I agree that is a serious concern, then. I thought it sounded like voting machine hacking where the dramatic headlines are hiding the fact that the hackers had physical access to the machine.
That depends on the jurisdiction. When I voted in Maryland, there was a machine that I directly cast my vote into.
When I vote where I live now in Massachusetts, I fill out a paper form in private and then I manually feed the forms into a voting machine where I have only supervised physical access.
I think it's entirely possible to have machine-counted ballots without giving unfettered and unsupervised access to the counting machines and I prefer the MA system (for the reasons you describe), but I also recognize the Constitution is clear in its reserving the power to each state for how to conduct the election (at least for President) in Article 2, Section 1, Clause 2.
Counting machines are different than voting machines.
Here in Washington we vote on paper but the results are counted by machine. The counting process is overseen by representatives of both parties. In a recount the paper votes could be manually counted to reconcile with the machine. I’m not worried about any of that.
What is scary about voting machines is that the output isn’t guaranteed to match the input. This is for any number of reasons. The best defense against this is to print the choices in a human-readable format… on a piece of paper. Which means you don’t really need the machine at all. If it’s on the network you can’t trust anything.