In May, Finnish computer security expert Harri Hursti working on behalf of voting activist group Black Box Voting, announced his discovery of a new security vulnerability in Diebold's touch-screen machine; some security experts subsequently deemed this the most severe hole yet found in an electronic voting machine.
The vulnerability involves a feature in Diebold's system that allows election officials or company workers to update software on a machine. Hursti and others argue that anyone who has even brief access to a machine could upload malicious code to it. Voting machines are often left unattended in polling places or at poll workers' homes for days before elections. Diebold, in a statement, described the vulnerability as "theoretical" and low-risk. Still, the firm said it would fix the problem.
Then in June the Brennan Center for Justice released results of a year-long study of voting systems tallying more than 120 security problems involving voting systems made by the top three vendors--Diebold, Election Systems and Software, and Sequoia. The study, conducted by election officials and computer security experts, concluded that the easiest way to tamper with an election would be to introduce software that switched votes from one candidate to another. It found that few states had effective methods for detecting such rogue code.
The report surprised few people, since previous studies had cited many of the same security problems, but it did provide a comprehensive look at security issues across all voting systems, not just beleaguered Diebold. Voting machine makers have responded to this report and to previous ones by asserting that the probability of someone hacking a machine is low and that procedural safeguards act as a check on malicious activity. But Stanford's Dill argues that the integrity of elections shouldn't rely on procedures' being followed perfectly, in view of human fallibility and of past elections in which poll workers often didn't follow prescribed procedures.
Researchers also found that several voting systems incorporated wireless communication devices that made them especially vulnerable to remote attack by someone using a PDA. Disabling the wireless component wouldn't secure the machine, researchers said, because an attacker could design software to re-enable the wireless component. Only New York and Minnesota currently prohibit wireless components in voting machines. California bans wireless tech in touch-screen machines only.
As is the case with traditional hacks, an attacker would have to know the line code to crack a system in this way, but a knowledgeable perpetrator could do it quickly. That makes an insider working for the voting machine's manufacturer the likeliest attacker. Diebold machines are even more vulnerable because the firm accidentally exposed its code via an Internet-accessible server.
Even if all of these flaws are fixed, no computer can be 100 percent secure--that's where verified paper trails come in.