“Let My People Vote” – In June 1965, the Voting Rights Act languished in the House Rules Committee after passage in the Senate. Martin Luther King Jr. wrote this letter to the New York Amsterdam News urging its passage as the first step in ensuring access to the ballot. (Atlantic) Image by Tumisu from Pixabay
DEADLINE TONIGHT! – Fight for secure elections! Write a comment opposing the certification of an easily hackable voting system for LA County!
Los Angeles County has been working on a more accessible and transparent voting system, using high-tech “ballot marking devices” (BDM). Groundbreaking, just like the first electric voting machines were, compared to old-fashioned hand-marked ballots. However, testers have found user interface and security problems, including being able to access and alter electronic records and get into the physical ballot boxes without detection. Although in-person voting begins in six weeks, the state has yet to sign off on the new technology and in-person voting begins on Feb. 22.
Comments are due by TONIGHT – Monday, January 20, 5:00 PM PST / 8:00 PM EST.
- E-mail the state at VotingSystems@sos.ca.gov immediately.
- Comment line: Use the words “Comments on VSAP 2.0” in the Subject.
- Write in the email: Please do not certify the dangerous, unverifiable VSAP touchscreen computer voting system. Instead, require a HAND-MARKED PAPER BALLOT (HMPB) for all voters at the polling place in this year’s crucial primary and general elections. Every precinct should still have ballot-marking devices (BMD) available for those who cannot mark paper ballots by hand
- Call (916) 695-1680 and say the same thing!
Yes, this is worth a moment of time to understand. The stakes are huge! – LA County is the largest voting jurisdiction in the country, with over 5.2 million voters, larger than the number of voters in most states, with at least 13 required languages.
The Senate Select Committee on Intelligence released its report last July on the Russian government’s attacks on America’s election infrastructure, stating that there was an urgent need to secure the nation’s voting systems. Among the two most important recommendations made were that states should replace outdated and vulnerable voting systems with “at minimum… a voter-verified paper trail,” and adopt statistically sound audits.
The incentive to disrupt this particular election is high. On the ballot: House Intelligence Committee head Adam Schiff, along with Rep. Ted Lieu are fighting primary battles for re-election. In District 25, Katie Hill’s seat, which Christy Smith is running for, will be also be the focus of it’s former inhabitant – GOP Steve Knight, as well as George Papadopoulos and Mike Garcia.
A little history – those hackable electronic voting machines seemed like a great idea at the time…
Electronic voting machines (EVD), first used in 1974, were developed to speed voting results, reduce employee costs for counting votes, and create accessibility for disabled voters. (Here’s a cool history of voting methods since 1856!) Direct-recording electronic (DRE) machines could record and count votes simultaneously, transmit vote counts fast and eliminate the issue of accomodating multiple languages or running out of expensive paper ballots. It was a brave new world, before we understood what hackers could do, and that hacker-proof voting machines was a myth.
Even now, 14 states still use these insecure systems – “…tens of millions of votes are cast across America on DRE machines that cannot be audited, where the votes cannot be verified, and there is no meaningful paper trail to catch problems – such as a major error or a hack. For almost 17 years, states and counties around the country have conducted elections on machines that have been repeatedly shown to be vulnerable to hacking, errors and breakdowns, and that leave behind no proof that the votes counted actually match the votes that were cast.” (guardian)
So, LA County has upgraded… to a Ballot Marking device-based (BDM) system called VSAP.
First – what are “ballot marking devices” (BDM)? Instead of recording votes directly from a touch screen to a computer like a regular electronic voting machine, a ballot marking device (BDM) transfers a voter’s choices from a touch screen to a paper ballot, which is theoretically carefully reviewed by the voter, and then either dropped into a box for remote scanning, or fed by the voter into an optical scanner on site. Why is LA County using a BDM system? Dean Logan, LA County’s Registrar Recorder, stated “It is not practical to have copies of all ballot styles in 13 languages at roughly 1,000 voting locations where Ballot Marking Devices that produce voter-marked, human-readable paper ballots are available to all voters.”
LA County has spent 10 years and $300 million to custom-build the state’s first publicly-owned and operated voting system called “Voting Solutions for All People” (VSAP). It was created from input from thousands of voters, technology advisors, voting advocates, researchers, community stakeholders and election workers. Design firm Ideo designed the voting booths and elections vendor, Smartmatic, won the contract to build the ballot marking devices and other equipment.
Starting with the presidential primary, every in-person L.A. voter must use a ballot marking device (BDM), which have audio headphone options, large tactile buttons, and the option to vote in 13 languages.
The change to a public system is important issue. A 2016 Wharton School report on business of voting technology stated: “The industry is dominated by three firms that are moderate in size and neither publicly nor independently held, limiting the amount of information available…about their operations and financial performance.” The three companies described, Election Systems & Software (ES&S), Dominion Voting Systems and Hart InterCivic, are almost entirely unregulated and none of their voting systems in use across the U.S. have ever had a formal cybersecurity assessment using the standards and techniques used for commercial computer systems certified for critical infrastructure activities.
Policymakers and election advocates have begun to question who owns the companies, how they make their machines and whether they could be susceptible to remote hacking. Issues include lack of transparency about security, internet connectivity such as wireless modems to transmit unofficial results and back-door access for technicians, and parts from like Russia and China, including “programmable logic devices”. In 2015, Maryland’s main election system vendor was bought by a parent company with ties to a Russian oligarch. Robert Mueller’s report and a previous indictment of 12 Russian agents confirmed Russians also targeted private vendors that provided election software. The Russians successfully breached at least one company, its name redacted in the reports, “and installed malware on the company network”, according to the Mueller report.
LA’s experiment, which includes a potentially open source code, is currently the only one of its kind. Travis county, Texas, which includes Austin, also attempted to develop a voting system that better served all voters, while preserving a paper trail that could be accurately audited. But their expensive project was ultimately cancelled and the county bought off-the-shelf BMDs.
But LA’s “Voting Solutions for All People” (VSAP) BDM-based system is bizarrely hackable, along with other issues.
“Voting Solutions for All People” (VSAP) has already acquired its first lawsuit, and that’s only the beginning. The system failed forty violations of California Voting System Standards and the Secretary of States’ own consultants pointed out security failures that the SOS is considering ignoring. These include:
- The machine can be booted with a USB drive.The VSAP system workstations use off-the-shelf equipment which include USB ports, potentially allowing the system to be booted from a USB drive that would bypass all security and logging protections and access to the master account. Although election officials intend to plug these access ports, they can easily be unplugged by a hacker (or an election insider) who then could change election data.
- Testers were able to gain access to electronic event logs to make changes that are impossible to track, and “easily” bypassed seals and locks on all voting system devices.
- “Root access” – the Achilles heel of the older electronic machines, affects this BDM system as well. It refers to a possibly unknown number of people, including computer technicians and government workers, who have the passwords or security privileges to take control of the system and make changes.
- To mitigate the USB drive risk, the county promises the election workers with be watching to prevent unauthorized access to election equipment. Considering that booths are designed for privacy and that polling areas are exercises in peaceful chaos, this is not reassuring. Also, what’s to prevent a person intent on inserting malware from signing up as an election poll worker and inserting malware at setup or closing?
- The physical ballots are also vulnerable. The testers discovered “It is possible to insert or remove ballots from both the BMD and ballot transfer boxes without detection”; “Seals, locks, labels and sensors can all be bypassed without detection”. “The printer cover allows access to the ballot box and can be opened without detection”;
- The computer-marked ballot can never be verified as reflecting any voters’ intent after an election. The BMD spits out a “two-in-one” ballot, with the voter’s choices represented by both a QR code readable only by machine and normal print-out in the voter’s chosen language. Both can be hacked or in error. Either way, only the unreadable QR code is tallied by the system, not the human-readable portion, which voters may or may not have verified accurately. After voting, the voter puts the ballot back in the same machine, giving it another opportunity to change what you intended. You can see the dependence on QR codes in this VSAP video.
- Double-checking our voting is hard: Voters were unable to catch over 93% of errors on printed ballots that they’d filled out using a BMD system, according to a recent University of Michigan study, which ultimately recommended the use of hand-marked ballots instead.
- Lawsuit central – There are only 4 candidates listed per screen! Voters in intial testing were easily confused by the “MORE” button (to see more candidates in a race) and the “NEXT ”button (to move to the next page) and can easily by-pass additional candidates in the race not listed on the first page. Although the county upgraded the graphics to combat the issue, affected candidates are not convinced. Julian Gold, first elected to the Beverly Hills city council in 2011, says the setup still clearly disadvantages anyone listed after the first four candidates on the ballot. His name is fifth — based on a random drawing — but he says the issue is bigger than his own reelection bid. “What if the frontrunners in the presidential race are not on the first page?” He said. “The county spent a fortune on this system and they missed this simple thing.” You can see the issue in this VSAP video.
- Voters would no longer have the option using a HMPB at the polling place in Los Angeles, if this system is certified. “Pre-printed ballots will not be available at vote centers,” Logan said, adding that voters who want to use pen and paper should request a mail-in ballot by Feb. 25.
- Oh, and the printing problems…. Anyone who’s ever waited for a printer to reboot after a jam can imagine how exciting this problem will be when it’s magnified by 30,000 voting machines in 1000 centers. According to a testing report submitted December 24, the misfeeds were happening at a rate nearly five times what California standards allow. Voters forced to wait through rebooting might question the privacy and security of their vote.
- Why you should submit a comment: CA Secretary of State Alex Padilla could still certify the systems for use in the 2020 primaries and general election anyway, following the passage of a law he championed in 2013 as a State Senator that gives the SoS the ability to approve the use of new voting systems, even if they fail both federal and state testing, for actual elections.
PUBLIC COMMENT ON THIS SYSTEM ENDS TODAY AT 5:00.
Solution: Hand Marked Paper Ballots-HMPB are the only secure voting option.
- They have a paper trail verified by definition by the voters themselves.
- If the voting is proven to be insecure, even if its not hacked, the confidence factor is lost along with the ability for the public to oversee our own elections. Public oversight of elections is everything.
- Anyone can challenge this election because there is no way to audit computer-marked ballots, because the “supposed” paper trail is untrustworthy and unknown to reflect voter intent. Anyone can challenge the election, even if its not true, and anyone who claims a BMD has flipped their vote will be taken seriously — whether it has done so or not — and chaos could ensue.
- HMPB- Hand-marked paper ballots do not break, and voters will not have to wait in line if there are mechanical failures.
- The scanners that read them are much cheaper, easier to maintain and simpler to certify than the VSAP devices.
- The state has a very diverse population and a multiplicity of languages and thus a wide variety of ballot formats to support. But ballots can be printed, on-demand, with machines that are also cheaper and easier to maintain and certify than the all in one machines.
- Moreover, such a system can be overseen by the public, and, unlike a vote cast on a BMD, can be known to reflect actual voter intent.
- LA’s new voting system is still uncertified. Why election security experts are worried (laist.com)
- Beverly Hill might sue over LA County’s new voting machine design. (laist.com)
- New Report Identifies Steps to Secure Americans’ Votes; All U.S. Elections Should Use Paper Ballots by 2020 Presidential Election; Internet Voting Should Not Be Used at This Time (NationalAcademies)
- A new architecture for trustworthy voting systems (OSETInstitute)
- LA Countys new “open source” vote tallying system isn’t open source just yet. (statescoop)
- Here’s what foreign interference will look like in 2020 (Atlantic)
- Machine-Marked printed vote records (OSETInstitute)
- The scramble to secure America’s voting machines (politico)
- Election security in all 50 states (americanprogress)
- The myth of the hacker-proff voting machine (NYtimes)
Secretary of States’ own consultants pointed out security failures that the SOS is considering ignoring:
- The functional report (pages 12-18):https://votingsystems.cdn.sos.ca.gov/vendors/LAC/vsap2-func.pdf
- The security report (pages 16-22):https://votingsystems.cdn.sos.ca.gov/vendors/LAC/vsap2-sec-tel.pdf