On Tuesday, the Brennan Center for Justice at NYU’s law school released the most comprehensive study to date on the state of electronic voting. The extensive report is a painful read for anyone concerned about the future of democracy, because it shows just how brain-dead easy it is to rig an election with three popular electronic voting systems: direct recording electronic (DRE), DRE with voter verified paper trail, and precinct count optical scan.
Among the more startling findings are the fact that voting machines with wireless components are very easily compromised by anyone with a little know-how and nearby wireless device—you don’t even need a laptop; a PDA will do nicely.
The report also found that voter verified paper trails that aren’t backed up by routine, random audits are good only for instilling a false sense of security in the voting process. You’d think it would be obvious to election officials that even if you get a paper receipt documenting the vote that you cast, any later meddling with that machine’s vote count can go completely undetected if a sample of those receipts are never compared to the final output. But apparently a lot of things that are obvious to tech people go over the heads of election officials (e.g. the idea that you would never want to give wireless access to voting machines.)
It’s worth noting that the Brennan Center task force isn’t just another group of activists:
The government and private sector scientists, voting machine experts, and security professionals on the Task Force worked together for more than a year. The members of the non-partisan panel were drawn from the National Institute of Standards and Technology (?NIST?), the Technical Guidelines Development Committee of the federal Election Assistance Commission (?EAC?), the Lawrence Livermore National Laboratories, leading research universities, and include many of the nation?s foremost security experts.
The Task Force surveyed hundreds of election officials around the country; categorized over 120 security threats; and evaluated countermeasures for repelling attacks. The study examined each of the three most commonly purchased electronic voting systems: electronic machines (?DREs?) with ? and without ? a voter verified paper trail, and precinct-counted optical scan systems (?PCOS?). The report, The Machinery of Democracy: Protecting Elections in an Electronic World, is the first-ever systematic analysis of security vulnerabilities in each of these systems.
The task force concluded the report with a number of recommendations for making electronic voting more tamper-proof. But given the widespread, ongoing evidence of rampant insecurity in popular electronic voting systems (Google “Diebold,” for instance) and the mystifying nationwide failure to do anything about it, will another voice shouting that the house is on fire be enough?
I have this fantasy where I organize a group of computer science types who’ve been working for years on electronic voting problems and we write a book called, How To Steal a National Election: An Step-by-Step Handbook. The book would come complete with everything from discussions of the theory underlying how you could steal a presidential election by rigging a few key counties, to a nuts-and-bolts, “push this, pull here, type in this command” guide to how to rig specific machine models. We’d also include a CD with source code, applications, schematics, all the other tools the modern election fraudster needs. I feel that if there were some way to make clear just how real this threat is and just how easy it is to actually steal and election, maybe folks could get motivated to care. But maybe I’m just fantasizing.
Update: A lot of people were fired up about the book idea. If you’re interested in it, go here.