Studies of Voting Technology
Recent articles on voting:
Are voting-machine modems truly divorced from the Internet?
Securing the Vote — National Academies report
Serious design flaw in ESS ExpressVote touchscreen: “permission to cheat”
Design flaw in Dominion ImageCast Evolution voting machine
Continuous-roll VVPAT under glass: an idea whose time has passed
An unverifiability principle for voting machines
Ten ways to make voting machines cheat with plausible deniability
Cheating with paper ballots
End-to-End Verifiable Elections
When the optical scanners jam up, what then?
Two cheers for limited democracy in New Jersey
Florida is the Florida of ballot-design mistakes
Expert opinions on in-person voting machines and vote-by-mail
Why voters should mark ballots by hand
Pilots of risk-limiting election audits in California and Virginia
Reexamination of an all-in-one voting machine
Voting machines I recommend
BMDs are not meaningfully auditable
ImageCast Evolution voting machine: Mitigations, misleadings, and misunderstandings
How to do a Risk-Limiting Audit
Five-part series on ballot-level comparison audits:
TEDx talk, March 2016
Video demonstration of how to hack a voting machine|
The New Jersey Voting-machine Lawsuit
and the AVC Advantage DRE Voting Machine
New Jersey Election Cover-up: During the June 2011 New Jersey primary election, something went wrong in Cumberland County, which uses Sequoia AVC Advantage direct-recording electronic voting computers. I served as an expert witness in the resulting lawsuit. From this I learned several things; see the attached report.
Security Seals On Voting Machines: A Case Study, by Andrew W. Appel. Accepted for publication, ACM Transactions on Information and System Security (TISSEC), 2011.
Abstract: Tamper-evident seals are used by many states' election officials on voting machines and ballot boxes, either to protect the computer and software from fraudulent modification or to protect paper ballots from fraudulent substitution or stuffing. Physical tamper-indicating seals can usually be easily defeated, given they way they are typically made and used; and the effectiveness of seals depends on the protocol for their application and inspection. The legitimacy of our elections may therefore depend on whether a particular state's use of seals is effective to prevent, deter, or detect election fraud. This paper is a case study of the use of seals on voting machines by the State of New Jersey. I conclude that New Jersey's protocols for the use of tamper-evident seals have been not at all effective. I conclude with a discussion of the more general problem of seals in democratic elections.
Analysis of the AVC Advantage DRE voting machine: In July 2008 I led a team of computer scientists in a study of the software and hardware of the Sequoia AVC Advantage. This is in connection with the NJ voting-machines lawsuit.
The New Jersey Voting-machine Lawsuit and the AVC Advantage DRE Voting Machine, by Andrew W. Appel, Maia Ginsburg, Harri Hursti, Brian W. Kernighan, Christopher D. Richards, Gang Tan, and Penny Venetis.
Published in EVT/WOTE'09, Electronic Voting Technology Workshop / Workshop on Trustworthy Elections, August 2009.
|6300 beads representing the precincts in a New Jersey Governor election; 10% of the beads are blue, representing fraudulent voting machines. A 1% sample (63 beads) is shown; it is extremely likely to include at least one blue bead (in this case the sample has 7 blue beads), and thus the audit will catch some of the fraudulent machines (triggering, in principle, a wider recount and a forensic investigation).||100 marbles representing the precincts of a city mayoral election; 10% of the marbles are blue representing fraudulent voting machines. A 1% sample is shown (one marble); it's unlikely that a 1% sample will include any blue marbles. While a 1% audit works well for statewide races, it does not suffice for local or legislative-district elections. (Photos: Alex Halderman)|
The Trouble With Triples: A Critical Review of the Triple Ballot (3ballot) scheme, Part 1 by Charlie Strauss, October 5, 2006.
A Critical Review of the Triple Ballot Voting System. Part 2: Cracking the Triple Ballot Encryption by Charlie Strauss, October 8, 2006.