Profile picture
Eric Geller @ericgeller
, 8 tweets, 3 min read Read on Twitter
Today we published a story I've been working on for weeks. It's an examination of the most overlooked aspect of election security: the voting technology vendors.

Here it is, for @POLITICOPro subscribers: politico.pro/2EGl1Nq
Voting vendors, fiercely protective of their profits in a difficult market, have spent more than a decade shunning independent testing of their products, throwing up hurdle after hurdle for cybersecurity experts.

When tests occur, they reveal systems riddled with flaws.
The agency that works most closely with vendors, the @EACgov, has little power to rein in vendors, experts told me.

Local election officials — the vendors' customers — have the most power to require better cyber practices (through contracts) but often don't know enough to do so.
Cyber experts want vendors to learn the lessons that computer makers learned in the early 2000s: that researchers are your friends, not your enemies.

Instead, vendors work hard to avoid scrutiny. None of the major firms agreed to interviews. Only a few small ones did.
After I made separate requests to talk to them, the major firms banded together to send me a statement promising that they took security seriously. The statement addressed none of my questions and those vendors ignored follow-up requests for interviews.
Interestingly, the smaller firms who spoke to me said they expected the feds to start scrutinizing vendors more closely, like other providers of critical infrastructure.

Elections are easily the least regulated of the sectors that DHS has designated as critical infrastructure.
Some of the researchers I spoke to were pessimistic about vendors improving their practices. Others were cautiously optimistic that things would change.

But as @mattblaze put it: “How catastrophic a failure are we going to need before that happens?”
Last year, @RonWyden asked the major vendors about their cybersecurity practices. He got few answers.

As Wyden told me for this story, "This industry is basically laying out a path to trouble."

politico.pro/2EGl1Nq
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Eric Geller
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!