Opinion: ExpressVote XL “fix” doesn’t fix anything | Andrew Appel/Freedom to Tinker
Five years ago I described a serious security flaw in the design of all-in-one voting machines made by two competing manufacturers, ES&S and Dominion. These all-in-one machines work like this: the voter indicates choices on a touchscreen; then a printer prints the votes onto a paper ballot; the voter has a chance to review the ballot to make sure the right choices are printed; then the machine sends the ballot past an optical scanner to record and tabulate the votes. Then the mechanism drops the paper into a ballot box where it is saved for recounts or audits. The reason we have paper (in addition to the optical scanner’s computer-count of the votes) is for our protection, in case the software in the voting machine is hacked. The votes printed on the paper and seen by the voter, can be seen again by the humans performing the recount or audit. The fatal flaw is having the ballot printer in the same paper path that goes from the voter to the ballot box. That’s because the machinery (printer, scanner, motor-driven rollers) is controlled by the software, and if the software is hacked (replaced by fraudulent software) then the software can make the machinery do things “out of proper order”. In particular, after the voter approves the ballot and touches the “cast-vote” button on-screen, the software is supposed to convey the ballot past the scanner into the ballot box; but hacked software can direct the machinery to take a detour past the printer, where additional votes are printed on to the ballot that the voter did not approve. Read Article