Unresolved Security Threats for Ballot Marking Devices

A general guide to Ballot Marking Devices verifiability, auditability, privacy and preparation security threats by Garland Favorito

Abstract
Some jurisdictions in different states have begun transitioning their voting equipment to electronic ballot marking devices (BMD). While these devices are necessary for disabled voter accessibility and Americans with Disability Act (ADA) compliance, some jurisdictions are requiring these touchscreen ballot printers to be used for all voters. Since most margins of victory exceed the number of disabled voters it is improbable that disabled voter BMDs can be hacked to rig an election. However, the attempt to use BMDs for additional voters creates a severe threat of election rigging that must be properly mitigated.

The move toward BMDs has generated a series of discussions, papers and articles among computer scientists and election integrity advocates that define BMD security vulnerabilities and debate whether or not they can be adequately alleviated. This paper adds new information to the discussion in several ways:

• It outlines key attributes of BMDs that determine BMD ballot quality and maps currently available vendor products to those attributes.
• It discusses the different security threats that are unique to those attributes, including threats to privacy, verifiability, auditability and overall security.
• It includes real-life, unmitigated examples of security threats identified in Georgia’s voting systems.
• It details a new threat model that has not previously been analyzed.
• It provides evidence the new “Dropped Race Threat Model” may have already been implemented in a statewide 2018 Georgia race.

Jurisdictions must make genuine efforts to analyze BMD purchases more thoroughly and protect the constitutional rights of their voters against these various security threats. Those rights are implicit in Art. I Sec. IV and confirmed by U.S. Supreme Court decisions such as Reynolds v. Sims (1964) in which the court declared: “the right to have a vote counted is as open to protection as the right to put a ballot in a ballot box”.

Likewise, voters who have no mechanism to ensure their votes were counted as cast are equally as disenfranchised as voters who have no mechanism to determine if their ballots were placed in a ballot box.

About Garland Favorito

Garland Favorito was the first technology professional in America to advocate against a statewide implementation of paperless electronic voting on the grounds that it poses a threat to the Constitutional right to vote. In February of 2002, he sent written warnings to election officials explaining how paperless voting produces results that cannot be verified by the voter or audited by elections officials. February 2002 emails to Professor. Britain Williams, who headed the Georgia voting system implementation and Assistant Secretary of State Michael Barnes, were authenticated by both parties under oath in depositions. Those depositions were part of the Favorito v. Handel court case that was decided by the Georgia Supreme Court. In 2017, two dozen computer scientists wrote to the Georgia secretary of state urging him to abandon electronic voting for essentially the same reasons Garland had provided 15 years earlier.

After his advice was ignored, Garland founded Voters Organized for Trusted Election Results in Georgia (VoterGA). He also serves as a volunteer Elections Director for the Constitution Party of Georgia. VoterGA is a nonpartisan, non-profit, all-volunteer organization dedicated to restoring the integrity of Georgia elections. Its primary objective is to advocate for verifiable, auditable and recount-capable voting in Georgia. It also advocates for fair and equal ballot access for all Georgia candidates. Garland makes presentations for VoterGA to a wide range of groups throughout the state and is recognized as a leading expert on the usage of, and risks involved with, Georgia’s voting machines. He has testified in numerous committee hearings, produced a variety of reports, and was deposed for over six hours in the Favorito v. Handel lawsuit.

Garland is a career Information Technology (IT) professional with over 40 years of in-depth experience in internet systems design, business systems analysis, database administration, application development, systems architecture, life cycle methodologies, computer programming, project management, and multi-factor security. His experience centers on medium and large-scale mission-critical applications in nearly all facets of American business. His industry experience includes banking, financial systems, health care, accounting, manufacturing, inventory, purchasing, retailing, utilities, telecommunications, insurance, software development and the service industry.

Unresolved Security Threats for Ballot Marking Devices PDF