Over the course of the 2016 presidential election, then-candidate Donald Trump asserted the election was going to be “rigged” by unspecified actors. No evidence was ever offered to support that claim, and his concerns about election integrity curiously seem to have evaporated on November 9. But the uncertainty and doubt generated by those statements, and the repeated and ongoing attempts by the Russian government to interfere in U.S. elections, have made some folks take a closer look at how we secure our vote.
In Virginia, the ground game for election security is run by a dizzying array of more than 100 local registrars across the state, one for each city and county. Rosanna Bencoach, the general registrar for Charlottesville, brings more than a decade of experience with election policy and administration to bear, and describes her job as “ensuring that everyone who wants to vote can do so.”
That might be something of an understatement. Bencoach is responsible at the local level for ensuring free and fair elections, every single time. In practice, that means that for each election, hundreds of officials, staff and volunteers need to be carefully choreographed and mobilized to the right places so that voters can participate. The anonymous ballots used in the election are printed and shipped to secure locations, and afterwards they’re sealed and stored for at least one year to preserve a paper record in case there’s any dispute about the vote.
But as experienced as local registrars might be, they ultimately rely on state and federal government agencies to certify which machines are meeting security standards. How secure are the machines that manufacturers are making?
The answer: not very. The software the manufacturers use to power the digital systems that record votes is closed-source; it can’t be inspected for problems by experts among the general public. Without this check, it’s difficult or impossible to detect certain categories of vulnerabilities in the software. Even the physical mechanisms used to prevent direct access to the machines can frequently be bypassed or otherwise disabled without detection.
Despite assurances to the contrary, manufacturers have repeatedly failed in real-world tests when experts take a run at the machines. Last year at DEF CON, an international security and hacking conference, every single voting machine on display was hacked in less than two hours. Even security professionals who had never worked with voting machine technology before were able breach them. Some of these breaches were done wirelessly, on machines that were never supposed to have wireless access turned on.
Luckily, state electoral boards understood the threat. Citing the DEF CON demonstrations, Virginia decertified the worst offenders in 2017. Today, every voting precinct in Virginia uses paper ballots. Sometimes, the best technologies are the most reliable ones.
Of course, voting machines might not even need to be hacked at all to sway an election. Malicious foreign actors don’t have any need to tamper with an election when they can influence the minds of voters directly with an insidious patchwork of false advertising, misinformation and conspiracy theories carefully targeted to prey on the fears of citizens.
And there are certainly differing views about how zealous we should be in pursuing election security. In July, the GOP attempted to defund the Election Assistance Commission, the federal body that certifies voting machines and advises state agencies about how to conduct elections securely. But securing technology is always a moving target, and the work is never done. If citizens want security to be a legislative priority, there’s much more work to do.
John Feminella is the co-founder of analytics startup UpHex and an adviser at Pivotal. He lives in Charlottesville and enjoys solving difficult technology problems.