Giles County
Election Commission
Document Library

09/01/2016
09:20 AM

Subject:

Microvote Security Details
 
MicroVote Customers:

 
As many of you have already experienced, election officials across the country are being questioned regarding their voting system security. These inquiries increased after recent reports of potential breaches in security with a couple of state's voter registration databases. Unfortunately, the general public automatically associated voter registration systems with voting systems and therefore became concerned regarding the machines on which they cast their votes. I wanted to pass on a few bullet points regarding your MicroVote Infinity voting system in case you need to explain to others why your system is secure and tamperproof. If the inquiries persist, please don't hesitate to give them my email address at shamo@microvote.com and I will call them directly.
 
1. There is no physical connection to a voter registration system and your voting system. Recent reports have no relevance to your voting system.
 
2. There is no physical or wireless connection between your central tabulation equipment to the internet. Federal testing requirements require the disabling of the internet connectivity from central tabulation equipment. Your central systems are "stand alone" systems.
 
3. There is no means, physical or wireless, that any MicroVote Infinity can be connected to the internet. Simply put, the parts to do so are not in the voting machine. There is no way anyone can alter votes with a activation card, giant magnet, telecommunications, or external device. (Also, any attempt to do so is a significant crime.)
 
4. There is no USB port on the MicroVote Infinity. A USB thumbdrive is the most common means one would attempt to corrupt a computing device. So one can see, with no physical port and no physical means to connect to the internet with cable or wifi, there is no way to compromise a MicroVote Infinity panel with outside data.
 
5. For you own knowledge, every time a voting panel is programmed from the EMS programming software, it is issued a randomly generated "Security I.D." number. It can be viewed at the top of every zero proof or tally tape generated from a voting machine. This is a behind the scenes registry of that device for that particular election. If any attempt was made to read in data from any machine that wasn't directly associated with a given and particular database, it would not be accepted if the numbers don't match.
 
6. As some of you know, every MicroVote Infinity has a hidden "audit log" that registers all activity with that voting panel. Each audit log begins fresh when the Infinity is connected to the central computer and programmed. From that point in a time a record is created for every activity. Every time it is powered on, every time a card is inserted, any time anything is printed (you get the idea), the activity is recorded with the exact date and time it took place to the second. This audit log is easily available on every panel by entering the administrative code and selecting "audit log". It can be viewed on screen or printed. For example, this becomes important if somebody claims voting activity took place prior to or after polls closed.
 
7. And, finally, unfortunately the general public has no understanding of the checks and balances that go into preparation and execution of every election. Are elections perfect? Gosh no. But can they be audited to verify that no interjection of additional votes or corruption has taken place. Gosh yes.
 
Again, if you have a persistent reporter, candidate, or simply somebody from the public that wants to discuss this and you don't feel you have answered all their questions, give them my email and I will get back with them on a case by case basis.
 
Thanks,
 
Steve Shamo
GM MicroVote General Corporation
shamo@microvote.com