It’s one of the grandest experiments in American democracy since the invention of the paper ballot, and nobody seems to care. Many municipalities are now moving towards electronic voting, and the results are starting to trickle in. So far, things have not gone well. (In fact, things went so badly that Senate Democrats are trying to fund paper ballots as a back up.)
What are the big problems with electronic voting? Let us count:
1) The code that runs these touch-screen machines has never been vetted by independent computer security analysts.
2) On most machines, there is no way to determine whether or not the memory card which stores the votes has been tampered with. There’s also no way to determine if a machine has been programmed to change votes.
3) Diebold, the company responsible for almost all electronic voting machines, refuses to make the products available to independent researchers for study. This is for a simple reason: everytime a researcher gets their hands on one of these machines, they start to list all the serious problems with them.
The researchers [at Princeton, led by Edward Felten] demonstrated the machine’s vulnerability to an attack by means of code that can be introduced with a memory card. The program they devised does not tamper with the voting process. The machine records each vote as it should, and makes a backup copy, too.
Every 15 seconds or so, however, the rogue program checks the internal vote tallies, then adds and subtracts votes, as needed, to reach programmed targets; it also makes identical changes in the backup file. The alterations cannot be detected later because the total number of votes perfectly matches the total number of voters. At the end of the election day, the rogue program erases itself, leaving no trace.
But surely these voting machines have well protected memory cards? Diebold must have hid the guts of the machine behind a strong lock? Wrong. It turns out that a generic hotel minibar key can open these machines. Other researchers have shown that the lock was easily picked in less than 10 seconds.
But Diebold must be taking urgent steps to fix these problems, right? I mean, isn’t the security of American democracy at stake? Diebold is taking quick action, but it seems more focused on attacking the researchers who dare to criticize their crappy products.
At a computer security conference, the AccuVote’s anatomy was analyzed closely by a team: Aviel D. Rubin, a computer science professor at Johns Hopkins; two junior associates, Tadayoshi Kohno and Adam Stubblefield; and Dan S. Wallach, an associate professor in computer science at Rice. They described how the AccuVote software design rendered the machine vulnerable to manipulation by smart cards. They found that the standard protections to prevent alteration of the internal code were missing; they characterized the system as “far below even the most minimal security standards.”
Professor Rubin has just published a nontechnical memoir, “Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting” (Morgan Road Books), that describes how his quiet life was upended after he and his colleagues published their paper. He recalls in his book that Diebold’s lawyers sent each of the paper’s authors a letter threatening the possibility of legal action, warning them to “exercise caution” in interviews with the press lest they make a statement that would “appear designed to improperly impair and impede Diebold’s existing and future business.” Johns Hopkins rallied to his side, however, and the university’s president, William R. Brody, commended him for being on the case.
Simple steps can be taken to make electronic voting safe, easy and secure. Professor Rubin argues that touch screen voting should only be used to capture a voter’s intended choice, and that the ballot should be then printed out for visual inspection. Election officials can then use the slip to tally votes with an optical scanner made by a different manufacturer.
Unfortunately, these steps aren’t being taken in most precincts. This is frightening. Winning an election is clearly a valuable thing: hundreds of millions of dollars will be spent this year in the hope that certain candidates might win. While I’d like to believe that 99 percent of politicians would never interfere with the voting process, I do think that the worst-case scenario argues for action. Just imagine how devastating it would be if voters learned that there was widespread electoral fraud. Our democracy would suddenly seem very fragile indeed.
[Hat tip: Jay]