On Tuesday (8-14-2018), I was interviewed by Gopal Ratnam of CQ Roll Call He asked about my recent post regarding DEFCON(R) 26. In addition to what I wrote, I mentioned my new appreciation for risk-limiting audits, which I believe are superior to the post-election audits proposed by the Iowa Secretary of State.
An excerpt of Mr. Ratnam’s report is below. If you subscribe to CQ Roll Call, you have access to the report here. To start a trial subscription, click here. -Joel D. Miller – Linn County Auditor & Commissioner of Elections
Excerpt from CQ Cyber newsletter (Kids Hack the Darnedest Things) for Thursday, Aug. 16, 2018.
Miller told CQ he attended the hacking event in Las Vegas and came away convinced that election systems, including voting machines and voter registration databases, are vulnerable to attacks.
Iowa is in the process of promulgating rules requiring post-election audits, but Miller said he favored a particular kind, called risk-limiting audits.
Risk-limiting audits involve taking a sample of paper ballots from each precinct and comparing them against computer results to see if they match. If they match, the audit is complete, but if there are discrepancies that call the final outcome into question, then a larger sample of paper ballots is chosen to compare until the results confirm the original winner or until a full hand count reveals a different winner.