The New Yorker Radio Hour - The Vulnerabilities of our Voting Machines, and How to Secure Them
Episode Date: October 21, 2022The security of voting has become a huge topic of concern. That’s especially true after 2020, when it became an article of faith for Trump supporters that the election was somehow stolen by Presiden...t Joe Biden. Alex Halderman, a professor of computer science and engineering at University of Michigan, has been studying voting machines and software for more than a decade. “We made a number of discoveries, including that [voting machines] had vulnerabilities that basically anyone could exploit to inject malicious software and change votes,” he tells the staff writer Sue Halpern. Conspiracy theories aside, he says, we must address those vulnerabilities in computerized voting. But hand counting of ballots, advocated by some election skeptics, is not a plausible solution. “Perhaps as time goes on we’ll get Republicans and Democrats to agree that there are some real problems in election security that we would all benefit from addressing. ” New Yorker Radio Hour listeners, we want to hear from you. We have a few questions about the show and how you listen to it. The survey takes about twenty minutes, and your feedback will help us make our podcast better. Take the survey here.
Transcript
Discussion (0)
This is The New Yorker Radio Hour, a co-production of WNYC Studios and The New Yorker.
Welcome to The New Yorker Radio Hour. I'm David Remnick.
For years now, there's been a concern that computerized voting machines are somehow less secure than the old paper ballots we used.
What would happen? If someone with ulterior motives got access to the software that counts the votes, what kind of mischief could they do?
In May 2021, it happened, and it happened through the person who was in charge of securing the votes, an election clerk in the state of Colorado.
In Mesa County, Colorado, the election clerk, a woman named Tina Peters, somehow got into her head months after the election of Joe Biden, that the election had been stolen and that thousands of dead people had voted in the election.
that she was in charge of running.
Staff writer Sue Halpern has been reporting for us on election security,
including the Tina Peters case.
And so she allowed Stop the Steel activist to come into her office
and copy the Dominion voting system software that was running the tabulators
that they used to count the votes in Mesa County.
Then they posted that information on the internet.
So essentially they released it into the wild for anyone to take a look at and potentially try to figure out if there were any vulnerabilities.
If a hacker would like to get into these systems, they now basically have the key to the castle.
Dominion is one of the big voting machine companies.
You, of course, remember that they were the target of far-out conspiracy theories involving George Soros and Hugo Chavez of Venezuela, all pushed by.
Trump's lawyer, Sidney Powell, among others.
And the theft of the software in Colorado was not an isolated incident.
Unfortunately, this has happened in a number of other jurisdictions around the country,
often in swing states, not surprisingly.
And the breach that I think is getting the most attention right now is one that actually
happened in January, on January 7th, 2021.
and it was at the behest of Sidney Powell, one of Trump's lawyers,
who hired some computer forensic experts, i.e. hackers, to go into the election office in Coffee County, Georgia,
and they managed to copy every single bit of election software and data that existed.
Newly obtained video to CNN shows a former Georgia Republican county official
escorting two operatives hired by an attorney for former President Trump
into the county's election offices on the same day a voting system there was illegally breached.
One of the few people to legally obtain access to the Dominion voting machines
is a computer scientist named Jay Alex Holderman.
Holderman consulted in a court case involving Dominion in 20,
2018, and he found that the machines could, in fact, be hacked.
His report was put under seal and the federal agency in charge of cybersecurity
sent an advisory to districts that use those machines.
So he knows more about how computerized voting works than almost anyone.
Honestly, it keeps me up at night, knowing that some of that software is out there
after what I found in my time analyzing it
and what I know other people could find in short order.
Jay Alex Holderman spoke with Sue Halpern.
Your research has been kind of co-opted
by the Stop to Steel folks.
Like they look at your research and they say,
you know, these machines are hackable.
We shouldn't trust them.
Alex Holderman, a professor of computer scientists, the world's leading expert on Dominion voting systems.
He said so.
What's that like for you?
I mean, that is clearly not how you intended your work to be used.
Oh, my God.
It's the worst feeling in the world when people co-opt my work to lie to people.
And that's largely what's been going on when it's been held up as this is the proof.
that the 2020 election was somehow fraudulent.
As a scientist, it's my job to try to explain the way the world really works as best as we can understand it with scientific methods.
And I can't not do that just because they're going to inconveniently agree with certain false theories.
Yeah, that's hard, though.
It's extremely hard.
But it's a reason and a reminder of why I think everyone who works around elections needs to be especially clear in their claims and in their communication.
And we've seen claims that omit very important nuance coming from all sides, both from people who are trying to convince the public that the 2020 election was fraudulent, of course,
and from people who are trying to reassure the public.
So the strongest kind of claim, I think, that experts who are being careful can make right now
is that there's no sound evidence that there was any kind of fraud in the 2020 election.
I wish we could make the claim that our elections are well secured,
but I don't think we can get there just yet.
We have a long way to go to make sure that elections provide the kind of security,
the public deserves.
This is the New Yorker Radio Hour.
We'll continue in just a moment.
We'll continue now with Jay Alex Holderman
of the University of Michigan.
He spoke with staff writer Sue Halpern,
who covers election security.
Does the work that you did in Georgia
on these Dominion machines,
does the fact that now those same systems
are out and about in the wild
because of the coffee county preach
Does that change how we should be thinking in general about election security?
I mean, it just seems like, you know, you did your work.
It was scary enough that the court decided the public couldn't see it.
But that came before we knew that this software was out there.
As we've seen from the examples in Coffey County and Mesa and elsewhere, bad actors potentially can get access to the machines,
both to the software because it's been leaked and potentially to the operating environment
where the machines are being housed and used.
And then after those vulnerabilities are discovered, attack software is coded.
It's just a matter of brief access to slip something malicious into the system.
So what we need to do, what we need is just a sea change in the way we think about trust in election systems.
it's not sustainable to say that the public can only trust election systems if they trust the
Dominion Company and they trust their local election officials.
We're never all going to agree.
And it's never going to be enough to make sure that those systems are actually well secured.
So what we need is to reverse the burden of proof almost.
Election system should be designed so that they generate affirmative evidence that the outcome is
right. It shouldn't be us scratching our heads and asking, is there any evidence that the system
has been corrupted? Because that's usually an impossible burden of proof to meet even if there was
an actual well-designed attack. The design of these systems is essentially a black box. You're one of the
few people to legitimately gain access, take them apart, and analyze how they work. From the very
beginning, this has been a topic where companies have been secretive, have not wanted outside
scrutiny of the way their technology works. And that's perhaps for competitive reasons, but I think
more so it's because publicity about things that don't work is not good for their business. Many
years ago, back when I was a graduate student at Princeton, my research group was actually the first
group of scientists in the country to get our hands on a real U.S. voting machine and be able to
take it apart and figure out how it worked. As the senior most student, I was the one in charge
of going and picking up the machine, which we got from an anonymous source who our lawyers
assured us had acquired it legally, but who wanted to keep the origin secret. I double parked
in front of this hotel near Times Square.
And then I went into the alleyway in the back of the hotel.
And I swear, a man in a trench coat met me with a black leather suitcase that had the
voting machine in it.
And a lot of the secrecy at the time was because we were all dreadfully afraid that the
company that made the machine would sue us, just tried to stop us from publishing science about it.
But they didn't ultimately.
and we made a number of discoveries, including that the machine had vulnerabilities that basically anyone could exploit to inject malicious software and change votes.
Now, subsequent to that work, two states, California and Ohio, brought in teams of scientists to do similar studies on all of their election equipment.
And California decided that they would have a paper trail for every vote going forward.
But not all states got the news.
And one of the most revealing data points to me is that Georgia, up until January of 2020, used those same de-bold paperless voting machines that I studied back in grad school.
And they never patched the software.
They still had exactly the same vulnerabilities that we had discovered and published now 16 years ago until the day they were thrown away.
But when they were thrown away, they then replaced them with these dominion systems.
So one of those kind of interesting about this whole subject is watching how a partisan right-wing
activists have begun calling for the end of computerized voting machines.
They're talking about how we need handmarked paper ballots, and then they want those
handmarked paper ballots to be counted by hand. They want to get rid of the
scanners and the tabulators. Is that the right way to secure American elections?
Well, no, unfortunately, these solutions that they're proposing, they're not entirely fact-driven
either. The biggest limitation is that, well, we just can't count ballots by hand practically
in the American system at scale. There are a lot of countries that do count by hand,
even in Canada and in a lot of Europe, but generally they have.
have much simpler ballots than typical American jurisdictions where we might have 30 or 40 questions
on the ballot. The amount of time it takes to count the ballots goes up with each additional race.
So if we want results in a timely way, we want them to be counted accurately, and we want to
continue to vote on so many issues, we inevitably are going to have to enlist technology to help.
But we don't have to just blindly trust that technology.
And I think this is what the Stop the Steel movement misses, that we can make use of technology in elections without just having to have faith that it's operating correctly and the people who are operating it or doing everything right.
And the most important part of that is auditing the results of the election in a statistically rigorous way, what's known as a risk-limiting auditing audit.
audit. But what a risk limiting audit does is it has people go and look at the original,
hopefully handmarked paper ballots, and you look at enough of them to rule out with high
probability the possibility that the computer outcome is wrong. In an election that's a
landslide, you only have to look at a few ballots to do that. If the election's a tie,
well, you'd want to go and recount them all by hand the same way we might traditionally do a
recount of a very, very close race. But a risk-limiting audit lets you use technology to count quickly
without having to blindly trust that technology to get the right answer.
How worried are you right now about the security of the midterms and then going forward to
2024? One thing that's keeping me up at night is I worry that something is going to
visibly go wrong, even if it's not as a result of an attack, and it's going to be,
hit on to undermine the legitimacy of the entire electoral process. That's kind of what happened in
2020. We had one jurisdiction in Michigan that really did announce the wrong presidential results
on election night, Antrim County. And that experience, even though it was just the result of
human error, reverberates to this day in conspiracy theories. But attacks that try to convince people
falsely that election results were wrong are just as much an attack as an attack that changes the
numbers to get the wrong election result. Too many different things to worry about, unfortunately.
But let me try to be a bit more optimistic for a moment, because I'm not 100% pessimistic about
election security. I think maybe the only reason I'm still doing it after all of these years
is that I'm an infinite optimist about it. Because I think it really,
is a problem space where we can solve things compared to other cybersecurity problems,
compared to securing the energy grid or the medical system or the financial system.
Like elections are a small space, a relatively easy constellation of actors to change the practices
of, it's a problem we can tackle.
And it could be, especially if we get congressional action.
a great success story for this country in terms of securing a major area of critical infrastructure.
And optimistically, I'd like to think that that can happen.
And I think what's going to have to happen first, though, is that we're going to have to get enough distance between ourselves and the 2020 election,
that people stop thinking in terms of whether something is an election denying conspiracy theory.
And instead, people think about, well, we're all.
all citizens of this country, and everybody deserves the ability to trust the results of our elections.
Jay Alex Holderman is a professor of computer science and engineering at the University of Michigan.
He spoke with staff writer Sue Halper. I'm David Remnick. Thanks for listening today. See you next time.
The New Yorker Radio Hour is a co-production of WNYC Studios and The New Yorker. Our theme music was
composed and performed by Merrill Garbus of Tune Arts, with additional music by Louis Mitchell.
This episode was produced by Emily Boutin, Breda Green, Calilea, David Krasnow, Louis Mitchell, and Gauphin and Putubuele.
Along with Jeffrey Masters, Will Coley, Jenny Lawton, and Michael May.
And we had assistance from Harrison Keithline and James Napoli.
The New Yorker Radio Hour is supported in part by the Cherina Endowment Fund.
