Professor calls for improved security in e-voting systems
As Election Day approaches, the news media is already reporting on concerns over voter irregularities. Dan Lopresti, professor in the department of computer science and engineering and recognized e-voting expert, warns that electronic voting technologies, such as the machines that many Pennsylvania residents will be using in November, carry many risks and vulnerabilities.
Lopresti's October 23 presentation, Making Every E-Vote Count, was held in Linderman Library and sponsored by the Friends of the Lehigh Libraries. During his talk, Lopresti recalled the 2000 Presidential election in Florida as an example of voting technologies creating confusion. The infamous butterfly ballot was a classic example of bad user interface design, said Lopresti. In addition, the voting machines in Florida were prone to paper jams, leading to hanging and dimpled chads, which made it hard to determine voter intent.
The transition to electronic voting, or e-voting, systems, has the potential to cause even more turmoil, and experts like Lopresti have serious concerns that these systems could compromise a fair and accurate election.
Votes under attack
Electronic voting vendors provide many different options for election machines, some better than others, said Lopresti. However, all of the machines are similar in that they are nothing more than computers with specialized voting software. Computer bugs can cause the system to be crash and lose votes. Hackers can find openings in the system and compromise the election results.
Computers are so malleable, Lopresti said. Hackers can do anything to a system and then hide the fact that they’ve done it. That’s a huge problem that we have to be worried about with computers.
Electronic voting vendors say that they must keep their software secret, Lopresti said, yet copies of these systems, even the machines themselves, can be found on the internet. Many researchers interested in election security have found that these systems can be hacked into and reprogrammed in just a matter of a few minutes.
Lopresti gave a disturbing example of a vulnerable e-voting machine that was used in recent elections, the Diebold (now Premier) AccuVote. Each of the machines contains a memory card that functions to guard the integrity of voting records by encrypting and storing them. For a period of time, the same default key (or password) was used in every AccuVote machine across the country, meaning that a hacker needed to know only that one piece of information to mount a potential attack.
A group of university researchers, concerned about the security of this particular system, identified the password within the code and published it to call attention to the poor security practice. The password was widely available on the internet but the company did not change it for at least two years.
Identifying these kinds of vulnerabilities and mitigating them is essential for ensuring a fair and accurate election. However, the current government certification process provides little assurance that it can identify critical vulnerabilities. Several states have taken their own initiative to ban certain types of e-voting systems. Some of these machines are still in use in Pennsylvania.
Pennsylvania is a key state in the upcoming election and yet has one of the weakest systems of electronic voting, said Lopresti. We can – and should – do better.
Paper records and better policies
Lopresti said that it is important to weigh several alternatives when deciding upon an election technology. To ensure a secure and transparent election, a machine should provide an accurate determination of voter intent, ensure voter anonymity, be accessible for disabled and non-native English voters, and prevent confusion for the voter.
Many experts recommend the use of Voter-Verified Paper Records (VVPR). Having some kind of physical record of the vote, whether it is paper or something else, is the only way to guarantee an independent recount, Lopresti said. In electronic systems, the record of the individual’s vote is stored inside the machine and it will be compromised if there are issues in regard to bugs or if a hacker has attacked the system.
In addition to using VVPR, Lopresti recommended mandatory audits such as a hand-counting a random sampling of all ballots and that election security experts have access to e-voting software and hardware to verify that the machines will be reliable, accurate and secure.
Many systems were not very well thought out and implemented too hastily without the advice of experts, he said. Voting technology must be open and accessible so experts can look at how the system is implemented.
He also urged legislators to pass pending legislation in Congress, such as The Voter Confidence and Increased Accessibility Act.
Despite questions regarding the quality of our current e-voting systems, Lopresti urges voters to make their votes count by showing up at the polls.
If you’re going to make your vote count, you have to get out and vote in the first place, he said.
Lopresti is an active researcher and lecturer on e-voting. He is co-director of Lehigh's Pattern Recognition Research Lab and co-principal investigator of a multi-institutional NSF project: Paper and Electronic Records of Elections: Cultivating Trust (PERFECT).
Lopresti has also served as an expert witness in many court cases. This week Lopresti will travel to Philadelphia testify in a court case filed last Thursday by several voter rights groups against Pennsylvania Secretary of State Pedro Cortes. The plaintiffs seek emergency paper ballots for Pennsylvania voters should electronic machines break down. The groups say that under the current state directive issued by Cortes, voters will have to wait in long lines and citizens will be discouraged from voting.
—Caitlyn Kennedy
Lopresti's October 23 presentation, Making Every E-Vote Count, was held in Linderman Library and sponsored by the Friends of the Lehigh Libraries. During his talk, Lopresti recalled the 2000 Presidential election in Florida as an example of voting technologies creating confusion. The infamous butterfly ballot was a classic example of bad user interface design, said Lopresti. In addition, the voting machines in Florida were prone to paper jams, leading to hanging and dimpled chads, which made it hard to determine voter intent.
| Dan Lopresti |
The transition to electronic voting, or e-voting, systems, has the potential to cause even more turmoil, and experts like Lopresti have serious concerns that these systems could compromise a fair and accurate election.
Votes under attack
Electronic voting vendors provide many different options for election machines, some better than others, said Lopresti. However, all of the machines are similar in that they are nothing more than computers with specialized voting software. Computer bugs can cause the system to be crash and lose votes. Hackers can find openings in the system and compromise the election results.
Computers are so malleable, Lopresti said. Hackers can do anything to a system and then hide the fact that they’ve done it. That’s a huge problem that we have to be worried about with computers.
Electronic voting vendors say that they must keep their software secret, Lopresti said, yet copies of these systems, even the machines themselves, can be found on the internet. Many researchers interested in election security have found that these systems can be hacked into and reprogrammed in just a matter of a few minutes.
Lopresti gave a disturbing example of a vulnerable e-voting machine that was used in recent elections, the Diebold (now Premier) AccuVote. Each of the machines contains a memory card that functions to guard the integrity of voting records by encrypting and storing them. For a period of time, the same default key (or password) was used in every AccuVote machine across the country, meaning that a hacker needed to know only that one piece of information to mount a potential attack.
A group of university researchers, concerned about the security of this particular system, identified the password within the code and published it to call attention to the poor security practice. The password was widely available on the internet but the company did not change it for at least two years.
Identifying these kinds of vulnerabilities and mitigating them is essential for ensuring a fair and accurate election. However, the current government certification process provides little assurance that it can identify critical vulnerabilities. Several states have taken their own initiative to ban certain types of e-voting systems. Some of these machines are still in use in Pennsylvania.
Pennsylvania is a key state in the upcoming election and yet has one of the weakest systems of electronic voting, said Lopresti. We can – and should – do better.
Paper records and better policies
Lopresti said that it is important to weigh several alternatives when deciding upon an election technology. To ensure a secure and transparent election, a machine should provide an accurate determination of voter intent, ensure voter anonymity, be accessible for disabled and non-native English voters, and prevent confusion for the voter.
Many experts recommend the use of Voter-Verified Paper Records (VVPR). Having some kind of physical record of the vote, whether it is paper or something else, is the only way to guarantee an independent recount, Lopresti said. In electronic systems, the record of the individual’s vote is stored inside the machine and it will be compromised if there are issues in regard to bugs or if a hacker has attacked the system.
In addition to using VVPR, Lopresti recommended mandatory audits such as a hand-counting a random sampling of all ballots and that election security experts have access to e-voting software and hardware to verify that the machines will be reliable, accurate and secure.
Many systems were not very well thought out and implemented too hastily without the advice of experts, he said. Voting technology must be open and accessible so experts can look at how the system is implemented.
He also urged legislators to pass pending legislation in Congress, such as The Voter Confidence and Increased Accessibility Act.
Despite questions regarding the quality of our current e-voting systems, Lopresti urges voters to make their votes count by showing up at the polls.
If you’re going to make your vote count, you have to get out and vote in the first place, he said.
Lopresti is an active researcher and lecturer on e-voting. He is co-director of Lehigh's Pattern Recognition Research Lab and co-principal investigator of a multi-institutional NSF project: Paper and Electronic Records of Elections: Cultivating Trust (PERFECT).
Lopresti has also served as an expert witness in many court cases. This week Lopresti will travel to Philadelphia testify in a court case filed last Thursday by several voter rights groups against Pennsylvania Secretary of State Pedro Cortes. The plaintiffs seek emergency paper ballots for Pennsylvania voters should electronic machines break down. The groups say that under the current state directive issued by Cortes, voters will have to wait in long lines and citizens will be discouraged from voting.
—Caitlyn Kennedy
Posted on:
Sunday, October 26, 2008
Share This Story:
