Friday, November 25, 2016

The Election and Hacking the Vote

In recent days, there have been calls by several groups and by at least a couple of computer security experts (including Dr. Alex Halderman of the University of Michigan) for a recount and a forensic audit in three battleground states, Wisconsin, Michigan, and Pennsylvania. Halderman, in particular, has pointed to possible discrepancies in the vote totals in Wisconsin and Pennsylvania where Mr. Trump received a larger percentage of votes in several counties than Secretary Clinton than polls and expectations would have suggested.

A very good analysis of Halderman's arguments and a rebuttal by Nate Silver (of fivethirtyeight.com) is at  http://heavy.com/news/2016/11/wisconsin-michigan-pennsylvania-election-results-rigged-hacked-hack-2016-recount-russian-hillary-clinton-j-alex-halderman-professor-john-bonifaz-electronic-ballots-machines-voting-votes-trump-presiden/   Silver argues that demographics, not hacking, can easily account for the vote discrepancies.

Halderman is not alleging that voting machine were hacked, although there  are concerns about direct recording electronic (DRE) voting machines. See this video of a group of Princeton University researchers hacking a DRE machine in 2006. https://www.youtube.com/watch?v=aZws98jw67g

Halderman himself was involved in a hack of the District of Columbia internet voting system in 2010. In this trial,  the DC board of elections invited anyone to attempt to hack into the internet voting system they were going to use in a local election. Halderman and three of his graduate students hacked into the system and took complete control of the election server in 36 hours. They were able to change votes, download the entire voter registration database, including voter passwords, and they even inserted the Michigan fight song so that it played 15 seconds after a voter cast a ballot. https://www.youtube.com/watch?v=MgZewQYZK7w (Note that these were not the DRE machines mentioned
above.)

I tell my students that (1) these DRE machines aren't attached to the internet, and (2) it would take a vast conspiracy to switch enough votes by hacking each DRE machine one at a time. But I'm reconsidering this position. Consider that if the election were very close, and if one could hack a relatively small number of DRE machines in certain counties in such a way that a certain candidate received only a small increase in their percentage of the votes - just enough to win the county or increase their margin, then I think one could "hack the vote" and change the results of the election.

Note that Trump beat Clinton in Pennsylvania by only 65,000 votes, in Wisconsin by only about 15,000, and leads in Michigan by less than 10,000 votes. Now, both Wisconsin and Michigan use election systems with a voter verified paper audit trail (VVPAT) - in both cases paper ballots that are counted by optical scan readers,  so the likelihood of hacking in those cases is very small. But in Pennsylvania, many counties still use DRE voting machines that DO NOT have any paper trail, so (look at the Princeton video above) the probability of an
undetectable hack is larger, although I still think it's small. However, I think that given the tiny differences in votes that a recount AND a forensic audit at least in the counties Halderman mentions would be prudent. For a list of the types of voting systems used in each state go to https://ballotpedia.org/Voting_methods_and_equipment_by_state