Las Vegas Review-Journal (Sunday)
Activists blast weaker voting security rules
BOSTON — Leaders of the federal agency overseeing election administration have quietly weakened a key element of proposed security standards for voting systems, raising concern among voting-integrity experts that many such systems will remain vulnerable to hacking.
The Election Assistance Commission is poised to approve its first new security standards in 15 years after an arduous process involving multiple technical and elections community bodies and open hearings.
But ahead of a scheduled Feb. 10 ratification vote by commissioners, the EAC leadership tweaked the draft standards to remove language that stakeholders interpreted as banning wireless modems and chips from voting machines as a condition for federal certification.
Agency leaders argue that overall, the revised guidelines represent a major security improvement. They stress that the rules require manufacturers to disable wireless functions present in any machines, although the wireless hardware can remain.
Seven members of the commission’s 35-member advisory board including its chair, Michael Yaki, wrote EAC leadership on Thursday to express dismay that the standards were “substantially altered” from what they approved in June.
Yaki said he was puzzled because “the mantra adopted by pretty much the entire cyber community has been to take radios or things that can be communicated via wireless out of the equation.”
Yaki asked in the letter that the commissioners postpone the Feb. 10 vote. He withdrew that request on Friday after hearing their explanation, but he said his concerns remain.
EAC Chair Benjamin Hovland noted that the agency relied on experts with the National Institute of Standards and Technology to help draft the guidelines.