Want better security of election voting results? Use paper.
With the US almost halfway between the last national election and the 2018 mid-terms, not nearly enough has been done yet to improve the demonstrated insecurity of current electronic voting systems. Multiple experts say one obvious, fundamental move should be to ensure there is a paper trail for every vote.
That was a major recommendation at a panel discussion this past week that included representatives of the hacker conference DefCon and the Atlantic Council think tank, which concluded that while there is progress, it is slow.
The progress includes the designation of voting systems as critical infrastructure by the Department of Homeland Security, plus moves in Texas and Virginia to improve the security of their systems by using paper.
Most states already do that. But Lawrence Norden, co-author of a September 2015 report for the Brennan Center for Justice titled “America’s Voting Machines at Risk,” wrote in a blog post last May for The Atlantic that 14 states, “including some jurisdictions in Georgia, Pennsylvania, Virginia, and Texas – still use paperless electronic voting machines. These systems should be replaced as soon as possible.”
There is little debate about the porous nature of electronic voting systems – it has been reported for years. It was close to four years ago, in January 2014 that the bipartisan Presidential Commission on Election Administration (PCEA) declared:
There is an impending crisis … from the widespread wearing out of voting machines purchased a decade ago. … Jurisdictions do not have the money to purchase new machines, and legal and market constraints prevent the development of machines they would want even if they had funds.
A couple of years later the Brennan Center issued its report, which predicted that in the 2016 elections, 43 states would be using electronic voting machines that were at least 10 years old – “perilously close to the end of most systems’ expected lifespan.”
The biggest risk from that, the report said, was failures and crashes, which could lead to long lines at voting locations and lost votes. But it also said security risks were at unacceptable levels:
Virginia recently decertified a voting system used in 24 percent of precincts after finding that an external party could access the machine’s wireless features to “record voting data or inject malicious data.
Smaller problems can also shake public confidence. Several election officials mentioned “flipped votes” on touch screen machines, where a voter touches the name of one candidate, but the machine registers it as a selection for another.
Not to mention that with solely digital voting machines, there is no way to audit the results.
While there is still no documented evidence that hostile nation states – mainly Russia – have been able to tamper directly with election results, the risk is there. At this past summer’s DefCon conference, one of the most high-profile events was the so-called Voting Village, where Wired reported that, “hundreds of hackers got to physically interact with – and compromise – actual US voting machines for the first time ever.”
The reason it hadn’t been done before, at least publicly, was that it was illegal. But at the end of 2016, an exemption to the Digital Millennium Copyright Act finally legalized hacking of voting machines for research purposes.
Not surprisingly, hackers didn’t have all that much trouble – they found multiple ways to breach the systems both physically and with remote access. And according to Jake Braun, a DefCon Voting Village organizer and University of Chicago researcher, the results undermined the claim that the decentralized voting system in the US (there are more than 8,000 jurisdictions in the 50 states) would make it more difficult to hack.
With only a handful of companies manufacturing electronic voting machines, a single compromised supply chain could impact elections across multiple states at once, he noted.
It’s not just tampering with actual voting results that can damage the credibility of an election either. Norden told Wired that, “you can do a lot less than that and do a lot of damage… If you have machines not working, or working slowly, that could create lots of problems too, preventing people from voting at all.”
Norden doesn’t dismiss the need for technology improvements. “Among the wide variety of solutions being explored or proposed are use of encryption, blockchain, and open source software,” he wrote in his blog post.
But the most effective security measure, he contended in his blog post, is low-tech:
The most important technology for enhancing security has been around for millennia: paper. Specifically, every new voting machine in the United States should have a paper record that the voter reviews, and that can be used later to check the electronic totals that are reported.
This could be a paper ballot the voter fills out before it is scanned by a machine, or a record created by the machine on which the voter makes her selections—so long as she can review that record and make changes before casting her vote.
That kind of improvement doesn’t have to take a lot of time or cost big bucks either, he said, and would create, “software independent” voting systems, where an, “undetected change or error in its software cannot cause an undetectable change or error in an election outcome.”
Given what are sure to be continued attempts at foreign interference in US elections, “it is the least we can do,” he said.
Dan D. Lyon
This article is “right on”, a phrase used commonly during the time frame that electronic voting machines first emerged. Those who were alive then remember how security concerns were dismissed as tin-foil hat conspiracies. And yet, here we are.
But then, we used to have smoking sections in airplanes, and everyone thought it was normal.
Wilderness
I don’t think anyone ‘hacked’ the last election, but everyone was trying to influence it. Regardless, I am all for paper voting to allow auditing, removal of multiple votes, removal of non-citizen votes, etc.
hotdoge3
I had my vote in new zealand on paper and weeks go and we don’t know who get in it takes a long time to count all the votes
Ed
I like the way NZ votes. What is the hurry? I would much sooner wait for paper ballots vs “instant” and unverifiable results. Besides, it has the tendency to shorted the “lame duck” time period
I watched as someone with allegedly $35 worth of electronic parts influence the vote on seven (or nine) machines just walking through the display area.
BTW, for the other poster, in my precinct, “voter ID” is, rightly so, considered a scam. While I do sometimes meet “new” people in the station, because I am familiar with the neighborhood, address verification is pretty close to “instant”.
Trump Kicked Your Ass and You're Just Mad
Taylor,
You are something else. I’ve commented a few times now and you refuse to post any of them. You only post comments if they go along with your agenda. I see.
If anyone cares about the integrity of our elections then we need to enforce voter ID laws across all states.
If any of these so called experts didn’t have a hidden agenda, they would be a bit more innovative than saying “let’s go back to paper.” If that’s the case, experts, then why have we not gone back to paper and filing cabinets since corporations and government entities are breached every day all around the country? With that line of thinking, should we not get rid of computer systems all together?
These experts are supposed to be innovative, seems they are just pissed because Trump kicked their asses.
Have fun with that.
Mark Stockley
Taylor doesn’t approve comments, I do. If your comments didn’t make it through the moderation process it means that I didn’t think they added anything to the discussion.
Your most recent comment doesn’t add anything either but I felt it warranted publishing so I could reply and use it as an opportunity to explain our approach to moderation.
To be clear: this article is not about the 2016 presidential election and whether it was fair or not, nor is it about anybody’s political agenda. It is about the response to research that was carried out at the DefCon conference that showed how it easy it is to hack voting machines. If you have technical grounds to doubt that research we’d love to read it.
As it happens, what happened at DefCon was a surprise to nobody because it has been demonstrated before. The (in my opinion entirely rational) response to that research has been to recommend that electronic voting machines create a paper audit trail so that their accuracy can be verified. It isn’t the same as going back to filing cabinets, it’s the same as keeping a paper copy of electronic records, which isn’t unusual at all.
If you have reasons to think a paper audit trail will or won’t work, we’d love to read them.
You accuse both Taylor and unnamed experts of an agenda and yet you present no evidence of one. You say if they were real experts they’d have reached different conclusions but you don’t say what those conclusions are.
People don’t come to Naked Security for mud slinging. Show us your working, as they say.
Steven
We have for many years been using paper backup with electronic card to get access and returned. With many people to watch 1.) Roped the area, 2.) Watched, 3.) Checked before getting card to use, 4.) Guide to escort to place to vote, 5.) Person to watch being returned, 6.) I watched them catch people that left improperly yet rarely does anyone try and succeed. Large crowds with 10 people to help vote and many people to watch yet takes time to complete yet get help they keep it moving.