So the good news is: our election system has many checks and balances so we don’t have to trust the hackable computers to tell us who won. The biggest weaknesses are DRE paperless touchscreen voting machines used in a few states, which are completely unacceptable; and possible problems with electronic pollbooks.
In this article I’ve discussed paper trails: pollbooks, paper ballots, and per-precinct result printouts. Election officials must work hard to assure the security of the paper trail: chain of custody of ballot boxes once the polls close, for example. And they must use the paper trails to audit the election, to protect against hacked computers (and other kinds of fraud, bugs, and accidental mistakes). Many states have laws requiring (for example) random audits of paper ballots; more states need such laws, and in all states the spirit of the laws must be followed as well as the letter.
In Part 2 of this series, I’ll discuss cybersecurity policy for election infrastructure.