By Patrick Colbeck
Let me cut to the chase. NO.
Ballot image audits are not useful. They give no indication of election integrity.
On what basis can this assertion be made?
Watch the following video from a Def Con hackers conference. It features two students of Professor J Alex Halderman from the University of Michigan in Ann Arbor – Kartikeya Kandula and Jeremy Wink.
- Ballot image audits are NOT reliable under adversarial conditions.
- If an attacker breaches the voting system, they could manipulate the ballot images.
- Security vulnerability was demonstrated using an EAC certified “Clear Ballot’s ClearVote system”
- Many jurisdictions publish sample ballots before the elections.
- Hackers can decompose the sample ballots into templates and then match these templates to the ballot style used within a given jurisdiction.
- Once they have a template, they can cast votes via ballot images any way they would like.
- One can actually modify a ballot faster than most scanners can scan a ballot.
Once you have ballot images, it is fairly straightforward to print those images onto paper and pass them off as the official paper ballots.
The presenters concluded: “Best defense is to audit ballots physically”.
Of course, this assumes that the chain of custody for the physical ballots has been maintained.
Deep fakes don’t only apply to photos and videos…they can apply to ballot images as well.