The feature in the NYTmes Magazine by Kim Zetter: The Crisis of Election Security – As the midterms approach, America’s electronic voting systems are more vulnerable than ever. Why isn’t anyone trying to fix them? <read>
Zetter is the leading author/investigative reporter on electronic security, author of Countdown to Zero Day (STUXNET). The article is a sad summary of where are and how we got here.
Two years later, as the 2018 elections approach, the American intelligence community is issuing increasingly dire warnings about potential interference from Russia and other countries, but the voting infrastructure remains largely unchanged. D.H.S. has now conducted remote-scanning and on-site assessments of state and county election systems, but these are still largely Band-Aid measures applied to internet-facing servers. They don’t address core vulnerabilities in voting machines or the systems used to program them. And they ignore the fact that many voting machines that elections officials insist are disconnected from the internet — and therefore beyond the reach of hackers — are in fact accessible by way of the modems they use to transmit vote totals on election night. Add to this the fact that states don’t conduct robust postelection audits — a manual comparison of paper ballots to digital tallies is the best method we have to detect when something has gone wrong in an election — and there’s a good chance we simply won’t know if someone has altered the digital votes in the next election.
How did our election system get so vulnerable, and why haven’t officials tried harder to fix it? The answer, ultimately, comes down to politics and money: The voting machines are made by well-connected private companies that wield immense control over their proprietary software, often fighting vigorously in court to prevent anyone from examining it when things go awry.
I would add that even machines not connected to the Internet or wireless are still quite vulnerable as articulated by Zetter in Countdown to Zero Day.
