Simons was called a Luddite. At times, she was treated as just short of raving. At a League of Women Voters convention, she took a turn at the microphone to challenge the league’s president. The moderator tried to yank the mic from her hand.
Simons is not grappling for mics anymore. In late July, at the annual Def Con hacker conference, in Las Vegas, she addressed an event called the Voting Village—a staged attack on voting machines. “I lose sleep over this. I hope you will too,” she told the hackers who had packed into a windowless conference room at Caesars Palace.
Four voting machines had been secured for the event, three of them types still in use. One team of hackers used radio signals to eavesdrop on a machine as it recorded votes. Another found a master password online. Within hours of getting their hands on the machines, the hackers had discovered vulnerabilities in all four.
For much of the afternoon, Simons was in the pressroom, surrounded by reporters eager to hear her make the same points she’d been making for years. “Anything that’s happening in here, you can be sure that those intent on undermining the integrity of our election systems have already done,” she told a reporter from USA Today.
Russia’s efforts to influence the 2016 presidential election have reversed Simons’s fortunes. According to the Department of Homeland Security, those efforts included attempts to meddle with the electoral process in 21 states. At the same time, a series of highly publicized hacks—at Sony, Equifax, the U.S. Office of Personnel Management—has driven home the reality that very few computerized systems are truly secure.
State officials now return Simons’s calls. Like many of her former adversaries, the League of Women Voters no longer insists on paperless voting. In September, after years of effort by Simons and the nonprofit she helps run, Verified Voting, Virginia abandoned the practice. I asked Simons how it felt to be vindicated. “It sucks,” she said. “I would much rather have been wrong.”
Evidence has yet to emerge that Russia successfully manipulated voting systems in 2016, and most of Russia’s probing appears to have been aimed at databases of registered voters, not the machines that record votes. But Simons believes that the failure to heed her warnings has left states in grave danger, with too many potential weak points to shore up before hackers do succeed in altering an outcome. It is not a theoretical vulnerability, Simons told me. “Our democracy is in peril. We are wide open to attack.”
“It’s not that I don’t like computing or I don’t like computers. I mean, I am a computer scientist,” she said. “Many of the leading opponents of paperless voting machines were, and still are, computer scientists, because we understand the vulnerability of voting equipment in a way most election officials don’t. The problem with cybersecurity is that you have to protect against everything, but your opponent only has to find one vulnerability.”