Could Hackers “Rig” The Election?
Donald Trump has predicted that the November elections will be “rigged.” Most politicians and pundits dismiss that idea as “impossible.” But according to many security experts, thousands of electronic voting machines that will be used across the country on November 8 are so riddled with security holes that the possibility of manipulating the votes they record cannot be waved away. Here's what you need to know...
Are Electronic Voting Machines Secure?
In a word, no. Princeton professor Andrew Appel and his colleague, Ed Felten (now a member of the White House Office of Science and Technology Policy), along with a rotating crew of Princeton grad students, have hacked every kind of voting machine, creating at the Center for Information Technology Policy where they work, a monument to mediocre computer system design.
Security experts have always opposed Direct-Recording Electronic (DRE) voting machines that are in widespread usage. DRE voting machines leave no paper trail; one’s votes are recorded, stored, transmitted to vote-tallying machines, and reported to election officials digitally. It’s a recipe for disaster, say the experts.
“They’re just computers, and we know how to tamper with computers,” testified Dan Wallach, now a computer science professor at Rice University, to the Houston City Council when DRE machines were under consideration in that city. He was worse than ignored.
According to Wallach, “The county clerk, who has since retired, essentially said, ‘You don’t know anything about what you’re talking about. These machines are great!’ And then they bought them,” using part of $4 billion that Congress made available through the Help America Vote Act (HAVA) of 2002.
By 2006, all 50 States had purchased new voting machines, including DREs, optical-scanners, and other technologies. Some 20,597 of those machines are DREs, now used by several hundred election districts nationwide. They have been unreliable and insecure since their invention in the 1990s.
Numerous Attack Vectors
The team at Princeton investigating the security of voting machines re-programmed one machine to play Pac-Man; infected other machines with a self-replicating malware that spread via a supervisor’s access card; discovered physical keys to voting machine locks for sale on eBay; and programmed one machine to surreptitiously swing a mock election from George Washington to Benedict Arnold. Then, in 2003, they got serious.
A Diebold employee accidentally (?) left 40,000 files containing the code for the Diebold AccuVote TS, one of the most popular voting machines, on a public Web site. Appel and crew grabbed that bonanza and analyzed it thoroughly. One of the earliest papers they published, “Analysis of An Electronic Voting Machine,” includes some alarming findings, including these reported by Politico in a recent (and lengthy) excoriation of DRE voting machines.
“The machine’s smartcards could be jerry-rigged to vote more than once; weak cryptography left the voting records file easy to manipulate; and poor safeguards meant that a “malevolent developer”—an employee inside the company, perhaps—could reorder the ballot definition files, changing which candidates received votes. The encryption key, F2654hD4, could be found in the code essentially in plain view; all Diebold machines responded to it.”
Diebold dismissed the report, claiming that the software it examined was obsolete. But we have only Diebold’s word that security has been improved; no company that makes voting machines will allow its software to be vetted by the open-source community. Five “accreditation labs” supposedly vet voting machine software, but their reports are sketchy and the labs won’t answer questions. One of them even told California Secretary of State Kevin Shelley, “We don’t talk about our voting machine work” when he asked questions about the Diebold TSX machines. Shelley later banned Diebold machines from California elections, calling the company’s conduct “deceitful.”
The voting machines purchased between 2002 and 2006 are now 10 to 15 years old, well within the age range when electronic components start to deteriorate. A widespread problem with touchscreen DREs caused the machines to freeze or record a vote for another candidate when a voter touched his real choice on-screen. Larry Norden, another researcher of voting machines, attributes such behavior to deteriorating glue behind the screen. The software running on today’s voting machines is equally old. Support has ended for some of it, leaving orphaned code that becomes more vulnerable to hacking every day.
Security Through Obscurity
Why are voting machines plagued by deplorable security holes? One reason is that the really good security experts are working in more exciting, lucrative, and career-enhancing markets, leaving only the mediocre for voting machine makers to hire. Another reason is the voting machine industry’s reliance on “security through obscurity” -- they just won’t talk about problems, or allow outsiders to examine their code for flaws. A third reason is the vendors’ reliance on other people’s security practices; those elderly volunteers who work at polling places are sufficient security, they say.
But every year, Appel publishes a new photo of unguarded voting machines sitting in storage or empty polling places. His team has proven, over and over again, that these machines can be totally “owned” (reprogrammed) by a hacker in seven minutes or less.
While many States have gotten the message and rushed to replace vulnerable DREs (mostly with optical-scanning machines that provide paper trails), the flawed Diebold TSX will be used in 20 states in 2016, including critical swing states Pennsylvania, Ohio, Florida, Missouri and Colorado.
High-Level Hacks More Likely
The voting machines that voters see are easily hacked, but they have not become popular targets among hackers. The machines at one polling place are relatively small targets, not worth the trouble. Major mischief is better done at the next level up the information-gathering hierarchy, in the computers that aggregate votes from many polling places.
Ukraine’s 2014 national election was very nearly derailed by malware injected into the country’s centralized vote aggregation system; it was discovered and neutralized just 40 minutes before it was due to work its mischief. Had the malware executed, the system would have shown candidate Dmytro Yarosh as the winner with 37 percent of the vote (instead of the 1 percent he actually received) and Petro Poroshenko (the actually winner with a majority of the vote) with just 29 percent. The hackers also infiltrated the central vote-tallying system, deleting key files and rendering the machines inert; Ukrainian officials restores their software from backups within a day, but it was a close call.
Ukraine officials point the finger directly at Russia, noting that a Russian state-controlled television news station reported that Yarosh won the election by a margin of (surprise!) 37% to 29%, then buried that report when the official results were released minutes later.
Could Russia, another adversary nation, or even operatives from within, disrupt or manipulate a U.S. national election? Hackers have achieved that level of savvy, say experts like Appel, and with the enormous resources of a national government behind them, hackers can infiltrate nearly any system. At least a dozen U.S. government agencies have been hacked in the past two years, including the Department of Defense, the Office of Personnel Management, Health and Human Services, the Department of State, the Federal Aviation Administration, the Internal Revenue Service, and even the non-classified email of the President. So, yes, it could happen here.
Election officials nationwide are in denial about the security of their voting machines and the integrity of their results. They do not have any money to replace insecure, aging machines. It is up to voters to ask pointed questions and push their dully (sic) elected representatives to fund and mandate a complete switch from DREs to a technology, like optical scanning, that gives voters the opportunity to make sure their votes were counted, and accurately.
Do you have confidence that the results of the upcoming U.S. elections will be accurately tabulated and reported? Your thoughts on this topic are welcome. Post your comment or question below, but PLEASE, don't get into the political mud here. This article is about election integrity, not the candidates or their parties.
This article was posted by Bob Rankin on 11 Aug 2016
|For Fun: Buy Bob a Snickers.|
Geekly Update - 10 August 2016
The Top Twenty
Should You Be Allowed To Sell Your Privacy?
There's more reader feedback... See all 31 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Could Hackers “Rig” The Election? (Posted: 11 Aug 2016)
Copyright © 2005 - Bob Rankin - All Rights Reserved