Risk-Limiting Audits with Arlo
Today, the CISA and the DHS’s main cyber division announced the launch of Arlo, a new tool to help election and government officials audit voting machines to determine if they’ve been tampered with; it has already been distributed in six states.
Casey Ellis, chairman, founder and CTO of Bugcrowd:
“The DHS’s launch of Arlo is a great initiative to ensure trust in elections. Voter concern that elections can be tampered with is the biggest threat to democracy today. If voters don’t trust that their vote will count, they won’t go vote. It’s really that simple. The DHS is acknowledging that, while software security of machines, connected systems, and supporting websites continues to be worked on leading up to and beyond the 2020 Election, having more visible and explainable systems that ‘expect failure, and instruct on corrective action’ is an important piece of the overall puzzle. By auditing the integrity of each voting machine, the US government is getting ahead of any disinformation campaigns that promote untrustworthy elections or suggest that voting machines have been hacked on Election Day–Arlo then swoops in to prove otherwise. It also ensures that when a candidate inevitably wins the race, they won fair and square. The peaceful concession of the losing candidate is an underrated and key component to the Western democratic process, and a strong side effect of all of this system integrity conversation is the ability for the losing candidate to blame the system that was supposedly hacked.”
Casey has 25+ years of experience in security, with exposure into current conversations on The Hill. Recently he advised on initiatives exploring vulnerability disclosure programs for voting machines, something that the top voting machine vendors are seriously considering as we approach the impending 2020 Election.