The New Yorker Radio Hour

Episode: Is Voting Safe?
Date: October 12, 2018
Host: David Remnick
Guests: Logan Lamb (Security Researcher), Susan Greenhalgh (National Election Defense Coalition)

Overview

This episode explores the safety and vulnerabilities of the American voting system, particularly in light of foreign interference and hacking incidents surrounding recent U.S. elections. Host David Remnick, along with investigative reporting by Sue Halpern, interviews cybersecurity experts and advocates to examine how electronic voting systems can be compromised, what this means for the integrity of democracy, and whether anything is being done to safeguard future elections.

Key Discussion Points and Insights

1. Russian Interference and Election Security Realities

• [00:10] David Remnick introduces the topic, reflecting on the shock of Russian interference in the 2016 elections and the difference between influencing public opinion and actually altering voting results.
  • “If somebody really did want to hack the election, it wouldn’t be impossible. Not at all. Sue Halperin has been writing for the New Yorker about election security, and what she’s found should scare us all.” — David Remnick [00:59]

2. Logan Lamb’s Discovery in Georgia

• [01:05-04:00] Security researcher Logan Lamb recounts his accidental discovery of massive vulnerabilities at Georgia's election system center in August 2016.
  • He describes how a basic Google search led to public files containing 15GB of sensitive election data, including:
    • Supervisor passwords for election day
    • Windows programs for electronic poll books
    • The full voter registration database (names, addresses, birthdates, partial SSNs, driver license numbers)
    • Central tabulator ('Jim' server) databases
  • Lamb discusses the grave implications:
    • “An attacker could have compromised that web server and used it as a beachhead to get deeper into the center for Election Systems networks.” — Logan Lamb [03:35]
    • Warns of potential to implant malware, alter databases, or disenfranchise voters

3. Official Response in Georgia

• [04:00-05:23] Despite Lamb’s findings, Secretary of State Brian Kemp rejects federal help, insisting the system was secure.
  • The vulnerabilities aren't patched for seven months.
  • Later, evidence emerges that Russian hackers were probing similar systems in Georgia and elsewhere.

4. Systemic Weakness Nationwide

• [05:23] Susan Greenhalgh (National Election Defense Coalition) underscores that while states oversee elections, they lack substantial cybersecurity expertise.
  • “We understand the states need to run elections. That’s their authority. But they’re not cybersecurity experts.” — Susan Greenhalgh [05:23]

5. Vulnerabilities of Voting Machines (Paperless, Electronic, Internet Connectivity)

• [05:30-06:54] Greenhalgh outlines specifics about voting machines:
  • Some states use touchscreen systems with no paper ballots, making audits difficult.
  • Machines are often believed to be “unhackable” due to lack of direct internet connectivity, but:
    • Machines rely on removable media for ballot programming, creating infection opportunities.
    • Many are equipped with wireless modems sending data via the internet.
  • "If the device that is doing the programming gets infected with malicious software, it can be transferred to the individual voting machines.” — Susan Greenhalgh [06:54]
  • “Those wireless modems go over cellular networks, and those cellular networks are part of the Internet.” — Susan Greenhalgh [07:40]

6. New Forms of Election Manipulation: Voter ID Laws and Roll Purges

• [08:10-09:53] The discussion shifts to another attack vector: restrictive voting laws and database purges, which can systematically disenfranchise voters.
  • Greenhalgh shares her concerns, highlighting unexplained problems with poll books and database errors in North Carolina in 2016:
    • “People were showing up to vote in Durham County, North Carolina, and their names weren’t on the voter rolls… The county report has been made public. It wasn’t very in depth... concluded that it was poll worker error malfunctions. But I think that’s an open question as to what happened in North Carolina on Election Day." — Susan Greenhalgh [08:41-09:53]

7. Federal Funding and the Need for Legislation

• [09:53-10:46] $380 million in Help America Vote Act funds were released for election security, but the federal government attached no requirements for how states must use it.
  • Greenhalgh stresses the importance of nationwide legislative standards, not just ad-hoc funding.
  • “It would be really useful to have some federal legislation to move the states to those remedies that we know are so essential to securing our elections.” — Susan Greenhalgh [10:14]

8. Legitimacy and Public Trust

• [10:46-11:22] Worries about the erosion of faith in the democratic process itself.
  • Greenhalgh insists the best defense is “evidence-based elections”—use of paper ballots with post-election audits.
  • “I worry that people will try to undermine the credibility of it. And the best way to counter that is if we have systems that produce evidence of the election results, which is accomplished with paper ballots and doing a post election audit.” — Susan Greenhalgh [10:55]

9. What’s Next: Patchwork Defenses

• [11:22-11:57] With no federal legislative fix forthcoming and midterms imminent, most states are left on their own, with vastly uneven levels of security preparedness.
  • “It’s hard to imagine election officials actually having a line of defense against cyber attacks by Russian intelligence agents or other malicious actors. But if we don’t do something about this as a country, we’re putting our democracy at risk.” — Interviewer [11:47]

Notable Quotes

• David Remnick [00:59]: “If somebody really did want to hack the election, it wouldn’t be impossible. Not at all.”
• Logan Lamb [03:35]: “The scariest scenario I can think of would be an attacker implanting malware on the programs that are placed on the electronic poll books, or altering the voter registration databases to disenfranchise voters.”
• Susan Greenhalgh [05:23]: “We understand the states need to run elections. That’s their authority. But they’re not cybersecurity experts.”
• Susan Greenhalgh [07:40]: “Those wireless modems go over cellular networks, and those cellular networks are part of the Internet.”
• Susan Greenhalgh [10:55]: “I worry that people will try to undermine the credibility of it. And the best way to counter that is if we have systems that produce evidence of the election results, which is accomplished with paper ballots and doing a post election audit.”

Key Timestamps

• 00:10–01:05: Framing the episode—Russian interference and the initial misunderstanding of what “hacking” the election meant.
• 01:05–04:00: Logan Lamb details his discovery of open vulnerabilities in Georgia’s election databases and infrastructure.
• 05:23–06:54: Susan Greenhalgh explains state-level weaknesses and debunks myths of “unhackable” voting machines.
• 08:10–09:53: Discussion of weaponizing voter rolls, poll book errors in North Carolina, and the impacts of restrictive ID laws.
• 09:53–10:46: Federal election funding and the call for mandates and standards, not just money.
• 10:46–11:22: Emphasis on “evidence-based elections” as the foundation for public trust.
• 11:22–11:57: The urgent need for action amid a lack of federal direction.

Concluding Insights

The episode offers a sobering look at the vulnerabilities within America’s voting infrastructure, both technological and systemic. Experts warn that without legislative standards, paper trails, and proper auditing, the legitimacy of American elections—and by extension, democracy itself—remains at risk. The show closes by emphasizing that while faith in American democracy endures, it cannot be taken for granted, especially when known risks go unaddressed.