Russia and other states could hack the US election by attacking voting machines

Originally published at: http://boingboing.net/2016/07/27/russia-and-other-states-could.html
…

Obligatory xkcd:

voting_machines.png740×304 48.3 KB

You Communists and other Democrats should be supporting this! Since they can only hack electronic voting machines, and machines in Democrat party strongholds are ancient and mechanical, the Soviet Empire is poised to commit election fraud in favor of you people.

This will potentially be a bigger electoral blowout than that time two black people stood outside of a polling place and scared all the white people away!

Hi Cory Doctorow, the picture you use is of a San Francisco Department of Elections machine from 2006, that the county does not even use anymore. I’m not sure the county ever used that machine. Could you please, please, find a different picture to use? The SF Department of Elections does not use a machine that can be “hacked,” we use optical scanning machines that scan and record ballots with a paper trail and they are security-sealed after testing to ensure they cannot be tampered with. It’s a very, very transparent process. Our job is hard enough without folks posting generic photos that cast misdirected blame. Please? thank you.

Really, you’re sure they can’t be hacked? Or are you just sure that YOU can’t hack them.

(One of the golden rules of computer security, eh.)

The machines are never connected to a network. They are tested for logic and accuracy, and are loaded with the information for that election. The machines are security sealed and delivered to polling places. If seals are found to have been broken, the Director of Elections must certify they have not been tampered with prior to use. When machines are powered on, they issue a zero report, then ballot cards are fed into the machine by voters and scanned via optical scanning. The results at the end of the day are printed on paper, the paper ballots are processed separately from the machine results. It’s POSSIBLE, but the level of conspiracy would have to be very, very widespread (every machine physically tampered with), and require someone to physically tamper, in person, making it highly unlikely a Russian national could do so. Also during canvass, the dept randomly selects precincts to conduct a manual tally of. If widespread tampering has occurred, it would be revealed by the manual tally, which could trigger a full recount.

San Francisco does not use touch-screen machines, so there is always a paper copy of a ballot, even if foul play were detected, the votes exist on paper separate from the digital recording of the votes.

Why would this even be a concern? Foreigners don’t even pay attention to US elections. On the remote chance it did happen, we could threaten sanctions. Problem: solved.

Americans hacking these machines strikes me as a far more probable and worrisome outcome. As a voting citizen, I don’t care for the leap of faith required for me to believe it accurately tallies my votes vs a physical ballot that clearly represents my democratic will before I drop it in the ballot box. I don’t trust the corporations that manufacture these and I don’t trust the executives who run the corporations.

Also, as an IT professional, I’m mortified at the possibilities for abuse and failure in any digital voting booth. As a taxpayer, I’m upset by the cost of a rapidly obsolete computer that will be dragged out, at best, once every two years.

I’m more worried about our own Politicians hacking them.

It doesn’t really matter which particular dickhead d’jour you’re worried about. The point is that it’s comically easy to falsify the reported results.

Maybe the last couple of elections have already been hacked.

So, honest question (though the existence of a paper trail makes it a lot less important than if we were talking about machines that don’t leave a paper trail, like Diebold’s):

If I wanted to inspect the source code that those machines run, could I? Could I just look at it on the internet, or would I have to jump through a bunch of hoops?

I can imagine the state as a kindly aunt going all “Why, bless your heart for still believing it matters who gets elected.”

But that would be cynical.

Cyn-ic-al.

I think it’s great that SF has such a system in place. Unfortunately the ol’ USA is larger than SF.

Given that Putin’s a Trump fan and Sanders would’ve been a lock against Trump while Clinton has a lot of baggage…are we sure that there weren’t any primary shenanigans? They’re a more important part of the process than general elections anyway.

It appears that in States with no paper trail, Clinton did disproportionately well in actual elections vs. exit polling. That variance is a little eyebrow-raising, and while there are things that could be improved about that paper and how it was described (it’s not a ‘Stanford Study’ and has not gone through a big review process), I’ve yet to see an explanation that addresses that variance (the primary concern) rather than focusing on more minor parts of the study…especially since exit poll vs. result variance is one of the key ways to identify voter fraud.

In San Francisco it is NOT comically easy to falsify reported results. It would require a conspiracy of a bunch of union-represented civil servants with nothing to gain and a LOT to lose. In the US individual counties run their own Elections departments governed by the election codes of their respective states. In San Francisco, If you reported false results (even though the ballots would say otherwise), then you’d have to destroy tens of thousands of paper ballots, which would require an even bigger conspiracy as they’re securely transported by about 80 sheriff’s deputies from the nearly 600 polling places in to the canvass warehouse.

It’s a nitpick, but you are talking about the November 2000 elections, right?

Hi Space_Monkey,

I don’t know what kind of hoops you could have to jump through to get the source code.

Suppose you got the source code. Then you would have to write a program that could be uploaded onto each memory pack that would run a zero report, but then return incorrect results (flip votes as the ballots are fed into the machine by voters and scanned).

First catch is, you would have to physically infiltrate the warehouse where these memory packs are loaded with election data and INDIVIDUALLY upload your malware onto each one, in person. There are nearly 600 of them in San Francisco. There is an incredibly transparent process for doing this; it’s not done in secret by anonymous individuals; it’s done by union-represented San Francisco civil servants with nothing to gain but a LOT to lose, and it’s overseen by voting machine vendor support staff, AND can be observed by any member of the public.

Suppose someone was still able to load malware onto each one and on Election Day, flipped enough votes to sway an Election. The next catch, is after Election Day, by California Election Code, a random selection of precincts are drawn, and the paper ballots are counted by hand. No one could know ahead of time which random precincts would be selected so you could not exclude them from your malware. If the manual tally was found to be wildly off from the scanning machine results, it would result in a full manual recount.

Those are the safeguards I can recall off the top of my head, but there may be more. It would still require a vast conspiracy.

I think some confusion is being created with the focus on a specific set of machines in a single location.

It’s great that San Fran is ahead of the game, but it’s not like that’s the case in 100% of the U.S.

Texas, Indiana, Florida, Pennsylvania, Louisiana, Tennessee, Kentucky, Virginia, Georgia, Nebraska, Missouri, Mississippi, New Jersey, Deleware, and South Carolina all have voting machines without paper trails.

Those are the states that should be relevant to this conversation. The West Coast, Midwest, and NorthEast have audit trails and even if they were hackable the hacks would be detectable after the fact.

Not so for the other states.