Ebay is full of used voting machines full of real electoral data and riddled with security defects

Back in 2012, Symantec researcher Bryan Varner bought some used US voting machines on Ebay and found them to be incredibly insecure and full of real, sensitive election data; in 2016, he did it again and things were even worse.

Voting machines are terrible in every way: the companies that make them lie like crazy about their security, insist on insecure designs, and produce machines that are so insecure that it's easier to hack a voting machine than it is to use it to vote.

Varner paid less than $100 each for two voting machines. Once he unscrewed the nonfunctional "tamper-proof screws," he found a Windows CE machine with open USB ports, still bearing their "property of" seals from the government entity that had sold them, filled with voter data. He was able to trivially backdoor them and points out that it would be easy for anyone to do this and then put the machines back on Ebay for sale to other voting authorities.

Varner places the blame for the woeful state of voting security with the states' insistence on autonomously administering their own elections rather than having a national set of security standards.

I recognize that states are fiercely protective of their rights. But theres an opportunity here to develop nationwide policies and security protocols that would govern how voting machines are secured. This could be accomplished with input from multiple sectors, in a process similar to the development of the NIST frameworknow widely recognized as one of the most comprehensive cybersecurity frameworks in use.