Can voting machines be hacked?
Voting machines have been hacked at staged demonstrations and in laboratories, but these environments do not reflect an actual election scenario where multiple layers of physical and cyber security are always in place. These measures include pre-election testing, locks, restricted access, tamper-resistant seals, chain-of-custody protocols, and voting machines which are locked down to ensure limited access, along with more advanced technology found in newer equipment.
How does Dare County ensure voting systems count ballots accurately?
Dare County's Election Systems & Software (ES&S) voting systems are rigorously tested in a number of ways. First, systems endure thousands of hours of testing using millions of test ballots via the federal testing program. These tests are performed by independent federally accredited test labs (VSTLs) and ensure all ES&S machines perform at the highest levels of security, accuracy and accessibility. This testing program includes the review of more than 3 million lines of source code and ES&S machines must read 1.5 million consecutive ballot positions without error in order to achieve federal certification. Several states also engage independent firms to audit the security of voting machines as part of state certification examination process. Along with internal quality assurance testing, ES&S additionally engages third party researchers for independent security and penetration testing. Lastly, local election officials perform logic and accuracy testing before every election to ensure systems count votes accurately and to ensure ballots are counted as cast.
How do states and jurisdictions ensure elections are accurate?
Election jurisdictions follow a multi-layered approach to ensure all votes are counted as cast. Every state upholds established requirements for physical security and chain of custody to protect the security of their systems. These controls may include locks, seals, audit logs, witness signatures or other security measures. Pre-election logic and accuracy testing and post-election audits are proven processes that uphold the accuracy of elections. In addition, every state in the nation has a statutory process for legal challenges, recounts or contests to election results. Election authorities in each state determine their auditing processes according to state law.
Does Dare County use AI in its voting system technology software?
Dare County's ES&S system does not use any artificial intelligence (AI) in voting system technology. AI is an umbrella term that encompasses a wide variety of technologies, including machine learning, deep learning, and natural language processing (NLP). Tabulation on the other hand is defined as the ability to count, record, or list data systematically and to put that data into tabular form. ES&S voting system software is specifically developed to do just that. There is no software programming associated with any of the AI functions above, especially with recognizing speech, making decisions or identifying patterns. ES&S voting technology counts the selections made by voters either with a pen or by using a machine. ES&S election management system can then generate reports based on those voter choices. There is no software associated with machine learning, or any analytic or predictive functions performed by ES&S technology.
When I cast my ballot, does it matter whether I put my paper ballot face-up or face-down in the scanner?
No. Thanks to dual-scanning technology, ES&S tabulation machines – poll place scanners and central count scanners – can read ballots no matter which direction they are placed in the machine.
I understand that ES&S election software operates on Windows. What does that mean for election security?
Election systems are hardened, meaning that the computer that runs Windows is locked down with allowed access only to the functions required to conduct an election. Unused ports are blocked, and unnecessary services are removed. This hardening means that workstations running on Windows platforms are protected from the types of risks more commonly associated with mainstream technologies.
