Category: CT

Russians not the only threat to our elections

Many articles on the Congressional hearings on the “Russian” hacking or not hacking of our elections.  Brad Friedman and Mark Karlin come closet to my opinions:

Recent article by Mark Karlin referencing Brad Friedman:  Beyond the Russians, Electronic Voting Machines Are Vulnerable to Any Hackers  

Journalists and activists have been sounding the alarm about electronic voting machines and their proprietary software for years. The vulnerability of these machines to hacking has not been front and center for some time — primarily due to the failure of the corporate media and legislative bodies to take it seriously. That changed, to some extent, with the charges about Russian hacking from US intelligence agencies. However, the current emphasis is on the Russians allegedly attempting to influence the 2016 election, not on the flawed electronic voting machines that make hacking possible…

Meanwhile, our Secretary of the State continues to spread myths about the safety of voting systems not connected to the internet and “tamper-proof” seals that are at best “tamper-evident”. 

We add that paper ballots are insufficient.  They need protection from tampering.  We need sufficient audits and recounts.  Audits and recounts that are comprehensive and convincing.  Audits and recounts that are transparent and publicly verifiable.f

Many articles on the Congressional hearings on the “Russian” hacking or not hacking of our elections.  Brad Friedman and Mark Karlin come closet to my opinions:

Recent article by Mark Karlin referencing Brad Friedman:  Beyond the Russians, Electronic Voting Machines Are Vulnerable to Any Hackers   <read>

Journalists and activists have been sounding the alarm about electronic voting machines and their proprietary software for years. The vulnerability of these machines to hacking has not been front and center for some time — primarily due to the failure of the corporate media and legislative bodies to take it seriously. That changed, to some extent, with the charges about Russian hacking from US intelligence agencies. However, the current emphasis is on the Russians allegedly attempting to influence the 2016 election, not on the flawed electronic voting machines that make hacking possible…

Ironically enough today, in the U.S. Senate Intelligence Committee, top intelligence officials from the FBI and DHS testified in regard to concerns about alleged Russian manipulation of the 2016 election. Neither they, nor the elections officials who also testified today, seemed to know much of anything about the actual vulnerability of U.S. voting systems. Or, if they did, they certainly offered a whole lot of demonstrably inaccurate information about whether voting systems are connected to the Internet (they are), whether our decentralized voting and tabulation systems make it impossible to hack a  Presidential election (it doesn’t), and whether actual voting results were manipulated in the 2016 President race (they claimed that they weren’t, even while the DHS finally admitted they never actually checked a single machine or counted a single ballot to find out!)

On the other hand, one computer scientist and voting machine expert, Dr. Alex Halderman of the University of Michigan, also testified today and he actually knows what he’s talking about, because he’s personally hacked just about every voting system in use in the U.S. today, including 10 years ago when he first hacked the exact same 100% unverifiable touch-screen voting machines used in the state of Georgia during Tuesday’s Special Election for U.S. House, the most expensive such election in U.S. History. As he explained in his prepared remarks [PDF] today, 10 years ago, he “was part of the first academic team to conduct a comprehensive security analysis of a DRE [touch-screen] voting machine.” It was a Diebold touch-screen machine, the exact same type used in GA yesterday, as obtained from a source of mine and given to his crew at Princeton University at the time…

The Russian hacking makes for a profitable corporate media narrative — particularly with tweeter Trump tossing gas on the fire. However, if we are looking to secure our voting system from foul play, shouldn’t we also start paying major legislative attention to the electronic voting machines themselves?

I could hardly say it better.

Meanwhile, our Secretary of the State continues to spread myths about the safety of voting systems not connected to the internet and “tamper-proof” seals that are at best “tamper-evident”.

We add that paper ballots are insufficient.  They need protection from tampering.  We need sufficient audits and recounts.  Audits and recounts that are comprehensive and convincing.  Audits and recounts that are transparent and publicly verifiable.

If [Connecticut] Voting Machines Were Hacked, Would Anyone Know?

NPR story by Pam Fessler:  If Voting Machines Were Hacked, Would Anyone Know?   Fessler quotes several experts and election officials including Connecticut Assistant Secretary of the State Peggy Reeves:

Still, Connecticut Election Director Peggy Reeves told a National Academies of Sciences, Engineering, and Medicine panel on Monday that many local election officials are ill-equipped to handle cybersecurity threats.

“Many of our towns actually have no local IT support,” she said. “Seriously, they don’t have an IT director in their town. They might have a consultant that they call on if they have an issue. So they look to us, but we’re a pretty small division.”

Reeves said the best protection against hackers is probably the fact that the nation’s voting system isso decentralized, with different processes and equipment used in thousands of different locations.

We certainly agree with that and the cybersecurity experts quoted.

NPR story by Pam Fessler:  If Voting Machines Were Hacked, Would Anyone Know? <read>  Fessler quotes several experts and election officials including Connecticut Assistant Secretary of the State Peggy Reeves:

Still, Connecticut Election Director Peggy Reeves told a National Academies of Sciences, Engineering, and Medicine panel on Monday that many local election officials are ill-equipped to handle cybersecurity threats.

“Many of our towns actually have no local IT support,” she said. “Seriously, they don’t have an IT director in their town. They might have a consultant that they call on if they have an issue. So they look to us, but we’re a pretty small division.”

Reeves said the best protection against hackers is probably the fact that the nation’s voting system isso decentralized, with different processes and equipment used in thousands of different locations.

We certainly agree with that and the cybersecurity experts quoted.

 

A cut below the rest: National beacon or bad example?

Every year Connecticut’s Citizen Election Program is under assault.  This year is no different.

Here is the bottom line:  The Citizen’s Election Program is a drop in the bucket.  A small percentage of what we pay for the General Assembly and its staff;  A smaller percentage of the state budget; $10 million a year compared to billions in the budget.  Just one bad decision against the people can cost us several times that $10 million.

Read more from the In These Times article: Ten Years Ago, Connecticut Got Big Money Out of Its Elections. Now Democrats Are Gutting the Program

Every year Connecticut’s Citizen Election Program is under assault.  This year is no different.

Here is the bottom line:  The Citizen’s Election Program is a drop in the bucket.  A small percentage of what we pay for the General Assembly and its staff;  A smaller percentage of the state budget; $10 million a year compared to billions in the budget.  Just one bad decision against the people can cost us several times that $10 million.

Read more from the In These Times article: Ten Years Ago, Connecticut Got Big Money Out of Its Elections. Now Democrats Are Gutting the Program  <read>

Connecticut’s introduction of the Citizens’ Election Program (CEP) in 2005, seriously curbed the influence of corporations and the rich on state elections. Yet, this beacon of democracy could soon dim, as the state legislature is on the verge of gutting the law that gave the state its democratic promise.

May Post-Municipal Election Audit Drawing

A few municipalities conduct elections in May rather than November. We joined Deputy Secretary of the State Scott Bates, Assistant Secretary Peggy Reeves, and SOTS Office Interns for the drawing. Sadly, due to last year’s reduction in the audit, only one district will be audited.

We strongly object to the official press release’s characterization of Connecticut’s Post-Election Audit as “Comprehensive”. A comprehensive audit would not exempt ballots from selection for audit, it would audit the totaling of votes, and include compliance audits of all aspects of the election such as checkin lists, voter roles, and ballot security.

A few municipalities conduct elections in May rather than November. We joined Deputy Secretary of the State Scott Bates, Assistant Secretary Peggy Reeves, and SOTS Office Interns for the drawing. Sadly, due to last year’s reduction in the audit, only one district will be audited.

Here is the official Press Release<read>. We strongly object to the official press release’s characterization of Connecticut’s Post-Election Audit as “Comprehensive”. A comprehensive audit would not exempt ballots from selection for audit, it would audit the totaling of votes, and include compliance audits of all aspects of the election such as checkin lists, voter roles, and ballot security.

National Popular Vote Compact fails 90 minute debate, sanity prevails for unknown reasons

It is rare that a bill is debated that has insufficient majority caucus support to pass.

 [Speaker] Aresimowicz said he’s heard from his constituents that they want the issue debated.“I’m saying let’s at least hear it out and have the discussion,” Aresimowicz said Thursday morning during a press conference in his office before the House debated the bill.

House Majority Leader Matt Ritter, D-Hartford, said he expects the vote to be close and it’s unclear what will happen.

Here, we disagree with both sides.  We do not buy the Republican arguments against nor the Democratic arguments for the bill.  We would support a sufficient Constitutional Amendment.  The Compact approach is dangerous making, a flawed system worse. It will lead to increased voter suppression and skulduggery.v

CTNewsJunkie: House Tables Debate On National Popular Vote <read>
It is rare that a bill is debated that has insufficient majority caucus support to pass.  Yet we cannot fault the Speaker’s logic:

House Speaker Joe Aresimowicz, D-Berlin, said at the beginning of the session that he wouldn’t allow for a debate to move forward on the National Popular Vote out of respect for the results of the November 2016 election. Trump won the election with 304 Electoral College votes.

What changed?

“My view of the president,” Aresimowicz said. “As far as credibility goes he’s damaging his own credibility, it’s not like we have to pile on here in the state of Connecticut.”

All joking aside, Aresimowicz said he’s heard from his constituents that they want the issue debated.

“I’m saying let’s at least hear it out and have the discussion,” Aresimowicz said Thursday morning during a press conference in his office before the House debated the bill.

House Majority Leader Matt Ritter, D-Hartford, said he expects the vote to be close and it’s unclear what will happen.

“We’ve asked members to think on their own about what they want to do,” Ritter said. “We think there’s a lot of merit sometimes in having things debated even if you don’t know what the outcome is going to be.”

Aresimowicz said there are members who have told them they won’t commit to vote one way or another before hearing the debate.

It’s rare that a bill would be raised for what’s likely to be hours of debate if there’s no guarantee it will be able to pass. The bill was tabled and could be raised in the future for a vote.

The Connecticut House approved legislation to join the National Popular Vote compact in 2009, but that year the Senate failed to take up the bill.

You can read the article for some of the arguments for and against.  Here, we disagree with both sides.  We do not buy the Republican arguments against nor the Democratic arguments for the bill.  We would support a sufficient Constitutional Amendment.  The Compact approach is dangerous, making a flawed system worse. It will lead to increased voter suppression and skulduggery.  See our recent Op-Ed and Full Testimony.

As for 2009, that was a also rare case where the NPV Compact went down by one vote and several Democrats then changed their votes so that it would pass <read>

 

Denise Merrill mostly right on Trump voting witch hunt commission

 

Connecticut Secretary of the State Denise Merrill , said,“The rationale for this commission was articulated in a baseless tweet from the president that claimed millions of illegal votes were cast. The facts don’t lie. Voter fraud is extremely rare. Yet time and again, the specter of voter fraud has served as an excuse to disenfranchise tens of thousands of eligible voters. I hope that this investigation is not a fig leaf for voter suppression and intimidation. In Connecticut, we will protect every eligible person’s right to vote. I stand by our process and our elections officials.”

This reminds us of the Bush era witch hunt in the Justice Department for voter fraud.  Several attorneys were let go because they could not find or refused to continue hunting for all but non-existent fraud.

We do question Secretary Merrill’s statement that “In Connecticut, we will protect every eligible person’s right to vote. I stand by our process and our elections officials.”

Secretary Merrill’s Press Release <read>

Connecticut Secretary of the State Denise Merrill
, said,“The rationale for this commission was articulated in a baseless tweet from the president that claimed millions of illegal votes were cast. The facts don’t lie. Voter fraud is extremely rare. Yet time and again, the specter of voter fraud has served as an excuse to disenfranchise tens of thousands of eligible voters. I hope that this investigation is not a fig leaf for voter suppression and intimidation. In Connecticut, we will protect every eligible person’s right to vote. I stand by our process and our elections officials.”

This reminds us of the Bush era witch hunt in the Justice Department for voter fraud.  Several attorneys were let go because they could not find or refused to continue hunting for all but non-existent fraud.

This is clearly such a witch hunt because the commission is stacked, with mostly Republicans and mostly those with dubious records.  Not only the Secretary from Kansas but also the notorious Ken Blackwell.  The only person on the Commission so far that we would trust is William Gardner from New Hampshire.

We do question Secretary Merrill’s statement that “In Connecticut, we will protect every eligible person’s right to vote. I stand by our process and our elections officials.”  Perhaps we will protect such rights in the future.  But unless the General Assembly acts or the Secretary has a sudden conversion, we will continue to leave “eligible persons” in line at EDR. See <Our testimony earlier this year>

 

 

Random drawing issues in the Nutmeg State

Connecticut is known as the “Nutmeg State” based on the legend of Yankee Peddlers selling wooden nutmegs to unsuspecting New Yorkers and Pennsylvanians.  True or not, there is little reason to trust anyone here when it comes to random drawings.  Recent history leaves us with little trust in officials and random drawings.

The Secretary of the State’s Office has improved the integrity of the post-election audit drawing, yet two problems remain.

As CTVotersCount readers know, Connecticut is known as the “Nutmeg State” based on the legend of Yankee Peddlers selling wooden nutmegs to unsuspecting New Yorkers and Pennsylvanians.  True or not, there is little reason to trust anyone here when it comes to random drawings.

Lets start with the Lottery and the Lotto game.  You could say it is a glitch in the system that allowed vendors to cheat. You would be correct, yet that is not the whole story.  Lotto officials knew about the glitch for some time without disclosing or addressing it.  But don’t feel bad for officials who are likely “draw” a healthy pension. <read>

Then there are the publicly funded charter schools led by the miraculous Capitol Prep, led at the time by the self-proclaimed “America’s most TRUSTED Educator”, Steve Perry.  It seems the miracle may well be due more to lottery prep than trust in the drawing itself (although we have no reason to trust the drawing itself)  <read>   Then again you don’t need a phony lottery  and any preparation to get ahead in Connecticut education – you can wait and cheat on the tests. To avoid proclaiming yourself, let NPR do it: <read>

Which brings us to elections and the Connecticut random audit drawing.  What could possibly go wrong?

Up until this point the Connecticut post-election audit drawing has essentially used a barrel with slips of paper to draw districts for the audit. Unfortunately, it could be that officials use an inaccurate list of districts to make the slips.  It has happened Post-Election Audit Flawed from the Start by Inaccurate List of Election Districts <read> Fortunately that problem has been addressed <read>  Perhaps they can be eliminated completely if the new Election Night Reporting System is used as a basis for the district list in the future.

Yet two problems remain.  First, the drawing list is not publicly verifiable.  In the Bysiewicz Administration, advocates were solicited to arrive before the drawing and check that every district listed was actually placed in the barrel. Somehow that was dropped by the Merrill Administration.  Second, drawing from a barrel is not all that random – observed by the public it may be completely above board, and yet not be random.  It is difficult to shuffle/mix slips of paper such that they are actually random – slips printed together tend to stay together and thus there is a correlation where some, say from the same municipality, tend to be selected or not selected.

There are better ways of selecting districts in a more transparent way. Last year the Citizen Audit suggested solutions to the Secretary of the State’s Office based on a request by former Deputy Secretary, James Spallone:

Post-Election Audit Drawing Transparency and Randomness

We have concerns with the transparency and the randomness of the random drawing.  There is a single effective solution that would improve the credibility of the drawing, the audit, and our elections.

Concerns – Transparency:  We don’t mean to suggest a lack of integrity in the drawing or of any person, yet there is now a hole in the transparency of the drawing which precludes public verification.  When the drawing was initiated in 2007 and for several years thereafter, observers were invited to come early and check each and every ticket placed in the raffle barrel to make sure the tickets in the barrel matched those on a list of districts provided.  Once the drawing changed from business cards to strips of paper, that part of the process was also dropped.

Concerns – Randomness:   Statisticians have concerns with the actual randomness of drawings from a raffle barrel.  Strips of paper representing districts for the same town tend to stay together, thus increasing or decreasing their odds of being selected.  From past drawings that the variation in the number of districts in towns selected in each drawing it seems from experience may have been way out of proportion (high or low) than would have been likely the case with a truly random selection.

A Single Solution:  Change to a random selection, by numbering districts sequentially on a list from 0 to the number of districts (about 730).  Then select the districts for audit by throwing three 10-sided dice, or a system similar to the CT Lottery drawing.   A 5% audit would entail about 50 casts of the three dice, given that there is about a 70% probability that each cast would provide a useable unique selection. An example of doing this method is from the San Francisco Department of Elections, in the following videos:
Side view video: https://www.youtube.com/watch?v=sdWL8Unz5kM
Overhead view video: https://www.youtube.com/watch?v=Sufb7ykByWA

How easy would it be to rig the next election? Very Easy

Article at Think Progress: How easy would it be to rig the next election? 

In the popular imagination, this is what election hacking looks like?—?dramatic, national-scale interference that manually rewrites tallies and hands the victory to the outlier. Certainly these attacks may occur. However, they’re only one of a variety of electoral hacks possible against the United States, at a time when hacking attacks are becoming more accessible to threat-actors and nation-state-sponsored attackers are growing more brazen. Yes, hackers may attempt to change the vote totals for American elections?—?but they can also de-register voters, delete critical data, trip up voting systems to cause long lines at polling stations, and otherwise cultivate deep distrust in the legitimacy of election results. If hackers wish to rig a national election, they can do it by changing only small numbers on a state level.

Article at Think Progress: How easy would it be to rig the next election?  <read>

In the popular imagination, this is what election hacking looks like?—?dramatic, national-scale interference that manually rewrites tallies and hands the victory to the outlier. Certainly these attacks may occur. However, they’re only one of a variety of electoral hacks possible against the United States, at a time when hacking attacks are becoming more accessible to threat-actors and nation-state-sponsored attackers are growing more brazen. Yes, hackers may attempt to change the vote totals for American elections?—?but they can also de-register voters, delete critical data, trip up voting systems to cause long lines at polling stations, and otherwise cultivate deep distrust in the legitimacy of election results. If hackers wish to rig a national election, they can do it by changing only small numbers on a state level.

Not just hackers!  Insiders.  Not just election officials.  Contractors, ISPs, voting system vendors, municipal staffers…

One thing all voting machines seem to have in common is that whenever they have been subjected to aggressive testing by hackers, they have fallen apart.

Insecure voting systems are the norm, not the exception
“These machines are just so poorly engineered, the only real way to secure them is to destroy them and start over,” said the University of Michigan’s Matt Bernhard…

Voting technology provides a false sense of security?—?and opens up new vulnerabilities
As a result of the work of investigators affiliated with the TTBR and EVEREST, as well as more recent investigations by researchers like Haldeman at the University of Michigan (who installed Pac-Man on a Sequoia DRE in 2010) or Edward Felton and Andrew Appel at Princeton, paperless DRE machines have become less popular. In 2016, their use had declined more than 15 percent since the last presidential election.

But in many ways, the remaining uneasily patched DREs have been cast as the bogeyman of voting machines?—?while the other systems’ remarkable vulnerabilities have been ignored.

Meanwhile officials remain complacent <read>

What can we learn from a jurisdiction in NY that hand-counts every vote?

I recently attended a presentation by Columbia County, NY, Election Commissioner Vivian Martin on the post-election audit/recount performed after every election.  It should be of interest to every citizen concerned with trust in elections and every election official: “You Can’t Count Paper Ballots”  Want to bet?  

After every election (using optical scanners) they count every ballot a second time by hand.  What can we learn in Connecticut, “The Land of Steady Habits?

We are not necessarily convinced that we need to go as far as Columbia County.  Yet, Connecticut needs a much stronger, more comprehensive, transparent audit; we need a stronger more transparent chain-of-custody; a more uniform, higher quality recanvass.  There is no reason, other than “we have always done it this way”, for our current post-election schedule.  We could perform rigorous automatic recounts rather than recanvasses; we need more to declare and perform recounts/recanvasses. We could emulate other states and perform audits shortly after the election, delaying rigorous/adversarial recounts to later and providing weeks for their completion.

I recently attended a presentation by Columbia County, NY, Election Commissioner Vivian Martin on the post-election audit/recount performed after every election.  It should be of interest to every citizen concerned with trust in elections and every election official: “You Can’t Count Paper Ballots”  Want to bet? <presentation>

After every election (using optical scanners) they count every ballot a second time by hand.  Here are some of the high points:

  • They do more than just count the ballots and votes.  They day after the election they review the paperwork and checkin lists.
  • In the next week or so they count every vote and adjudicate voters’ intent.  They do this before certification, so that they can certify the actual results with voters’ intent.
  • They have a simple, yet strong chain-of-custody.  Two people transport the ballots.  There are two locks with opposing officials holding the keys.  Every step is well documented.
  • They recruit citizens to participate in the process, who learn about elections and enjoy the process and pay.
  • It costs a “whooping” 1% of their budget. In our opinion, a small price to pay for insuring democracy.
  • They demonstrate that they can count accurately with the rigorous 4-person hashmark methods they use. (Very similar to the methods used in Connecticut for the Bridgeport Citizen Recount)
  • They are careful that any questions posed by counters are heard by leaders of both parties simultaneously and answers are determined jointly.
  • They do not count uncontested races.  Other races where they see lopsided, expected results, the losing party official gets consent from their party or candidate not to count a race.

What can we learn in Connecticut, “The Land of Steady Habits?”.

  • Most of all we can learn that what we do and think in Connecticut is not the only way possible.  (It is human nature to assume that the way we have always done it is the only way;  human nature to point to other state practices to justify what we want to change, yet ignore them when we don’t.)
  • No municipality could do this counting, exactly the same way legally in Connecticut.  It is questionable that it would be legal to open and count ballots by the choice of election officials at any time.  Right after the election we have the potential for a recanvass.  It would likely be questioned if  similar methods were used for recanvasses, rather than the Secretary of the State procedures for rescanning.
  • We could use these methods for performing manual audits.  Where they have been used, the Citizen Audit has shown that accuracy has been much better than when the more common, in Connecticut, ad-hoc and two-person teams have been used..
  • Perhaps, if Connecticut officials used better methods and learned from Columbia County, they would stop believing and arguing that “People cannot count votes accurately”.
  • For a low cost, Connecticut could have a credible and trustworthy chain-of-custody.
  • We could actually verifiably check our checkins and ballot counts.

We are not necessarily convinced that we need to go as far as Columbia County.  Yet, Connecticut needs a much stronger, more comprehensive, transparent audit; we need a stronger more transparent chain-of-custody; a more uniform, higher quality recanvass.  There is no reason, other than “we have always done it this way”, for our current post-election schedule.  We could perform rigorous automatic recounts rather than recanvasses; we need more to declare and perform recounts/recanvasses. We could emulate other states and perform audits shortly after the election, delaying rigorous/adversarial recounts to later and providing weeks for their completion.

 

Surprising statements by Denise Merrill and Neil Jenkins

Denise Merrill, Secretary of the State and President of the National Association of Secretaries of State and Neil Jenkins from Homeland Security spoke on NPR on election integrity.  <listen>

We disagree with both their similar statements:

.”Because our system is highly decentralized there’s no way to disrupt the voting process in any large-scale meaningful way through cyber attacks because there’s no national system to attack,” [Merrill] said Tuesday at a hearing before the U.S. Election Assistance Commission on the impact of the critical infrastructure designation.

Jenkins was quoted as saying “having thousands of elections offices each with their own systems making hacking elections nearly impossible”

Denise Merrill, Secretary of the State and President of the National Association of Secretaries of State and Neil Jenkins from Homeland Security spoke on NPR on election integrity.  <listen>

We disagree with both their similar statements:

.”Because our system is highly decentralized there’s no way to disrupt the voting process in any large-scale meaningful way through cyber attacks because there’s no national system to attack,” [Merrill] said Tuesday at a hearing before the U.S. Election Assistance Commission on the impact of the critical infrastructure designation.

Jenkins was quoted as saying “having thousands of elections offices each with their own systems making hacking elections nearly impossible”

Others may wish to believe differently, but based on science, recent history, and common sense, we point out:

  •  Secretary/President Merrill is almost correct when she says “Because our system is highly decentralized there’s no way to disrupt the voting process in any large-scale meaningful way through cyber attacks because there’s no national system to attack,”  However, it is possible to attack Federal elections in a “meaningful’ way, especially a non-cyber way, in that a few thousand votes could sway a state’s electoral votes, senator, or representatives.  That may or not be large-scale, but it is meaningful. Put a few of states together and it could change the apparent President and the balance in the Senate and House.  In 2016 attacks in three states, PA, MI, and WI, could have done the job. In 2000, FL,  and 2004, OH, just one state could have changed the result.
  • Elections are not as decentralized as the Secretary and Jenkins imply. It is inaccurate to say that thousands of jurisdictions have their own systems:  I.e. all of Connecticut’s scanners are programmed and maintained by a single out-of-state vendor.  That same vendor does the same for most of New England.  Nationwide some jurisdictions are very large in many states such as LA County in CA, Cuyahoga County OH, or several FL counties.  Some cities are rather large.  In this past election there were major errors in Detroit.  Philadelphia all votes are “counted” on unauditable touch screen machines.
  • A single entity is now responsible for the non-random auditing of all of Connecticut’s memory cards, reporting on our post-election election audits, and programming and supervising the software dependent machines now doing our electronic post-election “audit”.
  • Connecticut’s new voting machines for those with disabilities are programmed by another single entity, not tested in a meaningful end-to-end way, and are now used in most municipalities to test the optical scanners in a way that reduces the value of the pre-election tests.  (Rather than an actual test of the interface, a canned set of ballots is printed by the machine.  Those ballots produce huge black squares rather than  filled in bubbles.  When they are used to test the scanners it does not test that the scanners actually detect bubbles at the correct coordinates.)

These do not meet my definition of decentralized (or independent).  I am not necessarily arguing for more centralization.  I am arguing for more skepticism, more vigilance, more awareness, more transparency, and less obfuscation.

We and officials cannot prove negatives, that there were no cyber-attacks; that there were no conventional attacks; that  there were no significant errors in the results reported.

Officials have not proven that the election results were accurate enough to support the .  With paper ballots uniformly required, with effective post-election audits, and process audits they would be able to prove it.

*****Update 4/15/2017

Alex Halderman agrees <read>

Halderman said that most people think that the United States’ voting machines are secure because they are different in each county and they aren’t connected to the Internet. “In fact, many of these things break down,” said Halderman.

Halderman said an attacker can select the machines that are the most vulnerable or attack the third-party vendors that provide the memory cards for each machine. By using this method, an attacker could have altered the votes in 75 percent of Michigan counties, according to Halderman. He said that although he thinks that no states carried out sufficient forensics to determine whether their voting machines were hacked, he does not believe that those votes were manipulated.