Close Mobile Menu
Back
Benefit of the Week

The Graduate Wine Collective

Wines crafted by UC Berkeley alumni.
Join the Club
Back
Upcoming Event

Cal for All: Advancing Sustainable and Equitable Futures

Creating lasting change requires collaboration across industries, communities, and generations. Dr. Yvette Gullatt ’88, M.A. ’94, Ph.D. ’05  will discuss ways innovation, sustainability, and equity can drive a better future.

RSVP

Count Down

September 15, 2009
by Anne Pinckard

Electronic voting systems have been regarded with suspicion by the public in the wake of accusations that the machines have lost or miscounted votes. The manufacturers involved have improved their equipment in an attempt to regain voters’ trust, but even now Berkeley cryptologist David Wagner finds that not enough has changed: The systems are still vulnerable.

In 2004 Bev Harris, founder of the nonprofit elections watchdog organization Black Box Voting, stumbled on some unsecured programming code for a direct recording electronic (DRE) voting system. Three years later, California Secretary of State Debra Bowen asked Wagner and some of his colleagues to do a top-to-bottom review of the DRE systems in California elections. Of the three that fully cooperated with the review, they found each susceptible to attacks on its software. Their report prompted Bowen to decertify all DRE voting systems except for provisional use: One will be available at each polling place, primarily for handicapped voters, and must be accompanied by increased security measures and a complete manual recount.

These requirements will safeguard California voters. However, counties in several states, including Virginia, Texas, South Carolina, and Georgia, will be using DRE voting systems this November, without necessarily changing procedures that require a paper record or prevent tampering. Wagner says he’s disturbed “because there’s no paper trail, nobody to audit the election after the fact, no way to do a recount, and so if someone claims that the election was stolen there’s no way to prove or disprove that.”

The hacking scenario Wagner describes seems right out of a political thriller. A malefactor breaks into the polling place—often a school, church, or garage with inadequate security—where the machines are stored the night before an election. He accesses the internal systems without damaging the tamper evidence seals, uploads a virus, and then exits without leaving a trace. Election officials inadvertently spread the virus when they transfer the votes from the infected units to the computer system at the county’s headquarters. Such an attack would take even a tech-savvy person some time to pull off, but it seems plausible enough for Wagner.

In 2002, responding to the decline in voter confidence after the 2000 presidential election results, Congress passed the Help America Vote Act (HAVA), which allocated $3.9¬†billion in funding for states to review and upgrade their voting systems. Only there was a catch: The funding and upgrades had to be completed by 2004. States scrambled to take advantage of the funding; the equipment then on the market, however, had been in use on a small scale and for limited purposes. Soon, every state touted electronic machines. However, accounts of errors began popping up in the news. In 2002, The Washington Times quoted one Maryland voter who watched as the x marking his selection vanished, only to reappear by the opponent’s name. Virginia voters experienced a similar problem in 2003, according to The Washington Post. A California scrutiny of machines in 2004 proved several systems had lost or miscounted votes and had been used with uncertified software. While not necessarily the result of tampering, these incidents prove the systems are unstable.

Wagner says the machines met the standards of the time, but “The standards weren’t up to snuff.” And while patches have been added, he says, “If security wasn’t one of your goals up front, if you weren’t thinking about it, then you usually end up with a system that has some security problem.”

Wagner supports the almost-exclusive use of paper ballots this fall in California because they are more secure. When he looks at the current equipment, he does so as “a computer scientist and I think ‘Boy, we could do better than that’.” However, he still sees promise in electronic voting. Electronic systems obviously lessen the logistical nightmare of sorting and counting paper ballots, and DREs are the only voting method that can fully accommodate handicapped voters. Wagner serves on the federal advisory committee that drafted a new set of standards, open for public review and commentary, and is a principal investigator with ACCURATE (A Center for Correct, Usable, Reliable, Auditable, and Transparent Elections), funded by the National Science Foundation. Wagner remains optimistic that these guidelines, which will be voluntary for states, would vastly improve voting security.

If anything, this entire experience has made him less of a cynic about the government’s ability to understand and adapt to new technology. He says he’s encountered a number of dedicated officials who are committed to making elections secure. As for the fact that California’s solution to the technological mess was simply to remove the technology entirely, he says, “I’m a geek, I love all my high-tech toys, but,” he shrugs, “they’ve got an election to run.”

Share this article