Chapter 21, “Test: Can You Spot the Vulnerabilities?” discussed how to potentially hack one of the strongest real-world MFA solutions available. This chapter will challenge us to try to secure one of the hardest scenarios possible: remote electronic voting.

Introduction

It is very likely as time goes on that more and more people will be voting remotely in local, state, and national elections. In the United States, voting by mail-in or drop-off paper ballot has been allowed for decades. In five states, all voting (i.e., local, state, federal) is 100 percent done by mail-in ballot: www.ncsl.org/research/elections-and-campaigns/all-mail-elections.aspx. Paper-based voting, in-person or using a mail-in ballot, has worked fairly well and has a low number of incidents of voter fraud, but it's slow and requires a lot of time devoted to creation, storage, and transportation of paper. It is expensive even with much of the workforce around election day volunteering their time.

For “official” elections, voting machines at official in-person vote polling locations have become increasingly more electronic. Years ago, nearly all voting machines were mechanical contraptions—a voter inserted a paper voting ballot and selected their choices with a writing instrument (pencil or paper) or small hand tool. This process darkened selections or created holes in the paper aligned to particular selections and vote choices. Voters then manually placed their paper ballot ...