I’ve been following news about America’s 2020 Presidential election since at least 2018. The United States has a very long political campaign season that goes on for about two years. That’s partly because it involves the party which isn’t incumbent spending over a year choosing their Presidential candidate. Donald Trump is the Republican Presidential incumbent, and the party certainly wants him to run for re-election to a second term in office. Therefore, this time it’s the Democrats, the other major American political party, that’s had lots of potential candidates for President.
As everyone knows, there’s a pandemic going on worldwide that’s probably the worst anyone has ever seen in their lifetime. The “Spanish flu” pandemic happened between 1918 and 1920, and very few people alive today were around for that. So now we face a novel coronavirus that’s been named COVID-19. Thankfully this time the virus has avoided acquiring a racist name, despite President Trump’s best efforts. Unfortunately, there have been thousands of deaths so far, and the biological virus continues to spread rapidly. I’ve been doing my part to help society by staying at home.
But the United States have continued their Primary elections into the COVID-19 pandemic. Bernie Sanders showed leadership and compassion by not encouraging people to go out and vote. Instead he has been hosting internet video streams of COVID-19 news updates for the American people, and he has been sending all of his new campaign donations to charities that are helping people survive this crisis.
The same cannot be said for Joe Biden and the Democratic National Committee. Biden stepped away from the media for nearly a week while the pandemic has rapidly worsened. In mid-March, Democratic National Committee Chair Tom Perez encouraged Americans to be physically present at their Primary polls in Florida, Ohio, Illinois, and Arizona! As did Center for American Progress CEO Neera Tanden. In my opinion, Perez and Tanden’s message has been dangerously reckless. Now there’s reason to suspect that COVID-19 cases have greatly increased in those recent Primary states. I would suspect that having thousands of people closely congregate at those polls helped the virus spread further, especially to vulnerable older people. Whether an electronic voting machine or a paper ballot is used, being in large groups of people is incredibly risky during these times. Paper ballots might be a bit safer than machines because they aren’t touched by hundreds of people. But either way, the crowds are very dangerous during a pandemic.
I’m Canadian and I may not vote in American elections. But I vote in every Canadian election I possibly can, at all three levels of government—municipal, provincial, and federal. Unlike in the United States, all of our voting is done with good old-fashioned paper ballots. We have completely independent agencies that oversee our elections, such as Elections Canada and Elections Ontario. I’ve been legal voting age for nearly twenty years now, and my wait to cast my ballot each time I’ve ever voted has been about five to ten minutes once I’m at the physical polling location. In order to vote, Canadians must have either their voter registration card which they would have received in the mail or show a piece of government identification with proof of their current address. Even when I’ve had to do the latter, I’ve never waited longer than ten minutes to vote. So I hear about Americans having to wait in line for as long as seven hours to cast their vote in the Democratic Primaries, my jaw drops.
My job is to research and write about cybersecurity. So I have a fairly good idea of the risks that are introduced when various types of systems are computerized. I’m cautiously optimistic about IoT. But when I moved to this lovely new apartment building that was constructed in 2019, I was so relieved to learn that the lock on my front door is completely mechanical and none of my shiny new household appliances are IoT. The entrances to my building do have digital keys, and the elevators use embedded Android-driven touchscreen interfaces. But in the case of an electrical power outage or whatever, the building’s security guards can mechanically override everything. If the various computerized systems in my building are cyber attacked, I can still get into my apartment, cook supper, do my laundry. Even if I have to climb many flights of stairs to get there.
So, I think computer technology is great, but perhaps not everything should be digitized. Like some other people in my industry, I think voting systems are best kept analog. Unfortunately, Americans usually vote through electronic voting systems these days, and there have been loads of cybersecurity problems that have been introduced that way.
Now that Elizabeth Warren has dropped out of her Presidential campaign, the Democratic candidates are down to Joe Biden and Bernie Sanders (and Tulsi Gabbard, but she’s really unlikely to win.) Can Joe and Bernie’s competition be digitally meddled with? Can the Presidential election between Trump and the Democratic candidate in November be cyber attacked? All signs point to yes.
DEFCON has hosted Voting Village events since 2017. During the events, participants try to exploit specific electronic voting devices to find vulnerabilities. Between the Primaries and the main election in November, there are probably at least dozens of different electronic voting machine models in deployment, from various vendors such as Diebold and AVS. Each Voting Village has revealed really worrisome vulnerabilities that pertain to the various devices that they test.
The 2017 Voting Village was notable. The devices they tested that year aren’t necessarily being used in 2020, but the findings revealed common types of vulnerabilities that exist in the types of electronic voting systems that are still frequently used. Here are some excerpts from DEFCON’s report:
“The first voting machine to fall—an AVS WinVote model—was hacked and taken control of remotely in a matter of minutes, using a vulnerability from 2003, meaning that for the entire time this machine was used from 2003-2014 it could be completely controlled remotely, allowing changing votes, observing who voters voted for, and shutting down the system or otherwise incapacitating it.
That same machine was found to have an unchangeable, universal default password—found with a simple Google search—of ‘admin’ and ‘abcde.’ An ‘electronic poll book’, the Diebold ExpressPoll 5000, used to check in voters at the polls, was found to have been improperly decommissioned with live voter file data still on the system; this data should have been securely removed from the device before reselling or recycling it. The unencrypted file contained the personal information for 654,517 voters from Shelby County, Tennessee, circa 2008. This personal information included home residential addresses, which are very sensitive pieces of information for certain segments of society including judges, law enforcement officers, and domestic violence victims.
Moreover, a closer physical examination of the machines found, as expected, multiple cases of foreign-manufactured internal parts (including hardware developed in China), highlighting the serious possibility of supply chain vulnerabilities. This discovery means that a hacker’s point-of-entry into an entire make or model of voting machine could happen well before that voting machine rolls off the production line...
Given the federal government’s recent designation of election systems as critical infrastructure—and in light of what is known about the Russian attempts to infiltrate election networks in at least 21 states in the 2016 Presidential Election—it is overwhelmingly evident that election security is now an extension of national security. In addition to Russia, other state and private actors (including Iran, North Korea, organized crime, terrorist groups, and even lone-wolf hackers) also possess the technical capability to attack our voting systems or credibly sow distrust in election results.”
Some of the electronic voting devices widely deployed in the United States over the past few years have also been found to implement encryption very poorly. WEP (wired equivalent privacy) is so weak that it’s been obsolete for well over a decade. And even the strongest ciphers are useless if they’re connected to weak passwords. Dan Goodin reported a particularly insecure voting device back in 2015. The device may still be in some use in 2020:
“The AVS WINVote, made by Advanced Voting Solutions, passed necessary voting systems standards and has been used in Virginia and, until recently, in Pennsylvania and Mississippi. It used the easy-to-crack passwords of ‘admin,’ ‘abcde,’ and ‘shoup’ to lock down its Windows administrator account, Wi-Fi network, and voting results database respectively, according to a scathing security review published Tuesday by the Virginia Information Technologies Agency...
The weak passwords—which are hard-coded and can't be changed—were only one item on a long list of critical defects uncovered by the review. The Wi-Fi network the machines use is encrypted with wired equivalent privacy, an algorithm so weak that it takes as little as 10 minutes for attackers to break a network's encryption key. The shortcomings of WEP have been so well-known that it was banished in 2004 by the IEEE, the world's largest association of technical professionals.”
The AVS WINVote may be the canary in the coal mine for how many other commonly used electronic voting devices in the United States have dangerously frail encryption.
The foreign supply chains of electronic voting machines are also a huge problem. And there should definitely be security hardening against foreign interference with those devices. But in my opinion, the even greater threat to America’s democracy is domestic.
The Iowa Caucus this year was especially controversial. Election results took way, way longer than usual. A couple of weeks later, there still weren’t complete results. Candidate Pete Buttigieg declared himself the winner before results even started to be properly tallied. Caucus workers counted the votes through a mobile app called Shadow, which was developed just shortly before the Caucus started, with the help of a number of former Hillary Clinton campaign staffers. Yes, the app and its developer were indeed called Shadow. From the Los Angeles Times:
“Throughout the long night (of the Caucus), precinct chairs found themselves unable to get the app to work. Many never figured out how to download or install it in the first place. Those who tried to report their results via a backup phone line wound up on hold, sometimes for more than an hour.
After blaming the delay on ‘inconsistencies in the reporting of three sets of results,’ it wasn’t until well into Tuesday afternoon that the Iowa Democratic Party was confident enough in the accuracy of its figures to begin releasing partial results, drawing complaints that the process had been rendered unfair—the front-running candidates robbed of their rightful momentum, the underperformers able to hide their weakness. And all because of an app that disrupted what it was meant to streamline.
The firm behind the app, Shadow Inc., took responsibility in a series of tweets Tuesday...
The company’s main products, according to its website, are a peer-to-peer messaging tool that helps campaigns send text messages to potential voters and a campaign data integration tool. Among Shadow’s larger clients is Pete Buttigieg’s presidential campaign, which paid $42,500 to the firm in July 2019 for ‘software rights and subscriptions,’ according to public disclosures. A Buttigieg representative said that fee was for the text-messaging tool.”
In my opinion, Buttigieg may have deliberately interfered with the vote count in the Iowa Caucus. But even if you don’t agree with me, you probably would still agree that making a financial donation to the developer of the Shadow app is a massive conflict of interest that appears to be very suspicious, with terrible optics. And what was the good of all of that? Buttigieg isn’t a Presidential candidate anymore.
Last year Democrat Senator Ron Wyden said, “voting by mail makes a lot of sense—paper ballots, marked by hand, are hugely more secure than voting with hackable electronic voting machines. That is critical, because hackers are coming in 2020. And the US is not even close to prepared to stop them.”
I’m glad that here in Canada, we still use paper ballots and our elections are run by completely independent entities. I look to my neighbors to the south during their current election season and I can’t help but worry.
How long do the certs on voting machines last? Maybe not what you think.