The reports of the characteristics of some voting machines and software and security are astonishing to me from my knowledge of being a programmer and systems analyst for forty years. I have experience on systems that process applications that are far less critical to the future of the US than federal voting.

I will propose some ordinary and possibly minimum standards and features of a mail-in voting system intended to be integral with a professional level of protections. The other details would be left to the state legislatures within the legal boundaries of the federal constitution. The only purpose of this list of criteria is to fulfill the stated, shared intention of the outcome of a valid, proper election process without helping or enabling cheating.

Here is a summary of characteristics of a Mail-In Vote Processing System designed to minimize fraud (cheating). I will add details and discussion later.


  • Unique Supervision and User Id’s Assigned to screened and registered individuals – never shared.
  • Id’s have levels of  permissions – System Id, Master ID, Auditor, Legal Liaison, Site Director, Site Shift Supervisor, Report access, Counter, Party A Observer , Party B Observer. etc. These delimit who is using access and transactions and the Party affiliation or other role and what can be allowed. Paired, linked monitor displays that are six feet separate are available to party observers and supervisors confined to a defined set of functions and views. Mandatory sign in for pairing workers and observers.
  • What is logged – basically everything. All actions and transactions are logged including history of changes, changes that are reversed, deletions – where allowed. The deletions are functional but the historical data is preserved – before and after. Nothing is really deleted. No working access to logs.
  • The log includes, ID, permission level,  Date, Time, Transaction Ident, history notes, etc. Limited mass transactions that effect more than one vote unless they are pre-defined batch level and the history log keeps the before and after state down to vote detail.
  • Since Mail-ins, both requested and voter-list mailout,  if returned, are tendered with Outer envelope – name, address, etc and another, inserted inner vote envelope with vote- choice information only. The two envelopes and its paper are separated permanently to protect identification of who voted for each election choice. Each paper should have a unique ID number one for the demographics paper and a different one for the vote paper.
  • The matching access between the two papers and their ID’s would be maintained – encrypted in an Auditor data base and not be available at the working level. Then  Names – address, demographics can also be encrypted to be a unique number so duplicates can be identified but name detail can not be read only seen as different information. Eg; a name and address  could be uniquely encrypted to 1234779123 and that combination of name and address will always come out to that number – this  can be searched for any repetition in the system that is a duplicate candidate  to be flagged. Similar combination but not exact combinations can be identifies as similar.
  • Low level AI and statistical audit – If fifty-three batches all had the same percentage for a candidate to four significant digits, that would be flagged.
  •  Other statistical test would be able to detect and flag generated data as opposed to individual votes – person by unrelated person.
  • Jovan Pulitzer is the expert who has the most patents on QR Code and other scan technology. He has proven that he can scan 100’s of thousands of ballots in a day and tell if the vote was never folded. These votes were never mailed in an envelope. They were printed separately only for voter fraud. The valid ballots have clear horizontal marks that show they were folded. These properties could be enhance to show the history of folding and other handling.
  • No internet access
  • Micro marks to prevent outside sources of ballots