Standardizing voter registration processes, voting machines and vote tabulation is the key to eliminating most vulnerabilities plaguing U.S. elections, according to several cybersecurity experts. These standardizations would embed security, enable backups and eliminate many backdoors through which hackers and vote fraudsters currently can warp the results of an election. While voting is administered at the state and local levels, these remedies would need to be applied nationwide. The current web of diverse processes may increase the difficulty for wide-scale election tampering, but they also ensure that achieving security is too broad a challenge for any single remedy to be applied. This diversity also virtually ensures that some location will have a vulnerability that, if exploited effectively, could cast doubt on a nationwide election result. … Auditing capabilities are important, says Ron Bandes, network security analyst in the CERT division of the Software Engineering Institute of Carnegie Mellon University. He also is president of VoteAllegheny, a nonpartisan election integrity organization.
“We need to use technology that can be audited meaningfully,” he says. Even benign mistakes such as scanner errors can be checked against an audit trail such as paper ballots. More modern scanners even can overcome voter errors by using high-resolution scanning processes that do a better job of determining a voter’s original intent by taking an actual photograph of the ballot, he says.
Most localities have legislation that mandates audits, Bandes notes. However, he adds, not every locality actually follows through on this requirement.
A relatively new technology in very limited use is a risk-limiting audit, which makes intelligent use of statistics to determine the need for an audit. For example, a runaway victory for one candidate obviates the need for an audit, but a close vote count flags the need for auditing a lot of ballots, Bandes explains.