All voting machines can be hacked through the internet (and otherwise), even if not connected to it.

By @jennycohn1

  1. As explained in this article by Princeton University professor Andrew Appel, all voting machines — including Direct Record Electronic (“DRE”) devices, ballot-marking devices (“BMDs”), and optical scanners — can be hacked through the internet, even if the voting machine itself isn’t connected to it. https://freedom-to-tinker.com/2016/09/20/which-voting-machines-can-be-hacked-through-the-internet/ … [“Which voting machines can be hacked through the internet? …The answer: all of them.”]
  2. This is because “all voting machines must accept electronic input files” via a “cartridge or memory card … prepared on an Election Management (EMS) computer” that is itself likely connected to the internet from time to time. (Id.)

3. Professor Dan Wallach, manager of Rice University’s Computer Security Lab, agrees that “When you dig down, [many vendors] often have election management systems connected to the Internet, albeit behind firewalls, VPNs, or other such devices. It’s incorrect to call such systems ‘never connected.’” https://thinkprogress.org/how-easy-would-it-be-to-rig-the-next-election-819326cbbbd/ …

4. So does PhD student Matt Bernhard (University of Michigan) who says “it’s likely that ballots are programmed by computers that are in some way connected to the Internet.” (Id.)

5. Moreover, results from the precincts are often transmitted into a central tabulator over a local area network, so that the “chain-of-custody of the images is not provable, and images may be manipulated in transmission by network-based attacks.” https://d3n8a8pro7vhmx.cloudfront.net/jillstein/pages/26798/attachments/original/1480973902/Wisconsin_Hursti_Affidavit_11-28-16_(00268311x9CCC2).pdf?1480973902 …

6. Central tabulators, in turn, transmit results to online Election Night Reporting Systems, creating another opportunity for internet hacking of voting machine tallies.

7. In Georgia, for example, a flash drive transfers results from the central tabulator to the online Election Night Reporting System, and that same flash drive is then reinserted into the tabulator for the next round of memory cards. https://medium.com/@marilynrmarks_78681/georgias-voting-system-the-internet-and-the-meaning-of-is-23243fc3340b … …

8. Please also note that ES&S DS200 optical scanners used in Wisconsin and elsewhere are themselves equipped with modems, creating yet another avenue for tampering! See also https://whowhatwhy.org/2016/12/14/voting-machines-may-hackable/?utm_source=twitter&utm_medium=Social&utm_campaign=SocialWarfare … [Election integrity advocate John Brakey confirmed that the scanning machines in at least three Wisconsin counties in 2016 were equipped with modems to allow results to be transferred over the internet].

9. Thus, if contemplating the purchase of new equipment, it is critical to find out if they contain modems.

10. It is also easy to insert malware onto voting machines when they are updated or repaired. https://freedom-to-tinker.com/2016/09/20/which-voting-machines-can-be-hacked-through-the-internet/ …

11. Contrary to what some may think, optical scanners are just as easy to hack as touchscreen machines. Indeed, optical scanners use memory cards that can be programmed without detection to +1k votes for one candidate and -1k for the other candidate (or whatever +/- number a hacker might choose). https://www.dailykos.com/stories/2005/6/1/118600/- …

12. Here is a link to the report from the Defcon 25 Voting Machine Hacking Village conference. “By the end of the conference, every piece of equipment in the Voting Village was effectively breached in some manner. Participants with little prior knowledge and only limited tools and resources were quite capable of undermining the confidentiality, integrity, and availability of these systems…” https://www.defcon.org/images/defcon-25/DEF%20CON%2025%20voting%20village%20report.pdf