Q&A: E-voting security results 'awful,' says Ohio secretary of state

How bad? 'I thought I was going to throw up,' Jennifer Brunner recalls

1 2 3 Page 2
Page 2 of 3

Tell me how that admission came about.

[Premier] really didn't know what was causing the votes to be dropped. And they sent the equipment in this situation to a lab in Canada, and what they came back with was that it could be an interaction with the McAfee antivirus software. So they put out that first nationwide advisory, but then their advice was to disable the software when you're uploading the memory cards. That gave me the chills.

Butler County [where the problem was first discovered] brought their machines to Columbus, and we had already contacted McAfee and said, "Do you think this is possible for there to be these kinds of interactions?" We told them we were going to do more testing. McAfee told us what kind of testing we should be doing, and we were performing the testing over a two-day period. It was [still] dropping the votes with the software disabled.

So we already knew that it was dropping votes [even] with the McAfee software disabled. We already knew it was in the Premier software, but I'm just very surprised with there being pending litigation that they just came out and said, "Yes, it is a problem, and we're responsible for it. It's an error in the code."

If they're going to use McAfee on those systems, did it occur to you or to them that those aren't certified for use with McAfee? Under the federal certification standards, they have to approve all of that software together. So, in truth, for federal certification to be legitimate with McAfee on there, they have to test it with that on there.

It was tested in Ohio with it on there. Which is why, according to my discussions with Premier, it was certified with the McAfee on there.

It was?

We heard two different stories. We heard that it was on the server when it was sent to Ohio to be tested and certified, and then we heard that the [former Secretary of State] Blackwell people wanted it on there and specified McAfee, so we're not really sure. But it was tested and certified in Ohio with the McAfee software.

Under Blackwell?

Under Blackwell, yeah.

They've got a more stringent testing process now, at the EAC [U.S. Election Assistance Commission], supposedly.

Very cumbersome, yes.


Do you realize it's end-to-end testing? So let's say we wanted to make available the high-speed optical scanner, for absentee ballots, from Premier. You can't just test that. And you can't just get that. It's got to be their server, their software, their DRE [touch-screen system], their precinct-based scanner, their high-speed scanner -- and once all of that is approved, then it's allowed to go into the state market.

One way to look at [the EAC's new testing regime] is "cumbersome," another way to look at it is "thorough" -- knowing that previous systems have, you know, slipped through [its previous certification process]. And look at the mess we're in.

Right, right. And what's interesting: Do you know that the EAC put out an RFP [request for proposals] for an EVEREST-like study at the federal level?

Most people haven't read EVEREST. They just really don't get how bad it is. Are we looking at a situation -- if not now, then maybe down the road -- when we say, "You know what? All of these computers are causing us more trouble than they are ultimately worth." That maybe we ought to just take a piece of paper, put in a check mark, put it in a clear box and count it at the precinct the way many other countries do. Even states in the U.S. still do it. Just count the ballots at the polls before they move and be done with it.

Part of the problem is public expectation, the expectation of the media. They just think we should have the elements to do these results [quickly].

1 2 3 Page 2
Page 2 of 3
It’s time to break the ChatGPT habit
Shop Tech Products at Amazon