What are the needed improvements in DREs having properly engineered VVPR (VVPAT or VVPB)?
• NIST promoted the use of write-once-read-many electronic transfer media (such as CD-Rs) in place of flash memories when drafting the 2005 VVSG but was voted down by some of the older established vendors. There is no encryption technique the can mitigate the potential for insider tampering when read/write flash memories are used. • Voter verified paper ballots that are not linked to the respective electronic ballot images are meaningless in end-to-end auditing. This is critical in close races. Original VVPBs can be easily replaced with fake paper ballots. • An incomplete paper record error of 1% will cause the other 99% of the paper records useless if the election losing margin is within 1%. There is no way to prove or disprove whether the rest of the unlinked 99% is accurate. • Being able to change ballot images and tallies on flash memories makes tampering easy. It unavoidably creates confidence problems with the use of DREs without write-once-read-many electronic transfer media eve