How secure is your electronic vote?
By Doug Gross, CNN
(CNN) – In an era when shadowy hackers can snatch secret government files and humble big businesses with seeming ease, it’s an unavoidable question as Election Day approaches: When we go to the polls, could our very votes be at risk?
According to voting-security experts, the answer can be boiled down to a bit of campaign-speak: There are reasons for concern and there is work to be done but, by and large, we’re better off now than we were four years ago.
“In general terms, the nation as a whole is moving toward more resilient, more recountable, evidence-based voting systems and that’s a good thing,” said Pamela Smith, president of the Verified Voting Foundation. “We’re better off than we were a couple of election cycles ago by a long shot and we’re better off than we were in the last election, too.
“We’re seeing improvement, but we’re still seeing immense challenges.”
Since there have been elections, there has been tampering with votes. Archaeologists digging in a well discovered a dumped stash of 190 broken pottery shards that appear to have been used by ancient Athenians for a vote in 471 B.C. But in 2012, election-security advocates are most worried about the bits and bytes of data stored on the electronic voting machines that millions of Americans will use to cast their ballot.
More than 45 million U.S. voters, or one out of every four who go to the polls, will cast a ballot on a machine that stores votes electronically, but doesn’t create a paper ballot, according to Verified Voting.
Six states — Delaware, Georgia, Louisiana, Maryland, New Jersey and South Carolina — use those machines exclusively and they’re used by a “heavy majority” of voters in another five — including presidential battleground states Pennsylvania and Virginia. Some of these paperless machines are also used in the key states of Ohio, Florida and Colorado, where the presidential race is expected to be close.
Here’s the problem, advocates say. When there’s no physical ballot, it becomes next to impossible to determine whether there has been tampering, or some other kind of irregularity, in a close election.
“If the election is predicted to be a landslide, and then it is, really the problems we’re concerned about aren’t that big a deal, because everyone knows the election went the way it was supposed to,” said Avi Rubin, a professor of computer science at Johns Hopkins University who specializes in computer security.
But in cases like 2000’s razor-thin Bush-Gore race, “a lot of the Democratic supporters felt like the election was stolen from them. That’s a situation you can end up with in a very, very close election, so it’s even more important to have confidence in the election machinery.”
That appears to be the case again in 2012. Most national polls place President Barack Obama and Republican challenger Mitt Romney in a dead heat.
Ironically, the electronic machines that experts now worry about began showing up in polling places as a reaction to Florida’s messy 2000 vote count, with its butterfly ballots and dimpled chads. In a nightmare for election officials, that race ended in controversy, with the U.S. Supreme Court halting a manual recount and awarding the state, and the presidency, to George W. Bush.
In the wake of that election, federal and state money flowed to update voting systems. Election officials acted quickly — too quickly, some experts say, to see potential problems.
As cumbersome and unsightly as Florida’s recount was, at least it was a recount. With electronic voting, analysts say that if there’s a question about vote totals, there is little to do other than press “Enter” again and let the same computer system that counted the votes the first time count them again.
“Spending money on a problem works best for well-understood problems, such as building roads or fixing bridges …,” reads a recent report from the CalTech/MIT Voting Technology Project, created by the two schools in the wake of the 2000 election.
“Congress gave funds to the states immediately, so the states bought large numbers of voting systems that were then available, before new standards were developed and adopted; it’s a good example of the maxim denoting precipitous action, ‘Ready, fire, aim!’ “
Analysts like Smith and Rubin agree that the first concern with these systems is mechanical failure or human error. They cite cases like a 2006 Florida election, in which electronic machines in one county recorded no vote in a congressional race on 18,000 ballots, even though it was the most high-profile contest on the ticket.
Or the 2004 election in North Carolina when an overloaded machine lost 4,500 votes, affecting a race for state agriculture commissioner that was decided by fewer votes than that.
“Imagine how nervous you would be if the only copy of your term paper was on one disc somewhere,” Rubin said. “Now, we’re talking about a whole bunch of votes sitting on a cartridge somewhere. Even before we worry about tampering, we have to worry about accidental loss.”
While there have been no documented cases of foul play, experts say the potential for malicious hacking is very real.
“It would be a simple, high-school level programming project to do something like this,” Rubin said. “I’ve seen the code. A lot of the code has already been seen on the Internet. You could see exactly how to encode a ballot. Someone with a proficient high-school level programming capability would be able to do it. Definitely any experienced programmer could do it.”
He said a standard, touchscreen voting machine could have its data changed with $20 worth of hardware and a paper clip, a fact that gets more troubling now that expanded early voting has put votes on machines stored in schools, churches and other polling places for weeks before Election Day.
As early as 2003, a team of researchers commissioned by the state of Maryland reported that machines from vendor Diebold were poorly engineered and showed a “high risk of compromise.” Their findings, as noted by the CalTech/MIT report, included the fact that every one of the company’s voting systems used the exact same “secret” encryption key.
After a wave of negative press, including a 2006 HBO documentary called “Hacking Democracy” that explored the vulnerability of its electronic voting machines, Diebold removed its name from its voting systems in 2007 and was later bought by another company.
Thankfully, critics say, such issues are now being minimized on multiple fronts.
However, there are still some concerns in hotly contested states like Ohio. While all machines in Ohio are equipped with printers that create paper ballots, about half the counties in the state use the sort of touchscreen electronic machines that concern observers like Smith.
Those machines have been retrofitted with printers, but tampering risks still exist and comparing electronic ballots with separately created paper ones can be confusing, analysts say.
In the short term, observers like California Institute of Technology political science professor R. Michael Alvarez say elections officials are almost universally aware of the security risks that electronic voting presents.
“There are security issues associated with both the electronic voting machines that are used in polling places, as well as the ballot reading devices. … In many cases, those kinds of security vulnerabilities are relatively well known at this point,” said Alvarez, whose research includes voting technology.
“Many of them have been studied, although certainly new ones may arise,” he said. “Over the last four to six years, elections officials throughout the country have tested and really tried to work to better secure those voting systems.”
With an eye to the future, elections officials throughout the United States have stopped purchasing machines that don’t create a paper trail, with a return to optical- or digital-scanner machines using paper ballots being the preferred alternative.
Some states are retrofitting electronic voting machines with hardware that creates a paper ballot as well. Smith said it has been about seven years since the last significant purchase of electronic-only voting machines in the United States.
“It’s not always the newest, shiniest thing that’s the best thing and, in voting, that tends to be particularly true,” she said.
In the meantime, she’s got a simple piece of advice for anyone worried about the security of their ballot.
“The most important thing for voters to keep in mind is that one way to make sure your vote won’t count is to not show up,” she said. “Whatever system is presented to you, avail yourself of it.”