Avi Rubin

Avi Rubin – Life, Career, and Notable Quotes

Discover the life, work, and influence of Avi Rubin — the American computer scientist and cybersecurity expert renowned for exposing vulnerabilities in electronic voting systems and advocating for secure digital infrastructure.

Introduction

Aviel “Avi” David Rubin (born November 8, 1967) is a prominent American computer scientist and security researcher, best known for his work on systems security, Internet infrastructure, and especially for revealing vulnerabilities in electronic voting machines. He has served as a professor of computer science at Johns Hopkins University, technical director of the Information Security Institute, founder of security consultancies, and outspoken advocate for trustworthy digital systems.

In an age when “everything is connected,” from our phones to our medical devices to our electoral systems, Rubin’s career highlights both the promise and perils of digital technology. His efforts show how rigorous scrutiny, public engagement, and design with security in mind are essential for preserving trust in critical systems.

Early Life and Education

Avi Rubin was born on November 8, 1967. He completed his undergraduate studies at the University of Michigan, receiving a B.S. in Computer Science (Honors) in 1989. He then stayed at Michigan to earn a M.S.E. in Computer Science & Engineering in 1991, followed by a Ph.D. in Computer Science & Engineering in 1994.

Early in his training, Rubin also served as a teaching assistant in undergraduate and graduate courses, gaining experience in instruction and academic research during his doctoral years.

Career and Achievements

Early Research & Industry Experience

After completing his Ph.D., Rubin worked in both industry and research labs:

• He was part of Bellcore (in cryptography and network security research) during the early years after his doctorate.

• Later, he joined AT&T Labs, contributing to secure systems and network security research.

These roles sharpened his technical expertise in systems security, cryptographic protocols, and vulnerability analysis.

Academic Leadership & Positions

In 2003, Rubin joined Johns Hopkins University (JHU) as a faculty member. At JHU, he also became Technical Director of the Information Security Institute (ISI). Over time, he took on multiple roles: professor, research leader, director of research centers, and public advocate for secure systems.

He is also recognized more recently as Professor Emeritus at Johns Hopkins.

Election Security & Public Impact

One of Rubin’s most influential contributions is his public work on electronic voting security:

• He and collaborators exposed critical vulnerabilities in the AccuVote voting machines (formerly produced by Diebold / Premier Election Solutions), showing how these systems could be manipulated or compromised.

• These findings stirred debates about the reliability, auditability, and trustworthiness of electronic voting systems in the U.S.

• In 2006, Rubin published a public-facing book Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting, which detailed his experiences, the vulnerabilities he found, and the broader implications for democratic institutions.

Entrepreneurial & Consulting Work

Drawing on his technical, legal, and public policy experience, Rubin founded or co-founded several ventures:

• He co-founded Independent Security Evaluators, a security firm providing assessments, reviews, and research.

• In 2012, Rubin founded Harbor Labs, a consultancy for expert testimony, source code review, and forensic security analysis for legal and technical cases.

His dual roles—academic and practitioner—enable him to influence both theoretical progress in security and real-world accountability.

Broader Research & Focus Areas

Rubin’s research spans many areas of security, including:

• Network and systems security

• Applied cryptography

• Internet of Things (IoT) security

• Health / medical device security

• Secure infrastructure and resilience

He has also been active in public discourse, testimony before Congressional committees, speaking at conferences, and advocating for security standards.

Historical Milestones & Context

• Rubin’s work surfaced at a time when many institutions were increasingly digitizing critical systems (elections, health records, infrastructure), but without commensurate security scrutiny.

• His election security research came in the early 2000s, when many U.S. jurisdictions were transitioning from paper to electronic voting systems — a period of optimism about modernization, but also rising concern over trust.

• The public and policy reaction to his work helped catalyze reforms in voting machine certification, auditing requirements, and standards for election integrity.

• Over the past two decades, as devices have become networked (IoT), his security research has expanded to encompass not just standalone systems but interconnected networks of devices that touch daily life.

Legacy and Influence

Avi Rubin’s legacy lies in both scholarship and advocacy:

• He has raised awareness of the potential fragility of systems we take for granted (voting machines, connected devices), showing that vulnerabilities are not just theoretical but real and consequential.

• His work has helped shape policy debates around election auditing, transparency, certification standards, and the design of secure digital infrastructure.

• By bridging academic research, public communication, and legal consulting, he shows that security is not just a technical domain — it’s social, institutional, and political.

• Many researchers and practitioners in cybersecurity cite Rubin’s work as foundational, especially in secure systems design, threat modeling, and vulnerability disclosure.

Personality and Talents

From his public presence, writings, interviews, and professional roles, several traits of Rubin emerge:

• Intellectual rigor + curiosity: He approaches systems not just from convenience or feature, but with skepticism and attention to failure modes.

• Public-minded commitment: He is willing to speak truth to power — e.g. testifying, publishing critical findings, engaging public debates — even when it invites controversy.

• Communication skill: Rubin is adept at translating technical vulnerabilities into understandable narratives, which helps bridge the gap between experts, policymakers, and the public.

• Interdisciplinary perspective: He understands not only computer science but legal, institutional, and social dimensions of technology — essential in areas like election security.

• Balance of theory & practice: He doesn’t just write theory; he builds proofs-of-concept, analyzes real systems, and engages in applied security consulting.

Famous Quotes of Avi Rubin

Here are several representative quotes that capture Rubin’s concerns and style:

“It’s the concept of having a computer voting machine that bothers me, more so than the specific poor implementation that we have from Diebold.”

“In any election, it’s important that the public perceive that the election is held fairly.”

“People’s computers are not getting more secure. They're getting more infected with viruses. They're getting more under the control of malware.”

“My position hasn’t changed over the years. Which is that online voting is a very unsafe idea and a very bad idea and something I think no technological breakthrough I can foresee can ever change.”

“What we did is important because we proved that virtually all of the wireless networks used by companies and hospitals are completely open and offer no protection for the data on them.”

These quotes show Rubin’s recurring themes: vigilance over trust in digital systems, skepticism about the security of election infrastructure, and a broader wariness of connected systems without rigorous safeguards.

Lessons from Avi Rubin

1. Verify, don’t assume.
   Building a system—even one intended to improve democracy—requires testing, adversarial thinking, and skepticism about failure modes.

2. Transparency and auditability matter.
   Especially in systems affecting public trust (voting, health), the ability to audit and verify is as important as the technology itself.

3. Security is not optional.
   As society depends more on networked systems, security must be designed in from the start, not bolted on later.

4. Communicate to non-experts.
   Technical vulnerability is necessary but not sufficient; conveying risk in accessible terms is crucial for public and policy impact.

5. Responsibility across domains.
   True security demands collaboration across engineering, law, policy, and civil society — problems don’t live in silos.

Conclusion

Avi Rubin is a leading figure showing how computer science can intersect with civic responsibility, democracy, and public trust. His work on electronic voting systems challenged assumptions, exposed hidden risks, and pushed for better governance of digital infrastructure. As we increasingly delegate critical functions (health records, devices, voting, infrastructure) to software and networks, the principles Rubin has championed—transparency, auditability, skepticism, and rigorous design—are even more relevant today.