Critics Say Georgia’s Computer Voting System Is Not Secure
Did you feel a little uneasy last year when you voted on Georgia's new computer voting system? All you did was touch a screen, after all, and though they said your vote was recorded, how did you know for sure?
If you felt that way, you're not alone. A growing number of computer security experts are worried about apparent flaws and security leaks in Georgia's computer voting system.
"Paperless voting systems are far too risky, far too vulnerable,"
said Dan Wallach, a Rice University professor who, along with three other computer
scientists from Johns Hopkins University, has done a study critical of the electronic
voting system Georgia uses.
Wallach spoke recently in Atlanta at a symposium sponsored by the Internet and Public Policy Project of Georgia Tech's School of Public Policy. Also on the program was Doug Jones, a University of Iowa computer science professor who serves on the Iowa Board of Examiners for Voting Machines and Electronic Voting Systems.
Hans Klein, director of the Internet and Public Policy Project, said representatives from Ohio-based Diebold, the company that makes Georgia's voting system, and the office of the Georgia Secretary of State were invited, but did not respond.
The controversy over Georgia's new voting machines has been growing for months and involves allegations of corporate greed, shady government dealings and flawed elections. Even disabled voters are being called pawns in the story - the push for electronic voting machines is being fueled in part by the need to make voting more accessible. The Help America Vote Act of 2002 set up federal requirements for states to meet disability access standards, among other requirements.
"Paperless voting systems are far too risky, far too vulnerable,"
Earlier this month, articles at wired.com and at Britain's Independent newspaper on-line pointed out questions raised about the electronic voting system by a former Diebold contract employee, Rob Behler. Behler says he had to apply three "patches" to fix the machines in the summer of 2002 as they sat in storage before the election. Because these patches weren't certified, Diebold may have violated federal election rules, if Behler's claim is true.
Worse, Behler's charges, along with the Johns Hopkins study and other studies, have made some question the outcome of what to many was a strange election. The Independent article points out that polls taken just before the November election showed Gov. Roy Barnes and Sen. Max Cleland with fairly comfortable leads. Did the new machines with their untraceable votes help usher in the Republican sweep?
Unfortunately, there's probably no way to tell, according to Wallach, the Rice scientist who spoke at Tech. The electronic voting machines leave no trail.
"When people say everything worked fine in the last election," Wallach said, "I ask them, how on earth do you know?"
Jones, the computer scientist and elections expert from Iowa, pointed out that there's no real way to ask for a hand recount of the votes in Georgia's system. The memory cards used in the voting machines are treated as the primary voting record, and Jones said these should only "have the weight of hearsay evidence," since they can be changed or tampered with.
Both Wallach and Jones are security experts, and both are strongly critical of the software and security in the Diebold system.
Calling the system "an embarrassingly bad design," with "astonishingly stupid" cryptography, Wallach said the software used in the machines was "an amateurish effort," whose quality wasn't up to critical standards such as those that would be found in medical devices, for instance, or at an airline.
"The way you develop software for critical applications is slow and tedious," Wallach said. "I don't see any evidence of that in Diebold's software... In some ways, it's just a big hack."
Diebold has rebutted the claims of the Johns Hopkins study in a 27-page document available on the Internet. The Diebold report says the Hopkins study "alleges scenarios that could not occur within an actual election process due to the checks and balances within the actual equipment and those found within accepted election procedures."
The Hopkins team had a setback when member Aviel Rubin revealed in August that he was on the advisory board of a Diebold competitor, VoteHere Inc. Rubin severed his association with the company, saying he had not had contact with them for two years prior to the Hopkins study's release and had never been to a board meeting. He also returned stock options he had in the company, saying he had never profited from them.
Diebold is also under attack from Bev Harris, a Washington state writer who once worked for investigative journalist Jack Anderson. While writing a book, Harris happened on an unprotected Diebold computer site last year that held user manuals and software for Diebold machines. She put the information on the web, and a New Zealand site, Scoop, published her claims about Diebold's lack of security. Harris is now writing a book about ballot tampering.
Georgia was the first state to use paperless computer voting statewide, but it won't be the last. California is also planning to change to the Diebold system, and Maryland is adopting the Diebold system despite its own study finding flaws in the system.
Maryland hired Science Applications International Corp. (SAIC) to examine its system after the Johns Hopkins report was issued. Despite SAIC's findings, which mirrored what the Johns Hopkins and Rice scientists had found, Maryland is going ahead with the system.
The ethics of Diebold's chief executive, Walden O'Dell, came under question in August. O'Dell is one of the Republican Party's top fund-raisers. The day before the state of Ohio, where Diebold is based, was supposed to qualify Diebold as one of the companies that could sell electronic voting equipment there, O'Dell sent out a fund-raising letter to Ohio Republicans saying that he is "committed to helping Ohio deliver its electoral votes to the president next year."
O'Dell, who is one of Bush's six-figure fundraisers called "Pioneers and Rangers," was forced to issue a press statement saying that he would never commit "this treasonous felony atrocity" of trying to change an election outcome, and that he would be more sensitive to the issue of partisanship in the future.
The press statement said that Diebold's election division is based in Texas and is run by "a registered Democrat," who wasn't named. The elections division accounts for $100 million of Diebold's $2.1 billion operation.
However, the money at stake in converting all the states to an electronic voting system may be even bigger. After the expenditures for machines and software, which came to approximately $54 million, Georgia is paying an estimated $800,000 a year in license fees to Diebold. The federal government reimbursed Georgia around $30 million of its cost for the system.
The scientists at Tech estimated it might cost $17 million more to outfit the machines with printers that would record votes permanently.
Wallach advocates a system such as one used in Brazil, which has been doing e-voting since the '90s. Brazil went from a paperless system like the one in Georgia to a system that prints a record a voter can see to verify a vote. This paper is then put in a ballot box and can be scanned to record the vote. That method produces a fast estimate of the vote through the computer and a hard copy of the actual vote through the paper ballots.
"No vendor trust is needed," Wallach said.
Wallach said getting action on the security problems has been difficult because of the "problem of the politicians not wanting to lose face." He thinks the electronic voting systems will get better and more reliable eventually, "but it will be messy in the meantime."
Jones, who has been a member of the Iowa Board of Examiners for Voting Machines since 1994 and chair since 1999, said that it's important that all the security issues surrounding the electronic voting machines be made public "because that's the way the process works.
"The first rule of democracy is that you never trust anybody," he said.
Merrill Morris
More Info
Doug Jones' Voting and Elections page: www.cs.uiowa.edu/~jones/voting/
Abstract of and link to the Johns Hopkins study: http://avirubin.com/vote/
The Diebold rebuttal:
www2.diebold.com/checksandbalances.pdf
Wired.com's story about Behler's charges:
www.wired.com/news/print/0,1294,60563,00.html
Bev Harris' site:
www.blackboxvoting.com/