You don’t know if an election is hacked unless you take steps to find out.

It was overlooked by the news networks, but there was a significant step forward in advancing public understanding of how to secure voting systems in yesterday’s Senate Intelligence Committee hearing.  California Senator Kamela Harris opened her questioning with an old cyber security riddle:

Q: How is not being hacked like being hacked?

A: Either way you don’t know.

This has been at the root of public misperceptions of election system security: since you can’t point to a successful vote-changing hack,  we must therefore be secure. In fact, most the of the Senate committee seemed hell-bent on propagating this idea by coaxing

No Senator, I don’t know if votes were actually changed in the November election

from witnesses who in fact have never tried to find out.

Alex Halderman tackled both sides of this fallacy with his opening statement.  First,  he pointed to a supervised hack of a Washington DC election that, over 48 hours changed every vote.

Even more importantly, he recommended risk-limiting post-election audits as a mandatory cost-effective and mathematically sound method of verifying election results:

 Specifically, if the reported outcome (usually the set of winner(s)) is incorrect, then a risk-limiting audit has a large, pre-specified minimum chance of leading to a full hand count that reveals the correct outcome. A risk-limiting audit can stop as soon as it finds strong evidence that the reported outcome was correct. (Closer elections generally entail checking more ballots.)

An important bottom line from yesterday’s hearing was an answer to the question whether you can ever know that an election was hacked.  You can, if you look.


Author: mayorlarryvaughn

My name is Larry Vaughn. You last saw me In 1975 in Amity, New York. I was the town's mayor when a rogue sheriff tried to frighten 4th of July tourists with talk of a great white shark lurking off the shallow waters. Needless to say, I was not pleased with the panic that ensued. "No danger!" I said. "Fun in the water!" Then the shark started gobbling people up. I now regret that I did not do more to protect the people who trusted me, and I want to make sure the same thing does not happen to the voters of Georgia. There are sharks lurking offshore (in Russia, for example) who want to hack your votes. Like me your elected leaders are quick to shout "No danger!"

One thought on “You don’t know if an election is hacked unless you take steps to find out.”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s