[ISN] Technical Problems Reported in E-Voting

From: InfoSec News (isn@private)
Date: Wed Mar 03 2004 - 00:12:31 PST

  • Next message: InfoSec News: "[ISN] GAO hits IT security at USDA, says improvements needed"

    http://www.salon.com/tech/wire/2004/03/02/evoting/
    
    By Rachel Konrad
    March 2, 2004  
    
    SAN JOSE, Calif. -- Electronic voting made its debut in cities and
    towns from Maryland to California on Tuesday as election officials
    beefed up security for the record number of voters expected to cast
    E-ballots for the first time.
    
    Scattered technical problems were reported in the early hours as
    voters in 10 states, including California, New York and Ohio, went to
    the Super Tuesday polls to choose a Democratic presidential nominee
    and decide primary contests for congressional and state races.
    
    Advocates of electronic voting say paperless ballots save money and
    eliminate problems common to old systems. But the technology brings a
    new breed of security concerns, like software errors and hackers that
    could make the results unreliable.
    
    In California, new security measures range from random tests of
    touch-screen machines by independent computer experts to a
    recommendation that poll workers prevent voters from carrying cell
    phones or other wireless devices into booths.
    
    Overall, some 10 million people in at least two dozen states were
    expected to cast ballots in primaries this year on machines built by
    Diebold, Sequoia Voting Systems, Electronic Systems & Software and
    other vendors.
    
    And the electronic voting trend is accelerating: In November's
    presidential election, at least 50 million people will vote on
    touch-screens, compared with 55 million using paper, punch cards or
    lever machines, according to Washington-based Election Data Services.
    
    One Maryland polling place had to switch to paper ballots Tuesday
    because its new electronic voting machines didn't work. State
    elections supervisor Linda Lamone said technicians expected to have
    the problem fixed quickly.
    
    Voters also had to start out using paper ballots in Georgia's
    Effingham County. Chris Riggall, a spokesman for Secretary of State
    Cathy Cox, said county officials apparently forgot to program the
    encoders - devices used to tell ballot access cards, which voters
    insert into the machines, what ballot to display.
    
    A security issue also arose in Georgia.
    
    Georgia Tech student Peter Sahlstrom said he found 10 Diebold
    terminals sitting unprotected in the lobby of the school's student
    center Monday. Sahlstrom, 22, photographed the machines in their
    unlocked cases.
    
    "Frankly, this makes me nervous and ... it validates a lot of the
    concerns I already had," Sahlstrom said in a phone interview.
    
    The paperless ballots eliminate problems like hanging chads and make
    it impossible to accidentally vote twice for one position. The
    machines also can toggle between different languages for people who
    don't speak English.
    
    "The modernization of the nation's voting infrastructure is long
    overdue," said Alfie Charles, spokesman for Oakland-based Sequoia,
    which built the machines being used by as many as 4 million voters in
    California and Maryland.
    
    But computer scientists have been protesting the switch. They're
    particularly concerned that few of the computers provide paper
    records, making it nearly impossible to have meaningful recounts, or
    to prove that vote tampering hasn't occurred.
    
    Politicians, voter-rights advocates and even some secretaries of state
    have acknowledged that the systems could theoretically fail -- with
    catastrophic consequences.
    
    In several software and hardware tests, critics have shown it's easy
    to jam microchip-embedded smart cards into machines, or alter and
    delete some votes - in some cases simply by ripping out wires. They've
    cracked passwords to gain access to computer servers and showed that
    some systems relying on Microsoft Windows lacked up-to-date security
    patches that should have been downloaded from the Internet.
    
    California Secretary of State Kevin Shelley directed elections
    officials last month to bolster security in 12 counties using
    touch-screens. Those counties account for about 41 percent of
    California's registered voters. Shelley also wants independent, random
    tests of touch-screen machines.
    
    Maryland, which spent $55.6 million on 16,000 touch-screen computers
    earlier this year, also took precautions.
    
    Computer experts told Maryland lawmakers in January that the hardware
    contained "vulnerabilities that could be exploited by malicious
    individuals." Among their surprises: all of Maryland's machines had
    two identical locks, which could be opened by any one of 32,000 keys
    or be easily picked.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Mar 03 2004 - 02:38:02 PST