A new paper by Andrew Appel and Philip Stark: EVIDENCE-BASED ELECTIONS:CREATE A MEANINGFUL PAPER TRAIL,THEN AUDIT Provides a thorough description of how the public can be assured of election outcomes, in spite of hack-able voting equipment.
The bottom line: The only reliable method available is Voter-Marked Paper Ballots, with strong security for the ballots, followed by sufficient post-election audits. Other technologies, including Ballot Marking Devices and Internet voting are insufficient.
Anyone interested in trustworthy elections should read this paper – especially those who think that expensive Ballot Marking Devices should be trusted. And those who think it is impossible to use technology to count votes accurately.
Those who understand Turing’s Theorem know that computers are ultimately all vulnerable to virtually undetectable errors and fraud. A new report reminds us just how much worse it is than we think: Wired: Hundreds of Millions of PC Components Still Have Hackable Firmware
That laptop on your desk or that server on a data center rack isn’t so much a computer as a network of them. Its interconnected devices—from hard drives to webcams to trackpads, largely sourced from third parties—have their own dedicated chips and code. That represents a serious security problem: Despite years of warnings, those computers inside your computer remain disturbingly unprotected, offering an insidious and nearly undetectable way for sophisticated hackers to maintain a foothold inside your machine.
We may not know who won Iowa, yet we know the losers: Internet Voting, Caucusing, and Immediate Gratification.
NYTimes article: 2020 Iowa Caucus Updates: Delayed Results Lead to Confusion
““This is an embarrassment but it shouldn’t shake people’s confidence in the results,” Mr. Halderman said. “If this had been an election conducted by phone, or online, that would have been a major disaster. We might never know the results and would have had to re-run the entire contest.”
“This is an urgent reminder,” Mr. Halderman said, “of why online voting is not ready for prime time.”
From NPR: Despite Election Security Fears, Iowa Caucuses Will Use New Smartphone App
Cybersecurity experts interviewed by NPR said that the party’s decision to withhold the technical details of its app doesn’t do much to protect the system — and instead makes it hard to have complete confidence in it.
“The idea of security through obscurity is almost always a mistake,” says Doug Jones, a computer science professor at the University of Iowa and a former caucus precinct leader. “Drawing the blinds on the process leaves us, in the public, in a position where we can’t even assess the competence of the people doing something on our behalf.”…
When initial results point to an apparent winner, then the assumption is any other person is trying to overturn the result, rather than insisting that it be accurate.
From Politico: How Close Did Russia Really Come to Hacking the 2016 Election?
Why does what happened to a small Florida company and a few electronic poll books in a single North Carolina county matter to the integrity of the national election? The story of Election Day in Durham—and what we still don’t know about it—is a window into the complex, and often fragile, infrastructure that governs American voting…
The fact that so many significant questions about VR Systems remain unanswered three years after the 2016 election undermines the government’s assertions that it’s committed to providing election officials with all of the timely information they need to secure their systems in 2020. It also raises concerns that the public may never really know what occurred in 2016.
One of the key issues this year is the purchase of Ballot Marking Devices (BMDs) for all voters vs. Voter Marked Paper Ballots. In recent weeks, two board members have resigned from Verified Voting over a perception that VV is doing too much to tout Risk Limiting Audits (RLAs) of BMDs to the detriment of secure, evidence based elections. An extensive article in the NY Review of Books highlights the issues with BMDs: How New Voting Machines Could Hack Our Democracy. By mid-week Verified Voting had issued a clarification that states its general opposition to BMDs.
Editorial: We should not be wasting Federal and state money on BMDs except for those with disabilities. Instead, we should be using a portion of the savings on developing better BMDs that better serve those with disabilities.
From Bloomberg Expensive, Glitchy Voting Machines Expose 2020 Hacking Risks
Paper ballots may be safer and cheaper, but local officials swoon at digital equipment…
Cybersecurity experts are baffled by local election officials choosing the computerized voting machines. “It’s a mystery to me,” said Rich DeMillo, a Georgia Tech computer science professor and former Hewlett-Packard chief technology officer. “Does someone have 8 x 10 glossies? No one has been able to figure out the behavior of elections officials. It’s like they all drink the same Kool-Aid.”
The animus is mutual. At conferences, election administrators swap complaints about cyber experts treating them like idiots, said Dana DeBeauvoir, head of elections in Travis County, Texa
We have long agreed with all those calling for Voter Marked Paper Ballots. Paying double or more for machines that are risky and lead to long lines can most easily be explained by the extensive lobbying of election officials and legislative bodies.
States and the Federal Government are pumping millions into cybersecurity and new voting systems. That is all good, especially when the new systems are for Voter Marked Paper Ballots and Ballot Marking Devices for those with disabilities. Yet ultimately, it can provide a false sense of security. No matter how strong the cybersecurity and the quality of software, based on Turing’s Halting Problem, it is impossible to secure a computer system from errors and hacking. it is also impossible to secure systems from insiders and others with physical access.
Op-Ed in Politico by two former secretaries of state, one D and one R: Election Security Isn’t That Hard
First, we need to dispel one misconception. Many people (including many election officials) believe that if a voting system or scanner is never connected to the internet, it will always be safe. Alas, that’s not the case…
What this means is that while we must make our election infrastructure as secure as possible, we need to accept that it is essentially impossible to make those systems completely secure.
Overall, we agree as far as this op-ed goes. Yet, Risk Limiting Tabulation Audits alone are not sufficient. We need additional audits to check the rest of the process, “process audits” e.g. chain-of-custody/ballot security audits, check-in process audits (appropriate voters allowed or excluded from voting?), accuracy of the voter registration database and lists etc. Like many officials the authors focus on cyber attack, yet we must also protect our systems from insider attack. Connecticut has a way to go to meet these standards. We do have voter marked paper ballots and air-gaped systems. Yet we have insufficient protection of those paper ballots and insufficient election audits.
