Researcher says e-voting can't be counted on yet

Inherent flaws in complex software make electronic voting machines a risky proposition, a researcher from Johns Hopkins University said today at a conference in Washington.

'I'm not against computers,' said Avi Rubin, director of Hopkins' Information Security Institute, at the Secure Trusted Operating System Consortium Symposium at George Washington University. 'I believe in touch-screen voting machines,' he said, but he warned that casting and tabulating votes should be done on separate systems because current levels of software assurance are not adequate.

'In order for democracy to work, people need to have confidence in the election system,' he said.

Rubin helped expose software flaws in the Diebold voting platform, from Diebold Election Systems Inc. of North Canton, Ohio, used by a number of states. He also is a member of the security review team for a federal Internet voting pilot expected to handle hundreds of thousands of overseas votes in next year's elections.

Electronic voting has gained attention since the flawed elections of 2000, but problems in computerized voting systems have been cropping up for nearly 20 years, Rubin said. With the existing levels of assurance in software development, unintended bugs are impossible to prevent and intentional back doors are impossible to detect, he said.

A much higher level of code review is necessary to ensure confidence in electronic voting, and this will require open-source, rather than proprietary, software, he said.

The Secure Electronic Registration and Voting Experiment, which will be tested in counties in seven states next year, is an expansion of a small program that counted a handful of overseas military votes in 2000. In 2004, overseas voters from those counties will be able to cast votes over the Internet.

Rubin said that although developers of the system have done a good job, inherent problems with electronic voting and with the Internet probably make it an impractical medium for widespread voting.

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group