Voting machine security is still a sore point, but at least some vendors are starting to change their tune. ES&S chief Tom Burt has declared that his company will "no longer sell" paperless voting machines as the "primary" voting device for a given jurisdiction. It's just too hard to conduct a "meaningful" audit of election results without a physical record, Burt said. He went so far as to ask the US Congress to mandate a paper record for all voters.
He also wanted laws dictating a "more robust" testing scheme run by vetted researchers, and to expand on existing advantages like a highly varied (and thus harder to compromise) infrastructure. While voting machines go undergo testing, they're not necessarily secure enough to resist attacks "at any point in the process," Burt said. There isn't a standard for penetration tests, and legislation could help fix that.
The exec didn't say how quickly the company would drop affected paperless models.
While it could take a while before this shift is noticeable (jurisdictions aren't going to abruptly toss their existing machines), it's a significant about-face. ES&S has been one of the strongest proponents of paperless voting, and only really started to rethink its position after Democrats started asking about major security lapses. Now, it's pushing for paper backups -- and that's good news for anyone worried about attempts to hack upcoming elections, whether remotely or in person.