Criticisms of the underlying hardware/software aside, my intuitive answer to the headline question is "because governments are buying them."<p>Perhaps the esteemed Senators should undertake a short naval-gazing exercise and ask <i>"how could there only be three major players in such a lucrative segment, each selling ancient hardware and crappy software products?"</i><p>I'm going to go out on a limb and guess at the answer to that question, and it likely shows those three companies as being the only ones with the patience and tenacity to get those models approved.<p>So Mr./Ms. Senator(s), I suggest you rephrase your question as follows: <i>"how can we simplify the procurement process to make sure we, the government, are receiving the greatest value for our expenditures?"</i>
Regardless of one's political leanings, it's frightening that only one of the two major American political parties is even feigning interest at fixing what is clearly a vulnerable system.<p>This shouldn't be a partisan issue, but it somehow continues to be.
They ALL have a known vulnerability. Works like this:<p>Pretend the machine is a person in a secure room only they are in, and only they know the contents of.<p>You approach a window, tell them your vote. They say it back and optionally hand you a piece of paper.<p>Then, in that room, they do whatever they want, and the final tally, winner of the election is determined by whatever they did in the room.<p>Voters have no chain of trust between their expression of intent, and the record used for the final tally. When voters make physical expressions, and those expressions are counted, voters know the election, on a basic level, can be trusted to reflect the collective intent of the people.<p>When they use electronics, they have no idea. They push a button, or mash a screen, and the display will tell them something and that something could be anything. They cannot know.<p>None of us can without forensic level examination of the machine. Even then, we can only verify function and infer a voter intent was correctly recorded and or used for the tally.<p>Secondly, should there be error, or controversy, the enduring record of voter intent both walked out of the building and or is a collection of grease smears on input devices.<p>Useless in a court of law.<p>The only way around this is to make vote records personally identifiable and basically use the systems for banking. (Who gets around this problem with multiple, redundant records created at the time of transaction)
I think it's pretty straightforward to understand: the buyer likely has little to no expertise in the important issues. This is not in any way a slur on election officials, simply the recognition of the (statistically) likely experience of someone who is a local election official.<p>In addition the way the question is structured by the senators isn't really fair either: if you have <i>n</i> bugs to fix before the ship date, you'll prioritize them and then ship (presumably) the best product you can by the immovable target date. That is also reality.<p>Though voting is a local matter the Federal Government has a constitutional interest (Article 1, Sections 4 and 5) in the elections to Congress and can mandate minimal standards for voting just as the DoT mandates minimum standards for automobiles. So they could require that whatever machines used are verifiable and non-repudiatable. They could also mandate <i>procedures</i> although those are harder to enforce. If States need to buy equipment suitable for congressional elections they'll presumably use the same equipment for all other elections too.
I suppose it's more politically expedient to blame the companies trying to rationally minimize cost rather than risk reprimanding and alienating state and local officials who sign contracts for voting machines without any sort of serious security, auditing or compliance provisions.<p>This sure does seem like grandstanding from these senators. Probably not unrelated to fallout from the Mueller report.