This is the first of a 6-part series of slightly longer vignettes on the challenge of updating voting systems. It’s a slice-and-dice of a recent briefing on the topic.
It’s intended to acquaint relatively newcomers to understanding how voting system are purchased and maintained, and that includes anyone and everyone from concerned citizens, to journalists, to policy makers.
How We Got Here
With the start of primary season for the Presidential Election right around the corner, in February 2020, the security of U.S. election infrastructure remains a topic of national concern. As recently as April 2019, FBI Director Christopher Wray observed that:
…our adversaries are going to keep adapting and upping their game, and so we’re very much viewing 2018 [elections] as just kind of a dress rehearsal for the big show in 2020.
The current state of U.S. voting systems in particular has been scrutinized even more closely, and a recent Associated Press story noted that:
the vast majority of 10,000 election jurisdictions nationwide use Windows 7 or an older operating system to create ballots, program voting machines, tally votes and report counts.
Given the fact that Microsoft will no longer provide free, regular updates to Windows 7 users after January 2020 (known as “end of support”), reports of outdated voting system software with potential vulnerabilities have garnered a lot of attention.
What Can We Do?
Many observers are asking the reasonable question, “Can’t we simply get everything updated before the 2020 elections?”
The short answer, unfortunately, is “No” — due to a complex set of limitations associated with how voting system software is developed, certified, sold, implemented, and maintained.
Until now, those complexities have not been explained in plain language for the benefit of citizens, voters, and other interested parties, and we hope to change that.
About This Blog Series
The purpose of this blog series is to shed light on the process of how voting systems are purchased, deployed, and updated, with a special emphasis on the challenges that currently prevent more flexible software updates.
We hope that by illuminating what all of this means for election administrators, vendors, and the nation as a whole, policy makers can better understand what needs to change to ensure the security of the nation’s election infrastructure in the future.
It’s not a simple story to tell, so settle in for the journey. Along the way, we’ll address:
- What’s typically included in a voting system purchase;
- Typical industry policies around software upgrades;
- How upgrades are implemented;
- The reasons for the challenges that exist today; and
- Recommendations for how things might be improved in the future.
Because the current workflows for updating systems aren’t working, the security of our voting infrastructure is suffering as a result.
To read more, here are all of the articles in this Voting Systems Update Series published to date.