Outlawed in some European countries as unconstitutional, electronic voting machines are popular in the U.S. but the potential for fraud is a very big problem. Hacking, programming errors, and limited/no oversight makes fraud easy.
This article isn’t about any actual vote fraud, which is difficult to prove because of the nature of voting machines, rather it is a look at very real and also potential threats to the U.S. and any other democratic country using electronic voting.
When looking at the possibility that fraud is occurring but circumstances make it virtually impossible to detect, it is important to look at possible motivation and the potential for problems. In other words, would someone be tempted to do it and how hard would it be?
All electronic voting machines share a basic verification problem.
When you mark your vote on a monitor screen you have no way to know if it was recorded properly. If the machine is a model which shows your “vote” on screen and gives you the opportunity to confirm it, you still only know that it displayed your choice correctly, not that it was recorded the same way.
It is easy to program any computer to ignore input, or display a copy of the input while recording some other data entirely.
If the voting machine prints out your vote that may give you more confidence but really only means your input was copied to the printer, again there is no way to know if it was actually recorded that way.
There is no real security in that unless every printout is counted by hand, in which case why have an expensive machine instead of a paper ballot?
It is extremely difficult to even know for certain there wasn’t any vote count fraud using electronic voting machines.
That is just the start of the problem.
Even if all votes were recorded correctly in the machine, that doesn’t mean the results can’t be hacked at some later stage of the vote count.
What are the potential threats?
First, consider that if a few companies supply all the voting machines and all the programmers, that puts the entire voting process in the hands of those few companies or individuals. Programmers hide little bits of code all the time in large programs.
Those voting machine companies also control in large part how ballots appear and it’s been shown that can alter voting patterns.
By contrast, when using paper ballets there are tens of thousands of poll watchers from all parties watching each other so while fraudulent counts are possible in isolated instances, large scale fraud is difficult or impossible, if only because no big secret stays secret for long in politics.
Poll watchers can oversee voting machines but, as a matter of basic security can have no way of knowing what is happening inside them.
There is an obvious potential motivation for election fraud – individuals and parties spend small and large fortunes to win elections.
Why spend a $20 million fighting over an election when it costs far less to steal it. Even worse, if people are convinced they are doing the right thing, they can justify manipulating the vote count just as easily as they can justify lying about their own or their opponent’s record.
So, we have:
1. A situation where it is virtually impossible to detect a carefully planned fraud.
2. Relatively easy ways to manipulate the vote count.
3. Very strong motivation for committing the fraud.
In addition to the potential for deliberate vote count manipulation by big organizations there is the basic problem posed by all electronic record gathering and storage – hackers.
At the 2004 Summercon when electronic voting machines were just being installed in many areas, I was asked at the last minute by the organizers to sit in on a panel discussion about the security (or lack thereof) of electronic voting machines.
(Summercon is one of the oldest hacker conventions – I had also been a guest speaker the previous year.)
After just a few minutes of online research I found dozens of reports of problems and a report from Princeton U. describing how insecure voting machines are and how simple it would be to hack into the various systems.
For what should be obvious reasons I won’t go into the details of any of the hacks already known back then or any of the exciting new ways to hack electronic voting machines but the information is out there.
My goal isn’t to discourage people from voting but to inform you about some questions you might want to discuss with your local election officials – bearing in mind that they probably know less about computers than the average 10-year-old.
The 2009 Electronic Voting Technology Workshop/ Workshop on Trustworthy Elections held in Montreal, Canada had some interesting reports which are available online in PDF or audio formats.
One test conducted by several universities demonstrated that it cost $100,000 to hack one brand of electronic voting machine using only the information about the voting system published on the company web site.
That’s a LOT of money for one individual, but the cost of a 30-second TV commercial for many political campaigns.
A copy of that detailed test information (on a machine bought surplus for $82 after the $5,200 machine was retired by a North Carolina voting district) is available at:
PC World carried a brief story about this in August, 2009.
(Disclaimer, I wrote a few articles for the editor of PC World in the distant past but I have written for more than 100 computer publications and had no special relationship with PC World – see http://siliconsamurai.info/ for details.)
Some will say that this was just an old machine and dismiss the threat.
In 2010 researchers at Princeton and the University of Michigan published a video of a Sequoia AVC-edge e-voting machine playing Pac-Man.
The particular machine was used in the 2008 elections.
If that doesn’t scare you enough, how about this – the programming for this and other e-voting machines has to be periodically updated and the AVC-edge contains the programming in a CompactFlash memory card. Reprogramming the voting machine is as simple as swapping the cards.
Earlier tests showed that breaking into supposedly secure voting machines is often a trivial task – but why not just show up with a fake company ID to “service” the machines which are normally kept in one location for each voting district?
In the case of the “Pac-Man” test, the security seals were not disturbed.
When it often relies on computer technology equivalent to the first IBM-PC, just how certain can you be that your e-vote is ever even recorded properly let alone counted correctly?
It has been repeatedly demonstrated that many e-voting machines are easy to hack, perhaps even just for fun (some hackers have a strange sense of humor and all of them – even those of us who wear metaphorical white hats find it difficult to pass up a challenge.)
For those who wish a more technical analysis of the problems, Princeton University maintains an archive of “E-Voting Studies at Princeton.”
Do our elected officials know about these security threats? Well, this year’s e-voting technology workshop was held in Washington, DC.