Its technically very easy, depending on how secure the equipment is stored when it is not in use. To be effective, the hack would only work on machines that will not produce a record of input from the voter and the final result. Machine like thus are called direct-recording electronic (DRE) machines. Such machines are manufactured by a number of companies and are available in a number of different models. One such machine is the Diebold AccuVote TS, and a newer version of the AccuVote known as the TSX. Georgia, Delaware, Louisiana, New Jersey and South Carolina still use the AccuVote TS. Altogether, fifteen states use DRE voting machines of several makes and models, all with no audit trail.
But wouldn’t that be detected when the machine is tested before and after the election? If the reprogramming was blatant, yes. If the reprogramming was clever, no. In 2006 Edward Felten, a Princeton computer science professor and his student Alex Halderman did just that. He published a paper detailing how he modified the machine with a malicious code to change the record of votes to produce whatever outcome the code writer desired. The code could then propagate from one machine to others like a virus within a local network of voting machines. You can read the report here. Or, you can download the report here.
Some states use the Sequoia AVC Advantage voting machines, which Princeton professor Andrew Appel demonstrated could be similarly manipulated in a 2007 legal filing. Appel bought a Sequoia machine online for $82 and demonstrated that he could remove 10 screws and easily replace the Sequoia’s memory card with a modified version that would alter the outcome of an election.
Lets take a look at the Sequoia machine and see if it can be hacked. This machine is not connected to the internet, so a remote attack won’t work. As described in professor Appel’s document, it will require a human to remove ten screws to open it and then remove a plugged in component, then replacing that component with one that is reprogrammed and the machine is then reassembled. It takes just a few minutes to hack each machine. If we are able to penetrate the storage room where these machines are located most of the time, a hundred could be reprogrammed in a few hours. The component that we remove could then be reprogrammed at our leisure and used for the next batch of stored machines. This could be accomplished at anytime well ahead of an election.
How could a programming change in a DRE become undetectable? Aren’t the voting machines checked for accuracy and security? It is pretty easy to avoid detection if properly written. Let me give you an example using simple steps instead of the actual programming language and code.
After looking at how the votes are gathered from the touch screen, we capture what the voter has selected. Instead of sending that to the routine that normally processes the entry, we send it to a subroutine that conditions the vote to meet our expected outcome.
That subroutine has an input from the system clock telling it the date and time. The time information is then used to either bypass the subroutine, sending the voter’s selection back out for normal processing, as if the subroutine was not there, or it performs certain functions to modify the vote and then sends the modified vote back to the normal process, as if it was the voter’s actual entry. This makes the subroutine active only when we want it active, such as on election day during certain hours. On any other day or time, it is not detectable.
The subroutine could modify only votes for a certain candidate, only a percentage of votes for a certain candidate, or maintain a certain percentage lead given to one candidate over another. For example, if we want to give one candidate a steady 1% lead over another candidate the program could change the vote from an unfavored candidate to a liked candidate thereby keeping the vote count the same, or it could simply discard a vote for the unfavored candidate.
If the DRE is checked for accuracy at any time other than the actual polling hours as programmed into the subroutine, the accuracy will be what is expected and the voters input will exactly match the machine’s actual output.
On Nov. 7, the day before last year’s elections, former CIA Director James Woolsey flagged DRE voting machines as a key vulnerability. “If I were a bad guy from another country who wanted to disrupt the American system … I think I’d concentrate on messing up the touch-screen systems,” he told Fox News.
It is known that Russian hackers tried to access election-related computer systems in at least 21 states during last year’s election. Intelligence officials have said there is no evidence that hackers changed any votes. If an expert like Halderman, who was only a student, was able to infiltrate a voting machine, I believe the possibility of a skilled Russian hacker and a person willing to risk being caught in the act of breaking into a storage facility and swapping parts is closer to truth than fiction.
Looking at a few critical states that swayed the electoral college voting, I find it odd that one candidate, the one that polls had given an outstanding lead to, lost uniformly by exactly 1% to a candidate that was tens of points behind in the majority of those respected polls. A coincidence? Perhaps, but I think not.