“The system’s design is also fundamentally insecure. Even ignoring the TLS issues described above, the system suffers from a fundamental design flaw: it is not designed to produce evidence that the published votes are the accurately recorded and properly processed intentions of the voters. Undetectable failures could be due to bugs, hardware errors, operator errors, deliberate manipulation, insiders or supply chain attacks,” their paper said.