The Voting News

Tennessee: Local advocates push for paper ballots in Shelby County | Kirstin Garriss/Cox Media Group

Some voters and elected officials are pushing for a more secure voting machine system in Shelby County. The group known as SAVE or “Shelby Advocates for Valid Elections” want paper ballots for future elections. Members of SAVE said Chattanooga/ Hamilton County already uses this same hand marked paper ballot system. It’s similar to filling out a scan-tron like you do for the SAT. But Shelby County election officials said what works in a smaller county may not work here and the risk for error increases with this system. 2020 is a big election year and members of SAVE want to make sure voting is as secure as possible. Read More

National: Hackers Are Coming for the 2020 Election — And We’re Not Ready | Andy Kroll/Rolling Stone

… Four years ago, for an embarrassingly modest price, Russia pulled off one of the more audacious acts of election interference in modern history. The Internet Research Agency, the team of Kremlin-backed online propagandists, spent $15 million to $20 million and wreaked havoc on the psyche of the American voter, creating the impression that behind every Twitter avatar or Facebook profile was a Russian troll. Russian intelligence agents carried out the digital version of Watergate, infiltrating the Democratic Party and the Clinton campaign, stealing tens of thousands of emails, and weaponizing them in the days and weeks before the election. Russian-based hackers tested election websites in all 50 states for weak spots, like burglars casing a would-be target. “The Russians were testing whether our windows were open, rattling our doors to see whether they were locked, and found the windows and doors wide open,” says Sen. Mark Warner (D-Va.), the top Democrat on the Intelligence Committee. “The fact that they didn’t interject themselves more dramatically into our election was, I think, almost luck.” Read More

National: Acting DHS secretary says he expects Russia to attempt to interfere in 2020 elections | Maggie Miller/The Hill

Acting Homeland Security Secretary Chad Wolf said Friday that his agency “fully expects” Russia to attempt to interfere in U.S. elections in 2020. “As we saw in 2016, we fully expect Russia to attempt to interfere in the 2020 elections to sow public discord and undermine our democratic institutions,” Wolf said during an event hosted by the Homeland Security Experts Group in Washington, D.C. Wolf also highlighted cyber threats from China and Iran. According to the report compiled by former special counsel Robert Mueller and to findings by the U.S. intelligence community and the Senate Intelligence Committee, Russia launched a sweeping interference effort in the lead-up to the 2016 presidential election, using both hacking and disinformation tactics. Read More

National: Amid hacking fears, key caucus states to use app for results | Ryan J. Foley and Christina A. Cassidy/Associated Press

Two of the first three states to vote in the Democratic presidential race will use new mobile apps to gather results from thousands of caucus sites — technology intended to make counting easier but that raises concerns of hacking or glitches. Democratic Party activists in Iowa and Nevada will use programs downloaded to their personal phones to report the results of caucus gatherings to the state headquarters. That data will then be used to announce the unofficial winners. Paper records will later be used to certify the results. The party is moving ahead with the technology amid warnings that foreign hackers could target the 2020 presidential campaign to try to sow chaos and undermine American democracy. Party officials say they are cognizant of the threat and taking numerous security precautions. Any errors, they say, will be easily correctable because of backups. Read More

Editorials: Are we really listening to what MLK had to say? | Peniel Joseph/CNN

In 2020, the Martin Luther King Jr. holiday falls in a national election year, one that reminds us of the importance of voting rights, citizenship and political activism to the health of our democracy. King imagined America as a “beloved community” capable of defeating what he characterized as the triple threats of racism, militarism and materialism. The passage of the 1964 Civil Rights Act and 1965 Voting Rights Act, alongside the 1954 Brown Supreme Court decision, represents the crown jewels of the civil rights movement’s heroic period. Yet King quickly realized that policy transformations alone, including the right to vote, would be insufficient in realizing his goal of institutionalizing radical black citizenship toward the creation of the “beloved community.” King argued that justice was what love looked like in public. 2020 also marks the 55th anniversary of the passage of the Voting Rights Act, legislation that proved transformative for black citizenship, at least until the 2013 Shelby v. Holder Supreme Court decision that has helped enable the increase of voter suppression nationally. The most powerful way Americans can honor King now is through the pursuit of new national voting rights legislation that ends voter suppression and ID laws, allows prisoners to vote and automatically registers every 18-year-old citizen to vote. Read More

Editorials: Connecticut needs to share election security test results | David Levine/Connecticut Post

As the 2016 presidential election demonstrates, U.S. election systems — from the voting machines themselves to internet-connected electronic pollbooks (e-pollbooks) — are vulnerable to cyberattacks, including from foreign governments seeking to undermine the integrity of our democracy. Connecticut recently found that e-pollbooks are not completely secure and could be vulnerable to cyberattacks that disenfranchise voters. Ahead of the 2020 presidential election, it is essential that Connecticut make these results widely known, so other state and local governments can take necessary precautions. Earlier this year, Connecticut Secretary of State Denise Merrill chose not to give funding she already had received for e-pollbooks to local jurisdictions after the University of Connecticut’s Center for Voting Technology Research (VoTeR Center) reviewed proposals from three vendors and found that none of them was sufficiently secure. This development is remarkable not only in light of the nationwide trend towards adopting e-pollbooks, but it also reflects a complete reversal by Merrill, who secured funding for the e-pollbooks in 2015 because she initially thought they would be more accurate and less work than paper pollbooks. Merrill is now concerned that election officials have acquired the technology too quickly and that there has not been a sufficient consideration of the risks and benefits of e-pollbooks. Read More

Georgia: A Georgia election server was vulnerable to Shellshock and may have been hacked | Dan Goodin/Ars Technica

Forensic evidence shows signs that a Georgia election server may have been hacked ahead of the 2016 and 2018 elections by someone who exploited Shellshock, a critical flaw that gives attackers full control over vulnerable systems, a computer security expert said in a court filing on Thursday. Shellshock came to light in September 2014 and was immediately identified as one of the most severe vulnerabilities to be disclosed in years. The reasons: it (a) was easy to exploit, (b) gave attackers the ability to remotely run commands and code of their choice, and (c) opened most Linux and Unix systems to attack. As a result, the flaw received widespread news coverage for months. Despite the severity of the vulnerability, it remained unpatched for three months on a server operated by the Center for Election Systems at Kennesaw State University, the group that was responsible for programming Georgia election machines. The flaw wasn’t fixed until December 2, 2014, when an account with the username shellshock patched the critical vulnerability, the expert’s analysis of a forensic image shows. The shellshock account had been created only 19 minutes earlier. Before patching the vulnerability, the shellshock user deleted a file titled shellsh0ck. A little more than a half hour after patching, the shellshock user was disabled. Read More

Iowa: Democrats revamped their caucuses to fend off disinformation. Now some fear the changes could sow new confusion in tight 2020 race. | Isaac Stanley-Becker/The Washington Post

When Democrats here went to bed on the night of their first-in-the-nation caucuses four years ago, the bitterly fought contest between Hillary Clinton and the insurgent Sen. Bernie Sanders was too close to call. So an abrupt predawn notice from the state party declaring Clinton the winner sent some into a fury. Shaky videos of coin tosses deciding delegates in Clinton’s favor spread on Twitter. Stories multiplied of confused caucus-goers, untrained volunteers and mathematical inconsistencies, all amid a wave of suspicion that the party was manipulating the process for Clinton’s benefit. “I never got a satisfactory explanation for how they arrived at their number,” said J. Pablo Silva, a historian at Grinnell College who wasn’t alerted when the state party transferred a delegate from Sanders to Clinton in the precinct in this small college town where he was serving as a caucus secretary. Now, as Iowa Democrats hurtle once again toward the opening faceoff of a hard-fought presidential primary cycle — with at least four candidates seemingly in contention to win Iowa’s Feb. 3 contest — some in the party fear that reforms put in place to prevent the disarray of 2016 may create an entirely new set of problems in 2020.

Read More

Iowa: Linn auditor’s complaint that voter registration vulnerable dismissed | Jason Clayworth/Des Moines Register

Linn County Auditor Joel Miller’s complaint that Iowa’s voting system is prone to hackers was dismissed Friday by a state commission without a public hearing on the allegations, an action Miller contends violates federal law. “We won’t rush to judgment on what to do next, but I think there is a good case to appeal because federal law is very clear that a hearing shall be heard and that didn’t happen,” Miller said. Miller in an August complaint filed with Iowa Secretary of State Paul Pate said Iowa’s voter registration system does not meet security safeguards mandated under the federal Help America Vote Act. He has declined to offer details about how the system could be hacked, citing confidentiality concerns. In its 2-to-1 vote Friday, Iowa’s Registration Commission approved a motion filed by the Iowa Attorney General’s Office to dismiss the complaint in part because of its lack of specifics. Read More

Minnesota: New Primary System Brings Data-Sharing Concerns | Briana Bierschbach/Minneapolis Star Tribune

Sean Fahnhorst works behind the scenes for the state of Minnesota preparing the state budget based on the preferences of his boss — the governor. He likes his gig and wants to do similar work indefinitely, no matter who’s in charge. That’s why he’s hesitant to participate in the state’s new presidential primary election on March 3, which technically kicks off Friday with the start of early absentee voting. It’s the first primary in the state in nearly 30 years, a switch made after high turnout in 2016 bogged down the party-run caucus system with long lines and confusing rules that frustrated voters. Minnesota’s new presidential primary system, run and paid for by the state, is expected to be logistically smoother. But for many voters like Fahnhorst, there’s a big trade-off. The new system also records voters’ party preference and provides that data to the chairs of each major political party. Read More

New Hampshire: Election security looms ahead of primary | Jake Lahut/Keene Sentinel

Amid ongoing efforts by foreign entities to influence American democracy, concerns have arisen nationwide about election security. At a 2018 “hackathon” in Florida, an 11-year-old was able to electronically break into a replica of the Sunshine State’s voter rolls in a matter of minutes, changing names and even election tallies. Legislation that would give states a total of $1 billion to require backup paper ballots in precincts nationwide — to be used alongside electronic machines to ensure an accurate recount if those machines are hacked — has been stalled in Washington by the Republican majority in the U.S. Senate. With each state using different election laws under the hyper-localized American system, the election security landscape remains complicated in the first general-election year since the Russian meddling efforts. An early test of voter confidence will come in the Granite State’s first-in-the-nation primary next month. Read More

Editorials: Ballot images must be made public after all New York elections | New York Daily News

Honoring Dr. King’s legacy, state Senate Elections Committee Chairman Zellnor Myrie is introducing the New York Voting Rights Act to protect the franchise for citizens. He is also advancing welcome transparency with a bill requiring that the electronic images of the paper ballots be made public no later than a week after voting. This should have happened a decade ago with the arrival of computerized scanners. Those machines take a photo of each paper ballot and store it electronically. Having the images available allows anyone to examine the results, while keeping the original ballot secure. The state’s highest court made of botch of it with a terrible ruling last spring that locked away the images. Myrie’s bill sets it straight. Read More

Pennsylvania: Cumberland County receives ExpressVote XLs as two courts continue to litigate their eligibility | Zack Hoopes/The Sentinel

Cumberland County received some of its new voting machines this week, the same machines that are the subject of state and federal lawsuits and that experienced mistabulations in Northampton County in the last election. Cumberland and Northampton counties, along with Philadelphia, are in limbo regarding the current or future use of the ExpressVote XL, a product of Election Systems and Software. Cumberland County received the first shipments of its 400-machine order this week, according to Bethany Salzarulo, director of the county’s elections bureau. Salzarulo said she and her staff were aware of the Northampton issues, which officials there blamed on ES&S not adequately communicating the necessary testing procedures to elections staff. Proper testing would have caught the errors well before election day, Salzarulo said, something Cumberland County staff is prepared to do regardless of ES&S. Read More

Tennessee: Hand-marked paper ballots for elections get new push in Shelby County | Bill Dries/The Daily Memphian

Shelby County Commissioner Reginald Milton says when commissioners discuss a new voting system next week for local elections, he will advocate for hand-marked paper ballots to replace the touch-screen machines used in Shelby County elections. Milton recalls his first bid for elected office ended with a loss by 26 votes. While he didn’t seek to overturn the results in Chancery Court, Milton is among a lot of candidates in close races who want to see some data before they decide if it is worth it to go to court. “That took an entire month to resolve that issue. That was unnecessary,” he said. “It could have been done instantly.” The county has already allocated $2.5 million in funding for a new voting system the election commission hopes to debut this election year. Milton specifically favors printed ballots voters mark by hand that are then run through an optical scanner. The scanner results and the marked ballots, he and other advocates contend, offer two ways of verifying results. Read More

California: Los Angeles County’s New Voting System Is Still Uncertified. Why Election Security Experts Are Worried | Libby Denkman/LAist

Los Angeles County is moving full steam ahead with plans to use its new election equipment for the first time in the upcoming presidential primary. The system, which includes high-tech “ballot marking devices,” has the potential to revolutionize the election industry, creating a transparent and fully accessible way to vote. But for all its innovations, some experts in the voting security community worry it’s not ready for prime time. For starters, the state has yet to sign off on the new technology — and it’s coming down to the wire: In-person voting begins in six weeks, on Feb. 22.

Certification testing has uncovered:

  • Dozens of critical user interface and security problems, according to recent published reports and conversations with experts.
  • The Secretary of State found vulnerabilities that left the door open to bad actors changing voting data and, ultimately, the outcome of an election.
  • Testers could also access and alter electronic records and get into physical ballot boxes — all without detection.

Some candidates for local offices are so disturbed by how ballots appear on the machines that cities like Beverly Hills are exploring lawsuits. But Dean Logan, the Los Angeles County Registrar Recorder, says his office has worked hard to address and mitigate all concerns. The issues with the actual voting system come at the same time L.A. County is fundamentally changing not just how but where people vote. Many observers are concerned that shift in voting location alone will lead to widespread confusion. Read More

National: FBI will now notify state election officials when any part of their election systems is hacked | Ken Dilanian/NBC

The FBI will now notify state election officials about cyber breaches to election systems in their jurisdictions, even those that only affect a single county, FBI and Justice Department officials said Thursday. The change stems from a belief that the “traditional policy did not work in the election context,” an FBI official told reporters in a background call. Typically, the FBI notifies only the victim of a cyber intrusion. When it comes to election systems, the victim is often a county. But if the FBI only notifies local officials, “it may leave the state officials with incomplete knowledge of the threats,” the official said. The policy shift comes after a 2018 episode in Florida in which Democratic Sen. Bill Nelson said he had been told that Russian hackers gained access to some voting systems in his state, only to be accused of making that up by then-Gov. Rick Scott, the Republican running to unseat Nelson in that year’s election. Scott said state officials had not been notified of any such breach. As NBC News reported at the time, Nelson was basing his warning on classified intelligence. Read More

National: Security vulnerabilities in voting machines show America still isn’t ready for the 2020 election | Alexandra Ossola/Quartz

Though researchers discovered a fundamental security flaw in voting machines months ago, the company behind the machines may still be advertising them to states in a way that allows the vulnerability to persist, according to a letter sent to the US Election Assistance Commission and reported by NBC News. In Aug 2019, a team of independent security experts found that, contrary to popular belief, many digital voting machines were connected to the internet, sometimes for months on end, Motherboard reported. This, the experts feared, could give hackers a window through which to manipulate votes. The company that makes the machines that the researchers found to be flawed is called Election Systems & Software (ES&S) (company officials disputed this characterization of its systems). About 70 million Americans’ votes are counted using one of ES&S’ machines, which make up about half of the election equipment market, according to ProPublica. ES&S markets its machines to include an optional modem, which can connect them to the internet. Modems allow election officials to get quick preliminary results, and also help ES&S maintain the machines. Read More

National: Cloudflare is giving away its security tools to US political campaigns | Zack Whittaker/TechCrunch

Network security giant Cloudflare said it will provide its security tools and services to U.S. political campaigns for free, as part of its efforts to secure upcoming elections against cyberattacks and election interference. The company said its new Cloudflare for Campaigns offering will include distributed denial-of-service attack mitigation, load balancing for campaign websites, a website firewall and anti-bot protections. It’s an expansion of the company’s security offering for journalists, civil rights activists and humanitarian groups under its Project Galileo, which aims to protect against disruptive cyberattacks. The project later expanded to smaller state and local government sites in 2018, with an aim of protecting from attacks servers containing voter registration data and other election infrastructure. Read More

National: Schiff schedules public hearing with US intel chief  | Rebecca Klar/The Hill

House Intelligence Committee Chairman Adam Schiff (D-Calif.) has called on the acting Director of National Intelligence (DNI) to testify at a public hearing next month over security threats facing the U.S. and its allies. The invitation seeking testimony from acting DNI Joseph Maguire comes amid reports that intelligence officials are trying to persuade Congress from dropping the public portion of the annual Worldwide Threat hearing after backlash from President Trump last year. Schiff sent a letter Thursday inviting Maguire to testify at a public hearing before the Intelligence Committee on Feb. 12, followed by a closed hearing for the panel later the same day. Schiff said the committee will inquire about unclassified assessments regarding threats to the nation during the public hearing. He added that the committee “expects” Maguire and intelligence officials to “delve further into classified details about these threats” in the classified portion. Read More

California: Cities worried about new Los Angeles County voting system | Ian Bradley/The Acorn

In the March election Los Angeles County will launch a new method of computerized voting to replace the system that citizens have used for more than 50 years, but some officials are saying the new method has shortcomings and isn’t fair to all candidates on the ballot. The Los Angeles County registrar began rolling out the new program, Voting Solutions for All People, last year. The program replaces paper-and-pen ballots with a new digital interface that voters will use to make their selections. County officials say the change will make voting easy, accurate and fast. But critics say the system gives unfair advantage to certain candidates because only four names are displayed on the first page of a given race unless a “MORE” button is hit and a second screen loads up with the remaining candidates. Several cities are concerned about the on-screen layout issue including Beverly Hills and Calabasas. Both sent letters to the county voicing their objections. Calabasas City Councilmember James Bozajian said the problem is that in local races where victory can be decided by a handful of votes, a litigious candidate could argue that not being on the first screen kept them from winning. Read More