Professional Documents
Culture Documents
Devices is
contradicted by Low usability scores
Technology that the Not accessible by broad
demonstrated facts.
Compared to hand No important new
Needless additional
expense:
Election technology
rejected by experts
marked paper ballots, functionality
to purchase
to operate
nationwide (including
SAFE’s own cyber
devices offer:
trust
the current system of DREs is insecure,
building on it does not make much sense
On April 16, 2018 Prof. Alex Halderman
demonstrated an air gapped attack
Does not require voting machines to be
directly connected to Internet or any other
network
No special physical access to DREs needed
In a real election, memory cards are
programmed by network connected
computers
Malware on computers used to program
memory cards installs malicious software on
memory cards
Election workers insert memory cards into
DREs
Malicious software on memory cards installs
Repeatedly hacked over last 20 years, vote-altering malware on DREs
Vote-altering malware erases itself after the
there has never been an unsuccessful election
April 2017
Electronic poll books stolen in
advance of GA 6 election
Tamper-evident seals that are easily
defeated with a few minutes training
Ineffective
and Error-
Prone
Human
monitoring
March 2017
KSU internal audit
uncovers operational
vulnerabilities
Here’s a new
vulnerability:
ballot marking
devices print OR
DOES THIS GET
barcode
COUNTED?
ballots
The human readable
ballot can’t vouch for the
barcode ballot: Bonnie
and Clyde are in cahoots
• GA’s DREs lack any independent way to record the voter’s intent
• Plaintiff’s have been denied forensic access to machines that might reveal changed votes
• The absence of such a security feature cannot be used as evidence that vote flipping has not
occurred
How does something like
this happen?
• Imposes no intermediate steps between record of voter intent and electronic tabulation of vote
totals