Computer Voting Is Open to Easy Fraud, Experts Say

New York Times ^ | 7/24/03 | John Schwartz

[csprof]

Computer Voting Is Open to Easy Fraud, Experts Say

By JOHN SCHWARTZ

The software that runs many high-tech voting machines contains serious flaws that would allow voters to cast extra votes and permit poll workers to alter ballots without being detected, computer security researchers said yesterday.

"We found some stunning, stunning flaws," said Aviel D. Rubin, technical director of the Information Security Institute at Johns Hopkins University, who led a team that examined the software from Diebold Election Systems, which has about 33,000 voting machines operating in the United States.

The systems, in which voters are given computer-chip-bearing smart cards to operate the machines, could be tricked by anyone with $100 worth of computer equipment, said Adam Stubblefield, a co-author of the paper.

"With what we found, practically anyone in the country ? from a teenager on up ? could produce these smart cards that could allow someone to vote as many times as they like," Mr. Stubblefield said.

The software was initially obtained by critics of electronic voting, who discovered it on a Diebold Internet site in January. This is the first review of the software by recognized computer security experts.

A spokesman for Diebold, Joe Richardson, said the company could not comment in detail until it had seen the full report. He said that the software on the site was "about a year old" and that "if there were problems with it, the code could have been rectified or changed" since then. The company, he said, puts its software through rigorous testing.

"We're constantly improving it so the technology we have 10 years from now will be better than what we have today," Mr. Richardson said. "We're always open to anything that can improve our systems."

Another co-author of the paper, Tadayoshi Kohno, said it was unlikely that the company had plugged all of the holes they discovered.

"There is no easy fix," Mr. Kohno said.

The move to electronic voting, which intensified after the troubled Florida presidential balloting in 2000, has been a source of controversy among security researchers. They argue that the companies should open their software to public review to be sure it operates properly.

Mr. Richardson of Diebold said the company's voting-machine source code, the basis of its computer program, had been certified by an independent testing group. Outsiders might want more access, he said, but "we don't feel it's necessary to turn it over to everyone who asks to see it, because it is proprietary."

Diebold is one of the most successful companies in this field. Georgia and Maryland are among its clients, as are many counties around the country. The Maryland contract, announced this month, is worth $56 million.

Diebold, based in North Canton, Ohio, is best known as a maker of automated teller machines. The company acquired Global Election Systems last year and renamed it Diebold Election Systems. Last year the election unit contributed more than $110 million in sales to the company's $2 billion in revenue.

As an industry leader, Diebold has been the focus of much of the controversy over high-tech voting. Some people, in comments widely circulated on the Internet, contend that the company's software has been designed to allow voter fraud. Mr. Rubin called such assertions "ludicrous" and said the software's flaws showed the hallmarks of poor design, not subterfuge.

The list of flaws in the Diebold software is long, according to the paper, which is online at avirubin.com/vote.pdf. Among other things, the researchers said, ballots could be altered by anyone with access to a machine, so that a voter might think he is casting a ballot for one candidate while the vote is recorded for an opponent.

The kind of scrutiny that the researchers applied to the Diebold software would turn up flaws in all but the most rigorously produced software, Mr. Stubblefield said. But the standards must be as high as the stakes, he said.

"This isn't the code for a vending machine," he said. "This is the code that protects our democracy."

Still, things that seem troubling in coding may not be as big a problem in the real world, Mr. Richardson said. For example, counties restrict access to the voting machines before and after elections, he said. While the researchers "are all experts at writing code, they may not have a full understanding of how elections are run," he said.

But Douglas W. Jones, an associate professor of computer science at the University of Iowa, said he was shocked to discover flaws cited in Mr. Rubin's paper that he had mentioned to the system's developers about five years ago as a state elections official.

"To find that such flaws have not been corrected in half a decade is awful," Professor Jones said.

Peter G. Neumann, an expert in computer security at SRI International, said the Diebold code was "just the tip of the iceberg" of problems with electronic voting systems.

"This is an iceberg that needs to be hacked at a good bit," Mr. Neumann said, "so this is a step forward."

[steve50]

This story is getting alot of play overseas. The guys who "found" the code have written some reports on what they've been able to do with it. Pretty damning, these computer voting/counting programs need done away with. I'll gladly wait a few more hours for results to insure they reflect the views of the voters.

[kevkrom]

There must be NO SOFTWARE involved, because it is too easy to change.

I disagree with this. It is entirely possible for a secure system to use software, as long as proper auditing is incorporated into the system. (I.e., physical [paper] backup of everything and the ability for the voter to verify his own ballot.)

[Recovering_Democrat]

No wonder Democrats are pushing this type of balloting.

[Search4Truth]

Well the media does like its boogy men, and technology is one of its favorites.

I've worked in the Data Processing field, as it was once called, for 25 years; all of my adult life. And I can tell you from experience, that no one can FU a computer project like the government.

If we assigned the goal of creating a nationwide technology-based voting system to the private sector, we'd have one built for you in less than a year. Not only would it meet or exceed requirements, but would be a fraction of the cost.

[Zathras]

If the NYT is against it, computer voting is a good thing.
Funny, no one is against computer investing.

[mabelkitty]

I agree.

However, in addition to that information, you have to look at only one thing - the demographics for those who use computers.

No way, no how, can any illegal, uneducated felon, etc., (Democratic voter) go in and repeatedly vote for the same candidate in different counties. Most of them can't use one.

That's the bigger issue. Can't cheat if they can't read or operate a computer.

[Cicero]

Not a surprise. The primary purpose of the Chad War was to change the election results and install Gore. But the secondary purpose was to change voting machines in ways to make it easier for the Dems to cheat.

Computer voting is a very, very poor idea, as I said at the time. Instead of poking out a few chads or resurrecting a few dead people, you can switch 10 million votes at the touch of a mouse button. And there will be no ballots to recount.

[Cicero]

If the DNC has a hundred million in its slush fund, it's perfectly capable of hiring professional hackers to do the job for them.

[Iris7]

A necessary part of the world we live in is the public's trust in the "honesty" of the voting process. Another necessary part of the world we live in is that this process elects only the "right", or "correct", people. Merchandising technologies are no longer adequate to reconcile these two requirements since lies are more often detected by the voters than in decades past. (Although the Democratic Party merchandising is filled with lies, and is expected to be successful. At least the Republican Party lies more by omission than commission!) Perhaps being exposed to the never ending deluge of commercial merchandising is making even the "voter" class aware that they are being "merchandized", to coin a neologism.

So what to do? The best approach at the moment is computerized voting, the only problem is getting the "voters" to believe it is "honest".

[CaptIsaacDavis]

But Douglas W. Jones, an associate professor of computer science at the University of Iowa, said he was shocked to discover flaws cited in Mr. Rubin's paper that he had mentioned to the system's developers about five years ago as a state elections official.

"To find that such flaws have not been corrected in half a decade is awful," Professor Jones said.



THIS IS NOT A MISTAKE -- IT IS DELIBERATE, THESE AUTHORS NEED TO DIG DEEPER TO EXPLAIN WHY...

[Theo]

Explain what happened in Florida during the last presidential election, then. There was obvious fraud, with "someone" poking multiple voting cards for Gore. Noone to my knowledge was ever caught. If voter fraud can happen with punch cards, it can happen easier with computers.

BTW, I'm a software developer.

[Search4Truth]

I think your response to the idea of technology-based voting is indicative of the real problem people will have with it; they will not trust that which they do not understand.

From a technological standpoint, a system could be built to perform the voting process accurately and securely. As a career computer professional, I know that; having led or participated in more formidable projects than a voting system. The question is then, will people trust it?

Given that Americans are increasingly relying on technology on daily basis, I think that such trust could be established.

Although, I don't know that have seen any good arguments for making this change. Is the old system really broke? What would be the advantages of a newer more technology-based system?

As in any successful computer project, one starts first with the goals of the project.

[jmc813]

People think I'm crazy when I tell them that I think voting should be as LOW tech as possible.

[Maria S]

I just heard some guy call in to Sean Hannity and tell Sean to get a tape of Hillary on KHOW today…wherein she practically admitted she would run if needed. Don’t tell me we don’t need to be worried about computer voting!

[zoyd]

A Follow-Up on Several Back Columns and Can Diebold Voting Machines Really Be Hacked?

I, Cringely

A little bit of info in this Cringely column.

[zoyd]

And another link to the basic story (from New Zealand):

New Zealand Scoop

[doc]

Guess who tallies the votes? Weren't these machines the properties of the major networks?

[Revel]

" If voter fraud can happen with punch cards, it can happen easier with computers."

Ah yes...Those who know any thing about how computer and software actually work are quite aware of how easily this electronic voting can be manipulated without a trace. So many people have some kind of magical view of computers. If it were so easy to make it fraud proof then why can't we make an internet that is fraud proof? People had better wake up fast. We must have a paper trail. And it should be used to verify any vote count weather fraud is alleged or not.

[Revel]

"From a technological standpoint, a system could be built to perform the voting process accurately and securely."

No such thing really. There is always someone who knows how to cheat. From a top level executive with the voting machine company or security company...on down to the hacker who has managed to hock a voting machine to play with. Or maybe someone on the inside passed him documentation on the machine/ code. You can argue about how many safe gaurds could be put into effect, The simple fact is that nothing is as secure as a paper trail...Even that not being perfect.

[Cicero]

I used the word "hackers" loosely. What I intended to say is that it's a lot easier to change the figures in a computer than it is with a box of paper ballots. When you consider that billions of dollars are at stake in a national election, the stakes are just too high to trust anyone with that power.