Weekend Question 1: When Is Someone Going to Recognize That E-Voting Is Everyone’s Problem?
Here we go again — More problems with e-voting machines (HT Techdirt; bold is mine):
Voting glitch said to be ‘dangerous’
By Ian Hoffman, STAFF WRITERElections officials in several states are scrambling to understand and limit the risk from a “dangerous” security hole found in Diebold Election Systems Inc.’s ATM-like touch-screen voting machines.
The hole is considered more worrisome than most security problems discovered on modern voting machines, such as weak encryption, easily pickable locks and use of the same, weak password nationwide.
Armed with a little basic knowledge of Diebold voting systems and a standard component available at any computer store, someone with a minute or two of access to a Diebold touch screen could load virtually any software into the machine and disable it, redistribute votes or alter its performance in myriad ways.
“This one is worse than any of the others I’ve seen. It’s more fundamental,” said Douglas Jones, a University of Iowa computer scientist and veteran voting-system examiner for the state of Iowa.
“In the other ones, we’ve been arguing about the security of the locks on the front door,” Jones said. “Now we find that there’s no back door. This is the kind of thing where if the states don’t get out in front of the hackers, there’s a real threat.”
The Argus is withholding some details of the vulnerability at the request of several elections officials and scientists, partly because exploiting it is so simple and the tools for doing so are widely available. A Finnish computer expert working with Black Box Voting, a nonprofit organization critical of electronic voting, found the security hole in March after Emery County, Utah, was forced by state officials to accept Diebold touch screens, and a local elections official allowed the expert to examine the machines.
Note: The article does not identify where the “Argus” reference comes from. Also, the Techdirt story has many links to previous items it covered that were not included here.
The concerns about e-voting are breaking out into the mainstream. A Google search on “e-voting Diebold” (without the quotes) had over 200 items as of last night.
Whether the e-voting machines properly record and tabulate votes should not be a partisan issue, any more than the need to prove that you are who you say you are when you come in to vote should be. Officials of both parties are foolishly running a risk of being associated with all of this when they attempt to use these systems before they have been proven.
I would suggest that any one of the Big Four CPA firms that doesn’t have a conflict of interest (in other words, the one that audits Diebold would be excluded) or some other firm specializing in computer auditing be engaged to prove or disprove whether current e-voting technology will accomplish these seven control objectives (this is totally apart from the issue of whether only real voters get to vote):
- All actual votes are recorded.
- Each recorded vote is real.
- Each recorded vote is properly valued as one vote.
- Each recorded vote is properly classified.
- All recorded votes are correctly summarized.
- All recorded votes are correctly posted to the final results.
- The system used to accomplish the first six objectives noted is tamper-proof.
If touch-screen voting can’t be made to accomplish these objectives as well as a paper-based system can, does, and has, it should be abandoned.
____________________________
UPDATE: Glenn Reynolds, aka Instapundit, opined on his love of paper ballots four years ago at what is now TCS Daily.
