Remote Access software in voting machines?
That’s what The NY Times says was discovered in Pennsylvania’s vote tabulation machines in 2018. (Pennsylvania uses voting machines produced by the same company North Carolina’s voting machines are.)
In August 2019, a number of ES&S voting machines were found to still be connected to the Internet. ES&S admitted to installing remote access software on “some” of its machines.
A congressional probe led by Oregon senator Ron Wyden (D) found that ES&S products “reportedly rel[y] on remote access software.”:
[…] ES&S officials told the NYT Magazine that none of its employees had any knowledge of company machines being sold with remote-access software. The article, however, leaves little doubt that in at least some cases ES&S employees arranged for the equipment to come pre-installed with the software or for it to be installed after purchase. The practice has serious consequences for the security of the equipment, since anyone who can obtain login credentials or exploit vulnerabilities in the software can gain control over systems and potentially alter voting tallies.[…]
More questions around these machines arose prior to the 2020 vote:
[…]ES&S markets its machines to include an optional modem, which can connect them to the internet. Modems allow election officials to get quick preliminary results, and also help ES&S maintain the machines.
The US Election Assistance Commission (EAC) is a federal organization that acts as a clearinghouse for voting equipment. According to a letter sent to the EAC on Jan 7, though only models without the modem are approved by the EAC, ES&S continues to market one model of its machines, the DS200, in ways that obfuscate the fact that modem-equipped models are not EAC-approved.[…]
Since the report broke, several states, such as North Carolina andFlorida(pdf), have either adopted or continue to use ES&S equipment, despite warnings of the machines’ security vulnerabilities. Some believe the EAC, an agency that is consistently understaffed and underfunded, lacks the authority to protect voters in this year’s election. “Perhaps not surprisingly, the last two major meetings of the EAC and local election officials about the certification process have resulted in screaming matches over the slow pace of progress,” according to a ProPublica story published on Oct 28.[…]
What are we to think when the NC state board of elections is warned and warned and warned about these machines, but continues to allow them to be used in the state’s elections?
Could this question about modems and remote access software be the *justification* for all of the redactions ES&S made to its official pitch for North Carolina’s business?
It is against NC state law to connect a voting machine to the Internet. If these machines have been connected contrary to the NCBOE’s claims, they have been connected illegally, and someone needs to go to jail.
Yond is correct. NC law says it is illegal to connect the voting system to a network, but most election workers have no way to know whether or not such a connection exists. NC needs an audit to ensure the paper ballots cast equal the number of people voting, the vote totals reported agree with the paper ballots, and that only votes from legally eligible voters have been counted.
“I know there’s a proverb which says, ‘To err is human’ but a human error is nothing to what a computer can do if it tries.”
(Per quote investigator.com, this comes from Agatha Christie’s 1969 novel “Hallowe’en Party”.)
There is no doubt in my mind that election fraud in NC predates computers and that human manipulation of vote totals continues to the present day. Still, the advent of computers has provided far more opportunities for mischief and far more ways to deceive the public.
While some fraudsters are so secure they don’t worry at all about being caught and may utilize phone lines and ethernet cables when committing computer fraud, they are hardly necessary. As a former precinct judge, I can tell you the poll workers at my precinct (and I suspect most in NC) were provided with laptop computers to use as poll books and a tabulation machine, at least theoretically not connected to the internet, to count the votes as the paper ballots were deposited in it and scanned.
Since I had no intention of committing fraud, I considered the laptops and tabulators locked boxes and made no attempt to look under the hood. Even if I had, it would be unlikely I could spot the circuitry or software required to manipulate data since that is not my area of expertise. But I know the vendor who provided the equipment used in my county told Michigan in their bid package for the Verity system that it “includes electronic transmission of Cast Votes directly from the precinct tabulator to the central elections office, and central count tabulation and reporting software,” so obviously electronic transmission was an available option.
I can tell you, however, that the lack of telephone wires or ethernet cables is irrelevant in determining whether computer fraud was committed unless the criminals were so complacent they used old fashioned wired technology for convenience.
Many, if not most, laptops use wi-fi to connect to the internet and other devices. My cell phone (like an increasing number of newer phones) not only lets me connect to the internet, it has a built-in Wi-Fi hot spot to permit other devices to gain internet access. I think it is safe to say every precinct had internet access unless it was so remote it didn’t have access to cell service.
Election fraud can be committed in many ways, and when a candidate’s vote total diminishes as additional precincts report in, it is pretty much a guarantee that there is fraud (or perhaps breathtaking incompetence.) Adding votes (or apples or anything other than zero or negative numbers) will yield a total greater than the numbers added. If any candidate’s vote total is diminishing as additional precincts report, there is obviously something wrong. Adding precincts cannot subtract votes, absent fraud or egregious error.
As a precinct judge, I was supposed to verify that the number of people voting matched the number of ballots counted by the tabulator. I was not required to verify that the ballot totals on the tape produced by the tabulator matched the paper ballots or even the precinct numbers in the summary of votes produced at the County level. And as far as I know, after the County submits the County totals to the state, there is no procedure for the County to verify that the state is using the actual numbers provided by the 100 counties as their starting point. There is no requirement, to the best of my knowledge, that the State Board of Elections explain to any County why a vote from that County would be changed at the State Level. Last but not least, I am unaware of any requirement for random hand counts of ballots to verify the accuracy of the tabulators should a result be questioned.
The systems currently in place in NC to prevent election fraud are grossly inadequate. The laws need to be revised and the punishments strengthened, since the present system, given the power gained by the winning party, is grossly inadequate to prevent or adequately punish election fraud.
Fern H Shubert
While I don’t disagree with Fern Shubert, whom I greatly respect, please don’t lose focus on the discussion. A modem in a voting machine is unlikely to connect to WiFi. My comments were based on the actual voting machines, not laptops. Fern is right, there are other ways to commit fraud, but I was not addressing them. If we find out that the voting machines do, in fact, have WiFi, heads need to roll. If the machines have any sort of modem in them, they need to be removed or permanently disabled. I don’t believe the state board of elections had a server infrastructure in place to receive incoming data from voting machines. That question will not be easy to answer, and it needs to be answered — again.