Connect with us

Hi, what are you looking for?

Business News

Activists complain of weakened voting security standard

FILE – In this Oct. 6, 2020, file photo voters fill out their ballot during early voting at the Cuyahoga County Board of Elections in Cleveland. The Cybersecurity and Infrastructure Agency, which President Donald Trump signed into existence in 2018, is working with other parts of the government to safeguard an election in the middle of a pandemic. (AP Photo/Tony Dejak, File)

BOSTON (AP) — Leaders of the federal agency overseeing election administration have quietly weakened a key element of proposed security standards for voting systems, raising concern among voting-integrity experts that many such systems will remain vulnerable to hacking.

The Election Assistance Commission is poised to approve its first new security standards in 15 years after an arduous process involving multiple technical and elections community bodies and open hearings. But ahead of a scheduled Feb. 10 ratification vote by commissioners, the EAC leadership tweaked the draft standards to remove language that stakeholders interpreted as banning wireless modems and chips from voting machines as a condition for federal certification.

The mere presence of such wireless hardware poses unnecessary risks for tampering that could alter data or programs on election systems, say computer security specialists and activists, some of whom have long complained than the EAC bends too easily to industry pressure.

Agency leaders argue that overall, the revised guidelines represent a major security improvement. They stress that the rules require manufacturers to disable wireless functions present in any machines, although the wireless hardware can remain.

In a Feb. 3 letter to the agency, computer scientists and voting integrity activists say the change “profoundly weakens voting system security and will introduce very real opportunities to remotely attack election systems.” They demand the wireless hardware ban be restored.

“They’re trying to do an end run to avoid scrutiny by the public and Congress,” said Susan Greenhalgh, senior advisor on election security for Free Speech for People, a nonpartisan nonprofit, accusing agency leaders of bowing to industry pressure.

Seven members of the commission’s 35-member advisory board including its chair, Michael Yaki, wrote EAC leadership on Thursday to express dismay that the standards were “substantially altered” from what they approved in June. At the very least, the wrote, they deserve an explanation why the draft standards “backtracked so drastically on a critical security issue.”

Yaki said he was puzzled by the commission’s move because “the mantra adopted by pretty much the entire cyber community has been to take radios or things that can be communicated via wireless out of the equation.”

Yaki asked in the letter that the commissioners postpone the Feb. 10 vote, but he withdrew that request on Friday after hearing their explanation for the changes. But he said his concerns remain.

A modem ban is especially important because millions of Americans continue to believe former President Donald Trump’s unfounded claims that voting equipment was somehow manipulated to rob him of re-election in November, said Yaki. “You don’t want to give QAnon enthusiasts or the ‘Stop the Steal’ people any reason to think that our our voting infrastructure is less than perfect.”

EAC Chair Benjamin Hovland noted that the agency relied on experts with the National Institute of Standards and Technology to help draft the guidelines. He said objections to the change should not be allowed to hold up the new rules’ significant cybersecurity improvements.

The ban on wireless hardware in voting machines would force vendors who currently build systems with off-the-shelf components to rely on more expensive custom-built hardware, Hovland said, which could hurt competition in an industry already dominated by a trio of companies. He also argued that the guidelines are voluntary, although many state laws are predicated on them.

“You have people putting their own personal agenda, putting themselves before the health of our democracy,” Hovland said, adding that elections officials are among those supporting the change. “It’s so small-sighted the way some people have been approaching this.”

Hovland stressed that the amended guidelines say all wireless capability must be disabled in voting equipment. But computer experts say that if the hardware is present, the software that activates it can be introduced. And the threat is not just from malign actors but also from the vendors and their clients, who could enable the wireless capability for maintenance purposes then forget to turn it off, leaving machines vulnerable.

Advertisement. Scroll to continue reading.

Still, one member of the NIST-led technical committee, Rice University computer scientist Dan Wallach, said that while the changes came as a surprise, they don’t seem “catastrophic.” Objections shouldn’t hold up adoption of the new guidelines, he said.

California, Colorado, New York and Texas already ban wireless modems in their voting equipment. The standards being updated, known as the Voluntary Voting System Guidelines, are used by 38 states either as a benchmark or to define some aspect of equipment testing and certification. In 12 states, voting equipment certification is fully governed by the guidelines.

In 2015, Virginia decertified and scrapped a voting machine called the WINVote after determining that it could be wirelessly accessed and manipulated.

Created to modernize voting technology following the “hanging chad” debacle in the 2000 presidential election, the Election Assistance Committee has never had much authority. That’s partly because voting administration is run individually by the 50 states and territories.

But after Russian military hackers meddled in the 2016 election in Trump’s favor, the nation’s voting equipment was declared critical infrastructure and Democrats in Congress have attempted to exert greater federal control to improve security.

Republicans, however, have stymied attempts at election security reform in the Senate. While the most unreliable voting machines — touchscreens with no paper ballots to recount — have largely been scrapped, privately held equipment vendors continues to sell proprietary systems that computer scientists say remains vulnerable to hacking. Experts are pushing for universal use of hand-marked paper ballots and better audits to bolster confidence in election results.

—-

Associated Press writer Christina A. Cassidy contributed from Atlanta.

Copyright 2020 Associated Press. All rights reserved.

Source: https://apnews.com/article/business-voting-machines-voting-hacking-elections-13c64df55961dac87b417608818655a6

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Business News

HAMPTON, Va. (AP) — Students were dancing in the aisles and their seats in the Hampton University auditorium long before Vice President Kamala Harris took the...

Business News

Mitt Romney’s announcement this week that he will not seek another term in the U.S. Senate came with a distant echo of his father’s departure from politics...

Business News

Russian authorities on Sunday reported multiple attempts to sabotage voting in local elections taking place in occupied areas of Ukraine. Votes are taking place...

Business News

ATLANTA (AP) — The special grand jury investigating efforts by Donald Trump and others to overturn Georgia’s 2020 election results recommended indictments against twice as many...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO