Skip to content

Instantly share code, notes, and snippets.

What would you like to do?

Officer Church, Supervisors, other county officials, I'm a Belmont resident and a software engineer with a focus on security. Companies pay me to find and fix software vulnerabilities in their products, and I have reported and fixed vulnerabilities in several well-known products.

I'm concerned about the continued use of electronic voting software in the form of eSlate and Hart InterCivic Electronic Voting System devices in San Mateo County elections. These systems have the potential to be compromised and have their vote totals altered or worse.

At DefCon 2017, a conference for security engineers in Las Vegas, over 25 different voting machines were present and all of them were compromised by hackers in some form. Many of the machines contained critical components manufactured in other countries. The odds are good that an attacker would be able to compromise San Mateo County's voting machines in a similar fashion. Please read the following PDF summary of the results of that exercise.

An paper ballot system that is scanned by an optical scan machine is much less susceptible to mass compromise. Furthermore, it is the simplest to recount, as you have paper ballots that can be counted by humans.

I would also encourage you to consider audits after every election, where a subset of the paper ballots are counted and compared against the electronic tally. The closer the election, the more votes that should be audited. This matches the recommendation of Professor Matt Blaze to the United States House of Representatives last November.

I would be happy to provide further technical and professional advice free of charge, and/or sit on any advisory boards or committees you may propose.

Thank you, Kevin

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment