A bipartisan, GOP-led voting machine security bill that would actually fix vulnerabilities in US elections

The Secure Elections Act is a bipartisan Senate bill with six co-sponsors that reads like a security researcher's wish-list for voting machine reforms. Specifically, it reads like Matt Blaze's wishlist, hewing closely to the excellent recommendations laid out in his testimony to the House of Representatives' Committee on Oversight and Government Reform Subcommittee on Information Technology and Subcommittee on Intergovernmental Affairs Hearing on Cybersecurity, recounting his experiences as a security researcher and as the founder of Defcon's Vote Hacking Village.

The bill creates earmarks to help states get rid of their paperless electronic voting machine in favor of voter-verified, machine-readable paper ballots, and institutes a system of randomized post-election audits that use good statistical techniques to spot systemic anomalies.

The current system of paperless voting machines is the result of a failed effort to improve America's voting machines after the debacle of the 2000 election count.

The bill has three Republican co-sponsors, and its sponsors include the only senators who serve on both the Homeland Security Committee and the Intelligence Committee, which bodes well for it, but given the dismal history of improving voting technology in America, our optimism should be tempered with caution. The bill has to be passed almost immediately if its measures are to have an effect in next November's midterm elections.

"Computer scientists were worried about them from the start," according to Alex Halderman, a computer scientist at the University of Michigan. They worried "that they were being rolled out too fast and without effective security standards."

"In every single case, when a machine was brought into the lab and studied by qualified researchers, the result was the discovery of significant vulnerabilities that could allow the machines to be compromised with malicious software that could potentially steal votes," Halderman told Ars.

So Halderman says that, over the last decade, "the thinking has shifted to looking at more practical solutions." In particular, election security experts have come to regard optical-scanned paper ballots as the gold standard for computer security.

Optical-scan ballots can be counted by machine to provide prompt and accurate vote totals. But if there's any doubt about the integrity of the results, there's always an option to do a hand recount of the paper ballots.

Secure Elections Act [US Senate]

New bill could finally get rid of paperless voting machines [Timothy B Lee/Ars Technica]


Seattle Municipal Archives, CC-BY)