Subscribe
to TIC!

E-Voting Machines Exposed by Task Force

In late June, the Brennan Center Task Force on Voting System Security, an initiative of the Brennan Center for Justice at NYU School of Law, released a report and policy proposals concluding that all three of the nation’s most commonly purchased electronic voting systems are vulnerable to software attacks that could threaten the integrity of a state or national election. Those three are electronic machines (DREs) with—and without—a voter verified paper trail, and precinct-counted optical scan systems (PCOS). The Task Force spent more than a year conducting the analysis and drafting The Machinery of Democracy: Protecting Elections in an Electronic World. The methodology, analysis, and text were “extensively peer reviewed” by the National Institute of Standards and Technology.

Kevin Chung, CEO of AVANTE International Technology developed an e-voting machine that prints a paper record. Partnered with Dell Computer, Arrow Electronics, and Microsoft E-Government System, they offer to provide California with all 10,000 units for this year’s election.

This is the “first-ever” systematic analysis of security vulnerabilities in each of these systems. They surveyed hundreds of election officials around the country, categorized over 120 security threats, and evaluated countermeasures for repelling attacks. The report’s findings include:

1. All three systems are equally vulnerable to an attack involving the insertion of corrupt software or other software attack programs designed to take over a voting machine.
2. Automatic audits, done randomly and transparently, are necessary if paper records are to enhance security. The report called into question basic assumptions of many election officials by finding that the systems in 14 states using voter-verified paper records without requiring automatic audits are of questionable security value.
3. Wireless components on voting machines are particularly vulnerable to attack. The report finds that machines with wireless components could be attacked by “virtually any member of the public with some knowledge of software and a simple device with wireless capabilities, such as a PDA.”
4. The vast majority of states have not implemented election procedures or countermeasures to detect a software attack even though the most troubling vulnerabilities of each system can be substantially remedied.

Congressmen Rush Holt (D-NJ) and Tom Cole (R-OK) praised the report’s findings and called for enactment of H.R. 550, the Voter Confidence and Increased Accessibility Act, the most comprehensive bill before Congress addressing electronic voting security.

According to Professor Ronald Rivest of MIT who has extensive experience in cryptographic design and cryptanalysis, “The report will be invaluable for any election official grappling with electronic security…”

“There is no question in my mind that these companies sacrificed security and accuracy, mass-producing a cheap product to cash in on tons of federal money,” said Matt Schultz, an attorney with a Florida-based firm that filed a “qui tam” lawsuit in U.S. District Court alleging that Diebold and others were fraudulently represented “to procure government contracts” through the Help America Vote Act (HAVA).

What is the FBA?  |  FBA Website Prototype  |  Cost Estimates  |  The Team

Publishers of The Informed Constituent.

Contact the FBA