Changes to Election Results Demonstrate e-Voting Vulnerabilities
There were some problems with the voting machines in Harris County, TX during the Nov. 6th elections but they were corrected: by changing the ballot totals on the electronic voting machines. This is the first example of "adjustments" to ballot tallies that I've seen that wasn't based on conspiracy theories or just plain fear of what might be.
The Houston Chronicle reports that Johnnie German, the respected county elections administrator, used a feature of the voting machine to make corrections needed because of errors on some of the ballots:
Which is what happened in Emergency Services District No. 9, where 293 voters went to the polls early but never got to express an opinion on the issue as they voted on state and county bonds and other items because the tax vote didn't appear on their screens. (The tax proposal lost by 3,233 votes.)The omission of the tax proposal on ballots in parts of three precincts was discovered thanks to an alert from a voter, and Harris County Clerk Beverly Kaufman's staff was able to get the tax question on the right ballots for Election Day — but it was too late to have those votes recorded on the main computer.
Instead, they were recorded separately and later added to the totals.
It turns out, with some passwords and encryption key, a user can get to an "Adjustments" screen and change voting results.
But Behrman [a party observer] said he was shocked when he saw German use a series of passwords and an "encryption key" — a series of numbers on a nail file-size computer memory storage device — to reach a computer program that said "Adjustment."
While the Houston Chronicle article makes clear that the changes were made to correct errors, made in front of witnesses, and by respected public officials, it does not change the fact that the totals tallied by these machines are not immutable:
Computer scientist Daniel Wallach, who started Rice University's Computer Security Lab and was on the task force that recently studied California's electronic voting systems, is skeptical about the eSlate system supplied to Harris County at a cost of $12 million by Austin-based Hart InterCivic.The "encryption key" code could be extracted from voting equipment at each precinct, according to Wallach, who studied the company's systems in California.
We'd be better off if the machine totals could not be changed and corrections were made to the final electronic totals in a manual operation. Having a device with an encryption key that can be extracted and thus leaving the integrity of the whole system in question is too much of a risk in a voting system.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
Comments
I know we want to have the best possible protection on e-voting that we can get, but let's put things in perspective. With the old fashioned paper ballots, whole boxes of ballots used to go missing, and then suddenly reappear. Where was the accountability factor in that? When I fill out a paper form, what is in place that unequivocally proves it is the ballot I cast? I personally think it is easier to break the paper system without leaving a trace than it is to break the electronic system without leaving a trace.
Posted by: Bryan | November 14, 2007 6:35 PM
Comment to Bryan -
If paper ballots are less secure than the electronic systems reported on above, then we are really in trouble.
Here is a link with a recent quote from another respected InfoSEC professional on the 2006 court case in Ohio. Note that our Ohio Atty General Marc Dann was forced to resign before he could complete his investigation as was promised to the court in this case as part of a stay agreement. The stay agreement has now been challenged, partly due to lack of action from the Ohio Atty General's office.
http://rawstory.com//news/2008/Cybersecurity_expert_raises_allegations_of_2004_0717.html
Vindiciae contra tyrannos
Posted by: Stephen Junius Brutus | July 24, 2008 2:17 PM