Security vulnerabilities in voting machines show America still isn't ready for the 2020 election

Though researchers discovered a fundamental security flaw in voting machines months ago, the company behind the machines may still be advertising them to states in a way that allows the vulnerability to persist, according to a letter sent to the US Election Assistance Commission and reported by NBC News.

In Aug 2019, a team of independent security experts found that, contrary to popular belief, many digital voting machines were connected to the internet, sometimes for months on end, Motherboard reported. This, the experts feared, could give hackers a window through which to manipulate votes.

The company that makes the machines that the researchers found to be flawed is called Election Systems & Software (ES&S) (company officials disputed this characterization of its systems). About 70 million Americans’ votes are counted using one of ES&S’ machines, which make up about half of the election equipment market, according to ProPublica.

<snip>

Since the report broke, several states, such as North Carolina and Florida (pdf), have either adopted or continue to use ES&S equipment, despite warnings of the machines’ security vulnerabilities. Some believe the EAC, an agency that is consistently understaffed and underfunded, lacks the authority to protect voters in this year’s election. “Perhaps not surprisingly, the last two major meetings of the EAC and local election officials about the certification process have resulted in screaming matches over the slow pace of progress,” according to a ProPublica story published on Oct 28.