Choose a different title name

[ThatHawaiiGuy]

More Calls to Vet Voting Machines

A recent report that showed touch-screen voting machines could be vulnerable to hackers spurred the National Association of Secretaries of State, a majority of whose members are in charge of their states' elections, to consider whether the standards for the machines should be beefed up to prevent tampering.

Voting machine standards weren't on the agenda at the association's annual meeting, held in late July in Portland, Maine. But after the study by Johns Hopkins University researchers was publicly released, the group discussed asking the National Institute of Standards and Technology, or NIST, the government's standards-setting organization, to prepare a white paper on security standards for the new generation of computerized voting machines.

No decision was made, said Kay Albowicz, a representative for the Washington, D.C., group. NIST, a nonregulatory agency based in Gaithersburg, Maryland, works with industry to develop and apply technology, measurements and standards.

Computer scientists have raised concerns about the security of computerized voting machines for the past few years, but they haven't been able to gather much support from election officials, who remain confident that the systems are basically secure from tampering and breakdowns. The Johns Hopkins study is the first piece of evidence that current touch-screen technology could be seriously flawed.

While stressing that more studies will have to be conducted to find out just how vulnerable these are, "there is a sense that in the past (critics of computerized machines) were part of the black box crowd and conspiracy theorists," Albowicz said. "No one is saying that now."

Aviel Rubin, technical director of the Johns Hopkins Information Security Institute, led a team of three computer scientists to examine source code for touch-screen voting machines made by Diebold. More than 40,000 Diebold voting machines are in use in 37 states. Most use touch-screen technology, while the rest use optical-scanning equipment, said Mike Jacobsen, a company spokesman.

The code was downloaded earlier this year from a company FTP site. The site isn't public, but it's also not secure. Diebold's field representatives used the site to fix the company's voting machines. Diebold has since pulled the source code off the Internet. The company's employees now carry discs.

Jacobsen confirmed that the source code Rubin's team examined was last used in November 2002 general elections in Georgia, Maryland and in counties in California and Kansas.

Within a half-hour of examining the code, Rubin's team found its first red flag. The password was embedded in the source code. "You learn (not to do) that in security 101," said Tadayoshi Kohno, one of the report's co-authors. "The designers didn't follow standard engineering processes."

Other "stunning flaws" Rubin said the team found in Diebold's source code included voter smart cards that could be manipulated to cast more than one vote, software that could be reconfigured by malicious company workers or election officials to alter voters' ballot choices without their knowledge and machines that could be electronically broken into through remote access.

"The people who wrote this code didn't have very good security training," Rubin said. "They didn't use encryption."

When asked if the source code contained the passwords to the system, Jacobsen said, "I can't say. The flaws that the researchers found were found in a very controlled, clinical environment and weren't subject to the stringent auditing and security processes, including the logic and accuracy testing." Jacobsen said he believed Wylie Laboratories tested Diebold's software.

David Dill, a professor of computer science at Stanford University and a member of the California Secretary of State's Ad Hoc Touch Screen Task Force, said Rubin's report confirms what he and other computer scientists have believed for years: Electronic machines are vulnerable and there needs to be a backup system to verify voters' ballots.

The ad hoc task force recommended a voter-verifiable audit trail. One solution could be a machine that generates paper receipts behind a glass barrier showing voters that their votes have been properly cast. The receipts later could be used for recounts.

"I think it's been obvious that (these machines) can be hacked and Aviel shows that they can be hacked," Dill said. "They've blown up all the arguments that the present machines are OK and the process will solve all these problems."

Mary Kiffmeyer, Minnesota's Secretary of State and the new National Association of Secretaries of State president, said there shouldn't be a "rush to judgment" to condemn the current technology used in touch-screen voting machines.

She pointed out that Georgia used new touch-screen machines in its 2002 elections without incident. But she said the association will push for the federal government to release additional funding from the Help America Vote Act, or HAVA, to study what standards should be in place.

"Standards are being revised as new equipment comes along," she said. "We need to speed up the process and focus on (the standards) as we are rapidly making decisions about our equipment."

Congress passed HAVA in 2002 in response to the November 2000 presidential election debacle, with its hanging chads, butterfly ballots and messy voter-registration records and administration.

Congress authorized $3.9 billion for HAVA to replace outdated punch-card and lever voting machines, to improve voter education, to provide better ballot booth access for the disabled and to modernize statewide voter-registration databases.

Congress also appropriated $1.5 billion for HAVA in the fiscal year ending in September. Of that, the federal government gave states $649.5 million to buy new voting machines and to improve their electoral administration. Another $830 million is waiting to be dispersed as soon as an election commission is established. Congress appropriated only $500 million for fiscal 2004.

Penelope Bonsall, director of the Federal Election Commission's Office of Election Administration, said the president has named the commission's four members, but they have not been officially nominated. Congress is now in recess and won't be able to approve the commission until it returns in September.

The 2006 deadline for states to comply with HAVA looms. Even though new standards may be needed for computerized machines, states and local governments are rushing to buy equipment.

At the end of 2002, 19.6 percent of votes nationwide were recorded on touch-screen equipment, up from 3.9 percent in 1992, according to the Federal Election Commission. Another 31.6 percent were recorded using optical-scanning equipment. Georgia had all new machines in place for its elections in 2002. Maryland just placed a $55 million order with Diebold for 11,000 machines -- the state will have all new machines. Maryland first bought Diebold machines in November 2002.

Some computer scientists say HAVA's deadline should be extended to give the government more time to establish better standards for new computerized voting machines. Rebecca Mercuri, a research fellow at Harvard University's John F. Kennedy School of Government and president of Notable Software, a consulting firm in Lawrenceville, New Jersey, says that in the absence of new standards, the Institute of Electrical and Electronics Engineers, of which she is a member, has formed a committee to create standards for the machines. One of the committee's concerns is a voter-verified audit trail.

Rep. Rush Holt (D-N.J.) introduced a bill, H.R. 2239, in May to amend HAVA to require computerized voting machines to provide voter-verified audit trails. So far, his bill has 26 sponsors and it's unlikely to get out of the Committee on House Administration.

"As the computer scientists at Johns Hopkins recently reported, these new machines are vulnerable to massive fraud," Holt said in a statement. "Unless Congress acts to pass legislation that would make sure that all computer voting machines have a paper record that voters can verify when they cast their ballots, voters and election officials will have no way of knowing whether the computers are counting votes properly."

http://www.wired.com/news/politics/0,1283,59874-2,00.html