1/ It only took $100M and a national trauma for GA to come around: Georgia Republicans want to get rid of new voting machines (read entire thread) | 11alive.com twitter.com/intent/user?sc… 2/ Like we’ve been saying for years. Move to #HandMarkedPaperBallots now...

ajc.com/news/opinion/o…

1/Dear legislators debating new ways to enhance confidence in elections: get rid of #BallotMarkingDevices and other expensive vulnerable voting tech. Voters don’t understand it. Losing side will always cry foul. Use more #HandMarkedPaperBallots and mandatory audits. Invest in 2/Better more accurate scanning technology and error tolerant manual counting methods (and training/assessment methods so they can be uniformly applied)

1/ Apropos of nothing except the randomness of scientific attribution. Ironic when applied to randomness itself. Amusing that in their book "Algorithms to Live By: The Computer Science of Human Decisions," (academia.edu/42264255/Brian…) the following passages appears: 2/"One of the key results on the role of randomness in polynomial identity testing is what’s called the Schwartz–Zippel lemma."

1/Fulton County (GA) will put multiple BMDs in cabinets like this one. Voters will use simultaneously. Unclear how many BMDs per cabinet but this pic shows at least 2. Perpendicular orientation means there is no configuration where all machines are visible to election officials. 2/Nothing prevents one voter from grabbing printout from another BMD undetected. A lo tech vulnerability for creating chaos & denial of function.

1/Like this: Ballot marking devices have essential security flaws. Like all computers they can be hacked, misprogrammed, misconfigured & misused. Because printed ballots from a compromised machine cannot be trusted as an expression of voter intent, audits cannot detect cheating.

https://twitter.com/Kasparov63/status/1210284054458912774

2/Why can't BMD printed ballots be trusted as an expression of voter intent? Because voters won't notice fraudulent outputs of compromised BMDs. It's the most widely replicated experiment in election security dating back a decade or more.

1/Why can't BMD printed ballots be trusted as an expression of voter intent? Because voters won't notice fraudulent outputs of compromised BMDs. It's the most widely replicated experiment in election security dating back a decade or more when ppl were concerned about VVPAT... 2/...as summarized in the NAS "Securing the Vote" report (nap.edu/25120): without complete record of votes expressed, voters would be unable to recall all of their prior choices.

1/While I appreciate @benadida constant references to the shortcomings of hand marked ballot, it’s blindingly obvious that there’s no equivalence to machine marked ballots. 2/By whatever mechanism mistabulation occurs, RLAs are designed to confirm correctly reported outcomes.

1/ For those watching from the stands, let me correct this. Publication in open access journals is meant for rapid dissemination of preprints; it’s not a substitute for publication in peer reviewed archival journals. Neither guarantees validity, but readership numbers do matter.

https://twitter.com/umbernhard/status/1178297810216800256

2/As of this writing ssrn.com/abstract=33757… has been viewed nearly 12,000 times and downloaded over 700 times. As Arthur Jago points out in his CHE essay (chronicle.com/article/Can-It…) it’s impossible to know how that compares to archival journal articles, but in this era of

1/Building on my thread threadreaderapp.com/thread/1167416… this week as a warm up to a paper that shows voter verification of BMD output is a fantasy that has no basis in theory or practice. Voter verification depends on assumptions that are not true. But here's one that I had overlooked: 2/In addition to cognitive limitations of memory, the very idea of voter verification takes into account neither "change blindness" nor "choice blindness." As Petter Johansson and Lars Hall explain in their paper pdfs.semanticscholar.org/559c/ea673416a…

1/ More on the science of voter verification of ballots: Those who think voters can improve their error detection effectiveness are flying in the face of established science and the consolidation of error studies across many disciplines that took place in the 1970s-80s. 2/A major reference is James Reason's 1991 "Human Error"
cambridge.org/core/books/hum…

1/ The argument seems to be that untrained, unmotivated, possibly stressed-out, tired, mildly cognitively impaired (if over 50) voters can be encouraged to verify machine-marked paper ballots effectively enough to make them useful and trusted paper trails for Risk-Limiting Audits 2/If a fraction of machine-cast votes are unverified, then RLAs become a meaningless exercise bc an attacker of a close election can always arrange for a complete hand-recount which necessarily sweeps these poisoned ballots into the final audited tally.

1/ Just finished reading the entirety of the judge’s ruling GA’s vulnerable election system, and I am shaken. Much has been made allowing DREs one last time this fall, but those are mainly municipalities that use hand marked paper ballots not DREs
documentcloud.org/documents/6277… 2/ Most of the order is a Tom Clancy-worthy recounting of officials misleading GA citizens. I am shaken because history is repeating itself. In choosing to ignore the mountain of expert opinion that the new BMDs aren’t safe, SOS is once again listening to outliers.

1/Lots of heat/traffic setting up opscan vs hand-count debate. I claim hand counts are impractical in US elections. They're error-prone & like all tabulations must be checked with audits. They offer few benefits at great cost. Literature is sparse/scattered. Here’s my rationale 2/Hand counts are carried out by people, so it is fair game to ask how often they get it right. The answer appears to be “not very often.” Like many aspects of voting that at first blush seem simple, this is a cognitively complex task.

@VerifiedVoting 1/ Can we agree that there is historical imprecision in the terminology? The phrase "voter verifiable" that been used interchangeably with "voter verified." They are not the same thing. An audit trail in an untrusted environment should not be trusted unless it has been verified. @VerifiedVoting 2/A verification requires a positive affirmation. Verifiability requires only the ability to be submitted for that affirmation. One is potential, the other is accomplishment. This stems IMO from @philipbstark description in e.g., stat.berkeley.edu/~stark/Preprin…

1/I have Dominion's response to Friday's letter from NY Board of Elections. A rare glimpse into anti-security mindset of voting machine vendors. Hacking concerns may delay Westchester's $6.1M plan to buy new voting machines lohud.com/story/news/loc… via @lohud
READ THIS THREAD @lohud 2/Here's Dominion's non-responsive response. "Before addressing the various safeguards for the ImageCast Evolution (ICE), I would like to..." (let me paraphrase) launch an irrelevant attack on the "security maximalists" who pointed out the vulnerability
dropbox.com/s/tz02zj9l7zv5…

/1 Thanks to Brad for informed discussion. We’ve heard about other virtues of ballot verification that are not impacted by these results but lets focus: it is likely that most humans are unable to verify the correctness of ballots cast moments before.
bradblog.com/?p=12829 2/It’s not a matter of ballot design, verification logistics or other practical considerations. The most likely explanation is fundamental limit on human cognition. Limitation presents special problems for secure voting, including post election audits.

1/Thirty Ways to Exploit GA's election system vulnerabilities not requiring an internet connection. @BrianKempGA and election officals endlessly repeat system is not connected to the Internet therefore secure.
politics.myajc.com/news/state--re…
It doesn't matter. Here's 30 reasons why. 2/Before we begin be aware that SOS is remarkably ambiguous about what "no Internet" means. No DIRECT connection, no connection during ELECTIONS, never even DURING TESTS, NEVER EVER NOT EVEN A CHANCE, voting machines ONLY, ALL system parts...These are distractions. Don't matter.

1/I've been asked how malware capable of undetectable manipulation can find its way onto computers used in GA elections. 2 Windows systems are used. Windows CE for Diebold touchscreen voting machines and desktop versions of Windows for tabulation. Here are the vulnerabilities. 2/ Windows CE is the mobile version of Windows used in hand held devices around the year 2000 (remember?) Windows CE basically has no security features at all. These are the vulnerabilities. Windows CE is an obsolete Microsoft product. It has not been strengthened.