Michigan computer scientist says 'serious privacy flaw' present in Dominion Voting Systems machines

A computer scientist at the University of Michigan claims to have discovered a major security flaw in voting machines deployed by Dominion Voting Systems, one that could allegedly violate the privacy of the secret ballot. 

J. Alex Halderman, a professor of computer science at the University of Michigan, said in a Twitter thread on Friday that he and several colleagues had "found a serious privacy flaw that affects Dominion ICP and ICE ballot scanners."

Halderman described the flaw as "a privacy vulnerability," and he emphasized that the alleged issue cannot "directly modify results or change votes."

"However, under some circumstances, it could allow members of the public to identify other peoples’ ballots and learn how they voted," he said.

Halderman pointed out that, in normal voting systems, "ballot-level data is supposed to be randomly shuffled" in order to conceal voter identity.

The purported flaw in Dominion's systems, however, "makes it possible for anyone to unshuffle data from Dominion ICP and ICE scanners and learn the order the ballots were cast," he wrote, a security lapse that if exploited "can sometimes be used to learn how people voted."

Dominion, Halderman said, "uses a flawed random number generator to generate ballot IDs," one he called a "lightly-obfuscated linear congruential generator, which experts have known for decades is unsuitable for security applications."

The professor said he and his colleagues had already informed Dominion and other authorities of the purported issue. 

"Our priority is to prevent this flaw from affecting voters this November, which is ultimately the best way to uphold public trust," he wrote.