Motherboard reports on more reasons to feel insecure about fair, secure elections in the United States.

The nation’s top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years, raising questions about the security of those systems and the integrity of elections that were conducted with them.

In a letter sent to Sen. Ron Wyden (D-OR) in April and obtained recently by Motherboard, Election Systems and Software acknowledged that it had “provided pcAnywhere remote connection software … to a small number of customers between 2000 and 2006,” which was installed on the election-management system ES&S sold them.

The statement contradicts what the company told me and fact checkers for a story I wrote for the New York Times in February. At that time, a spokesperson said ES&S had never installed pcAnywhere on any election system it sold. “None of the employees, … including long-tenured employees, has any knowledge that our voting systems have ever been sold with remote-access software,” the spokesperson said.

Stu Soffer, the Republican state election commissioner, hurred to the defense of ES&S, a major vendor in Arkansas, circulating its statement that it had stopped providing the software more than a decade ago and no client was using it today. Well and good. But the Motherboard article points out that is’ not clear if all the users of the system had made the patches necessary to close off vulnerabilities the software presented.

Advertisement

It’s not clear if election officials who had pcAnywhere installed on their systems, ever patched this and other security flaws that were in the software.

“[I]t’s very unlikely that jurisdictions that had to use this software … updated it very often,” says Joseph Lorenzo Hall, chief technologist for the Center for Democracy and Technology, “meaning it’s likely that a non-trivial number of them were exposed to some of the flaws found both in terms of configuration … but also flaws that were found when the source code to that software was stolen in 2006.”

Be a part of something bigger

As a reader of the Arkansas Times, you know we’re dedicated to bringing you tough, determined, and feisty journalism that holds the powerful accountable. For 50 years, we've been fighting the good fight in Little Rock and beyond – with your support, we can do even more. By becoming a subscriber or donating as little as $1 to our efforts, you'll not only have access to all of our articles, but you'll also be helping us hire more writers to expand our coverage and continue to bring important stories to light. With over 63,000 Facebook followers, 58,000 Twitter followers, 35,000 Arkansas blog followers, and 70,000 daily email blasts, it's clear that our readers value our great journalism. Join us in the fight for truth.

Previous article UPDATE: Cardi B, Toby Keith, Gucci Mane, George Clinton, Sammy Hagar headline El Dorado’s Musicfest Next article Little Rock, cut low