I was invited to testify yesterday before the U.S. House of Representatives Subcommittee on Information Technology, at a hearing entitled “Cybersecurity: Ensuring the Integrity of the Ballot Box.” My written testimony is available here. My 5-minute opening statement went as follows: My name is Andrew Appel. I am Professor of Computer Science at Princeton University. […]
Which voting machines can be hacked through the Internet?
September 20, 2016 by
Over 9000 jurisdictions (counties and states) in the U.S. run elections with a variety of voting machines: optical scanners for paper ballots, and direct-recording “touchscreen” machines. Which ones of them can be hacked to make them cheat, to transfer votes from one candidate to another? The answer: all of them. An attacker with physical access […]
Security against Election Hacking – Part 2: Cyberoffense is not the best cyberdefense!
August 18, 2016 by
State and county election officials across the country employ thousands of computers in election administration, most of them are connected (from time to time) to the internet (or exchange data cartridges with machines that are connected). In my previous post I explained how we must audit elections independently of the computers, so we can trust the […]
Security against Election Hacking – Part 1: Software Independence
August 17, 2016 by
There’s been a lot of discussion of whether the November 2016 U.S. election can be hacked. Should the U.S. Government designate all the states’ and counties’ election computers as “critical cyber infrastructure” and prioritize the “cyberdefense” of these systems? Will it make any difference to activate those buzzwords with less than 3 months until the […]
Internet Voting? Really?
April 18, 2016 by
Recently I gave a TEDx talk—I spoke at the local Princeton University TEDx event. My topic was voting: America’s voting systems in the 19th and 20th century, and should we vote using the Internet? You can see the talk here:
