Paper Ballots Integral to Connecticut Election Security – ANNOTATED

A recent article in the Journal Inquirer is at best misleading:  Paper Ballots Integral to Connecticut Election Security <read>

Connecticut has some good election integrity practices, yet there are gaps and vulnerabilities.

Full disclosure, I am a resident of Glastonbury and have been a poll-worker here since 2013 and prior to that from 2008 in Vernon, Connecticut. I take no pleasure in writing this post. Yet, even when people you know and appreciate provide, in your opinion, inaccurate or uninformed information to the public, it is not appropriate to ignore it. There is some good information in this article, yet it is not entirely accurate.

Below is my annotation in blue:

Paper Ballots Integral to Connecticut Election Security
Election officials in the state are pointing to the benefits of physical ballots as the national conversation around election security continues to draw focus.

I absolutely agree that Voter Marked Paper Ballots like we have in Connecticut are the widely recognized basis of election security and integrity. Yet they are just a start.

by Alex Wood, Journal Inquirer / January 4, 2021  
(TNS) — With election officials around the country under very public attack, Mark Dobbins, the Democratic registrar of voters in Glastonbury, wants Connecticut residents to know more about the procedures election officials here use to make sure that all legal votes — and only legal votes — are counted.

It is a sad consequence in the atmosphere of this election that officials are under attack. Anyone who threatens an official and makes false or uninformed claims should be ashamed. And, in the most blatant cases where physical harm is threatened, prosecuted.

One is the old-fashioned paper trail, which Connecticut election officials use for many records, including ballots.

“We use a lot of paper, and you can’t hack paper,” Dobbins says.

Not exactly, even though paper ballots are a good start at election security and auditability, anyone with access to the storage of voted paper ballots can hack them, better still, with access to blank ballots as well, hacking is pretty straightforward. As we have pointed out over and over, Connecticut has very weak ballot security. In the majority of towns a single official may access ballot storage undetected for hours. polling place voted ballots are normally sealed with numbered seals which scientists have demonstrated offer little protection from skilled experts and amateurs alike.

Security experts also point out that over confidence in security by officials is a warning sign of lack of security. <See Do Connecticut’s Tamper-“Evident” Seals Protect Our Ballots?>

In addition, the tabulating machines that count ballots aren’t connected to the Internet and can’t be hacked into, he says.

It is of course important that scanners are not connected to the Internet, however, Hari Hursti long ago demonstrated how the machines used in Connecticut can easily be hacked  <The Hursti Hack> by anyone who has physical access to them. In Connecticut scanners are subject to that same weak security as voted ballots. Even computers not connected to the Internet can be hacked by Foreign actors <for example the STUXNET Attack>.

He adds that the tabulating machines are useless without memory cards. When the cards aren’t in use, he says, LHS Associates, an election services company based in Salem, New Hampshire, holds them securely.

First, the machines themselves can be hacked. They have software which could easily be changed by changing the chips, especially by a rogue service person form LHS Associates. LHS employs a number of people who program the memory cards. There is no audit or observation of LHS programming or security. At least none has been publicly disclosed. Unlike Connecticut, many states require that all programming of memory cards be accomplished by officials and not outsourced as Connecticut does. Here is a UConn papers describing additional vulnerabilities <here> <and here>.

Gabe Rosenberg, general counsel to Secretary of the State Denise W. Merrill, says the University of Connecticut’s Center for Voting Technology Research, or VoTeR Center, takes the memory cards before and after the election to make sure there are no problems.

 Actually, UConn takes a sample of memory cards. Its not a scientific sample. Registrars choose the cards to send to UConn after the election and don’t send all that are asked for. UConn is a little slow in providing reports.  The memory card audit report was for the 2014 elections. Here it is latest report, we suggest reading the summary <2014> <all reports>   It’s hard to trust an audit that is not random and publicly verifiable. There are some problems reported in those audits.

Officials audit 5% of the state’s voting precincts, Rosenberg says. The results exactly matched the machine counts this year, and the historical error rate is less than 1%, he says.

Connecticut does an audit of 5% of the voting districts, yet excluded from the audit are Election Day Registration ballots and centrally counted absentee ballots. In this COVID year of increased mail-in voting there are clearly gaps in the audit. Looking at the UConn reports, the last report of the audit completed was for 2016, which was completed about 19 months after the election, so at best we may have to wait a long while for official confirmation of that claim. It might be a really long wait since the previously completed report was for the 2011 election. UConn excludes large differences between machine counts and audit counts, with the aid of the Secretary of the State’s Office attributing all significant differences to human error in the counting process.

Another security measure widely used in Connecticut elections is to have “many eyes watching everything,” Dobbins says.


Against hacking: Use of paper ballots and other paper records, vote tabulating machines not connected to the Internet, audits of vote counts

Monitoring: “Many eyes watching everything”

Physical secuirty: Locked rooms for blank ballots and other election supplies, completed absentee ballots stored in “cages” within vaults, police escorts

I am sure all of these practices are in place in some towns in Connecticut. Perhaps most Absentee Ballots are in vaults. It is different for polling place voted ballots: Most towns hold them in locked rooms or cabinets that have single key locks, with keys available to several officials providing individual access. Few towns have cages for polling place ballots Few use vaults for polling place ballots. Serving in several polling places in Glastonbury I have never had or seen a police escort. From my experience police escorts are not prevalent for the custody of voted ballots.

For example, vote tabulating machines are tested before the election, and members of the public “are welcome to come and look over our shoulder and watch us do it,” he says. Likewise, the public can watch as ballots are counted, he adds.

Yes testing is important to find ballot programming errors. Public observation of testing is also important. However, no level of testing can prevent errors and fraud. Every computer is subject error and fraud. For instance, your laptop and smartphone were tested before you received them, there is no assurance that they did not contain errors or supply-chain fraud. Voting machines are no different.

Dobbins says election equipment — from blank ballots to office supplies to the personal protective equipment that election workers needed this year — is kept in “blue bins” in a locked room around election time.

Once again, the rooms in many towns can be accessed by single officials for hours undetected.  Those blue bins which are from the same manufacturer all have the same keys.

He says he and Lisbeth Becker, Glastonbury’s Republican registrar, are the only people with keys to the room — and that no one is allowed to go in alone. Any time he goes in, Dobbins says, he must be accompanied by a Republican or an unaffiliated voter.

My understanding is that such access by two individuals is not monitored, only procedure prevents an individual from lone access. In fact, just a few years ago, prior to the current registrars, I reviewed a couple of pages of the access log and noted a single individual, a Deputy Registrar, had signed in alone several times. He and others could have easily done that even without signing in. (That same deputy was later arrested by the town for computer security violations).

On Election Day, Dobbins says, the number of ballots at each polling place is noted at the start of the day — and every ballot has to be accounted for at the end of the day.

Due to the vastly increased demand for absentee ballots amid the COVID-19 pandemic, the secretary of the state’s office had absentee ballot applications mailed to every registered voter this year.

Some have wondered whether a new resident of an address could send in an application in the old resident’s name, then vote by absentee ballot under that name while also voting under their own name.

But if the impersonated voter were to vote elsewhere, Rosenberg says, the fraudster would be caught. He adds that state law makes such fraud punishable by up to five years in prison and a $5,000 fine — and that several federal laws prohibit it as well — putting a high price on casting a single fraudulent vote.

Responsibilities for Connecticut elections are divided between registrars of voters and town clerks. The clerks’ responsibilities include sending out blank absentee ballots to voters who request them, receiving the completed ballots back, and storing them until it is time for the registrars to count them.

Manchester Town Clerk Joseph V. Camposeo says his office had to add part-time staff members to handle the increased workload, including data entry when ballots were sent out and when they were returned. He says the ballots were stored in a “cage” in his office’s vault for extra security.

My experience is that Manchester has security practices that are well above average in Connecticut.

Manchester had absentee ballot “drop boxes” behind Town Hall and at the police station this year. When he collected more than one or two ballots from the police station box, Camposeo says, he would have a police escort on the way back.

©2021 Journal Inquirer, Distributed by Tribune Content Agency, LLC.

In summary, many of these practices are good ones, if followed by every official in every town. Yet, they are insufficient and especially vulnerable to insider attack, including vendors and a variety of town employees, not just election officials. Elections are more vulnerable to outsiders when the insiders are over confident.

Security is difficult. Connecticut has a good basis with Voter Marked Paper Ballots, no Internet connections, and no Internet voting. Security practices are much more difficult given the nature of a state with 169 towns each with two registrars from opposing parties expected to be knowledgeable in all aspects of elections, including election security. Many are understaffed and underpaid. It’s a lot to expect that each official can understand, implement, and monitor security, while following the best practices of other states with larger election jurisdictions. Many Municipal Clerks are in the same boat. Yet surfacing issues can be the beginning of improvement. On the other hand, the distributed nature of Connecticut elections makes it difficult for localized errors and fraud to result in an inaccurate state-wide result, yet local elections remain more vulnerable.

We need stronger uniform, enforceable, and enforced security procedures across the state. Among other things Connecticut needs stronger tabulation audits, audits of ballot and scanner security.



Leave a Reply

You must be logged in to post a comment.