A privacy flaw in DVS ballot voting systems that could allow people to identify other peopleās ballots and learn how they voted.
Vulnerability
- Every ballot is assigned a random-looking record ID which uniquely idenfities each ballot within the batch of a particular machine
- a EMS shuffles ballots but each ballot is still labelled with original record ID
- Scanners display a public counter showing how many ballots have been cast.
- Some localities record surveilance footing of the ballots with the numbers shown
- You can use the counter to identify someone based off order