Back in the old days, before electronics, people kept paper ledgers to track store sales and perform other accounting chores. Records were written by hand and good penmanship was valued and rewarded since an illegible scrawl was useless.
Then, technology advanced and we ended up with computers that count things for us much faster and more accurately – for the most part. But a computer is only as good as its creators and programmers. This is such a fundamental idea behind all cybersystems that the industry coined a well-known phrase to describe the phenomenon:
Garbage in, garbage out.
(In Latin: Pergamentum init, exit pergamentum.)
If you give a computer information that is false, the machine makes no value judgment and spits out an untrue answer, based on what it “knows” – which is to say, what it has been “told” – instructed to do through lines of programming code.
Anyone who thinks that computers are infallible and invincible has never stood in a store line that has backed up because the “system went down” and the cashiers are dead in the water. Most of them can’t do basic math (addition, subtraction, multiplication, division) in their heads because it isn’t taught under Common Core.
Even if employees faced with a dead terminal could sum a list of items and compute the sales tax to add for a grand total, their bosses probably wouldn’t let them because the stock inventory is adjusted downward, based on sales. It would take a lot of worker hours to enter that data by hand, one record at a time.
Knowing that computers are only as smart as their inventors, is it really wise to entrust them to perform certain uber-crucial tasks – such as counting votes?
Before you answer, there’s another wrinkle in this problem to consider: unlike an adding machine of yore, modern computers link to the internet and sometimes store sharable data on the “cloud” of interconnectivity. Many business computers do not operate alone, isolated from everyone else’s, but are instead linked to each other through intranets.
Information is collected by a point-of-sale terminal and relayed through the internet to a centralized corporate database which sorts and stores all the incoming data in an orderly fashion for efficient retrieval later.
This remarkably helpful business tool is dulled by thieves who figure out how to overcome a computer network’s defenses by exploiting its vulnerabilities. We call them hackers because they hack their way into someone else’s system, either to prove it can be done or to make off with valuable information.
Only a month ago, on July 29, 2019, a 33-year-old Seattle resident named Paige Thompson was arrested for breaking into Capital One’s computer system and stealing 100 million U.S. and 6 million Canadian credit card application records submitted between March 12 and July 17 of this year.
Thompson broadcast Twitter messages that said she wanted to “distribute Social Security numbers along with full names and dates of birth,” according to the FBI agents investigating the case.
Before that, on September 2017, Equifax servers got hacked, to the tune of “a total of 2.4 million personally identifiable information (PII) [records] were collected.”
The unpleasant truth is that a dedicated hacker will, given enough time, find a system’s weakness and take advantage of it.
Each year, the largest hacking conference on the planet is hosted in Las Vegas, Nevada. Def Con 2018 included computerized vote machines. According to these expert technologists, altering votes already recorded is hard to do.
But there are many other ways a savvy hacker can try to gain unauthorized access to a networked machine. Jake Braun was formerly employed as a White House liaison on cybersecurity. He and a few other volunteers IT professionals test the national voting infrastructure each year at the event at the Voting Village they set up there.
According to Braun, the vote machines don’t pose nearly the security risk that state election websites do:
“The most vulnerable part of election infrastructure is the websites.”
Websites stay connected to the internet nonstop, without interruption (unless there is a power failure or other outage). When used for online voter registration, campaigning or announcing post-election results, hackers can have a field day. Braun said this has already happened:
“We know that Russia has done this before. They did it in the Ukraine, where they hacked Ukrainian election results on the government website. Fortunately, the Ukrainians caught it and shut the website down. But then the Russians announced that their candidate had won on RT, when he hadn’t.”
So, although vote machine vendors design and test their equipment for tight security, most U.S. states spend very little, if any, time and money on tightening up their ability to keep trespassers out.
Proof positive that this is so came when an 11-year-old girl hacked into a facsimile of one of 13 battleground states’ websites in a mere 10 minutes – “and she was the first one,” said Braun.
The girl was attending Rootz, the youth division of Def Con where kids learn how to hack. The convention-in-a-convention for kids displayed another state’s election website on the half-hour. Other children could compromise the system in less than 15 minutes.
One convention participant observed:
“At the point, I arrived in the room, the website for the state of Colorado was being projected on the wall, declaring that the candidate for the ‘Comnnunism’ party, Kim Jong-un, had won the state’s election with one quadrillion votes. (The runner-up, the rapper Lil Pump, apparently standing for the Democratic party, had just under 46m votes.)”
Now, ask yourself again if you think letting a network of linked computers collect and tally election votes is a good idea or not?