America’s electronic voting machines are scarily easy targets
Most people remember the vote-counting debacle of the 2000 election, the dangling chads that resulted in the Supreme Court breaking a Bush-Gore deadlock. What people may not remember is the resulting Help America Vote Act (HAVA), passed in 2002, which among other objectives worked to phase out the use of the punchcard voting systems that had caused millions of ballots to be tossed.
In many cases, those dated machines were replaced with electronic voting systems. The intentions were pure. The consequences were a technological train wreck. The list of those problems is what you'd expect from any computer or, more specifically, any computer that's a decade or older. Most of these machines are running Windows XP, for which Microsoft hasn't released a security patch since April 2014. Though there's no evidence of direct voting machine interference to date, researchers have demonstrated that many of them are susceptible to malware or, equally if not more alarming, a well-timed denial of service attack.
"When people think that people think about doing something major to impact our election results at the voting machine, they think they'd try to switch results," says Brennan Center's Lawrence Norden, referring to potential software tampering. "But you can do a lot less than that and do a lot of damage" If you have machines not working, or working slowly, that could create lots of problems too, preventing people from voting at all."
The extent of vulnerability isn't just hypothetical; late last summer, Virginia decertified thousands of insecure WinVote machines. As one security researcher described it, "anyone within a half mile could have modified every vote, undetected" without "any technical expertise." The WinVote systems are an extreme case, but not an isolated one.
In many cases, those dated machines were replaced with electronic voting systems. The intentions were pure. The consequences were a technological train wreck. The list of those problems is what you'd expect from any computer or, more specifically, any computer that's a decade or older. Most of these machines are running Windows XP, for which Microsoft hasn't released a security patch since April 2014. Though there's no evidence of direct voting machine interference to date, researchers have demonstrated that many of them are susceptible to malware or, equally if not more alarming, a well-timed denial of service attack.
"When people think that people think about doing something major to impact our election results at the voting machine, they think they'd try to switch results," says Brennan Center's Lawrence Norden, referring to potential software tampering. "But you can do a lot less than that and do a lot of damage" If you have machines not working, or working slowly, that could create lots of problems too, preventing people from voting at all."
The extent of vulnerability isn't just hypothetical; late last summer, Virginia decertified thousands of insecure WinVote machines. As one security researcher described it, "anyone within a half mile could have modified every vote, undetected" without "any technical expertise." The WinVote systems are an extreme case, but not an isolated one.