Tuesday morning, as millions of Americans lined up at their polling places to participate in the often quite literally broken democratic process, a new Twitter account tweeted a link to a short manifesto: “today’s voting machines are often insecure, not particularly easy-to-use, and so expensive that they’re often used much longer than they were designed for and election officials are forced to hunt for replacement parts on eBay. The market has failed us.”
The announcement, from a new nonprofit called VotingWorks, ended with a promise to build a “secure, affordable, open-source voting machine” from the ground up. The letter wasn’t signed, but it’s the work of Ben Adida, a software developer who has studied voting machines for more than 20 years and had a PhD from MIT in secure voting.
“I thought this launch would be pretty quiet, I thought it would be buried in the news of the actual election, but already a lot of people have reached out to volunteer to make it happen,” Adida told me on the phone. “It’s super early days, but the response to the announcement shows that people are hungry for this.”
Adida says that VotingWorks plans to use already existing, commodity hardware and open-source software to compete with the proprietary, expensive, and often insecure voting machines that currently dominate the market. He pitches it as an attempt to rethink voting machine from “first principles,” to reconsider what a voting machine is.
“Do we have to do it the way we’ve always done it for 20 years?” he said. “We have a number of very secure, very inexpensive commodity hardware options that didn’t exist 15 years ago. Maybe we shouldn’t have $5,000 voting machines. When you’re dealing with something this important, we just need someone to build boring technology that works instead of trying to differentiate yourself with proprietary technology where there’s more room for mistakes.”
If anyone is going to figure out how to build a better voting machine, it may as well be Adida. He published a 254-page dissertation on “advances in cryptographic voting systems” in 2006 as part of his PhD work at MIT, and founded Helios Voting, an open-source, encrypted online voting system that is used by private entities but that he says is not a good enough system to use for public elections.
Adida is adamant that he is not trying to remake America’s voting system—the new voting machines will not allow for online voting or use the blockchain or anything like that. They will have a paper trail, which is still the best way to secure an election while preserving ballot secrecy, he said.
“Unfortunately just because you want to make it convenient doesn’t mean you can do so securely. It’s a special kind of problem—there’s no analogy to another problem that’s the same,” he said. “Paper is the only thing we know. The answer is we don’t even know how to get close to doing it right at scale without paper.”
Adida said it’s too early to say exactly what the nonprofit’s next steps are, but said that he’s going to try to quickly build, test, and iterate on a voting machine; he expects to have a prototype by the spring. He suggested that Chromebooks or iPads would be good voting machines, because they have a trusted boot that ensures they haven’t been tampered with.
He points to a recent study by the University of Chicago that found 8 in 10 Americans believe our voting system is vulnerable to hackers, and a UPenn Wharton study that found the voting industry has little competition and that its business model is fundamentally broken. He believes that a civically focused nonprofit that makes an open source voting machine is a way to restore trust to the process.
“Open source is not really about security. It might sound like it’s about security, but it’s about building on top of existing software that’s battle-tested and preventing vendor lock-in,” associated with proprietary systems, he said. “Somebody can pick it up in five years if we go out of business and build on top of the existing mountain of open-source software and not from scratch.”
He said that the organization’s machines will be certified just as every other voting machine has been, and that it will likely to be a long process: “If this has any impact on 2020, that’ll be a minor miracle,” he said. Today, though, is the first step.