Thursday, September 21, 2006

Rolling Stone: Will The Next Election be Hacked?


By Robert F. Kennedy Jr

The debacle of the 2000 presidential election made it all too apparent to most Americans that our electoral system is broken. And private-sector entrepreneurs were quick to offer a fix: Touch-screen voting machines, promised the industry and its lobbyists, would make voting as easy and reliable as withdrawing cash from an ATM. Congress, always ready with funds for needy industries, swiftly authorized $3.9 billion to upgrade the nation's election systems - with much of the money devoted to installing electronic voting machines in each of America's 180,000 precincts. But as midterm elections approach this November, electronic voting machines are making things worse instead of better. Studies have demonstrated that hackers can easily rig the technology to fix an election - and across the country this year, faulty equipment and lax security have repeatedly undermined election primaries. In Tarrant County, Texas, electronic machines counted some ballots as many as six times, recording 100,000 more votes than were actually cast. In San Diego, poll workers took machines home for unsupervised "sleepovers" before the vote, leaving the equipment vulnerable to tampering. And in Ohio - where, as I recently reported in "Was the 2004 Election Stolen?" [RS 1002], dirty tricks may have cost John Kerry the presidency - a government report uncovered large and unexplained discrepancies in vote totals recorded by machines in Cuyahoga County.

Even worse, many electronic machines don't produce a paper record that can be recounted when equipment malfunctions - an omission that practically invites malicious tampering. "Every board of election has staff members with the technological ability to fix an election," Ion Sancho, an election supervisor in Leon County, Florida, told me. "Even one corrupt staffer can throw an election. Without paper records, it could happen under my nose and there is no way I'd ever find out about it. With a few key people in the right places, it would be possible to throw a presidential election."

-SNIP-

In October 2005, the government Accountability Office issued a damning report on electronic voting machines. Citing widespread irregularities and malfunctions, the government's top watchdog agency concluded that a host of weaknesses with touch-screen and optical-scan technology "could damage the integrity of ballots, votes and voting-system software by allowing unauthorized modifications." Some electronic systems used passwords that were "easily guessed" or employed identical passwords for numerous systems. Software could be handled and transported with no clear chain of custody, and locks protecting computer hardware were easy to pick. Unsecured memory cards could enable individuals to "vote multiple times, change vote totals and produce false election reports."

An even more comprehensive report released in June by the Brennan Center for Justice, a nonpartisan think tank at the New York University School of Law, echoed the GAO's findings. The report - conducted by a task force of computer scientists and security experts from the government, universities and the private sector - was peer-reviewed by the National Institute of Standards and Technology. Electronic voting machines widely adopted since 2000, the report concluded, "pose a real danger to the integrity of national, state and local elections." While no instances of hacking have yet been documented, the report identified 120 security threats to three widely used machines - the easiest method of attack being to utilize corrupt software that shifts votes from one candidate to another. Computer experts have demonstrated that a successful attack would be relatively simple. In a study released on September 13th, computer scientists at Princeton University created vote-stealing software that can be injected into a Diebold machine in as little as a minute, obscuring all evidence of its presence. They also created a virus that can "infect" other units in a voting system, committing "widespread fraud" from a single machine. Within sixty seconds, a lone hacker can own an election.

FULL STORY

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home