Two RunSafe Advisors Testify Before Congress On Remote Voting

Posted on August 11, 2020
Author: RunSafe Security

On Friday, July 17, 2020, experts offered testimony on “Exploring the Feasibility and Security of Technology to Conduct Remote Voting in the House.”  In addition to former Speaker Newt Gingrich, Jon Green, Honorable Cheryl L. Johnson, Dr. Ronald Rivest, and Dr. David Wagner, two RunSafe Security advisors, William Crowell and Dr. Avi Rubin, offered expert testimony on issues and opportunities for conducting remote voting in the House. Like many enterprises whose network and business are now extended to remote locations, the House has considered remote voting in light of the COVID-19.   

 

The House Clerk Sets the Stage

Ms. Johnson, Clerk of the House of Representatives, summarized the consideration of remote voting. She offered a brief history of voting systems in the House, from manual systems since 1789 to electronic systems in 1970s to recent upgrades in 2018. She stands ready to support what the House decides, while stating, “It is critical that we ensure complete confidence” and we need to “perform an exhaustive review of the requirements, available technology, and design options.”  

 

RunSafe Advisors Offer Expert Testimony Before Congress

Bill Howell, RunSafe Security Technical Board of Directors

Bill Crowell

RunSafe advisor, William Crowell, summarized “operational, technical and security challenges,” but suggested remote voting is feasible, provided a proper budget is allocated. 

He also warned that the House needs an appropriate budget for “testing and certifications” as the providers of remote voting and video conference systems need to support profitably the requirements the House may have.  

Dr. Avi Rubin, RunSafe Security Technical Board of Directors Professor, Johns Hopkins University

Dr. Avi Rubin

RunSafe advisor, Dr. Avi Rubin, who has studied election voting systems since 2006, stated remote voting can be successful in the House in part because it is public and not secret voting.  

He further described “Important features of such a system would include: (1) Members of Congress can cast votes on bills over the Internet from a computer or a mobile device; (2) Votes are tabulated, and then displayed on a virtual board, simulating the large board where votes are shown in the House chamber; (3) The public can access the virtual board to see how members voted; and, (4) The system needs to work in real-time because some votes lead directly to procedures that are immediately enacted”

 

Other Experts Also Contribute

Whereas Ms. Green and Dr. Wagner offered sound technical assessments, from security precautions to back up voting systems, Dr. Rivest also stated that remote voting is feasible in part because votes are not secret.

Former Speaker Newt Gingrich suggested the legislature must meet in person because of “the amount of power centered on the Speaker will create a virtual legislative dictatorship.”  He also believes “the individual members will lack the mentorship and the collegiality which has grown so many legislators over the last 244 years.“  He also stated that legislation will suffer because “ the traditional process of working together and sharing information and different perspectives changes into a more distant, irregular, and inevitably disrupted process.”  

 

The RunSafe Take

Like any system, a complete review of requirements is necessary and a defense-in-depth approach is critical to mitigating risks.  Just as communications and networks must be protected, RunSafe would also suggest the software itself should be immunized so that state actors and well-funded hacktivists have a hard time disrupting future House systems, procedures, and voting.  

Schedule a Runsafe Demo

RunSafe Security’s 2025 Product Security Predictions

RunSafe Security’s 2025 Product Security Predictions

Product security has come a long way since  the early 2000s to the current iterations we’re seeing today. From CISA’s focus on Secure by Design to the growing emphasis on software supply chain security, software manufacturers, software buyers, and regulatory...

read more