask for a paper ballot.