• Question: Can Dominion voting machines used in Nevada be hacked with a ballpoint pen?
• Response: No. The concern stems from a Georgia trial where a professor hacked a Dominion machine in court.
The Dominion machines in Nevada are different from those in the Georgia case with different software. The Nevada Secretary of State’s office says none of the issues in the Georgia case could happen here. Also, the Georgia hacking was not done in a real-world environment.
Original concern over hacked Dominion voting machines in Georgia
University of Michigan computer science professor Alex Halderman testified in a federal trial recently in Georgia about the vulnerability of Dominion voting machines there.
In court before a judge, he inserted a pen into the back of a Dominion voting machine and held it for a few seconds to cause the machine to reboot, according to an article on the Law360 legal website.
Halderman then accessed a “terminal emulator” to bypass the voting machine’s security settings and obtain “super-user” access, where he said he could then change whatever he wanted.
The machine was set up for a fake election between George Washington and Benedict Arnold, the article said. Halderman voted for Washington but, because of his hacking, the vote was changed to Arnold.
The printed ballot backup that the machine spit out showed he voted for Arnold — something voters are supposed to check for verification to make sure their vote was logged accurately.
Halderman released a 96-page report last year explaining the machines’ vulnerabilities.
The federal government’s Cybersecurity and Infrastructure Security Agency soon after released an advisory based on Halderman’s findings. It was sent to jurisdictions using the machines and explained how to detect and prevent anyone trying to exploit the issues.
“While these vulnerabilities present risks that should be mitigated as soon as possible, CISA has no evidence that these vulnerabilities have been exploited in any elections,” the advisory says.
During a media tour of Washoe County’s election facilities in January with Nevada Secretary of State Cisco Aguilar, it was mentioned that Dominion voting machines are used.
A member of the public who’d joined the event commented, “We know from the trial going on in Atlanta, Georgia, that with the Dominion voting machines, votes can be changed merely with a pen. We’ve got huge concerns because most counties in Nevada use Dominion voting machines.”
Nevada doesn’t use same voting machines as Georgia
Soon after the Washoe County tour, the Secretary of State’s office sent an email to Nevada county clerks and registrars giving background on what Halderman did in Georgia.
“The issues with the systems CANNOT happen in Nevada because 1) we don’t use those types of Dominion machines or version of the Democracy Suite that he manipulated and 2) our physical and cyber security measures, along with our required processes and procedures — when followed properly — would either prevent or identify any manipulation before it happened,” the email said in bold font.
It goes onto explain that the voting machine software that showed vulnerabilities “has never been used in Nevada.”
The machines themselves were “not certified for use in Nevada,” it added.
Also, “None of the issues identified in the CISA report could be exploited without having unlimited access to the voting machines, which is not something that could occur here in Nevada,” the email said.
The email then goes on to describe the security surrounding voting machines in Nevada, the chain of custody followed and how machines are removed from use if there’s a question about whether a machine has been tampered with.
It also notes that even if a machine could be tampered with, the “Voter Verifiable Paper Audit Trail” on all Dominion machines in Nevada would show if a vote were not recorded properly.
“This reiterates the importance of looking at the VVPAT to ensure that your selections match what is on the paper in the VVPAT,” the email advised voters.
Doubts that voting machine hacking could lead to widespread fraud
Voting machine maker Dominion — which reached a $787.5 million settlement with Fox News over false claims made by Fox hosts that its machines had flipped the 2020 election against Donald Trump — asked MITRE to check into Halderman’s claims.
MITRE is a not-for-profit organization that does federally funded research for U.S. government agencies on defense, homeland security and cybersecurity issues. It was a spinoff from the Massachusetts Institute of Technology’s work into computer systems in the 1950s.
In 2020, MITRE created the National Election Security Lab to do free risk assessments for voting systems.It found that Halderman’s attacks on voting machines in Georgia were “operationally infeasible” because of problems getting access to make the changes in a real-world environment and the challenge of making changes at a scale large enough to sway an election.
“Each of the proposed attacks requires access and/or opportunity that remains unavailable in the operational environment: all six proposed attacks require an attacker to place hands on a device, tamper with hardware and/or software, or otherwise perform actions under operating conditions and security protocols developed to prevent this form of contact with the equipment,” the independent assessment concluded.
Even so, the Dominion voting machines used in Nevada are not the same as those in Georgia.
Mark Robison is the state politics reporter for the Reno Gazette Journal, with occasional forays into other topics. Email comments to email@example.com or comment on Mark’s Greater Reno Facebook page.