I took some heat last year when I supported a third-party candidate for California Secretary of State. I still think it's necessary to support strong third-party candidacies. However Debra Bowen, the Democrat who won the election, has been making some headlines recently, and they have been (mostly) good ones.
In July a study commissioned by Bowen found that, not too surprisingly, electronic voting machines can be hacked!
On August 3rd, informed by the results of that study, Bowen announced that she would decertify all the existing electronic voting machines in the state, and then recertify them under new rules.
Of course Bowen's decision triggered criticism from voting machine vendors and more notably from some county election supervisors, who now have to scramble change their plans for next February's primaries.
For example, Napa County Registrar John Tuteur lambasted Bowen's decision, calling it "reckless and ego-driven." Of course Tuteur also thinks that voting delays in the 2006 election weren't the fault of the voting machines--they were the fault of that pesky state law requiring voting machines to provide a paper trail.
Knee-jerk criticism of Bowen's decertification decision is unwarranted. The study that she commissioned was done with full public visibility, a rigorous testing methodology, and teams of experts. They looked at machine functions, performance, software source code, security, and many other factors. In the end every machine they tested was deemed inadequate. Detailed information is available on the Secretary of State's Top to Bottom Review page.
All of the machines were vulnerable to hacks by someone who knows about Microsoft Windows security flaws, and many of those hacks, even the ones that changed election outcomes, could be difficult or impossible to detect.
The testers found other vulnerabilities that are so bad they are almost amusing:
- Using a "common household substance" on a Diebold machine someone could "covertly destroy" the printed records of voter ballots after the fact, so there would be no way to recount the votes or compare the paper ballots to the electronic vote totals.
- Using "tools found in a typical office" under typical polling place conditions someone could "violate the physical security of every aspect" of the Diebold TSx voting machine.
- Diebold machines were found particularly susceptible to computer viruses that could move from machine to machine and even to the central election management machine, corrupting votes along the way.
- One of the Sequoia models had a "shell-like scripting language" hidden in its firmware, which "could be coerced into performing malicious actions." A firmware hack like that is particularly sneaky, since it would persist even if some did a clean re-installation of the software on the machine.
- Sequoia machines' "Logic and Accuracy" self-testing procedure runs "in a mode distinct from Election Day mode." That separation would make it easier to alter the Election Day mode (maybe using the aforementioned firmware hack) without affecting the Logic and Accuracy tests.
- The testers found an "undisclosed database user name and password" on the Hart Intercivic machines.
- Someone could perform "malicious actions" on a Hart optical scan machine, including altering vote totals, using "tools commonly found in an office."
In fact, based on the poor performance of all the machines, it's surprising that Bowen's decision allows all of those machines to be re-certified for use in February 2008, if vendors and county election officials can meet certain conditions in time.
In spite of all the vulnerabilities that were found, Bowen doesn't seem to require any changes to machine hardware or software. Most of the conditions involve procedural changes and physical security measures.
The new measures should make it harder to hack the machines, but it will still be very possible.
This could be an attempt by Bowen to find some middle ground, and to use these flawed machines in February with as many new safeguards in place as possible.
Frankly I'd still rather use paper ballots than vulnerable electronic machines. Like many voters, I wouldn't mind standing in line for a while to vote if I thought it would increase the chances that my vote would count.
Let's hope that Bowen continues to hold the voting machine vendors to a higher standard than do other Secretaries of State, and that a way opens up soon for the introduction of open source voting systems like those espoused by the Open Voting Consortium.