Brunner and Premier have locked horns several times since she took office in January 2007 over whether the company's DRE (direct recorded election) touch-screen electronic voting technology works properly and is secure. The problem came to a head in April, when election officials in Ohio's Butler County detected a vote count discrepancy during the primary election. The county board of elections staff determined that the Premier DRE system had malfunctioned and failed to count votes from memory cards uploaded to the system's vote tabulation computer server, Brunner says, adding, "This is not what we bargained for."
Suspecting problems with all of the e-voting technology that had so far cost Ohio $112 million, Brunner last year commissioned Project EVEREST, a comprehensive security review of the electronic voting technology used throughout Ohio, to identify any problems that might make elections vulnerable to tampering. During the 10-week project, teams of academic researchers from Pennsylvania State University, the University of Pennsylvania and WebWise Security (a security firm formed in 2005 by faculty and students from the University of California, Santa Barbara's security research group) examined DRE touch-screen and optical-scan voting systems from Premier, Election Systems and Software (ES&S) in Omaha, Neb., and Austin, Tex.–based Hart InterCivic as well as the software that manages these systems.
EVEREST researchers found exploitable security weaknesses in all three vendors' systems, Brunner said in a statement when the project concluded in December. "Many of these vulnerabilities represent practical threats to the integrity of elections as they are conducted in Ohio," she said. "We found vulnerabilities in different vendor systems that would, for example, allow voters and poll workers to place multiple votes, to infect the precinct with virus software or to corrupt previously cast votes—sometimes irrevocably."
"None of the systems out there are even remotely adequate given the importance of the data they handle," says Patrick McDaniel, a Penn State professor of information security who led the EVEREST testing. A lot of the attacks that McDaniel and his team tested could be carried out at a polling place or county elections office in a matter of seconds. An example: when researchers placed a piece of white tape over part of an e-voting system's scanner, they were able to effectively block it from reading the entire ballot. In other words, a person could put the tape in a place that kept the system from counting votes for a particular candidate. The team also found that the keys to unlock Hart's ballot box could also be used to open the ballot boxes on the Premier systems.
In a more serious attack, McDaniel found that his researchers could replace the memory card in some of the e-voting systems. "Any software you put on your card would uploaded into the system's computer," he says.
Premier had already responded to EVEREST's findings as well as a similar project commissioned by California Secretary of State Debra Bowen called Top-to-Bottom Review in March by issuing a report that emphasized that the EVEREST researchers did their work with "no physical or operational security controls" and did not simulate realistic election day conditions. Premier could not be reached for comment.
The EVEREST researchers don't dispute that. Sandy Clark, an EVEREST researcher and the computing systems manager of Princeton University's Atmospheric and Oceanic Sciences Program, said at the Last HOPE hacker's conference held last month in New York City that she and her EVEREST colleagues "treated the project as a hack."
See what we're tweeting about
8 Comments
Add CommentAs a software engineer, there I say it is absolutely impossible to make an electronic voting system that can be trusted. Period. I have been through all the BS that proponents and people that work on the concept have said. It cannot be done. A major reason it cannot be done is that unique identifiers for users that can be traced to them are out. All the explanations otherwise are handwaving baloney.
Reply | Report Abuse | Link to thisThe only variant that could be trusted at all is one that spits out a hard copy on strong plastic or card stock. Then those cards can be inserted into a separate, dumb machine. But even this requires a unique identifier, and it can be hacked with a denial of service attack by manufacturing multiple identical identified cards, thereby destroying that vote in an audit.
Brunner's own studies showed that all computerized voting systems can be hacked. Over 50 scientific studies corroborate that software can be altered without detection, because malware can erase itself. It is absolutely ludicrous that public elections are run on the worse possible technology available - undetectably mutable software. So, for 2008, we'll have another election that provides us with no rational basis for confidence in reported results.
Reply | Report Abuse | Link to thisSee Debunking: http://snipurl.com/31wg5
Warning: http://snipurl.com/31v1x
Full 50+ Bibliography: http://snipurl.com/30nhj
The optical scanners are just as hackable and prone to breakdown as the touch screen machines. That's not very clear in the article especially with Burner's quote at the end. If we're to have confidence in our elections then count the ballots by hand. All the machines are undetectable vote fraud enabling junk.
Reply | Report Abuse | Link to thisThe whole point of these machines from day one was to rig elections. The ruling class have never had any interest in giving the rabble a real voice. Elections are no more real than a wrestling show if they can help it.
Reply | Report Abuse | Link to thisNot to mention the standards were written by politicians with no software knowledge, and then left to be evaluated by test houses in collusion, like systest in colorado: http://www.opednews.com/articles/SysTest-Labs-under-Fire-Fo-by-Rady-Ananda-080815-39.html
Reply | Report Abuse | Link to thisThe vote is the foundation of democracy. To put private, for profit corporations in charge of recording and counting the people's vote is short sighted. To allow them to count the vote with proprietary software in secrete invites tyranny.
Reply | Report Abuse | Link to this"Fascism should more properly be called corporatism because it is the merger of state and corporate power." - Benito Mussolini.
"It's not the people who vote that counts. It's the people who count the votes." - Josef Stalin
Another election approaches and yet another establishment media outlet does a story decrying the perils of e-voting too late to do anything about it.
Reply | Report Abuse | Link to thisGood job. This issue has been obvious to anyone with a PC for almost a decade. Not only have numerous tests been conducted proving that computerized voting (not to mention tabulation which is just as vulnerable and was omitted from this article), but there is more than compelling evidence that computerized systems have thrown elections.
These systems aren't imperfect. If one were to design a system for election rigging, they could not have done better.
It is nice that SciAm has decided to cover this issue. But it's too little too late. We are about to hand over yet another American election to a few private companies who have shown nothing but contempt for the principles of open, transparent democracy.
'EVMs illegally being used for a decade' -Legal Research Paper published in India at Chennai
Reply | Report Abuse | Link to thisAuthor - Ajay Jagga, Punjab & Haryana High Court Lawyer, India
Sanjay Sharma, TNN, Feb 22, 2010, 03.44am IST
CHANDIGARH: The electronic voting machines (EVMs) are being used in violation of the Information Technology Act 2000, a research paper has revealed.
Author of the research paper, advocate Ajay Jagga, told The Times of India, on Sunday that as per IT Act, 2000, a verifiable audit trail has to be provided in case of any electronic record, which is now admissible as evidence as per Evidence Act but in case of electronic voting, the voter does not get any receipt with regard to his voting.
The research paper recently attracted the attention of experts when a conference on "EVMs: How trustworthy? " in Chennai passed a unanimous resolution on February 13, to approach the Election Commission of India (ECI) for bringing the electronic voting procedure in tune with IT Act, 2000.
Jagga said he would soon approach ECI seeking formation of legal committee to remove the illegality or will knock the doors of court.He said the voter comes across a beep and flash, but what has happened inside the machine and whether the data has been recorded as per the wish of the elector, is not know. It is just like deposited money in the bank and official of the bank says no receipt is required.
The lawyer said, "Unless the voter gets a receipt like the one we get in ATM or after the use of debit or credit cards, all electronic transactions including a vote, are illegal." What is the evidence that the vote cast has really been recorded and that it has been recorded in the manner the voter intended, he asked.
For the purpose and to protect the secrecy of ballot, all such receipts, after the voter has checked his transaction, should be put in a box which should remain with ECI to be produced as evidence in case of a dispute, he said. The government amended the relevant laws in 1989 to equate EVM with ballot and ballot box to facilitate transition from ballot paper to EVM but the IT Act 2000 created a new complication that has to be immediately resolved in the interest of fairness of things, Jagga pointed out.