Internet Explorer 11 is not supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

California Recall Election Software Could be Vulnerable

Researchers are alarmed by the recent disclosure of sensitive election system software by an ally of former President Donald Trump, and argue the exposure was tantamount to a serious breach of election system security.

(TNS) — A group of voting security researchers, alarmed by recent disclosure of sensitive election system software by an ally of former President Donald Trump, want California officials to conduct a statewide post-election review of ballots cast in the Sept. 14 recall targeting Gov. Gavin Newsom.

Their request, made just days before in-person voting begins in several counties, threatens to drag California into the tumultuous national debate over election security.

"While the software versions are not identical to those used in California, differences are relatively minor," the group said in its letter Thursday to Secretary of State Shirley Weber. "The release materially elevates threats to the trustworthiness of the ongoing California recall election and to public trust in the election."

The researchers who wrote to Weber acknowledged California's strong record on election security. But they argued the public discussion of Dominion products by Mike Lindell, the chief executive of MyPillow and an informal adviser to Trump, was tantamount to a serious breach of election system security.

Lindell held an event in South Dakota last month that he billed as a symposium on election fraud where, according to news reports, details of the Dominion systems were discussed. Those systems, the voting researchers said in their letter to Weber, were similar enough to those used by some California counties to cause concern.

"For years the voting tech market has used the cloak of invisibility like a shield to protect their products from the threats that every day exploit weaknesses in computer systems," Richard DeMillo, the chairman of the Georgia Tech School of Cybersecurity and Privacy, said in a written statement. "That shield never really existed but now it's not even a fig leaf."

A spokesperson for Weber didn't immediately respond to a request for comment.

The researchers want California officials to commit to a sweeping post-election review of the recall's results, an examination that would likely involve checking the marks made on millions of ballots. But their biggest concern may lie with possible vulnerabilities in the devices used to mark paper ballots at in-person voting sites — weaknesses they say were revealed by Lindell's public event.

The devices in question are made by Dominion Voting Systems and scheduled to be used in 40 of the state's 58 counties for the recall election. Dominion remains ensnared in unproven allegations of fraud made by Trump supporters in last November's presidential election. The company has filed lawsuits over accusations made by the former president's attorneys and repeated by conservative media organizations, including legal action against Lindell.

"In raising our concerns about the Dominion software release we are not accusing Dominion of wrongdoing," the letter from eight election researchers said. "Nor do we have evidence that anyone currently plans to hack the recall election."

Instead, the researchers told Weber, they are urging action to ensure public confidence in the recall election results that will be reported once polls close on Sept. 14. The academics did not ask Weber to ban Dominion's ballot marking devices, a decision that would lead to widespread disruptions in planning for in-person voting.

The letter sent to Weber cites the work of Alex Halderman, a University of Michigan computer science professor, who reported to a federal court that a ballot marking device made by Dominion has security vulnerabilities that "would allow an ordinary voter to insert malware into a [ballot marking device] during a voting session, with little likelihood of detection."

That malware, Halderman noted in a court filing last month related to a Georgia election lawsuit, could then "spread undetected to other voting machines and potentially to the central election management system (EMS) in the county."

For almost 15 years, California has required paper records of all votes cast in elections as a backstop to security and accuracy concerns with voting machines. Ballot marking devices are intended to assist the voter with clear and consistent selections while allowing review of a paper ballot before it's placed inside a ballot box.

The warning comes during a heated public debate about election security. A poll released Wednesday by the nonpartisan Public Policy Institute of California found that while most likely voters surveyed said they have confidence in the state's voting systems, there was a wide gap in confidence between Democrats and Republicans. Forty-three percent of GOP likely voters surveyed said they had "very little" confidence in the state's elections systems.

More than 5 million voters have already cast ballots, according to tallies reported by elections officials. In-person voting begins this weekend in some communities for Californians who either didn't want to cast a ballot remotely or for those who need help with their selections or their registration status.

©2021 Los Angeles Times. Distributed by Tribune Content Agency, LLC.
Special Projects
Sponsored Stories
Workplace safety is in the spotlight as government leaders adapt to a prolonged pandemic.
While government employees, students and the general public had to wait in line for hours in the beginning of the pandemic, at-home test kits make it easy to diagnose for the novel coronavirus in less than 30 minutes.
Governments around the nation are working to design the best vaccine policies that keep both their employees and their residents safe. Although the latest data shows a variety of polarizing perspectives, there are clear emerging best practices that leading governments are following to put trust first: creating policies that are flexible and provide a range of options, and being in tune with the needs and sentiments of their employees so that they are able to be dynamic and accommodate the rapidly changing situation.
Service delivery and the individual experience within health and human services (HHS) is often very siloed and fragmented.
In this episode, Marianne Steger explains why health care for Pre-Medicare retirees and active employees just got easier.
Government organizations around the world are experiencing the consequences of plagiarism firsthand. A simple mistake can lead to loss of reputation, loss of trust and even lawsuits. It’s important to avoid plagiarism at all costs, and government organizations are held to a particularly high standard. Fortunately, technological solutions such as iThenticate allow government organizations to avoid instances of text plagiarism in an efficient manner.
Creating meaningful citizen experiences in a post-COVID world requires embracing digital initiatives like secure and ethical data sharing, artificial intelligence and more.
GHD identified four themes critical for municipalities to address to reach net-zero by 2050. Will you be ready?
As more state and local jurisdictions have placed a priority on creating sustainable and resilient communities, many have set strong targets to reduce the energy use and greenhouse gases (GHGs) associated with commercial and residential buildings.