Many Troubling, Unanswered Questions about Voting Machinery in Georgia House Runoff
The results from Georgia’s sixth district congressional race are odd.
Jon Ossoff, the Democratic newcomer who ran against Republican former Secretary of State Karen Handel, won the absentee vote 64% to 36%. That vote was conducted on paper ballots that were mailed in and scanned on optical scanners. Ossoff also won the early voting 51% to 49%. Those results closely mirror recent polls that had him ahead by 1-3 points. In the highest of those polls, one by the Atlanta Journal Constitution, he was ahead by 7% with 5% undecided and a 4% margin of error.
Ossoff emerged from early voting with a 53% – 47% lead in votes that were recorded up to that point. Yet Handel ultimately was declared the winner of the race with a 3.6 margin of victory. How did she do it?
According to the reported results, Handel pulled out a whopping 16 percent lead with voters who cast their ballots on Election Day, giving her a crushing 58% to 42% division of the day’s votes. By that accounting, all 5% of the undecided voters in the AJC poll broke for Handel, the poll was off by its farthest estimate and another 3.5% of Ossoff’s voters switched sides into her camp. All this despite Ossoff’s intensive door-to-door ground offensive that Garland Favorito, who lives in the heart of the sixth district called the "most massive operation” he’s ever seen. Favorito is the founder of VoterGA, a nonpartisan election reform group. He said Handel had signs up, but her canvassing operation was no match for Ossoff's.
Unlike the absentee voters who filled out paper ballots, Election Day voters in Georgia used touchscreen machines that have no verifiable paper trail. These specific machines, the Accuvote TS, are susceptible to hacking, and in fact were hacked on national television in 2006 by computer scientists from Princeton. Professor Ed Felten also demonstrated the hack before Congress, testifying that their program could “silently transfer votes from one candidate to another,” and that “launching it requires access to a single voting machine for as little as one minute.”
Not only were the machines hacked 10 years ago, with no known patch put in place to protect them from that vulnerability, the entire Georgia election systems website was penetrated in August 2016 by security researcher Logan Lamb.
“It was on the wide-open internet,” Lamb said in a recent phone interview. Lamb was able to download passwords, instructions to election workers and databases used to prepare the ballots and tabulate votes. He easily downloaded all of this as part of 16 gigs of sensitive Georgia election data that was left completely unprotected on the internet for months. Asked what level of expertise was required, he replied, “little to none.”
So, there are a number of explanations for the Election Day sixth district vote totals. One is that Karen Handel was an unpredictable candidate who did not always connect with the voters, yet in the final days of the race radiated an irresistible charisma and policy expertise so impressive Georgia Republicans came out of the woodwork to support her on the final day of voting. (Keep in mind that this is the woman who was caught on tape saying, “I wanted to bark at you the way I get barked at.”)
Another possibility is that someone ran a program similar to the one designed by Ed Felten’s team, and that program moved some votes from Ossoff’s column over to Handel’s. Could it be done? In a recent congressional briefing on the subject, J. Alex Halderman, one of Felten’s team members said, “Hacking a national election in the United States would be, well, shockingly easy.”
He would know. He’s hacked almost every voting machine on the market.
Our Historic Democracy
Since it’s the Fourth of July weekend when we celebrate our independence and the creation of our historic democracy, this is the perfect opportunity to look a little closer at that history. Most of us grew up with the understanding that America has the oldest and best democracy. We have honest elections and we monitor elections in other countries where they often cheat.
Unfortunately, that is a myth—a lovely myth that makes us all feel good on July 4th while we’re watching spectacular explosions of colored lights in the sky. A quick scan through Tracy Campbell’s “Deliver the Vote: A History of Election Fraud, an American Political Tradition,” will quickly relieve us of our misconceptions. From the beginning of the franchise, the vote was manipulated and massaged to be as useful as possible to the party that could best control it. In 1780 when the Massachusetts state constitution that John Adams had written was passed, “the two thirds majority was manufactured by the convention.” The Harvard historian who later examined the ballots came to wonder whether the world’s oldest functioning constitution was ever legally ratified.
Many of us are familiar with the reputation of New York’s Tammany Hall for election fraud, but few of us know the details of the 135% turnout, the gangs that violently raided precincts and stole tens of thousands of ballots, and courtrooms where 800 immigrants were often naturalized and turned into “voters” in one day.
Georgia, where the sixth district race took place, has a colorful history of election fraud. Jimmy Carter ran into it full force in his first run for state senate. Among other tactics, he had to face a small-town political boss, Joe Hurst, who had recorded 420 votes in a town where only 333 were cast. Hurst had gone so far as to pull ballots from the box and threaten voters they would be thrown into the river if they didn’t vote as directed. That county’s votes lost Carter the race. But his team collected affidavits from voters who attested to the manipulation. Eventually a judge overturned the results sending Carter to the state senate—his first stepping-stone on his way to becoming governor and eventually president.
The 2016 election illustrated that there’s still plenty of dirt in play, and a multitude ofrecent hacks prove that the opportunity is not only present, but being actively mined. A security expert familiar with the Georgia Center for Election Systems setup said, “Personally I would be shocked if no one’s hacked that server. People do drive-by hacks of websites all the time.”
Maybe the current crop of elected officials is significantly cleaner than the old-school politicians from back in the day. It’s worth taking a look at more recent history to see if that’s the case.
Prior to running for Congress, Karen Handel was Secretary of State. She ran for that office on a strong platform of election reform, releasing a 10-page PDF that recommended sweeping changes to Georgia’s elections. In particular she cited the voting machines as a key problem saying, “Our electronic voting machines are already outdated and will ultimately have to be replaced.” She advocated for a voter verifiable paper audit trail and audits, “to verify that the electronic vote totals are accurate.”
Once in office, Handel did not follow through with these reforms. Instead, she went on record saying, “Georgia has the most secure elections in the nation.” She ignored the recommendations of a security report she had requested, and blocked the authors of that report from fully evaluating the system. Why would a candidate undergo such an abrupt and complete reversal of her central campaign issue?
Favorito, the VoterGA election group activist, suspects it was because of financial contributions from a lobbying firm representing Diebold, the voting machine vendor. VoterGA looked into Handel’s campaign contributions and found close to $25,000 from associates and employees of the lobbying firm Massey & Bowers. An iteration of the firm still lists Diebold as its client. Favorito says, “She had a tremendous revenue stream from the Bowers family.” Handel's office did not respond to a request for comment.
Handel is not the first candidate to beat the odds and win a surprising victory on Georgia’s Diebold voting machines. Just after the machines were installed in 2002, Republican “underdog” candidates beat out their Democratic rivals for both governor and senate. In a now infamous upset, Max Cleland, the Democratic incumbent senator, lost to his Republican rival Saxby Chambliss by seven points, despite polls showing a close race. Less well known is that Brian Kemp, now Georgia’s Secretary of State and a current candidate for governor, was part of that Republican sweep. He won a tight race against another Democratic incumbent in the state senate. His victory helped give Republicans control of Georgia’s senate for the first time since Reconstruction.
Kemp has fought aggressively to keep using the voting machines in Georgia, fending off a recent court case claiming the machines were “uncertified, unsafe, and inaccurate.” Kemp and other election officials won the case on a technicality and were allowed to use the machines for the June 20 special election.
It’s Not a Bug, It’s a Feature
It is difficult for the public to know who to believe in the back-and-forth between election officials who say the machines are secure and hackers and election activists who say they most definitely are not.
Merle S. King is the executive director of the Kennesaw State University Center for Election Systems, the organization responsible for testing and providing support for Georgia’s entire election system. In response to an email question, King said, “The EMS (Election Management System) servers are maintained in a secure fashion, before, during and after the election. This security includes lock-and-key restricted access to the EMS, server and manual logs, and tamper evident seals on the cases of the servers to detect access to internal components.” He cited a “hashing” protocol that confirms the security of the system each time it’s installed, serviced, moved or goes through other transitions that could make it vulnerable.
Doug Jones, a computer science professor at the University of Iowa was pleased to hear about the hashing procedure. He said, “This procedure…offers real protection against use of the wrong version…or a corrupted or hacked version of the EMS.” But he added, “I can imagine ways to structure the EMS that would allow it to be corrupted after installation and hash checking.”
In other words—it’s great that you’re doing that and I could break in anyway. That is why computer and security experts all over the country have advocated for the use of paper ballots and audits. Because they know better than anyone that in the cat-and-mouse game of security and hacking, hackers usually have the final word.
Favorito, who has decades of IT experience, points out that pre-election machine testing is usually not meaningful, “because the mode is changed after testing and…the software can detect the mode and count differently.”
Marilyn Marks, who filed the most recent lawsuit against Kemp and other Georgia election officials had the same response. “The first time I was an election judge, I went wait a minute—this isn’t the mode the machine is going to be run in? We all agreed it was just theater.”
But King says, “There is testing done…in both test and election mode.”
Many of the problems with Diebold’s touchscreen machines have been part of the public record for years. In 2003, Wired published a shocking whistleblower expose from Rob Behler, a Diebold computer technician who had a special nickname for the Diebold touchscreen machines. "JS equipment is what we were calling it at the time," said Behler. "Junk shit.”
Behler claimed the machines were so badly designed that they hardly held together. "It's hard to track down a problem when you go out to your car and the first time it starts, the next time the headlights don't work, the next time you start it the brakes are out, and the next time you start it the door falls off," Behler said. "That's really the way they were."
Fourteen years later, those same machines are still in use.
If Georgia’s elected officials truly wanted secure and accurate elections, they could have had them by now. Karen Handel was elected Secretary of State on a platform of comprehensive election reform she was in a position to implement. So if the situation around the voting equipment is not improving, it may be because some of Georgia’s elected officials prefer it in a state of vulnerability.
Celebrating Independence Day
A new study reported that gerrymandering—the practice of drawing districts to favor one's own political party—is so bad in some states there is a “1-in-60,000 likelihood of those lines being drawn randomly.”
Voting rights activist Nse Ufot of the New Georgia Project told us that in Cobb County alone there was a backlog of at least 30,000 unprocessed voter registration forms when their organization took the Georgia Secretary of State to court over registration issues in March. (The race was won by 9,282 votes.) And a Gallup poll around the time of the presidential election last November found, “a record low 30% of Americans expressed confidence in the ‘honesty of elections.’"
Election activists are soldiering ahead. Marilyn Marks says they will continue their current litigation efforts in Georgia under the name Coalition for Good Governance. She expects to file for a second time against Georgia election officials over the weekend, and says they will “ask the courts to intervene to vindicate voters’ constitutional rights to secure elections.”
In recent weeks these issues are finally getting the attention they deserve. On June 21st, the Senate Intelligence Committee held a hearing on Election Security, and on Thursday The Brennan Center released a report outlining "urgent steps" needed to protect the security of voting machines and registration databases.
Now that’s something to celebrate.