COUNTING THE VOTES
John Seiffer sends along two interesting pieces on electronic voting. The first is short and begins:
Voters can run, but they can’t hide from these guys. Meet the Urosevich brothers, Bob and Todd. Their respective companies, Diebold and ES&S, will count (using BOTH computerized ballot scanners and touchscreen machines) about 80% of all votes cast in the upcoming U.S. presidential election . . .
The, second, from Salon, is free if you watch a short ad – but so interesting, like much of Salon, you may decide you want to subscribe. In very small part:
. . . The system stores its votes in a format recognizable by Microsoft Access, a common office database program. If you’ve got a copy of Access and can get physical access to the county machine — or, some activists say, if you discover the county’s number and call into the machine over a phone line — the vote is yours to steal.
While I sat at his computer, March helped me open a file containing actual results from a March 2002 primary election held in San Luis Obispo County, Calif. — a file that March says would be accessible to anyone who worked in the county elections office on Election Day. Following March’s direction, I changed the vote count with a few clicks. Then, he explained how to alter the “audit log,” erasing all evidence that we’d tampered with the results. I saved the file. If it had been a real election, I would have been carrying out an electronic coup. It was a chilling realization.
. . . In July, a team of four computer scientists at Johns Hopkins University and Rice University announced that they’d uncovered major security flaws in the machines used in Georgia’s elections. “Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts,” the team wrote. Diebold has long boasted that votes in its system are stored in an encrypted manner, hidden to anyone who didn’t have a valid password; the computer scientists found that Diebold’s programmers left the “key” to decrypt the votes written into the code, which is a bit like locking your door and placing the key on the welcome mat.
. . . Diebold fiercely disputes that its technology is vulnerable to attacks. . . . As for the Hopkins study, Radke says the scientists who looked at the system erred in their assessment by examining only a small bit of the code and by neglecting the “checks and balances” that occur in an actual election. He pointed to a study of the company’s system that was performed by Science Applications International Corp., a consulting firm, at the behest of the state of Maryland. The SAIC report gives Diebold a clean bill of health, and Georgia officials say it proves their system is safe. (The study is available here in PDF format.)