Technical Problems Reported in E-Voting

[InfoSec News <isn () c4i org>]

http://www.salon.com/tech/wire/2004/03/02/evoting/

By Rachel Konrad
March 2, 2004  

SAN JOSE, Calif. -- Electronic voting made its debut in cities and
towns from Maryland to California on Tuesday as election officials
beefed up security for the record number of voters expected to cast
E-ballots for the first time.

Scattered technical problems were reported in the early hours as
voters in 10 states, including California, New York and Ohio, went to
the Super Tuesday polls to choose a Democratic presidential nominee
and decide primary contests for congressional and state races.

Advocates of electronic voting say paperless ballots save money and
eliminate problems common to old systems. But the technology brings a
new breed of security concerns, like software errors and hackers that
could make the results unreliable.

In California, new security measures range from random tests of
touch-screen machines by independent computer experts to a
recommendation that poll workers prevent voters from carrying cell
phones or other wireless devices into booths.

Overall, some 10 million people in at least two dozen states were
expected to cast ballots in primaries this year on machines built by
Diebold, Sequoia Voting Systems, Electronic Systems & Software and
other vendors.

And the electronic voting trend is accelerating: In November's
presidential election, at least 50 million people will vote on
touch-screens, compared with 55 million using paper, punch cards or
lever machines, according to Washington-based Election Data Services.

One Maryland polling place had to switch to paper ballots Tuesday
because its new electronic voting machines didn't work. State
elections supervisor Linda Lamone said technicians expected to have
the problem fixed quickly.

Voters also had to start out using paper ballots in Georgia's
Effingham County. Chris Riggall, a spokesman for Secretary of State
Cathy Cox, said county officials apparently forgot to program the
encoders - devices used to tell ballot access cards, which voters
insert into the machines, what ballot to display.

A security issue also arose in Georgia.

Georgia Tech student Peter Sahlstrom said he found 10 Diebold
terminals sitting unprotected in the lobby of the school's student
center Monday. Sahlstrom, 22, photographed the machines in their
unlocked cases.

"Frankly, this makes me nervous and ... it validates a lot of the
concerns I already had," Sahlstrom said in a phone interview.

The paperless ballots eliminate problems like hanging chads and make
it impossible to accidentally vote twice for one position. The
machines also can toggle between different languages for people who
don't speak English.

"The modernization of the nation's voting infrastructure is long
overdue," said Alfie Charles, spokesman for Oakland-based Sequoia,
which built the machines being used by as many as 4 million voters in
California and Maryland.

But computer scientists have been protesting the switch. They're
particularly concerned that few of the computers provide paper
records, making it nearly impossible to have meaningful recounts, or
to prove that vote tampering hasn't occurred.

Politicians, voter-rights advocates and even some secretaries of state
have acknowledged that the systems could theoretically fail -- with
catastrophic consequences.

In several software and hardware tests, critics have shown it's easy
to jam microchip-embedded smart cards into machines, or alter and
delete some votes - in some cases simply by ripping out wires. They've
cracked passwords to gain access to computer servers and showed that
some systems relying on Microsoft Windows lacked up-to-date security
patches that should have been downloaded from the Internet.

California Secretary of State Kevin Shelley directed elections
officials last month to bolster security in 12 counties using
touch-screens. Those counties account for about 41 percent of
California's registered voters. Shelley also wants independent, random
tests of touch-screen machines.

Maryland, which spent $55.6 million on 16,000 touch-screen computers
earlier this year, also took precautions.

Computer experts told Maryland lawmakers in January that the hardware
contained "vulnerabilities that could be exploited by malicious
individuals." Among their surprises: all of Maryland's machines had
two identical locks, which could be opened by any one of 32,000 keys
or be easily picked.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.