Common Cause Georgia v. Kemp - DECLARATION OF DAN S. WALLACH

Case 1:18-cv-05102-AT Document 35 Filed 11/08/18 Page 1 of 57
IN THE UNITED STATES DISTRICT COURT

FOR THE NORTHERN DISTRICT OF GEORGIA
)
COMMON CAUSE GEORGIA, as an )
organization, )
)
Plaintiff, )
)
)
)
)
)
v. ) Case No. 18-cv-05102-AT
)
BRIAN KEMP, in his official capacity as )
Secretary of State of Georgia )
)
)
Defendant. )
)
DECLARATION OF DAN S. WALLACH
I, Dan S. Wallach, declare as follows under penalty of perjury:
1. I submit this declaration in support of Plaintiff’s Emergency Motion for a
Temporary Restraining Order and Expedited Discovery.
2. I am an expert in computer security, with a particular focus on election
systems like electronic voting machines and voter registration systems. I am

currently employed as Professor of Computer Science at Rice University
(Houston, Texas). I also hold a courtesy appointment in the Electrical and
Computer Engineering department and I am a Rice Scholar at the Baker
Institute of Public Policy.
3. After graduating high school at J. J. Pearce (Richardson, Texas) in 1989, I
earned my BSEE/CS at the University of California, at Berkeley, in 1993,
and a MA and PhD at Princeton University in 1995 and 1999, respectively.
Since the fall of 1998, I have been at Rice University, being promoted to
Associate Professor in 2005 and to Professor in 2012. In 2007, when I was
on sabbatical, I held joint appointments as a visiting professor at Stanford
University and as a visiting researcher at SRI International. Among other
awards and responsibilities, I was elected to the Board of Directors of the
USENIX Association (serving 2012-2013) and I also served on the Air
Force Science Advisory Board (2011-2015). A true and correct copy of my
full curriculum vitae, which includes a full list of my publications, is
attached hereto as Exhibit A.
4. I have also served as an expert witness in a number of election-related
lawsuits. Most recently, I worked on behalf of the Department of Labor in a
pair of lawsuits related to online voting by labor unions (Secretary of Labor

v. Allied Pilots Association (4:14-CV-997-0); and Secretary of Labor v.
Association of Professional Flight Attendants (4:16-CV-1057)). I also wrote
a declaration on behalf of Jill Stein’s recount efforts in 2016. I have also
given testimony to a number of government bodies concerning election
security. Most recently, I testified before the U.S. House Space, Science, and
Technology Committee (September 2016) and the Texas Senate Select
Committee on Election Security (February 2018).
5. In my recent testimonies, both in Washington D.C. and Austin, Texas, I
considered our nation-state adversaries, including but not limited to Russia,
and the possible risks they might pose to our elections. My conclusion then,
as now, was that our biggest vulnerabilities are our voter registration
databases, typically maintained online, so therefore reachable by our
adversaries. Web sites with databases are ubiquitous and their vulnerabilities
are well-understood to cyber threat actors. Every university computer
security class has its students learn to attack and defend these sorts of
systems. While a defender must eliminate all possible attacks, an attacker
needs only find a single weakness, so it’s reasonable to expect these
weaknesses exist in our voter registration systems.

6. We can and should expect our adversaries to go after voter registration
systems, and there’s evidence of this already having happened in Arizona
and Illinois, among other states. A true and correct copy of an article
describing the Federal Bureau of Investigation’s finding of breaches in
Illinois and Arizona’s voter registration databases in 2016, downloaded from
the Reuters’ website, is attached hereto as Exhibit B.
7. The partisan impacts are easy to envision. You can selectively
disenfranchise voters by deleting them from the database or otherwise
introducing errors. Political campaign managers use a variety of predictive
models for targeted mailings, get-out-the-vote campaigns, and so forth to
determine partisanship; we can expect adversaries to do the same.
8. Georgia offers an online web-based tool (“My Voter Page”, hereafter
“MVP”) for voters to verify their voter registration status. Recently, a
number of security experts have determined that MVP was improperly
engineered from a security perspective. News articles concerning these
vulnerabilities appeared only a few days prior to this week’s election. A true
and correct copy of a November 4, 2018 article describing security
vulnerabilities in MVP downloaded from the WhoWhatWhy website, is
attached hereto as Exhibit C.

9. One specific MVP vulnerability concerns “URL manipulation”, where an
attacker can log in as one voter and then manipulate the underlying web
requests to change their identifying number and successfully fetch data
belonging to other voters. A more serious version of this attack apparently
allows an attacker to read every file stored on the web server. These URL
manipulations, themselves, are very simple and obvious; any “penetration
testing” team should have discovered them and they would have been easy
to repair. A true and correct copy of computer scientist Matt Bernhard’s
explanation of this vulnerability downloaded from Medium’s website, is
attached hereto as Exhibit D.
10.I have not personally verified these attacks, but the reports that I have
reviewed appear credible.
11.Based on this information, we can make a number of inferences. In
particular, if it is possible for an attacker to easily extract the full contents of
the MVP server, then the attacker will have access to the voter registration
status of every voter, which includes information that may not be available
to the general public (e.g., the voter’s driver’s license number and the last
four numbers of a voter’s social security number).

12.More worrisome, an attack which grants the attacker the ability to read each
and every file on a computer gives that attacker further opportunities to
discover and exploit other vulnerabilities. It’s highly likely that the
vulnerabilities we currently know about represent a “tip of the iceberg” of
other problems. Their presence on the MVP system implies a broad lack of
attention to computer security issues.
13.MVP is part of a suite of software from PCC Technology, Inc called
“ElectioNet” (also commonly known as “eNet”).1 Data from eNet is fed
directly to the “ExpressPoll” electronic poll books used when voters arrive at
their polling places. A true and correct copy of the declaration of Colin
McRae, Chair of the Chatham County Board of Registrars, downloaded
from the WhoWhatWhy website, is attached hereto as Exhibit E.
14.The MVP home-page currently states “My Voter Page provides a web-based
search of data extracted from Georgia’s statewide voter registration
database. It is NOT the official record of your registration, which is retained
1
“PCC’s ElectioNet is the Voter Registration and Election Administration suite used by more states than any other
solution to ensure the integrity of voter and election related data. Voter Registration, Online Voter Registration,
Election Management, My Voter Portal, and Election Night Reporting modules are fully integrated, feature rich, and
real-world tested, enabling PCC to maintain its position as the premier organization in the election administration
industry.” https://pcctechnologyinc.com/electionet/
by the voter registration office in the county of your residence.” This
suggests that there is some degree of separation between the MVP server
and other eNet servers.
15.Given that MVP is part of the broader eNet suite, and MVP has significant
software vulnerabilities, it’s reasonable to expect that other eNet
components have been engineered, installed, and configured similarly. An
attacker who can compromise the MVP server can likely also compromise
other eNet servers.
16.Given that eNet is directly responsible for voter registration data, all the way
from state-level web services to the electronic pollbooks, this implies that a
compromise of eNet would allow the attacker complete control over voter
registration data in Georgia, including tampering or deleting registration
records.
17.This sort of attacker modality corresponds with a standard practice for
sophisticated nation-state adversaries (often referred to euphemistically as
“Advanced Persistent Threats” or APTs), whereby the attacker first breaks
into any available system, and then spreads their footprint laterally to
encompass additional targets. In this regard, the process of defending against

APT adversaries is quite difficult, because the APT adversary must find only
one hole, after which they can expand out and fully compromise their
target’s network. Conversely, the defenders must close every hole. The MVP
system appears to be a glaring hole in Georgia’s voter registration systems,
and it’s likely that the rest of eNet is similarly vulnerable.
18.While we don’t know whether an adversary, APT or otherwise, has
compromised or tampered with Georgia’s voter registration databases, we do
know that 22,000 Georgia voters, statewide, have cast provisional ballots,
far higher than the numbers in recent federal elections. Given the poor state
of security engineering of MVP, and by inference the rest of Georgia’s voter
registration systems, we cannot rule out the actions of adversaries to tamper
with Georgia’s voter registration systems. A true and correct copy of a
November 7, 2018 article describing outstanding provisional and absentee
ballots downloaded from USA Today’s website, is attached hereto as Exhibit
F.
19.If necessary, I would do my best to make myself available to the Court and
the parties in the case to elaborate on the opinions stated herein.

My name is Daniel Wallach; my date of birth is September 14, 1971; my office
address is 6100 Main Street, Houston, Texas 77005-1892; and I declare under
penalty of perjury that the foregoing is true and correct.
Executed in Houston, Texas on the 8th day of November 2018.
__________________________
DANIEL WALLACH
Exhibit A
Home: 713-662-3331
Dan Seth Wallach Work: 713-348-6155
Fax: 713-348-5930
dwallach@cs.rice.edu Department of Computer Science

Rice University
Duncan Hall 3122
http://www.cs.rice.edu/~dwallach/ 6100 Main Street
Houston, TX 77005
Education Princeton University (Princeton, NJ), Department of Computer Science,

Ph.D. Computer Science, January 1999.
M.A. Computer Science, May 1995.
U.C. Berkeley (Berkeley, CA), College of Engineering,
B.S. Electrical Engineering/Computer Science, May 1993.
Publications [1] D. S. Wallach. We need to protect against vote tampering. Fort Worth
Star-Telegram, Mar. 2018. [ bib | .html ]
[2] D. S. Wallach. Testimony for the Texas Senate Select Committee on
Election Security, Feb. 2018. [ bib | .pdf ]
[3] J. Lee and D. S. Wallach. Removing secrets from Android's TLS.
In Network and Distributed Systems Security Symposium (NDSS '18),
San Diego, CA, Feb. 2018. [ bib | .pdf ]
[4] M. Bernhard, J. A. Halderman, R. Rivest, P. Vora, P. Ryan, V. Teague,
J. Benaloh, P. Stark, and D. S. Wallach. Public evidence from secret
ballots. In The International Conference for Electronic Voting (E-Vote-
ID '17), Bregenz, Austria, Oct. 2017. [ bib ]
[5] O. Pereira and D. S. Wallach. Clash attacks and the STAR-Vote system.
In The International Conference for Electronic Voting (E-Vote-ID '17),
Bregenz, Austria, Oct. 2017. [ bib ]
[6] M. Moran and D. S. Wallach. Verification of STAR-Vote and
evaluation of FDR and ProVerif. In 13th International Conference on
Integrated Formal Methods (iFM 2017), Torino, Italy, Sept. 2017.
[ bib ]
[7] R. Tanash, Z. Chen, D. S. Wallach, and M. Marschall. The decline of
social media censorship and the rise of self-censorship after the 2016
failed Turkish coup. In 7th USENIX Workshop on Free and Open
Communications on the Internet (FOCI '17), Vancouver, B.C., Canada,

Aug. 2017. [ bib ]
[8] D. S. Wallach. Up for debate: Is Harris County's vote safe from the
Russians? Houston Chronicle, July 2017. [ bib | http ]
[9] A. Pridgen, S. Garfinkel, and D. S. Wallach. Picking up the trash:
exploiting generational GC for memory analysis. In Proceedings of the
Fourth Annual DFRWS Europe (DFWRS-EU '17), Lake Constance,
Germany, Mar. 2017. [ bib | .pdf ]
[10] D. S. Wallach and J. Talbot-Zorn. Want secure elections? then maybe
don't cut security funding. Wired, Feb. 2017. [ bib | http ]
[11] A. Pridgen, S. Garfinkel, and D. S. Wallach. Present but unreachable:
reducing persistent latent secrets in HotSpot JVM. In Hawaii
International Conference on System Sciences (HICSS-50), Jan. 2017.
[ bib | .pdf ]
[12] S. Bell, J. Benaloh, M. D. Byrne, D. DeBeauvoir, B. Eakin, G. Fisher,
P. Kortum, N. McBurnett, J. M. M. Parker, O. Pereira, P. B. Stark, D. S.
Wallach, and M. Winn. Star-vote: A secure, transparent, auditable, and
reliable voting system. In F. Hao and P. Y. A. Ryan, editors, Real-World
Electronic Voting: Design, Analysis, and Deployment. CRC Press, Dec.
2016. [ bib | http ]
[13] D. S. Wallach. Testimony before the House Committee on Space,
Science & Technology hearing, “Protecting the 2016 Elections from
Cyber and Voting Machine Attacks”, Sept. 2016. [ bib | .pdf ]
[14] Z. Tao, A. Kokas, R. Zhang, D. S. Cohan, and D. S. Wallach. Inferring
atmospheric particulate matter concentrations from Chinese social
media data. PLOS One, Sept. 2016. [ bib | http ]
[15] M. S. Riazi, B. Chen, A. Shrivastava, D. S. Wallach, and F. Koushanfar.
Sub-linear privacy-preserving search with untrusted server and semi-
honest parties. CoRR, abs/1612.01835, 2016. [ bib | arXiv | http ]
[16] R. S. Tanash, A. Aydoga, Z. Chen, D. S. Wallach, M. Marschall,
D. Subramanian, and C. Bronk. Detecting influential users and
communities in censored tweets using data-flow graphs. In Proceedings
of the 33rd Annual Meeting of the Society for Political Methodology
(POLMETH 2016), Houston, TX, 2016. [ bib | .pdf ]
[17] R. S. Tanash, A. Aydoga, Z. Chen, D. S. Wallach, M. Marschall,
D. Subramanian, and C. Bronk. The dynamics of social media
censorship in transitioning democracies. In The 2016 APSA Conference
(Divison of Political Elites and Social Media, and Information
Technology and Politics), Philadelphia, PA, 2016. [ bib | http ]
[18] J. C. Dressler, C. Bronk, and D. S. Wallach. Exploiting military opsec
through open-source vulnerabilities. In 2015 IEEE Military
Communications Conference (MILCOM '15), Tampa, FL, Oct. 2015.

[ bib | .pdf ]
[19] R. S. Tanash, Z. Chen, T. Thakur, D. S. Wallach, and D. Subramanian.
Known unknowns: An analysis of Twitter censorship in Turkey.
In Workshop on Privacy in the Electronic Society, Denver, CO, Oct.
2015. [ bib ]
[20] C. Z. Acemyan, P. Kortum, M. D. Byrne, and D. S. Wallach. From error
to error: Why voters could not cast a ballot and verify their vote with
Helios, Prêt à Voter, and Scantegrity II. USENIX Journal of Election
Technology and Systems (JETS), 3(2), Aug. 2015. [ bib | .pdf ]
[21] Y. Liu, D. R. Bild, D. Adrian, G. Singh, R. P. Dick, D. S. Wallach, and
Z. M. Mao. Performance and energy consumption analysis of a delay-
tolerant network for censorship-resistant communications. In 16th ACM
International Symposium on Mobile Ad Hoc Networking and Computing
(MobiHoc '15), June 2015. [ bib | http ]
[22] D. R. Bild, Y. Liu, R. P. Dick, Z. M. Mao, and D. S. Wallach.
Aggregate characterization of user behavior in Twitter and analysis of
the retweet graph. ACM Transactions on Internet Technologies, 15(1),
Feb. 2015. [ bib | http ]
[23] A. Bates, K. Butler, M. Sherr, C. Shields, P. Traynor, and D. Wallach.
Accountable Wiretapping -or- I Know They Can Hear You
Now. Journal of Computer Security, 23:167--195, 2015. [ bib | .pdf ]
[24] Y. Liu, D. R. Bild, R. P. Dick, Z. M. Mao, and D. S. Wallach. The
mason test: A defense against sybil attacks in wireless networks without
trusted authorities. IEEE Transactions on Mobile Computing, 2015. in
press. [ bib | .pdf ]
[25] C. Z. Acemyan, P. Kortum, M. D. Byrne, and D. S. Wallach. Users'
mental models for three end-to-end voting systems: Helios, Prêt à Voter,
and Scantegrity II. In Human Aspects of Information Security, Privacy,
and Trust, volume 9190 of Lecture Notes in Computer Science. Springer
International Publishing, 2015. [ bib | DOI | http ]
[26] T. Book and D. S. Wallach. An empirical study of mobile ad
targeting. CoRR, abs/1502.06577, 2015. [ bib | http ]
[27] C. Z. Acemyan, P. Kortum, M. D. Byrne, and D. S. Wallach. Usability
of voter verifiable, end-to-end voting systems: Baseline data for Helios,
Prêt à Voter, and Scantegrity II. USENIX Journal of Election
Technology and Systems (JETS), 2(3), July 2014. [ bib | http ]
[28] M. Dietz and D. S. Wallach. Hardening Persona: Improving federated
web login. In Network and Distributed Systems Symposium (NDSS '14),
San Diego, CA, Feb. 2014. [ bib | .pdf ]
[29] M. Rostami, M. Majzoobi, F. Koushanfar, D. S. Wallach, and

S. Devadas. Robust and reverse-engineering resilient PUF
authentication and key-exchange by substring matching. IEEE
Transactions on Emerging Topics in Computing, 2014. [ bib | .pdf ]
[30] A. A. Sani, L. Zhong, and D. S. Wallach. Glider: A GPU library driver
for improved system security. CoRR, abs/1411.3777, 2014. [ bib | http ]
[31] T. Book and D. S. Wallach. A case of collusion: a study of the interface
between ad libraries and their apps. In Proceedings of the Third ACM
Workshop on Security and Privacy in Smartphones & Mobile Devices
(SPSM '13), Berlin, Germany, Nov. 2013. [ bib | .pdf ]
[32] S. Bell, J. Benaloh, M. D. Byrne, D. DeBeauvoir, B. Eakin, G. Fisher,
P. Kortum, N. McBurnett, J. M. M. Parker, O. Pereira, P. B. Stark, D. S.
Wallach, and M. Winn. Star-vote: A secure, transparent, auditable, and
reliable voting system. USENIX Journal of Election Technology and
Systems (JETS), 1(1), Aug. 2013. [ bib | http ]
[33] T. Zhu, D. Phipps, A. Pridgen, J. Crandall, and D. S. Wallach. The
velocity of censorship: High-fidelity detection of microblog post
deletions. In USENIX Security Symposium, Washington, DC, Aug. 2013.
[ bib | http ]
[34] T. Book, A. Pridgen, and D. S. Wallach. Longitudinal analysis of
Android ad library permissions. In Mobile Security Technologies
Workshop (MOST), San Francisco, CA, May 2013. [ bib | .pdf ]
[35] P. Song, A. Shu, D. Phipps, D. S. Wallach, M. Tiwari, J. Crandall, and
G. Lugar. Language without words: A pointillist model for natural
language processing. In 6th International Conference on Soft Computing
and Intelligent Systems (SCIS-ISIS 2012), Kobe, Japan, Dec. 2012.
[ bib | .pdf ]
[36] A. Czeskis, M. Dietz, T. Kohno, D. S. Wallach, and D. Balfanz.
Strengthening user authentication through opportunistic cryptographic
identity assertions. In 19th ACM Conference on Computer and
Communications Security (CCS '12), Raleigh, NC, Oct. 2012.
[ bib | http ]
[37] P. Song, A. Shu, A. Zhou, D. S. Wallach, and J. R. Crandall. A
pointillism approach for natural language processing of social media.
In Proceedings of the 2012 International Conference on Natural
Language Processing and Knowledge Engineering (NLP-KE'12), Hefei,
China, Sept. 2012. best paper award. [ bib | .pdf ]
[38] M. Dietz, A. Czeskis, D. Balfanz, and D. S. Wallach. Origin-bound
certificates: a fresh approach to strong client authentication for the web.
In USENIX Security Symposium, Bellevue, WA, Aug. 2012. [ bib | http ]
[39] S. Shekhar, M. Dietz, and D. S. Wallach. Adsplit: Separating

smartphone advertising from applications. In USENIX Security
Symposium, Bellevue, WA, Aug. 2012. [ bib | http ]
[40] M. Majzoobi, M. Rostami, F. Koushanfar, D. S. Wallach, and
S. Devadas. Slender PUF protocol: A lightweight, robust, and secure
authentication by substring matching. In International Workshop on
Trustworthy Embedded Devices, May 2012. [ bib | DOI | .pdf ]
[41] A. Bates, K. Butler, M. Sherr, C. Shields, P. Traynor, and D. S. Wallach.
Accountable wiretapping -or- I know they can hear you now. In 19th
ISOC Network and Distributed System Security Symposium (NDSS
2012), San Diego, CA, Feb. 2012. [ bib | http ]
[42] N. Aase, J. R. Crandall, A. Diaz, J. Knockel, J. O. Molinero, J. Saia,
D. Wallach, and T. Zhu. Whiskey, weed, and wukan on the World Wide
Web: On measuring censors' resources and motivations. In FOCI 12:
Proceedings of the 2nd USENIX Workshop on Free and Open
Communications on the Internet, 2012. [ bib | http ]
[43] D. S. Wallach. Viewpoint: Rebooting the cs publication
process. Communications of the ACM, 54(10), Oct. 2011. [ bib | .pdf ]
[44] S. A. Crosby and D. S. Wallach. Authenticated dictionaries: Real-world
costs and trade-offs. ACM Transactions on Information Systems Security
(TISSEC), 14(2):17:1--17:30, Sept. 2011. [ bib | DOI | http ]
[45] M. Dietz, S. Shekhar, Y. Pisetsky, A. Shu, and D. S. Wallach. Quire:
Lightweight provenance for smart phone operating systems. In 21st
USENIX Security Symposium, San Francisco, CA, Aug. 2011.
[ bib | .html ]
[46] D. R. Bild, Y. Liu, R. P. Dick, Z. M. Mao, and D. S. Wallach. Using
predictable mobility patterns to support scalable and secure MANETs of
handheld devices. In Sixth International Workshop on Mobility in the
Evolving Internet Architecture (MobiArch '11), June 2011. [ bib | http ]
[47] D. S. Wallach. Smartphone security: Trends and predictions. In Secure
Application Development (SecAppDev 2011), Leuven, Belgium, Feb.
2011. [ bib | .pdf ]
[48] T. Zhu, C. Bronk, and D. S. Wallach. An analysis of chinese search
engine filtering. CoRR, abs/1107.3794, 2011. [ bib | http ]
[49] D. Bachrach, C. Nunu, D. S. Wallach, and M. K. Wright. #h00t:
Censorship resistant microblogging. CoRR, abs/1109.6874, 2011.
[ bib | http ]
[50] S. J. Nielson and D. S. Wallach. The bittorrent anonymity
marketplace. CoRR, abs/1108.2718, 2011. [ bib | http ]
[51] S. J. Nielson, C. E. Spare, and D. S. Wallach. Building better incentives
for robustness in bittorrent. CoRR, abs/1108.2716, 2011. [ bib | http ]
[52] S. A. Crosby and D. S. Wallach. High throughput asynchronous

algorithms for message authentication. Technical Report CS TR10-15,
Rice University, Houston, TX, Dec. 2010. [ bib | .pdf ]
[53] T.-W. J. Ngan, R. Dingledine, and D. S. Wallach. Building incentives
into Tor. In Proceedings of Financial Cryptography (FC '10), Tenerife,
Canary Islands, Jan. 2010. best paper award. [ bib | .pdf ]
[54] S. A. Crosby and D. S. Wallach. Encyclopedia of Cryptography and
Security, chapter Algorithmic Denial of Service. Springer-Verlag, 2
edition, 2010. [ bib ]
[55] D. S. Wallach. Native client: A clever alternative. Communications of
the ACM, 53(1), Jan. 2010. [ bib | http ]
[56] D. S. Wallach. Polling place burglary raises specter of fraud. Houston
Chronicle, Dec. 2009. [ bib | http ]
[57] S. A. Crosby and D. S. Wallach. Super-efficient aggregating history-
independent persistent authenticated dictionaries. In Proceedings of
ESORICS 2009, Saint Malo, France, Sept. 2009. [ bib | .pdf ]
[58] S. A. Crosby and D. S. Wallach. Efficient data structures for tamper-
evident logging. In Proceedings of the 18th USENIX Security
Symposium, Montreal, Canada, Aug. 2009. [ bib | .pdf ]
[59] E. Öksüzoğlu and D. S. Wallach. VoteBox Nano: A smaller, stronger,
FPGA-based voting machine. In Electronic Voting
Technology/Workshop on Trustworthy Elections 2009, Montreal,
Canada, Aug. 2009. [ bib | .pdf ]
[60] C. Bronk, D. Castro, and D. S. Wallach. Group effort needed to secure
cyberspace. Houston Chronicle, June 2009. [ bib | .pdf ]
[61] D. R. Sandler and D. S. Wallach. Birds of a FETHR: Open,
decentralized micropublishing. In 8th International Workshop on Peer-
to-Peer Systems (IPTPS '09), Boston, MA, Apr. 2009. [ bib | .pdf ]
[62] D. S. Wallach. Technical perspective: Tools for information to flow
securely and swift-ly. Communications of the ACM, 52(2), Feb. 2009.
[ bib | .pdf ]
[63] S. A. Crosby, R. H. Riedi, and D. S. Wallach. Opportunities and limits
of remote timing attacks. ACM Transactions on Information and
Systems Security (TISSEC), 12(3), Jan. 2009. [ bib | .pdf ]
[64] D. S. Wallach. Voting system risk assessment via computational
complexity analysis. William and Mary Bill of Rights Journal, 17, Dec.
2008. [ bib | .pdf ]
[65] D. R. Sandler and D. S. Wallach. The case for networked remote voting
precincts. In 3rd USENIX/ACCURATE Electronic Voting Technology
Workshop (EVT '08), San Jose, CA, Aug. 2008. [ bib | .pdf ]
[66] D. R. Sandler, K. Derr, and D. S. Wallach. VoteBox: A tamper-evident,

verifiable electronic voting system. In Proceedings of the 17th USENIX
Security Symposium (Security '08), San Jose, CA, July 2008.
[ bib | .pdf ]
[67] D. R. Sandler and D. S. Wallach. <input type=“password”> must die!
In Web 2.0 Security & Privacy (W2SP 2008), Oakland, CA, May 2008.
[ bib | .pdf ]
[68] S. Everett, K. Greene, M. Byrne, D. Wallach, K. Derr, D. Sandler, and
T. Torous. Is newer always better? The usability of electronic voting
machines versus traditional methods. In Proceedings of CHI 2008,
Florence, Italy, Apr. 2008. [ bib | .html ]
[69] R. M. Stein, G. Vonnahme, M. Byrne, and D. S. Wallach. Voting
technology, election administration, and voter performance. Election
Law Journal, 7(2), Apr. 2008. [ bib | .pdf ]
[70] D. Sandler, K. Derr, S. Crosby, and D. S. Wallach. Finding the evidence
in tamper-evident logs. In Proceedings of the 2008 Third International
Workshop on Systematic Approaches to Digital Forensic Engineering
(SADFE '08), pages 69--75, 2008. [ bib | DOI | http ]
[71] D. R. Sandler and D. S. Wallach. Casting votes in the Auditorium.
In Proceedings of the 2nd USENIX/ACCURATE Electronic Voting
Technology Workshop (EVT '07), Boston, MA, Aug. 2007. [ bib | .pdf ]
[72] S. Inguva, E. Rescorla, H. Shacham, and D. S. Wallach. Source Code
Review of the Hart InterCivic Voting System. California Secretary of
State's “Top to Bottom” Review, July 2007. [ bib | .pdf ]
[73] D. L. Dill and D. S. Wallach. Stones Unturned: Gaps in the
Investigation of Sarasota's Disputed Congressional Election, Apr. 2007.
[ bib | .html ]
[74] D. S. Wallach. Security and Reliability of Webb County's ES&S Voting
System and the March '06 Primary Election. Expert Report in Flores v.
Lopez, May 2006. [ bib | .pdf ]
[75] A. Singh, T.-W. J. Ngan, P. Druschel, and D. S. Wallach. Eclipse
attacks on overlay networks: Threats and defenses. In IEEE INFOCOM
'06, Barcelona, Spain, Apr. 2006. [ bib | .pdf ]
[76] C. Coarfa, P. Druschel, and D. S. Wallach. Performance analysis of tls
web servers. ACM Transactions on Computer Systems, 24(1), Feb. 2006.
[ bib | .pdf ]
[77] A. Nandi, T.-W. J. Ngan, A. Singh, P. Druschel, and D. S. Wallach.
Scrivener: Providing incentives in cooperative content distribution
systems,. In ACM/IFIP/USENIX 6th International Middleware
Conference (Middleware 2005), Grenoble, France, Nov. 2005.
[ bib | .html ]
[78] E. de Lara, Y. Chopra, R. Kumar, N. Vaghela, D. S. Wallach, and

W. Zwaenepoel. Iterative adaptation for mobile clients using existing
APIs. IEEE Transactions on Parallel and Distributed Systems (TPDS),
16(10), Oct. 2005. [ bib | .html ]
[79] S. J. Nielson, S. A. Crosby, and D. S. Wallach. A taxonomy of rational
attacks. In 4th International Workshop on Peer-to-Peer Systems (IPTPS
'05), Ithaca, NY, Feb. 2005. [ bib | .html ]
[80] A. B. Stubblefield, A. D. Rubin, and D. S. Wallach. Managing the
performance impact of web security. Electronic Commerce Research
Journal, 5(1), Feb. 2005. [ bib | .pdf ]
[81] A. M. Ladd, K. E. Bekris, A. Rudys, L. E. Kavraki, and D. S. Wallach.
Robotics-based location sensing using wireless Ethernet. Wireless
Networks, 11(1-2), Jan. 2005. [ bib | http ]
[82] A. Haeberlen, E. Flannery, A. M. Ladd, A. Rudys, D. S. Wallach, and
L. E. Kavraki. Practical robust localization over large-scale wireless
Ethernet networks. In Tenth ACM International Conference on Mobile
Computing and Networking (MOBICOM 2004), Philadelphia, PA, Sept.
2004. [ bib | .pdf ]
[83] A. Mislove, G. Oberoi, A. Post, C. Reis, P. Druschel, and D. S. Wallach.
AP3: Cooperative, decentralized anonymous communication. In 11th
ACM SIGOPS European Workshop, Leuven, Belgium, Sept. 2004.
[ bib | .html ]
[84] D. S. Wallach. Texas must confront voting systems' flaws. Austin
American-Statesman, Sept. 2004. [ bib | .pdf ]
[85] T.-W. J. Ngan, A. Nandi, A. Singh, D. S. Wallach, and P. Druschel.
Designing incentives-compatible peer-to-peer systems. In 2nd Bertinoro
Workshop on Future Directions in Distributed Computing (FuDiCo
2004), Bertinoro, Italy, June 2004. [ bib | .html ]
[86] A. M. Ladd, K. E. Bekris, A. Rudys, D. S. Wallach, and L. E. Kavraki.
On the feasibility of using wireless Ethernet for localization. IEEE
Transactions on Robotics and Automation, 20(3):555--559, June 2004.
[ bib | .pdf ]
[87] T.-W. J. Ngan, D. S. Wallach, and P. Druschel. Incentives-compatible
peer-to-peer multicast. In 2nd Workshop on Economics of Peer-to-Peer
Systems, Cambridge, MA, June 2004. [ bib | .html ]
[88] D. S. Wallach. Testimony for the Texas Senate Committee on State
Affairs, May 2004. [ bib | .pdf ]
[89] D. S. Wallach. Testimony for the Texas House Committee on Elections,
Mar. 2004. [ bib | .pdf ]
[90] D. S. Wallach. Testimony for the Ohio Joint Committee on Ballot
Security, Mar. 2004. [ bib | .pdf ]
[91] T. Kohno, A. Stubblefield, A. D. Rubin, and D. S. Wallach. Analysis of

an electronic voting system. In Proceedings of the 2004 IEEE
Symposium on Security and Privacy, Oakland, CA, 2004. [ bib | http ]
[92] J. Bannet, D. W. Price, A. Rudys, J. Singer, and D. S. Wallach. Hack-a-
Vote: Demonstrating security issues with electronic voting
systems. IEEE Security and Privacy Magazine, 2(1):32--37, January /
February 2004. Also reprinted by ComputerUser, March 2004.
[ bib | .pdf ]
[93] P. Tao, A. Rudys, A. Ladd, and D. S. Wallach. Wireless LAN location
sensing for security applications. In ACM Workshop on Wireless
Security (WiSe 2003), San Diego, CA, Sept. 2003. [ bib | .html ]
[94] S. Crosby and D. S. Wallach. Denial of service via algorithmic
complexity attacks. In 12th Usenix Security Symposium, Washington,
D.C., Aug. 2003. [ bib | .pdf ]
[95] A. C. Fuqua, T.-W. J. Ngan, and D. S. Wallach. Economic behavior of
peer-to-peer storage networks. In Workshop on Economics of Peer-to-
Peer Systems, Berkeley, CA, June 2003. [ bib | .html ]
[96] D. W. Price, A. Rudys, and D. S. Wallach. Garbage collector memory
accounting in language-based systems. In Proceedings of the 2003 IEEE
Symposium on Security and Privacy, Oakland, CA, May 2003.
[ bib | .html ]
[97] A. Mislove, A. Post, C. Reis, P. Willmann, P. Druschel, D. S. Wallach,
X. Bonnaire, P. Sens, J.-M. Busca, and L. Arantes-Bezerra. POST: A
secure, resilient, cooperative messaging system. In 9th Workshop on Hot
Topics in Operating Systems (HotOS IX), Lihue, Hawaii, May 2003.
[ bib | .html ]
[98] E. de Lara, R. Kumar, D. S. Wallach, and W. Zwaenepoel.
Collaboration and multimedia authoring on mobile devices. In First
International Conference on Mobile Systems, Applications, and Services
(MobiSys '03), San Francisco, CA, May 2003. [ bib | .pdf ]
[99] N. Paul, D. Evans, A. D. Rubin, and D. S. Wallach. Authentication for
remote voting. In Workshop on Human-Computer Interaction and
Security Systems, Fort Lauderdale, FL, Apr. 2003. [ bib | .html ]
[100] T.-W. J. Ngan, D. S. Wallach, and P. Druschel. Enforcing fair sharing of
peer-to-peer resources. In Proceedings of the Second International
Workshop on Peer-to-Peer Systems, Berkeley, CA, Feb. 2003.
[ bib | .html ]
[101] Y. C. Hu, W. Yu, A. L. Cox, D. S. Wallach, and W. Zwaenepoel.
Runtime support for distributed sharing in safe languages. ACM
Transactions on Computer Systems, 21(1), 2003. [ bib | .pdf ]
[102] M. Castro, P. Druschel, A. Ganesh, A. Rowstron, and D. S. Wallach.

Security for structured peer-to-peer overlay networks. In Fifth
Symposium on Operating Systems Design and Implementation (OSDI
'02), Boston, MA, Dec. 2002. [ bib | .html ]
[103] A. Rudys and D. S. Wallach. Enforcing Java run-time properties using
bytecode rewriting. In International Symposium on Software Security,
Tokyo, Japan, Nov. 2002. [ bib | .html ]
[104] D. S. Wallach. A survey of peer-to-peer security issues. In International
Symposium on Software Security, Tokyo, Japan, Nov. 2002.
[ bib | .html ]
[105] A. M. Ladd, K. E. Bekris, G. Marceau, A. Rudys, D. S. Wallach, and
L. E. Kavraki. Using wireless Ethernet for localization. In 2002
IEEE/RSJ International Conference on Intelligent Robots and Systems
(IROS 2002), Lausanne, Switzerland, Oct. 2002. [ bib | .pdf ]
[106] A. M. Ladd, K. E. Bekris, G. Marceau, A. Rudys, L. E. Kavraki, and
D. S. Wallach. Robotics-based location sensing using wireless Ethernet.
In Eighth ACM International Conference on Mobile Computing and
Networking (MOBICOM 2002), Atlanta, Georgia, Sept. 2002.
[ bib | .pdf ]
[107] Y. Dotsenko, E. de Lara, D. S. Wallach, and W. Zwaenepoel. Extensible
adaptation via constraint solving. In Proceedings of the 4th IEEE
Worwshop on Mobile Computing Systems and Applications, Callicoon,
NY, June 2002. [ bib | http ]
[108] A. Rudys and D. S. Wallach. Transactional rollback for language-based
systems. In 2002 International Conference on Dependable Systems and
Networks, Washington, D.C., June 2002. [ bib | .html ]
[109] A. Rudys and D. S. Wallach. Termination in language-based
systems. ACM Transactions on Information and System Security, 5(2),
May 2002. [ bib | .html ]
[110] C. Coarfa, P. Druschel, and D. S. Wallach. Performance analysis of TLS
Web servers. In Proceedings of the 2002 Network and Distributed
System Security Symposium, San Diego, CA, Feb. 2002. [ bib | .html ]
[111] E. de Lara, D. S. Wallach, and W. Zwaenepoel. HATS: Hierarchical
adaptive transmission scheduling. In Proceedings of the 2002
Multimedia Computing and Networking Conference (MMCN'02), San
Jose, CA, Jan. 2002. [ bib | http ]
[112] J. Flinn, E. de Lara, M. Satyanarayanan, D. S. Wallach, and
W. Zwaenepoel. Reducing the energy usage of Office applications.
In Proceedings of IFIP/ACM International Conference on Distributed
Systems Platforms (Middleware), Heidelberg, Germany, Nov. 2001.
[ bib | http ]
[113] D. S. Wallach. Copy protection technology is doomed. IEEE Computer,

34(10):48--49, Oct. 2001. [ bib | .pdf ]
[114] S. A. Craver, M. Wu, B. Liu, A. Stubblefield, B. Swartzlander, D. S.
Wallach, D. Dean, and E. W. Felten. Reading between the lines:
Lessons from the SDMI challenge. In 10th Usenix Security Symposium,
Washington, D.C., Aug. 2001. [ bib | .pdf ]
[115] A. Stubblefield and D. S. Wallach. Dagster: Censorship-resistant
publishing without replication. Technical Report TR01-380, Rice
University, July 2001. [ bib | .pdf ]
[116] E. de Lara, D. S. Wallach, and W. Zwaenepoel. Puppeteer: Component-
based adaptation for mobile computing. In Proceedings of the 3rd
USENIX Symposium on Internet Technologies and Systems (USITS),
San Francisco, CA, Mar. 2001. [ bib | http ]
[117] A. Rudys, J. Clements, and D. S. Wallach. Termination in language-
based systems. In Network and Distributed Systems Security
Symposium, San Diego, CA, Feb. 2001. [ bib | .html ]
[118] D. S. Wallach, E. W. Felten, and A. W. Appel. The security architecture
formerly known as stack inspection: A security mechanism for
language-based systems. ACM Transactions on Software Engineering
and Methodology, 9(4):341--378, Oct. 2000. [ bib | .html ]
[119] E. de Lara, D. S. Wallach, and W. Zwaenepoel. Opportunities for
bandwidth adaptation in Microsoft Office documents. In Proceedings of
the Fourth USENIX Windows Symposium, Seattle, Washington, Aug.
2000. [ bib | http ]
[120] A. Grosul and D. S. Wallach. A related-key cryptanalysis of RC4.
Technical Report TR-00-358, Department of Computer Science, Rice
University, Houston, TX, June 2000. [ bib | .pdf ]
[121] A. B. Stublefield and D. S. Wallach. A security analysis of
My.MP3.com and the Beam-it protocol. Technical Report TR-00-353,
Department of Computer Science, Rice University, Houston, TX, Feb.
2000. [ bib | .html ]
[122] D. S. Wallach. A New Approach to Mobile Code Security. PhD thesis,
Princeton University, Princeton, NJ, Jan. 1999. [ bib | .html ]
[123] D. S. Wallach and E. W. Felten. Understanding Java stack inspection.
In Proceedings of the 1998 IEEE Symposium on Security and Privacy,
pages 52--63, Oakland, CA, May 1998. [ bib | .html ]
[124] E. W. Felten, D. Balfanz, D. Dean, and D. S. Wallach. Web spoofing:
An Internet con game. In 20th National Information Systems Security
Conference, Baltimore, Maryland, Oct. 1997. [ bib | .html ]
[125] D. Dean, E. W. Felten, D. S. Wallach, and D. Balfanz. Java security:
Web browsers and beyond. In D. E. Denning and P. J. Denning,
editors, Internet Besieged: Countering Cyberspace Scofflaws, pages

241--269. ACM Press, New York, NY, Oct. 1997. [ bib | .html ]
[126] D. S. Wallach, D. Balfanz, D. Dean, and E. W. Felten. Extensible
security architectures for Java. In Proceedings of the Sixteenth ACM
Symposium on Operating System Principles, Saint-Malo, France, Oct.
1997. outstanding paper award. [ bib | .html ]
[127] D. S. Wallach, J. A. Roskind, and E. W. Felten. Flexible, extensible Java
security using digital signatures. In DIMACS Workshop on Network
Threats, DIMACS Series in Discrete Mathematics and Theoretical
Computer Science. American Mathematical Society, Dec. 1996. [ bib ]
[128] D. Dean, E. W. Felten, and D. S. Wallach. Java security: From HotJava
to Netscape and beyond. In Proceedings of the 1996 IEEE Symposium
on Security and Privacy, pages 190--200, Oakland, CA, May 1996.
[ bib | .html ]
[129] D. S. Wallach, S. Kunapalli, and M. F. Cohen. Accelerated MPEG
compression of dynamic polygonal scenes. In Computer Graphics
(Proceedings of SIGGRAPH 1994), Orlando, FL, July 1994. [ bib | http ]
Teaching Courses at Rice:
Comp215: Introduction to Program Design (Fall 2014-2017)
Comp327 / 427: Introduction to Computer Security (Spring 2011-2017)
Comp527: Computer Systems Security (Spring 1999, Fall and Spring
2000, Fall 2001-2006, 2008-2013)
Comp435: Election Systems, Technology, and Administration (Fall
2006, Fall 2008, Fall 2012, Fall 2016)
Comp314: Applied Algorithms and Data Structures (Fall 1999, Spring
2001, 2002, 2004-2006, 2008-2010)
Comp620: Seminar in Secure Systems (Fall 1998)
Short courses and tutorials:
Dan S. Wallach, SecVote Summer School (Schloss Dagstühl, Germany),
July 2012.
Dan S. Wallach, Software Engineering for Security (a one-week
intensive short course), presented at Secure Application
Development (Leuven, Belgium), February 2016, (also February 2011
and February 2007).
Dan S. Wallach, Software Engineering for Security (lectures), presented
at 4th International School: Network Security Impact on Quality
Software Engineering (Viña del Mar & Valparaíso, Chile), October

2007.
Dan S. Wallach, Language-Based Security (a one-week intensive short
course), presented at The ACM Summer School on Foundations of
Internet Security (Duszniki Zdrój, Poland), June 2002.
Dan S. Wallach and Drew Dean, Java and Security (a one-week
intensive short course), Katholieke Universiteit Leuven (Leuven,
Belgium), March 1997.
Teaching assistant positions at Princeton:
Introduction to Computer Systems (Spring 1996)
Computer Graphics (Fall 1993, Fall 1994, and Fall 1995)
Advanced Programming Techniques (Spring 1994)
Professional Research management:

Service
Associate Director, ACCURATE (NSF-funded research center), 2005-
2010
Acting Director (ACCURATE), 2010-2011
National service / advisory boards:
Army Research Laboratory, Technical Assessment Board (2018)
Air Force Science Advisory Board (2011-2015)
USENIX Association, Board of Directors (2012-2013)
USENIX Security, Steering Committee (2014-present)
Program committees:
ACM Conference on Computer and Communications Security (CCS)
2004, 2005, 2008, 2009
ACM Conference on Electronic Commerce 2007
ACM International Systems and Storage Conference (SYSTOR) 2017
ACM Role-Based Access Control Workshop 1999 and 2000
ACM SIGPLAN Third Workshop on Programming Languages and
Analysis for Security (PLAS) 2008
Applied Cryptography and Network Security (ACNS) 2005
Cybersecurity Applications and Technologies Conference for Homeland
Security (CATCH) 2008
European Symposium on Research in Computer Security (ESORICS)
2009
Google Native Client (NaCl) Security Contest 2009
HotOS Workshop 2003, 2009, 2011
HotSec Workshop 2006
IEEE International Conference on Distributed Computing Systems

(ICDCS) 2007
IEEE Security and Privacy 1999, 2004, 2005, 2007-2012, 2018
IEEE Workshop on Mobile Computing Systems and Applications
(WMCSA) 2002 and 2004
3rd International Conference on Electronic Voting 2008
Second International Joint Conference on Electronic Voting (E-Vote-ID)
2017
International Peer-to-Peer Symposium (IPTPS) 2004 and 2006
International Symposium on Engineering Secure Software and Systems
(ESSoS) 2010
Network and Distributed Systems Security Symposium (NDSS) 2002-
2004, 2006, and 2012
NSF grant panels 2002, 2004, 2005, 2006, 2007, 2010, 2013
South Central Information Security Symposium (SCISS) 2003-2006
USENIX Electronic Voting Technology Workshop/Workshop on
Technology for Elections (EVT/WOTE) 2006-2010
USENIX Annual Technical Conference 2001
USENIX Security Symposium 1999-2003, 2005, 2011, 2012, 2014, 2018
USENIX Symposium on Internet Technologies and Systems (USITS)
2003
VOTE-ID / E-Vote-ID 2009, 2016, 2017
Workshop on Economics in Peer-to-Peer Systems 2004
Workshop on Secure Execution of Untrusted Code (SecuCode) 2009
Workshop on Technology for Elections (WOTE) 2008
Workshop on Web 2.0 Security & Privacy (W2SP) 2007-2010
WWW Conference 1999, 2000, 2003, 2004, 2006-2008, 2011, 2014
Program committee chair / journal editorship:
(ESSoS) 2010
USENIX Security Symposium 2001
USENIX Journal of Election Technology and Systems (JETS) (2013-
2015)
WWW Conference, Co-Chair of Security, Privacy, Reliability, and
Ethics Track 2007 and 2008
Invited talks committee:
USENIX Security Symposium 2002 and 2011
Panel moderator/organizer (electronic voting security):
USENIX Security Symposium 2003
IEEE Symposium on Security and Privacy 2004
Workshop organizer / co-chair:

(ESSoS) 2010
South Central Information Security Symposium (SCISS) 2003-2006
USENIX/ACCURATE Electronic Voting Technology Workshop (EVT)
2006
Workshop on Web 2.0 Security & Privacy (W2SP) 2007-2011
Editorial and advisory board memberships:
Election Assistance Commission - Voting System Risk Analysis (EAC
VSRA) panel (2008-2009)
Election Science Institute (VoteWatch)
IEEE Internet Computing (2004-2006)
International Journal of Information Security
International Journal of Information and Computer Security
International Journal for Infonomics
National Committee for Voting Integrity
SAFECode
Verified Voting Foundation / VerifiedVoting.org
University committees:
Search committee, dean of undergraduates (2018)
Advisor for MCS Students (2000-2001)
CS Graduate Admissions (1998-2005, 2014-present)
CS Curriculum Committee (occasional involvement)
CS Facilities (occasional involvement)
KTRU (Rice Radio) Friendly Committee (2005-dissolution of
committee)
Rice Childcare Advisory Committee (2005-2006)
University IT Security Committee (2002-dissolution of committee)
Distinguished Alumni Award Selection Commitee (2009)
University Benefits Committee (2011-present)
University Graduate Honor Council (2016-present)
Other university service:
Divisional advisor and faculty associate, Martel College (2001-present)
Rice Social Dance Society: faculty sponsor, instructor, workshop
organizer, etc. (2001-present)
External university service:
University of Cyprus, CS faculty search, external commitee member
(2015)
Honors and 2013 Microsoft SEIF Faculty Research Award

Awards
2012 Best Paper Award (Natural Language Processing and Knowledge
Engineering)
2011 National Centers of Academic Excellence in Information Assurance
Research (CAE-R)
2010 Best Paper Award (Financial Cryptography)
2009 Google Research Award
2008 Kavli Frontiers of Science Fellow
2008 VoteRescue "Champion of Election Integrity" Award
2008 Defense Science Study Group (DSSG), class of 2008-2009
2007 ComputerWorld "40 Under 40" Award
2000 NSF CAREER Award
2000 IBM University Partnership Award
1997 Outstanding Paper Award (Symposium on Operating Systems
Principles)
Related student awards
2011 National Physical Sciences Consortium (NPSC) Fellowship - Adam
Pridgen
2009 Usenix Security Grand Challenge (Capture the Flag) Contest - Mike
Dietz
2002 CRA Outstanding Undergraduate Award - Adam Stubblefield
Grants Dan S. Wallach and Phil Kortum, TWC: TTP Option: Medium: Voting
Systems Architectures for Security and Usability, NSF CNS-1409401 (March
2014).
Dan S. Wallach and Jedidiah R. Crandall, TWC: Medium: Collaborative:
Measurement and Analysis Techniques for Internet Freedom on IP and Social
Networks, NSF CNS-1314492 (July 2013).
Dan S. Wallach, TC: Small: Security Architectures for Smartphones, NSF
CNS-1117943 (July 2011).
Robert Dick, Z. Morley Mao, and Dan S. Wallach, TC: Medium:
Collaborative Research: WHISPER - Wireless Handheld Infrastructureless,
Secure Communications System for the Prevention of Eavesdropping and

Reprisal, NSF CNS-0964566 (February 2010).
Aviel D. Rubin, Dan S. Wallach, Michael Byrne, Douglas W. Jones, David
Dill, Dan Boneh, David A. Wagner, Dierdre Mulligan, Drew Dean, and Peter
G. Neumann, CT-CS: A Center for Correct, Usable, Reliable, Auditable, and
Transparent Elections (ACCURATE), NSF CNS-0524211 (October 2005).
Dan S. Wallach and Peter Druschel, CSR/PDOS: Security and Incentives for
Overlay Network Infrastructure, NSF CNS-0509297 (August 2005).
Dan S. Wallach and Mike Dahlin, Resource Management for Safe
Deployment of Edge Services, Texas Advanced Technology Program
#003604-0053-2001 (October 2001).
Dan S. Wallach, Security and Resource Management in Type-Safe Language
Environments, NSF CAREER CCR-9985332 (March 2000).
Behnaam Aazhang, Richard G. Baraniuk, Joseph R. Cavallaro, Edward W.
Knightly, and Dan S. Wallach, Seamless Multitier Wireless Networks for
Multimedia Applications, NSF Special Projects ANI-9979465 (April 1999).
Industrial gifts and support:
Samsung research contract (September 2012)
Houston Infraguard (September 2010)
Google gift (November 2009)
Microsoft gift (November 2002)
Schlumberger gift (February 2002)
IBM University Partnership Program (June 2000)
Microsoft gift (July 2000)
Related support:
2011 National Physical Sciences Consortium (NPSC) Fellowship -
Adam Pridgen
USENIX Student Scholarship for Adam Stubblefield (May 2001)
Invited Talks 1. Roger Dingledine, Simson L. Garfinkel, Phillipa Gill, Daniela

and Panels Oliveria and Dan Wallach, Security and Privacy for Democracy
Panel, Computing Research: Addressing National Priorities and
Societal Needs, Computing Research Association (Washington,
D.C.), October 2017.
2. Dan S. Wallach, STAR-Vote: A Secure, Transaprent, Auditable, and
Reliable Voting System.Summer Research Institute (SuRI) (École
Polytechnic Fédérale de Lausanne, Lausanne, Switzerland), June
2017.
3. Dan S. Wallach, What, exactly, is different or new about mobile

security? Kenote speech, Workshop on Mobile Security
Technologies (MoST), San Jose, CA, May 2017.
Reliable Voting System. Jersey Village High School (Houston, TX),
May 2017.
Reliable Voting System. League of Women Voters (Houston, TX),
May 2017.
Reliable Voting System. Dartmouth College (Hannover, NH), April
2017.
Reliable Voting System. Scientia Privacy Lecture Series, Rice
University (Houston, TX), March 2017.
Reliable Voting System. Two Sigma (Houston, TX), October 2016.
9. Dan S. Wallach, Testimony before the House Committee on Space,
Science & Technology hearing, "Protecting the 2016 elections from
cyber and voting machine attacks", Washington, DC, Sept. 2016.
10. Dan S. Wallach, Internet Application Censorship: Studies of Weibo
in China and Twitter in Turkey, Houston Kiwanis (Houston, TX),
July 2016.
in China and Twitter in Turkey, Stanford University (Stanford, CA),
June 2016.
in China and Twitter in Turkey, OWASP Meeting, K.U. Leuven
(Leuven, Belgium), February 2016.
13. Dan S. Wallach, Security Architectures for Smartphones, University
of Texas, at Dallas (Dallas, TX), October 2015.
14. Dan S. Wallach, Tracking, Privacy, and Network Neutrality,
Houston Kiwanis (Houston, TX), September 2015.
15. Harley Geiger, Andrew Napolitano, David Leebron, and Dan S.
Wallach, Privacy in the Digital Age, Baker Institute for Public
Policy, Rice University (Houston, TX), April 2015.
16. Dan S. Wallach, Android WebView security and the mobile
advertising marketplace, Google Security Summit (Mountain View,
CA), March 2015..
17. Dan S. Wallach, Rice Tizen Analysis for Security, Tizen Developers
Conference (San Francisco, CA), June 2014.
Reliable Voting System. National Science Foundation (Arlington,
VA), May 2014.
Reliable Voting System. Electronic Voting Network Conference
(San Diego, CA), March 2014.
20. Dan S. Wallach, Security Architectures for Smartphones, Korea
Advanced Institute for Science and Technology (KAIST) (Daejeon,
South Korea), August 2013.
21. Dan S. Wallach, Security Analysis of LLVM Bitcode Files for
Mobile Platforms, Tizen Developers Conference (San Francisco,
CA), May 2013.
Reliable Voting System. Mid-Atlantic Collegiate Cyber Defense
Competition (Laurel, MD), April 2013.
Reliable Voting System. Verifiable Voting Schemes Workshop
(Luxembourg), March 2013.
24. Dan S. Wallach, Privacy and Tracking on the Internet, FTC
Workshop on The Big Picture: Comprehensive Data
Collection (Washington, D.C.), December 2012.
25. Dan S. Wallach, David Wagner, Philip B. Stark, and Philip
Kortum. The Future of E-Voting - Remote, Internet-Based, and
Secure? E-Voting: Risk and Opportunity (Center for Information
Technology Policy at Princeton University - Webcast Seminar),
November 2012.
of Luxembourg, November 2012.
27. Dan S. Wallach, The USENIX Association: A Financial Case Study
for Open Access.Perspectives Workshop: Publication Culture in
Computing Research (Schloss Dagstühl, Germany), November
2012.
28. Dan S. Wallach, Security Architectures for Smartphones, National
Security Agency (Ft. Meade, Maryland), June 2012.
29. Dana DeBeauvoir, Dan S. Wallach, et al. Future of Voting Systems,
International Association of Clerks, Recorders, Election Officials,
and Treasurers, Annual Conference (Albuquerque, New Mexico),
June 2012.

of California, at Berkeley (Berkeley, California), May 2012.
31. Jonathan Blow, Adam Glass, Piaw Na, and Dan S. Wallach. CS
Alumni Panel, University of California, at Berkeley (Berkeley,
California), May 2012.
of New Mexico (Albequerque, New Mexico), April 2012.
33. Dan S. Wallach, Thoughts on Travis County's Next-Generation
Voting System, Travis County Election Study Group (Austin,
Texas), October 2011.
34. Pamela Smith, Dan S. Wallach, Ian S. Piper, and Carolyn
Crnich, Panel: The Present, Election Integrity: Past, Present, and
Future - Caltech/MIT Voting Technology Project (Cambridge,
Massachusetts), October 2011.
35. Dan S. Wallach, Quire: Lightweight Provenance for Smart Phone
Operating Systems, Technischen Universität Darmstadt (Darmstadt,
Germany), July 2011.
36. Dan S. Wallach, VoteBox: A Verifiable, Tamper-Evident, Electronic
Voting System, Distinguished Lecture, Université du Luxembourg,
July 2011.
37. Dan S. Wallach, Crypto and e-Voting: Homomorphisms, Zero-
Knowledge Proofs, and Other Tricks of the Trade, Leuven Center on
Information Communication and Technology (LICT) Distinguished
Lecture (Leuven, Belgium), March 2011.
38. Dan S. Wallach, Seguridad Informática, Tendencias y Aplicaciones
(Information Security Trends and Applications), Technology,
Connectivity and Internet Workshop, Consejo Federal de
Inversiones (Buenos Aires, Argentina), February 2011.
39. Dan S. Wallach, Electronic Voting Systems: Failures and Research
Opportunities, Rice University - Sciencia Lecture Series (Houston,
40. Ann Harris Bennett, Don Cook, Stan Stanart, Harris County Clerk
Debate, sponsored by the Houston League of Women Voters and
Rice University, moderated by Dan S. Wallach, October 2010.
41. Dan S. Wallach, The Wørd, 4th Electronic Voting Technology
Workshop / Worshop on Trusted Elections (EVT/WOTE
'10) (Washington, D.C.), August 2010.
42. Dan S. Wallach, Adventures in Electronic Voting Research, Texas
A&M University (College Station, Texas), October 2009.
43. Dan S. Wallach, Adventures in Electronic Voting Research, Swiss

Federal Institute of Technology (ETH) (Zürich, Switzerland), May
2009.
44. Jeremy Epstein, Douglas W. Jones, E. John Sebes, David Wagner,
Dan Wallach, Electronic Voting Panel, RSA Conference (San
Francisco, California), May 2009.
45. Dan S. Wallach, Adventures in Electronic Voting Research, Bay
Area Association of Democratic Women (Clear Lake, Texas), April
2009.
46. Dan S. Wallach, Testimony Before the Colorado Election Reform
Commission (Denver, Colorado), December 2008.
47. Dan S. Wallach, Adventures in Electronic Voting Research, National
Academy of Science - Kavli Frontiers of Science Symposium
(Irvine, California), November 2008.
48. Dan S. Wallach, Adventures in Electronic Voting Research, Duke
University, October 2008.
49. Dan S. Wallach, Testimony Before the Texas Senate Committee on
State Affairs (Austin, Texas), October 2008.
50. Dan S. Wallach et al., Experts Meeting – E-voting in the 2008 U.S.
Elections. The Carter Center (Atlanta, Georgia), September 2008.
51. David Beirne, Doug Chapin, Dana DeBeauvoir, Anne McGeehan,
Rosemary Rodriguez, Dan S. Wallach. Voting System Integrity: Can
We Be Confident in the Accuracy of the Results? LBJ School of
Public Affairs, UT Austin (Austin, Texas), September 2008.
52. Chandler Davidson, Bob Stein, Dan S. Wallach, Tova
Wang. Democracy, Disenfranchisement, and November 2008
(Constitution Day Panel). Rice University (Houston, Texas),
September 2008.
53. Dan S. Wallach, Testimony Before the Texas House Committee on
Elections (Austin, Texas), June 2008.
54. Dan S. Wallach, Adventures in Electronic Voting Research, Invited
Talk,West University Democrats, April 2008.
Talk, How We Vote Conference, Institute of the Bill of Rights,
College of William & Mary (Williamsburg, Virginia), March 2008.
Talk, Hanzen-Martel Lecture Series, Rice University (Houston,
Texas), February 2008.

Talk, Alumni College Weekend, Rice University (Houston, Texas),
February 2008.
Talk, Google (Mountain View, California), December 2007.
59. Dan S. Wallach, Real-world Electronic Voting, National Lawyers
Council: National Leadership Convention (Washington, D.C.),
November 2007.
60. Dan S. Wallach, Real-world Electronic Voting, Claim Democracy
Conference (Washington, D.C.), November 2007.
61. Dan S. Wallach, Testimony Before the Tennessee Advisory
Commission on Intergovernmental Relations (Nashville, Tennessee),
September 2007.
62. Dan S. Wallach and J. Alex Halderman, Results from the California
Top-to-Bottom Voting Systems Review, Presentation at Schloss
Dagstuhl's Frontiers of Electronic Voting (Wadern, Germany),
August 2007.
63. Michael E. Clark, Joseph E. Savage, Peter Toren, and Dan S.
Wallach, Trade Secret and Confidential Information, Panel at the
ABA National Institute on Computing and the Law (San Francisco,
California), June 2007.
64. Dan S. Wallach, Testimony Before the Senate Committee on Rules
and Administration, Hearing on Electronic Election
Reform (Washington, D.C.), February 2007.
65. Dan S. Wallach, Electronic Voting: Risks and Research, Institute for
Security Technology Studies Distinguished Speaker Series,
Dartmouth College (Hannover, New Hampshire), October 2006.
66. Dan S. Wallach, Electronic Voting: Risks and Research, Max
Planck Institute for Software Systems (Saarbrücken, Germany),
October 2006.
67. Dan S. Wallach, Electronic Voting: Risks and Research, , Chaire
Internationale en Sécurité Informatique, Institut Eurécom (Sophia
Antipolis, France), October 2006.
68. Dan S. Wallach, Electronic Voting: Risks and Research, University
of Texas at Austin (Austin, TX), September 2006.
69. Dan S. Wallach, The Risks of Electronic Voting, Election Protection
Summit (Washington, D.C.), June 2006.
70. Dan S. Wallach, Computer Security Education at Rice, Workshop
on Information Assurance Education (Houston, Texas), May 2006.
71. Dan S. Wallach, The Risks of Electronic Voting, Georgia Institute of

Technology (Atlanta, Georgia), March 2006.
72. Dan S. Wallach, Testimony for the California Senate Elections,
Reapportionment & Constitutional Amendments Committee (Menlo
Park, California), February 2006.
73. Elizabeth Hanshaw Winn and Dan S Wallach, Panel: Electronic
Voting Technology, First Annual Legislative and Public Policy
Conference, TSU Thurgood Marshall School of Law (Houston,
74. Paul Craft, Douglas Jones, John Kelsey, Ronald Rivest, Michael
Shamos, Dan Tokaji, Dan S. Wallach, Panel: Threat Discussion on
Trojan Horses, Backdoors, and Other Voting System Software-
Related Problems, NIST Workshop on Threats to Voting Systems
(Gaithersburg, Maryland), October 2005.
75. Dan S. Wallach, The Risks of Electronic Voting, Virginia Joint
Committee Studying Voting Equipment (Richmond, Virginia),
August 2005.
76. Dan S. Wallach, The Risks of Electronic Voting, Tarrant County
Democratic Party Meeting (Hurst, Texas), July 2005.
77. Dan S. Wallach, Electronic Voting Machine / Registration Systems,
Testimony for the Carter-Baker Commission on Federal Election
Reform (Houston, Texas), June 2005.
78. Dan S. Wallach, The Risks of Electronic Voting, NSF Workshop on
Cyberinfrastructure and the Social Sciences (Arlington, Virginia),
March 2005.
79. Dan S. Wallach, The Risks of Electronic Voting, CASSIS:
Construction and Analysis of Safe, Secure, and Interoperable Smart
Devices (Nice, France), March 2005.
80. Dan S. Wallach, The Risks of Electronic Voting, University of
Massachusetts, Amherst, Five Colleges Information Assurance
Lecture Series (Ahmerst, Massachusetts), December 2004.
81. Dan S. Wallach, The Risks of Electronic Voting, University of Iowa,
Department of Computer Science (Iowa City, Iowa), December
2004.
82. Dan S. Wallach, The Risks of Electronic Voting, CSI's 31st Annual
Computer Security Conference (Washington, D.C.), November
2004.
83. Hans Klein, Eugene Spafford, Donald Moynihan, Dan S. Wallach,
and Jim Reis, Panel: E-Voting Policies and Perils, Association for
Public Policy Analysis and Management (APPAM) (Atlanta,

Georgia), October 2004.
84. Dan S. Wallach, The Risks of Electronic Voting, Seventh Workshop
on Languages, Compilers, and Run-time Support for Scalable
Systems (Houston, Texas), October 2004.
85. Dan S. Wallach, The Risks of Electronic Voting, Symposium on the
2004 Presidential Election, John J. Marshall Law School (Chicago,
Illinois), October 2004.
86. Chris Bell, Dan S. Wallach, and Tony J. Servello III, Panel:
Electronic Voting, Science Café (Houston, Texas), October 2004.
87. Dan S. Wallach, The Risks of Electronic Voting, The Integrity of the
Electrion Process, U. of Toledo Law School (Toledo, Ohio),
October 2004.
88. Dan S. Wallach, The Risks of Electronic Voting, Princeton
University, Department of Computer Science (Princeton, New
Jersey), October 2004.
89. Dan S. Wallach, The Risks of Electronic Voting, DIMACS
Workshop on Cryptography: Theory Meets Practice (Piscataway,
New Jersey), October 2004.
90. Dan S. Wallach, Michael I. Shamos, Eugene Spafford, and Michael
E. Lavelle, Panel: Who Can Plug Into E-Voting Machines?, E-
lection 2004: Is E-Voting Ready for Prime Time?, John Marshall
Law School (Chicago, Illinois), October 2004.
91. Dan S. Wallach, Testimony for the NIST/EAC Technical Guidelines
Development Committee (Gaithersburg, Maryland), September
2004.
92. Dan S. Wallach, The Risks of Electronic Voting, DiverseWorks: The
Voting Machine (Houston, Texas), September 2004.
93. Dan S. Wallach, The Risks of Electronic Voting, Baker Institute
Forum on Electronic Voting (Houston, Texas), September 2004.
94. Dan S. Wallach, The Risks of Electronic Voting, League of Women
Voters General Meeting (Houston, Texas), September 2004.
95. Dan S. Wallach, The Risks of Electronic Voting, Simposio acerca de
Urnas Electrónicas para la Emisión del Voto Ciudadano (Mexico
City, Mexico), September 2004.
96. Dan S. Wallach, The Risks of Electronic Voting, Fermi National
Accelerator Lab (Batavia, Illinois), August 2004.
97. Dan S. Wallach, The Risks of Electronic Voting, TrueMajority
"National Day of Action" (Austin, Texas), July 2004.
98. Dan S. Wallach, The Risks of Electronic Voting, 10th Annual

County and District Clerks' Association of Texas Conference (Lake
Conroe, Texas), June 2004.
99. Dan S. Wallach, The Risks of Electronic Voting, Texas State
Democratic Party Convention, Progressive Populist Caucus
(Houston, Texas), June 2004.
100. Dan S. Wallach, Hack-a-Vote: Demonstrating Security Issues
with Electronic Voting Machines, DIMACS Workshop on
Electronic Voting - Theory and Practice (Piscataway, New Jersey),
May 2004.
101. Dan S. Wallach, Testimony for the Texas Senate Committee
on State Affairs (Austin, Texas), May 2004.
102. Josh Benaloh, Dana DeBeauvoir, and Dan S. Wallach. Panel:
Electronic Voting Security, IEEE Symposium on Security and
Privacy (Oakland, California), May 2004.
103. Dan S. Wallach, The Risks of Electronic Voting, Harris County
Democrats (Houston, Texas), April 2004.
104. Dan S. Wallach, The Risks of Electronic Voting, North
Brazoria County Democrats (Pearland, Texas), April 2004.
105. Dana DeBeauvoir, Ann McGeehan, Dan S. Wallach, Panel on
the Security of Electronic Voting, League of Women Voters (Austin,
Texas), April 2004.
106. Dan S. Wallach, The Risks of Electronic Voting, Guest lecture
in "Texas Political Parties and Elections" (Government 335N,
University of Texas, Austin), March 2004.
107. Dan S. Wallach, Testimony for the Texas House Elections
Committee (Austin, Texas), March 2004.
108. Dan S. Wallach, The Risks of Electronic Voting, Bell County
Republican Convention (Belton, Texas), March 2004.
109. Dan S. Wallach, Testimony for the Ohio Joint Committee on
Ballot Security (Columbus, Ohio), March 2004.
110. Dan S. Wallach, The Risks of Electronic Voting, Houston
Peace Forum (First Unitarian Universalist Church, Houston, Texas),
March 2004.
111. Ben Cohen and Dan S. Wallach, TrueMajority Press
Event (Washington, D.C.) February, 2004.
112. Dan S. Wallach, The Risks of Electronic Voting, European
Commision eDemocracy Seminar (Brussels, Belgium), February,
2004.
113. Dana DeBeauvoir, Dan S. Wallach, Ann McGeehan, Bill

Stotesbery, Adina Levin, Electronic Voting: Benefits & Risks, First
Unitarian Universalist Church of Austin (panel co-sponsored by
Travis County Green Party and Austin Democracy Coalition)
(Austin, Texas), January 2004.
114. Dan S. Wallach, The Risks of Electronic Voting, Texas
IMPACT / United Methodist Women (Austin, Texas), January 2004.
115. Dan S. Wallach, The Risks of Electronic Voting, River Oaks
Democratic Women (Houston, Texas), January 2004.
Michigan, Department of Computer Science (Ann Arbor,
Michigan), January 2004.
117. Dan S. Wallach, The Risks of Electronic Voting, EFF-Austin
Policy Roundtable (Austin, Texas), December 2003.
118. Dan S. Wallach, O.S. Security Semantics for Language-based
Systems, Katholieke Universiteit Leuven (Leuven, Belgium),
December 2003.
119. Dan S. Wallach, O.S. Security Semantics for Language-based
Systems, Belgium Java User's Group: JavaPolis (Antwerp, Belgium),
December 2003.
120. Dan S. Wallach, The Risks of Electronic Voting, Austin
Pastoral Center (Austin, Texas), November 2003.
121. Dan S. Wallach, Peer-to-Peer Security, Cornell University,
Department of Computer Science (Ithaca, New York), November
2003.
122. Dan S. Wallach, The Risks of Electronic Voting, Duke
University, Department of Computer Science (Durham, North
Carolina), October 2003.
Arizona, Department of Computer Science (Tucson, Arizona),
September 2003.
124. Dan S. Wallach, Peer-to-Peer Security, UW/MSR/CMU
Software Security Summer Institute (Stevenson, Washington), June
2003.
125. Dan S. Wallach, Peer-to-Peer Security, Stanford University,
Department of Computer Science (Stanford, California), May 2003.
126. Dan S. Wallach, Adventures in Copy Protection Research, The
Hockaday School (Dallas, Texas), April 2003.
127. Dan S. Wallach, Adventures in Copy Protection Research,

Formal Techniques for Networked and Distributed Systems
(Houston, Texas), November 2002.
128. Dan S. Wallach, Peer-to-Peer Security, Oregon Graduate
Institute (Portland, Oregon), March 2002.
129. Dan S. Wallach, Mobile Code Security Through Program
Transformations, Mathematical Foundations of Programming
Semantics (New Orleans, Louisiana), March 2002.
130. Dan S. Wallach, The Risks of E-Voting Machines, Bay Area
New Democrats (Houston, Texas), November 2001.
131. Dan S. Wallach, Testimony before the Houston City Council
on the risks of electronic voting systems, July 2001.
Open Group Meeting (Austin, Texas), July 2001.
Houston Copyright Town Hall Meeting (Houston, Texas), April,
2001.
Transformations, U.C. Berkeley (Berkeley, California), March
2001.
Transformations, University of Texas (Austin, Texas), November
2000.
Transformations, International Workshop on Mobile Objects/Code
and Security (Tokyo, Japan), October 2000.
137. Dan S. Wallach and John DeRose, The Security of
My.MP3.com and Other ``Beaming'' Technologies, MP3
Summit (San Diego, California), June 2000.
138. Dan S. Wallach, An Overview of Computer Security, Law
Practice Management Section of the Houston Bar Association
(Houston, Texas), May 2000.
139. - Wallach has also spoken to visiting groups of high school
students via a Rice outreach program organized by Jen Overton.
Advisees Completed PhDs:
Theodore Book (Square)
Scott Crosby (Two Sigma)
Mike Dietz (Google)
Judson Dressler (USAF)
Eyal de Lara (University of Toronto) (Prof. Willy Zwaenepoel was de

Lara's advisor of record)
Tsuen Wan "Johnny" Ngan (Google)
Seth Nielson (Crimson Vista)
Adam Pridgen (Visa International)
Algis Rudys (Google)
Daniel Sandler (Google)
Anhei Shu (Google)
Rima Tanash (Amazon)
Completed Postdocs:
Murat Moran (Giresun University, Turkey)
Peiyou Song (Google)
Completed Masters:
Anwis Das (Google)
Ersin Öksüzoğlu (Intel)
Shashi Shekhar (Google)
Ping Tao (TI)
Current graduate & post-doctoral researcher collaborators:
Bumjin Im
Jaeho Lee
Jonathan Sharman
Daniel Song
Consulting Private Consulting:

SRI International (June 2016, May-July 2018, computer security
research)
Solve Media (March 2012, security architecture review)
Authus (May 2009, security architecture review)
State of California (Summer 2007, "Top to Bottom" Voting System
Review)
AT&T Research (Fall 2001, collaborating with Avi Rubin on security
research)
GalleryFurniture (August 2001, post-attack web site audit and reinstall)
Curl (December 2000, security architecture review)
Quaadros Technologies (October 2000, design review)
Cloakware (September 2000 and August 2001, design review)
Coral Technologies (December 1999, security audit)
MetaCreations (March 2000, security audit)
CenterPoint Ventures (occasional, technical evaluations of startups)

Rho Ventures (occasional, technical evaluations of startups)
Legal Consulting (Election-related):
Secretary of Labor vs. Association of Professional Flight Attendants
(June 2017, expert for plaintiffs)
Secretary of Labor vs. Allied Pilots Association (September 2015, expert
for plaintiffs)
Jennings v. Buchanan (November 2006, expert for plaintiffs)
Conroy et al. v. Dennis (Colorado Sec. of State) (September 2006, expert
for plaintiffs)
Santana et al. v. Williams (Texas Sec. of State) and DeBeauvoir (Travis
County Clerk) (July 2006, expert for plaintiffs)
Taylor et al. v. Cortés (Pennsylvania Sec. of Commonwealth) (April
2006, expert for plaintiffs)
Bruni v. Valdes and Benavides (April 2006, expert for Bruni)
Flores v. Lopez (April 2006, expert for Flores)
ACLU v. Connor (Texas Sec. of State) (February 2005, expert for the
ACLU)
Legal Consulting (Other):
Federal Trade Commission (July 2013)
Eolas v. Perot Systems (March 2011, expert for Perot Systems)
Bedrock v. Google (November 2010, consultant for Google)
TiVo v. AT&T (June 2010, expert for AT&T)
Finjan v. Secure Computing (August 2007, expert for Secure
Computing)
Autobytel v. Dealix (May 2005, expert for Dealix)
Soverain v. Amazon.com (April 2005, expert for Amazon.com)
Uniloc v. Microsoft (November 2004, expert witness for Microsoft)
Nash v. Microsoft (May 2004, expert witness for Microsoft)
Recruitsoft v. Hire.com (August 2003, expert witness for Hire.com)
DirecTV v. NDS (April 2003, expert witness for DirecTV)
RIAA v. MP3.com (February 2000, wrote declaration for MP3.com)
Employment Rice University, Professor, Department of Computer Science, beginning

History October 1998. (Promoted from assistant professor in May 2005; promoted from
associate professor in 2012.)
1/07 - 12/07 Stanford University, Department of Computer Science, visiting professor
/ SRI Computer Science Laboratory, visiting researcher
9/93 - 10/98 Princeton University, Graduate student, Department of Computer Science.
Supported by grants from NSF, Sun Microsystems, Intel, Microsoft, and others.
6/97 - 8/97 Netscape Communications Corporation, Mountain View, California.
Integrated Java with SSL. Audited the CORBA and RMI implementations for
security bugs. Wrote a CORBA demonstration (a chat server).
6/96 - 8/96 Netscape Communications Corporation, Mountain View, California.
Designed and implemented a privilege-based security mechanism and user
interface to enable digitally-signed Java applets. Participated in design reviews
of several Netscape and JavaSoft technologies.
6/95 - 8/95 Microsoft Corporation, Redmond, Washington.
Wrote a converter from Softimage to a RenderMorphics-based system (V-
Chat). Designed and implemented a polygonal model compression system for
virtual reality applications.
6/94 - 8/94 David Sarnoff Research Center, Princeton, New Jersey.
Wrote a microcode-level simulator for parallel video processing engine. Wrote
design documents for the client side of a future video-on-demand system.
6/93 - 8/93 Berkeley Systems, Berkeley, California.
Ported a screen-reading system (allowing blind people to use graphical user
interfaces) from Microsoft Windows to X.
9/92 - 6/93 U.C. Berkeley, Research Assistant for Dr. Larry Rowe.
Implemented parts of a MPEG-1 video encoder. Wrote the audio support for a
real-time distributed media-on-demand system.
Exhibit B
FBI detects breaches against two state voter systems
Dustin Volz, Jim Finkle
WASHINGTON (Reuters) - The Federal Bureau of Investigation has found

breaches in Illinois and Arizona’s voter registration databases and is urging states
to increase computer security ahead of the Nov. 8 presidential election, according
to a U.S. official familiar with the probe.
The official, speaking on condition of anonymity, said on Monday that

investigators were also seeking evidence of whether other states may have been
targeted.
The FBI warning in an Aug. 18 flash alert from the agency’s Cyber Division did
not identify the intruders or the two states targeted.
Reuters obtained a copy of the document after Yahoo News first reported the story
Monday.
Accessing information in a voter database, much of which is publicly accessible,

does not necessarily suggest an effort to manipulate the votes themselves. When
registering, voters typically provide their names, home addresses, driver’s license
or identification numbers, and party affiliations.
But U.S. intelligence officials have become increasingly worried that hackers
sponsored by Russia or other countries may attempt to disrupt the presidential
election.
Officials and cyber security experts say recent breaches at the Democratic National
Committee and elsewhere in the Democratic Party were likely carried out by
people within the Russian government. Kremlin officials have denied that.
An FBI spokeswoman would not comment on the alerts but said the agency
“routinely advises” on “various cyber threat indicators observed during the course
of our investigations.”
The intrusions come amid repeated unsubstantiated claims by Republican

presidential candidate Donald Trump that the U.S. election system is “rigged.”
Trump has cited emails leaked from the DNC that indicated the party leadership
favored Hillary Clinton over rival candidate Bernie Sanders as reason to cast doubt
on the electoral process in general.
‘LARGER ATTACK’?
David Kennedy, chief executive officer of information security consulting

company TrustedSec, said the attacks referenced in the FBI alert appeared to be
largely exploratory and not especially sophisticated.
“It could be a precursor to a larger attack,” he added.
Citing a state election board official, Yahoo News said the Illinois voter
registration system was shut down for 10 days in late July after hackers
downloaded personal data on up to 200,000 voters.
Dems see mixed results in governor races
State voter systems are often targeted by hackers, and 200,000 is a relatively small
number compared to other recent incidents. An independent computer security
researcher uncovered in December of last year a database on 191 million voters
that was exposed on the open Internet due to an incorrect configuration.
The Arizona attack was more limited and involved introducing malicious software
into one state employee’s computer, said Matt Roberts, communications director
for the Arizona secretary of state’s office.
That office publicly reported a cyber incident in June after being contacted by the
FBI, which led to it temporarily shutting down its election site to deal with the
potential threat.
Roberts said he was uncertain if the FBI advisory was in reference to that same
June incident, during which investigators found no evidence of any data
exfiltration. In that episode, the FBI told Arizona officials the hackers were
believed to be Russian and described it as an “eight out of 10” on a threat severity

scale, Roberts said.
Arizona will hold Republican and Democratic primaries for congressional races on
Tuesday.
Exhibit C
KEMP’S AGGRESSIVE GAMBIT TO DISTRACT FROM ELECTION

SECURITY CRISIS
When Georgia Democrats were alerted to what they believe to be major

vulnerabilities in the state’s voter registration system Saturday, they contacted
computer security experts who verified the problems. They then notified Secretary
of State Brian Kemp’s lawyers and national intelligence officials in the hope of
getting the problems fixed.
Instead of addressing the security issues, Kemp’s office put out a statement Sunday
saying he had opened an investigation that targets the Democrats for hacking.
Kemp’s statement has become top news nationwide, but the context and
background have yet to be reported — so we are providing it below.
The Backstory and Detail
By the time Democrats reached out to the experts, Kemp’s office and the Federal
Bureau of Investigation had already been alerted to the problem on Saturday
morning by David Cross of the Morrison Foerster law firm. Cross is an attorney for
one of the plaintiffs in a lawsuit against Kemp and other elections officials
concerning cyber weaknesses in Georgia’s election system.
A man who claims to be a Georgia resident said he stumbled upon files in his My
Voter Page on the secretary of state’s website. He realized the files were
accessible. That man then reached out to one of Cross’s clients, who then put the
source and Cross in touch on Friday.
The next morning, Cross called John Salter, a lawyer who represents Kemp and the
secretary of state’s office. Cross also notified the FBI.
WhoWhatWhy, which exclusively reported on these vulnerabilities Sunday

morning, had consulted with five computer security experts on Saturday to verify
the seriousness of the situation. They confirmed that these security gaps would
allow even a low-skilled hacker to compromise Georgia’s voter registration system
and, in turn, the election itself. It is not known how long these vulnerabilities have
existed or whether they have been exploited.
Just before noon on Saturday, a third party provided WhoWhatWhy with an email
and document sent from the Democratic Party of Georgia to election security
experts that highlighted these potential vulnerabilities within the state’s My Voter
Page and online voter registration system.
According to the document, it would not be difficult for almost anyone with
minimal computer expertise to access millions of voters’ private information and
potentially make changes to their registrations — including canceling them.
In this election and during the primaries, voters have reported not showing up in
the poll books, being assigned to the wrong precinct, and being issued the wrong
ballot.
All of that could be explained by a bad actor changing voter registration data.
In the email that sparked this controversy, Sara Tindall Ghazal, the voter protection
director for the Democratic Party of Georgia, alerted two computer experts of a
potential problem that she said might constitute a “massive
vulnerability.” WhoWhatWhy is not publishing the document describing the
problem, as it provides a roadmap to exploiting the security weaknesses.
None of the cyber security experts WhoWhatWhy then contacted tested the
vulnerabilities described, downloaded any files, altered any data, or searched the
My Voter Page by altering the website address.
All five noted that testing these vulnerabilities without permission would be illegal.
Instead, several logged onto the My Voter Page to look at the code used to build
the site — something any Georgian voter could do with a little instruction — and
confirmed the voter registration system’s vulnerabilities.
They then alerted a national intelligence agency and reached out to the Coalition
for Good Governance, an election security advocacy group that has sued
Georgia multiple times over the vulnerability of its systems.
Bruce Brown, a lawyer for the group, then reached out to Kemp’s attorneys to alert
them of the problem. At 7:03 PM Saturday night, he emailed John Salter and Roy
Barnes, former governor of Georgia, in their capacities as counsel to Secretary of
State Kemp, to notify them of the serious potential cyber vulnerability in the
registration files that had been discovered without any hacking at all, and that
national intelligence officials had already been notified.
WhoWhatWhy published its first story on the subject shortly after 6:00 AM Sunday
morning.
Instead of addressing the problem, however, Kemp put out the statement an hour
later saying his office has launched a hacking investigation.
“While we cannot comment on the specifics of an ongoing investigation, I can

confirm that the Democratic Party of Georgia is under investigation for possible
cyber crimes,” press secretary Candice Broce stated. “We can also confirm that no
personal data was breached and our system remains secure.”
Kemp’s office is being disingenuous, Brown asserted.
“We have seen, unfortunately, that we were too correct in our allegations and
Judge [Amy] Totenberg was too prescient in her concerns about the system,”
Brown said. “That Kemp would turn this around and blame other people for his
failures is reflective of his complete failure as Secretary of State.”
Judge Totenberg had recently ruled that there was not enough time for Georgia to
switch to paper ballots — widely seen as a more secure voting method — but
expressed grave concerns over the security of the state’s elections.
“What is particularly outrageous about this, is that I gave this information in

confidence to Kemp’s lawyers so that something could be done about it without
exposing the vulnerability to the public,” Brown told WhoWhatWhy. “Putting his
own political agenda over the security of the election, Kemp is ignoring his
responsibility to the people of Georgia.”
It is not clear what impact — if any — the vulnerabilities identified will have on
Tuesday’s elections, or how they might have affected early voting. Voters should
still go to the polls and, if they are encountering problems, ask to cast a provisional
ballot as is their right.
The computer security experts with whom WhoWhatWhy spoke were all baffled by
what they found when they reviewed the problem.
“For such an easy and low hanging vulnerability to exist, it gives me zero
confidence in the capabilities of the system administrator, software developer, and
the data custodian,” Kris Constable, who runs a privacy law and data security
consulting firm, told WhoWhatWhy. “They should not be trusted with personally
identifiable information again. They have shown incompetence in proper privacy-
protecting data custodian capabilities.”
As Secretary of State, Kemp is the data custodian, meaning he is responsible for

the security of voter information. The system administrator works for Kemp and
the software developer is a private contractor hired by Kemp’s office.
Kemp is also the Republican candidate for governor in Tuesday’s election, where
he is locked in a close race with Democrat Stacey Abrams.
The first vulnerability identified in the email is on the My Voter Page, where
voters can check their registration, the status of their mail-in or provisional ballots,
or change their voter information. After following a commonly used link, one
arrives at a page that is not secure. To view any file on the server that runs the My
Voter Page nothing more is needed than typing any file name into the web
browser, the experts said.
In addition to documents, files include things like network configuration files,

cryptographic keys, and possibly even code that could be used to break into the
server.
Because it would be illegal to explore what is available on the site, the extent of the
vulnerability is still not known.
“Holy shit,” Duncan Buell told WhoWhatWhy when he logged onto the website.
“Presumably, you could just hit the backspace button on the file, put in a new file
name, and it would let you download that.”
Even if someone didn’t know the name of the document they were trying to access,
they could instead find it by writing a code to probe the My Voter Page, said Buell,
a computer science professor at the University of South Carolina and elections and
voting technology expert.
The second vulnerability described in the email is found in the state’s online voter
registration system.
In the code of the website — which anybody can access using their internet
browser — there is a series of numbers that represent voters in a county. By
changing a number in the web browser’s interface and then changing the county, it
appears that anybody could download every single Georgia voter’s personally
identifiable information and possibly modify voter data en masse.
In addition, voter history, absentee voting, and early voting data are all public
record on the secretary of state’s website. If a bad actor wanted to target a certain
voting group, all of the information needed is available for download.
“It’s so juvenile from an information security perspective that it’s crazy this is part
of a live system,” Constable said.
What’s more, there don’t seem to be any security measures that could detect these
changes or trace them back to a source, according to several of the experts.
Worse yet, a bad actor could easily pretend to be someone else, according to
Constable. “In theory you could copy and paste that session ID or cookie — that
unique string — and put it in your browser to emulate that person,” Constable said.
“So not only could you access that person’s information and act as that person, you
could then make changes under that person’s identity.”
Changes to voter registration information could create chaos on Election Day: long
lines to vote, voters going to the wrong precinct, voters being given the wrong
ballot, or not showing up on the polls at all.
Georgia may not be alone. These security flaws may well exist in other states.
A Connecticut-based private contractor, PCC Technologies Inc., has contracts to

manage voter registration systems for Georgia and 14 other states. PCC also runs
online voter registration for six of them, including Georgia. If these vulnerabilities
exist in Georgia, they could also be present in other states where PCC operates.
Matt Bernhard, a Ph.D. student in computer science at the University of Michigan

focusing on voting technology, found that personally identifiable information
could also be accessed through North Carolina’s voter page, which PCC also
manages.
As Georgia’s system has not been audited — if it had, these problems would have
been found and fixed, presumably — there are likely other vulnerabilities that
could impact the midterm election, according to Constable.
PCC also runs the ElectioNet system, which is used by every county in Georgia to
manage the state’s voter rolls. If voter registration data was changed, it would
show up in the ElectioNet system. In a declaration as part of a recent lawsuit
against the state, Colin McRae, chair of the Chatham County Board of Registrars,
disclosed that the ElectioNetsystem is also responsible for populating the data in
the pollbooks of every state.
The pollbooks are used to encode the voters’ yellow access cards on Election Day.
Those cards have voters’ ballot style numbers, which are then brought up by the
voting machine. The connection between ElectioNet and the pollbooks draws a
straight line between how security gaps on the My Voter Page and voter
registration site could impact the election, including giving voters the wrong
ballots or removing them from the rolls.
If the assessment of these vulnerabilities is accurate, it would be the fourth time in

as many years that the private information of every voter in Georgia, as well as
other information related to voting, has been exposed.
In 2015, an employee at the secretary of state’s office sent out personally

identifiable information to 12 news media and political party organizations.
At the time, Kemp said that “all 12 discs have been recovered or confirmed they
were destroyed by the recipients. I am confident that all voter information is secure
and safe.”
The press release also said that Kemp was “in the process of engaging Ernst &
Young, a top professional services firm with specialization in IT security, to
conduct a thorough, top to bottom review of our IT policies and procedures.”
In August, 2016, computer researcher Logan Lamb, formerly of Oak Ridge

National Laboratory, was able to access Georgia’s entire voter registration
database, including all personally identifiable information. The system was not
password protected and was vulnerable to being rewritten. He notified the state of
the problem.
Then in February, 2017, Christopher Grayson — a Los Angeles-based security

engineer — and Lamb found that the problem had not been fixed and that the same
information was still unprotected.
The Coalition for Good Governance sued Kemp in July of 2017 in an attempt to
replace the electronic voting system with paper ballots and to secure the electronic
poll books, citing the previous security breaches.
Kemp is also the Republican candidate for governor, running against Democrat
Stacey Abrams. Kemp has ignored calls to step down as secretary of state — most
recently by former President Jimmy Carter — opting instead to both run the
election and be a participant.
In a statement made to NPR’s Atlanta affiliate WABE in July of this year, a

spokesperson for the secretary of state said, “There has never been a breach in the
Secretary of State’s office. We have never been hacked, and according to President
Trump and the Department Of Homeland Security, we have never been targeted.
Georgia has secure, accessible, and fair elections because Kemp has leveraged
private sector solutions for robust cyber security, well before any of those options
were offered by the federal government.”
According to three experts who reviewed the security features of the My Voter
Page and voter registration website — not just its vulnerabilities — Kemp would
have no way of knowing if the site had ever been hacked or by whom. PCC, the
private-sector company responsible for managing Georgia’s voter registration and
online voter registration systems, seems to be at fault for the poorly designed site.
“Not only could anybody in the world access it, but there’s not even any indication
that there are protections built in to detect an intrusion, otherwise this would have
been discovered and corrected already,” Constable said.
Harri Hursti, a world-renowned data security expert who has studied election
cybersecurity in five countries, including the US, is familiar with a different
weakness in Georgia’s voting infrastructure. In a series of tests that became known
as the “Hursti Hacks,” the researcher hacked the Diebold voting system — the
same type of voting machines used in Georgia.
But even he was stunned by the vulnerabilities in Georgia’s My Voter Page and
voter registration system.
“This is the equivalent of having the bank safe door open,” Hursti said. “And while
it’s open, you have the bank safe code posted on the door. People who have built
this have no idea what they’re doing.”
Exhibit D
Serious Vulnerabilities in Georgia’s Online Voter Registration System
Yesterday afternoon, Marilyn Marks sent an email thread to me and several other
election security experts. The email was seeking to confirm two serious
vulnerabilities in Georgia’s online voter registration system. It contained a
technical description of the problems, apparently reported by a party volunteer.
Without exploiting the vulnerabilities, I confirmed that the description appeared to
be technically accurate, and that the problems were very serious. Around 7 PM
yesterday, the information was reported to the Georgia Secretary of State by Bruce
Brown, an attorney for the plaintiffs in Curling v. Kemp, in which I am serving as a
technical expert.
The first vulnerability lets users access and change other voters’ records. The Voter
Registration server has a trivial “URL manipulation” vulnerability that allows any
logged-in voter to access other voters’ registration pages (here’s an explainer for
URL manipulation).These pages contain sensitive personally identifiable
information, including the voter’s address and date of birth. The initial technical
description also indicated that driver’s license information and the last four digits
of a voter’s social security number were available through this vulnerability, but I
could not confirm that without exploiting the vulnerability. With this information,
an attacker can log into Georgia’s online voter registration system as that other
voter and change their registration information. In the worst case, an attacker could
automate this process to change the registrations of many voters, resulting in their
not being able to vote on election day.
The second vulnerability is a “URL manipulation” vulnerability in the My Voter

Page server. An incorrectly implemented function allows anyone to read arbitrary
files from the server’s internal filesystem, simply by changing a URL. This
exposes sensitive information — including the server-side application program
files, as well as system and network configuration files — that would help an
attacker break farther into the server, and potentially into other parts of the voter
registration computer systems.
Georgia’s voter registration is handled by a system called ElectioNet, a voter

registration suite that is sold by PCC Technologies. ElectioNet is used in 15 states
for voter registration functions, and the issues with Georgia’s system may also
apply to those states. PCC also produces software for other election functions,
including for election-night reporting, and that software should be carefully
scrutinized.
The State of Georgia, other affected states, and PCC Technologies need to take
action immediately to remedy these vulnerabilities and assess whether voter
registration records have already been changed.
Exhibit E
Case 1:18-cv-04789-LMM Document 37-1 Filed 10/28/18 Page 1 of 12
Exhibit F
Brian Kemp declares victory in Georgia governor race as Stacey Abrams

waits for results
ATLANTA – Republican Brian Kemp has declared victory in the Georgia

governor’s race with election results showing him with a narrow lead over
Democrat Stacey Abrams and all but a few precincts reporting complete results.
But the Abrams campaign said Wednesday it would not concede and hopes that
thousands of absentee and provisional ballots yet to be counted contained enough
votes to force a runoff election or recount.
A spokesman for the Kemp campaign said in a statement Wednesday evening that
with Kemp ahead 64,000 votes, outstanding provisional and overseas ballots would
not make a difference.
“Simply put, it is mathematically impossible for Stacey Abrams to win or force a

run-off election,” Kemp spokesman Cody Hall said in a statement. "Peach State
voters made a clear decision at the ballot box. Brian Kemp will now begin his
transition as governor-elect of Georgia. He will work every day to keep our state
moving in the right direction."
Kemp holds a two-point lead over Abrams with all precincts

reporting. Abrams' hope was to close the gap by some 15,000 votes, enough to
deny Kemp an outright majority and force a head-to-head runoff on Dec. 4.
Abrams campaign manager Lauren Groh-Wargo said Wednesday evening the

campaign was working to ensure every vote was counted, even if that leads to a
lawsuit.
"We know our opponent has had the secretary of state's office declare he is the
winner. We are here to say we don't accept that," she said, adding the campaign
was examining "every option" to ensure the race was fair.
Groh-Wargo said while the secretary of state has released numbers, the campaign
has asked for the proof behind the data and received silence from the office, which
Kemp heads.
She called his overseeing of the election a "conflict of interest" and said Kemp was
using his position as secretary of state as "an arm of his campaign apparatus."
Groh-Wargo said they were blindsided by Kemp's claim of victory when she says
there are at least 25,000 provisional and mail-in ballots remain uncounted. They
said they were unsure of how many absentee ballots remain but the Georgia
Secretary of State’s Office said Wednesday afternoon that less than 3,000 “non-
provisional” ballots were outstanding.
Clarke, Fulton, Hall and Gwinnett counties completed their absentee ballot
tabulations today. Cobb and Chatham were expected to also finish their counts by
the end of the day.
According to the statement, county officials reported less than 22,000 provisional
ballots cast statewide.
Provisional ballots must be verified by Friday. All counties in Georgia are required
to certify their election results by 5 p.m. Tuesday.
Poll watchers reported problems and irregularities at several sites. A Fulton County
judge ordered hours extended at some polling places Tuesday to give voters who
might have been affected more opportunity to cast ballots.
Groh-Wargo said there has been confusion in DeKalb County over how to count
provisional ballots because they haven't been tabulated in prior elections.
And she said Hurricane Michael, which caused mail to Dougherty County to be
rerouted through Tallahassee, Florida, could have delayed some absentee ballots.
Craig Albert, a political scientist at Augusta University, said the chance the
outstanding ballots would close the gap was slim.
“I think it’s mathematically possible,” he said. “But it doesn’t seem probable that
that’s going to happen. Everything would have to happen perfectly in her way for
this to occur right now.”
Groh-Wargo said Abrams will not concede the race until every vote is tallied.
"We feel that Georgia voters deserve to have those votes counted," Groh-Wargo
told reporters on Wednesday.
In one of the nation's highest-profile gubernatorial elections this year,

the candidates are competing to succeed Republican Gov. Nathan Deal. Deal has
reached his two-term limit.
Abrams, 44, a former state House minority leader, is trying to become the first
Democrat elected governor in Georgia in 20 years and the first black woman
governor in the nation.
Kemp, 55, Georgia's secretary of state, is trying to keep the office in Republican
hands.
With polls showing a tight race in the days before the election, President Donald
Trump and Vice President Mike Pence came to Georgia to rally for Kemp. Former
President Barack Obama and Oprah Winfrey appeared for Abrams.
Albert said Abrams was smart to stay in the race for now. No matter the final
result, he said, her performance exceeded expectations.
He called voter turnout this year "remarkable” for a midterm election.
The Abrams campaign released data Wednesday showing 3.9 million voters cast
ballots in the gubernatorial race. That was 56 percent more than the 2.5 million
who voted in 2014.
As secretary of state, Kemp is Georgia's top election official.
Abrams and her supporters have accused Kemp and other Republicans
of attempting to suppress the Democratic vote.
Kemp's office on Sunday announced an investigation of the state Democratic Party

over an alleged hack of the state's voter registration system.
Both sides condemned a racist robocall that targeted Abrams and Winfrey.
A group of Georgia voters filed a lawsuit in U.S. District Court in Atlanta on

Tuesday seeking to stop Kemp from presiding over the election.
Groh-Wargo said the fight for votes could last until the election is certified in each
county.
That typically happens on the Monday after an election. But it was unclear whether
that would be delayed by Veterans Day on Monday.

Common Cause Georgia v. Kemp - DECLARATION OF DAN S. WALLACH

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Common Cause Georgia v. Kemp - DECLARATION OF DAN S. WALLACH

Uploaded by

Copyright:

Available Formats

Case 1:18-cv-05102-AT Document 35 Filed 11/08/18 Page 1 of 57

IN THE UNITED STATES DISTRICT COURT

DECLARATION OF DAN S. WALLACH

I, Dan S. Wallach, declare as follows under penalty of perjury:

1. I submit this declaration in support of Plaintiff’s Emergency Motion for a

Temporary Restraining Order and Expedited Discovery.

2. I am an expert in computer security, with a particular focus on election

systems like electronic voting machines and voter registration systems. I am

currently employed as Professor of Computer Science at Rice University

(Houston, Texas). I also hold a courtesy appointment in the Electrical and

Computer Engineering department and I am a Rice Scholar at the Baker

Institute of Public Policy.

3. After graduating high school at J. J. Pearce (Richardson, Texas) in 1989, I

earned my BSEE/CS at the University of California, at Berkeley, in 1993,

and a MA and PhD at Princeton University in 1995 and 1999, respectively.

Associate Professor in 2005 and to Professor in 2012. In 2007, when I was

on sabbatical, I held joint appointments as a visiting professor at Stanford

University and as a visiting researcher at SRI International. Among other

awards and responsibilities, I was elected to the Board of Directors of the

USENIX Association (serving 2012-2013) and I also served on the Air

Force Science Advisory Board (2011-2015). A true and correct copy of my

full curriculum vitae, which includes a full list of my publications, is

attached hereto as Exhibit A.

4. I have also served as an expert witness in a number of election-related

lawsuits. Most recently, I worked on behalf of the Department of Labor in a

pair of lawsuits related to online voting by labor unions (Secretary of Labor

v. Allied Pilots Association (4:14-CV-997-0); and Secretary of Labor v.

Association of Professional Flight Attendants (4:16-CV-1057)). I also wrote

a declaration on behalf of Jill Stein’s recount efforts in 2016. I have also

given testimony to a number of government bodies concerning election

Technology Committee (September 2016) and the Texas Senate Select

Committee on Election Security (February 2018).

5. In my recent testimonies, both in Washington D.C. and Austin, Texas, I

considered our nation-state adversaries, including but not limited to Russia,

databases, typically maintained online, so therefore reachable by our

are well-understood to cyber threat actors. Every university computer

systems. While a defender must eliminate all possible attacks, an attacker

needs only find a single weakness, so it’s reasonable to expect these

weaknesses exist in our voter registration systems.

6. We can and should expect our adversaries to go after voter registration

systems, and there’s evidence of this already having happened in Arizona

describing the Federal Bureau of Investigation’s finding of breaches in

Illinois and Arizona’s voter registration databases in 2016, downloaded from

the Reuters’ website, is attached hereto as Exhibit B.

7. The partisan impacts are easy to envision. You can selectively

disenfranchise voters by deleting them from the database or otherwise

introducing errors. Political campaign managers use a variety of predictive

models for targeted mailings, get-out-the-vote campaigns, and so forth to

determine partisanship; we can expect adversaries to do the same.

8. Georgia offers an online web-based tool (“My Voter Page”, hereafter

“MVP”) for voters to verify their voter registration status. Recently, a

number of security experts have determined that MVP was improperly

engineered from a security perspective. News articles concerning these

and correct copy of a November 4, 2018 article describing security

vulnerabilities in MVP downloaded from the WhoWhatWhy website, is

attached hereto as Exhibit C.

9. One specific MVP vulnerability concerns “URL manipulation”, where an

requests to change their identifying number and successfully fetch data

belonging to other voters. A more serious version of this attack apparently

manipulations, themselves, are very simple and obvious; any “penetration

to repair. A true and correct copy of computer scientist Matt Bernhard’s

explanation of this vulnerability downloaded from Medium’s website, is

attached hereto as Exhibit D.

reviewed appear credible.