GAO report on electronic voting machines

Submitted by Sarah Gonzales on November 17, 2005 - 5:07pm. :: | |

I know... preaching to the choir... , but if you haven't seen Baxter the CHIMPANZEE filmed in front of a live press audience hacking a Diebold machine, it's worth a look! Quicktime Player required. Baxter was successfully able to delete the audit log, just by pressing buttons / moving the mouse on the keyboard.

If we don't fix this problem, we have truly lost our Democracy. The right to vote AND for our votes to be accurately counted is the cornerstone of any Democracy.

Most of you have received info on a report issued by the General Accounting Office of the US government in September / October 2005, outlining the inherent insecurity of the electronic voting machines. The title of the GAO report is...

"Elections: Federal Efforts to Improve Security and Reliability of Electronic Voting Systems Are Under Way, but Key Activities Need to Be Completed"

If you wish to view the full GAO report (it's long, but worth the read - don't if you're suffering from severe depression already - grin grin) is here:

Report# GAO-05-956 ACCNO: A37777 - Download full PDF of report

Summary:
Elections: Federal Efforts to Improve Security and Reliability of Electronic Voting Systems Are Under Way, but Key Activities Need to Be Completed (21-SEP-05, GAO-05-956). The Help America Vote Act of 2002 established the Election Assistance Commission (EAC) to help improve state and local administration of federal elections and authorized funding for state and local governments to expand their use of electronic voting systems. EAC began operations in January 2004. However, reported problems with electronic voting systems have led to questions about the security and reliability of these systems. GAO was requested to

(1) determine the significant security and reliability concerns identified about electronic voting systems,

(2) identify recommended practices relevant to ensuring the security and reliability of these systems, and

(3) describe actions taken or planned to improve their security and reliability.

The result in brief from the report is below:
While electronic voting systems hold promise for a more accurate and efficient election process, numerous entities have raised concerns about their security and reliability, citing instances of weak security controls, system design flaws, inadequate system version control, inadequate security testing, incorrect system configuration, poor security management, and vague or incomplete voting system standards, among other issues. For example, studies found

(1) some electronic voting systems did not encrypt cast ballots or system audit logs, and it was possible to alter both without being detected;

(2) it was possible to alter the files that define how a ballot looks and works so that the votes for one candidate could be recorded for a different candidate; and

(3) vendors installed uncertified versions of voting system software at the local level. It is important to note that many of the reported concerns were drawn from specific system makes and models or from a specific jurisdiction’s election, and that there is a lack of consensus among election officials and other experts on the pervasiveness of the concerns. Nevertheless, some of these concerns were reported to have caused local problems in federal elections—resulting in the loss or miscount of votes—and therefore merit attention.


AttachmentSize
GAO_Report_09-2005.pdf2.8 MB