So lots of people have been discussing the story claiming that some e-voting experts believe the Clinton campaign should be asking for a recount in certain battleground states, where it’s possible there were some e-voting irregularities. As we noted in our post, the story would barely be worth mentioning if one of the people involved wasn’t Alex Halderman, a computer science professor we’ve been talking about for nearly a decade and a half, going back to when he was a student. Halderman is basically the expert on e-voting security — so when he says something, it’s worth paying attention.
Halderman has now posted something of a follow-up to the NY Magazine article clarifying his views and what he’s suggesting. He’s not saying there’s evidence of a hack, but basically saying that no one knows if there was a hack or not, and because of that, there should be a recount as a way to audit the results to see if there were any irregularities.
After the election, human beings can examine the paper to make sure the results from the voting machines accurately determined who won. Just as you want the brakes in your car to keep working even if the car’s computer goes haywire, accurate vote counts must remain available even if the machines are malfunctioning or attacked. In both cases, common sense tells us we need some kind of physical backup system. I and other election security experts have been advocating for paper ballots for years, and today, about 70% of American voters live in jurisdictions that keep a paper record of every vote.
There’s just one problem, and it might come as a surprise even to many security experts: no state is planning to actually check the paper in a way that would reliably detect that the computer-based outcome was wrong. About half the states have no laws that require a manual examination of paper ballots, and most other states perform only superficial spot checks. If nobody looks at the paper, it might as well not be there. A clever attacker would exploit this.
There’s still one way that some of this year’s paper ballots could be examined. In many states, candidates can petition for a recount.
So, in effect, Halderman isn’t saying that he’s got evidence of e-voting fraud, but is simply arguing that if no one checks, no one will ever know. So we should check in order to be sure that there wasn’t hacking. That’s… pretty sensible.
Examining the physical evidence in these states — even if it finds nothing amiss — will help allay doubt and give voters justified confidence that the results are accurate. It will also set a precedent for routinely examining paper ballots, which will provide an important deterrent against cyberattacks on future elections. Recounting the ballots now can only lead to strengthened electoral integrity, but the window for candidates to act is closing fast.
Basically, the only way we can actually get an effective audit to see if there were any voting irregularities is to ask for a recount. The problem, of course, is a political one. If the Clinton campaign does call for a recount, it will immediately be seen as a political play, and lead to a ton of negative publicity. My guess is that the campaign won’t want to go there. If we lived in a time where people were intellectually honest, the campaign could present it exactly the way Halderman has framed it — not as a claim that they believe fraud happened, but rather as a way to ensure that the e-voting machines were accurate and not manipulated — but does anyone think that the press (either those that supported or those that opposed Clinton) would treat it that way? It would become a complete mess in about two-and-a-half seconds.
And, that’s unfortunate. Because as Halderman points out (and, like us, has been pointing out for over a decade), it absolutely is possible to hack most e-voting machines. Especially if the attacker is determined enough to do so:
Here’s one possible scenario. First, the attackers would probe election offices well in advance in order to find ways to break into their computers. Closer to the election, when it was clear from polling data which states would have close electoral margins, the attackers might spread malware into voting machines in some of these states, rigging the machines to shift a few percent of the vote to favor their desired candidate. This malware would likely be designed to remain inactive during pre-election tests, do its dirty business during the election, then erase itself when the polls close. A skilled attacker’s work might leave no visible signs — though the country might be surprised when results in several close states were off from pre-election polls.
Could anyone be brazen enough to try such an attack? A few years ago, I might have said that sounds like science fiction, but 2016 has seen unprecedented cyberattacks aimed at interfering with the election. This summer, attackers broke into the email system of the Democratic National Committee and, separately, into the email account of John Podesta, Hillary Clinton’s campaign chairman, and leaked private messages. Attackers infiltrated the voter registration systems of two states, Illinois and Arizona, and stole voter data. And there’s evidence that hackers attempted to breach election offices in several other states.
In all these cases, Federal agencies publicly asserted that senior officials in the Russian government commissioned these attacks. Russia has sophisticated cyber-offensive capabilities, and has shown a willingness to use them to hack elections. In 2014, during the presidential election in Ukraine, attackers linked to Russia sabotaged the country’s vote-counting infrastructure and, according to published reports, Ukrainian officials succeeded only at the last minute in defusing vote-stealing malware that was primed to cause the wrong winner to be announced. Russia is not the only country with the ability to pull off such an attack on American systems — most of the world’s military powers now have sophisticated cyberwarfare capabilities.
So, yes, it would be good if the votes here were reviewed, if only as an opportunity to explore the potential problems of e-voting machines, rather than as a political ploy. The only problem is that everyone would see it as a political ploy and with political ploys comes general dumpster fires of idiocy.