Report: Voting systems not secure from attack

The Brennan Center Task Force on Voting System Security has released its report on the three most commonly purchased voting systems. It conducted a systematic threat analysis of the systems to determine how they could be subverted.

The task force included some of the biggest names in computer security, including Matthew Zimmerman of the Electronic Frontier Foundation, Ronald Rivest, who helped invent the RSA encryption algorithm, and Bruce Schneier, who literally wrote the book on cryptography.

“As electronic voting machines become the norm on Election Day, voters are more and more concerned that these machines are susceptible to fraud,” said Michael Waldman, the Brennan Center’s executive director. “In fact, we’ve learned a lot from our study. These machines are vulnerable to attack. That’s the bad news. The good news is that we know how to reduce the risks and the solutions are within reach.”

You shouldn’t be surprised to learn from the report (PDF) that all three of the voting systems are susceptible to fraud through very simple attacks which could change the outcome of an election. While there are simple steps that jurisdictions using the machines can take to mitigate the threats, the report found that most jurisdictions hadn’t bothered.

The 162-page report details exactly how these attacks are carried out and also explains how election officials can defeat them.

Voting machine vendors, however, seem unconcerned.

“It just isn’t the piece of equipment,” said David Bear, a spokesman for Diebold Election Systems, one of the country’s largest vendors. “It’s all the elements of an election environment that make for a secure election.”

“This report is based on speculation rather than an examination of the record. To date, voting systems have not been successfully attacked in a live election,” said Bob Cohen, a spokesman for the Election Technology Council, a voting machine vendors’ trade group. “The purported vulnerabilities presented in this study, while interesting in theory, would be extremely difficult to exploit.” — Washington Post

Or so they say. As Schneier points out, with the lack of auditing in the machines, we have no real way to know if a voting system has been successfully attacked. This means that election results using these machines are inherently untrustworthy.

I wish the Washington Post found someone to point out that there have been many, many irregularities with electronic voting machines over the years, and the lack of convincing evidence of fraud is exactly the problem with their no-audit-possible systems. Or that the “it’s all theoretical” argument is the same one that software vendors used to use to discredit security vulnerabilities before the full-disclosure movement forced them to admit that their software had problems. — Bruce Schneier

We all know the voting systems have problems. But the vendors of these systems won’t produce better, more reliable, more trustworthy voting systems until their customers, states and local election boards, demand it. (And it’s possible that even then, they’ll refuse.)

Now why would anyone want a secure, trustworthy voting system?

[Correction: A previous version of this story incorrectly stated that Matthew Zimmerman wrote Pretty Good Privacy. PGP was written by Philip R. Zimmermann. Matthew Zimmerman is a staff attorney for the Electronic Frontier Foundation specializing in electronic voting issues.]