E-Voting Security All electronic voting systems have identifiable security issues that could allow a person or persons to affect the outcome of the next election. A study by academic researchers acting on behalf of the State of Ohio documented over 300 security issues. [1] At the request of the State of California, academic researchers conducted a penetration test of electronic voting systems and were able to compromise every system tested. Some of the systems are so insecure that the State of California has banned their use. [2] Virtually all voting districts in this area use that very electronic voting system. The server software for that e-voting system requires that it run on an unpatched Windows 2000 server. There are at least 40 different ways (that I know of) to compromise an unpatched Windows 2000 Server. Are you concerned yet? You should be! Security researcher Harri Hursti was able to hack an electronic voting system right in front of a Florida elections supervisor without detection.[3] These problems can be fixed but not by using the same methods and thinking that were used to create the problems. More background: In 2002, Congress allocated nearly four billion dollars for the purchase of electronic voting equipment even though vendors the technology was still under-developed and insecure. Using this money, the states rushed out to purchase hardware, much of which did not provide for security or auditability elections. Ready or not, electronic voting is here and in many places, voters no longer have a choice but to use electronic voting. In research by the Ponemon Institute, 80% of computer security professionals thought that electronic voting was insecure while only 20% of voters thought so. In 2003, Computer Science Professor Avi Rubin issued his paper Analysis of an Electronic Voting System in which he determined that the security of electronic voting systems was insufficient and trivial to compromise. As a follow up to this paper, the scientific and engineering firm SAIC audited the Windows-based Diebold voting system and determined that "[t]he system, as implemented in policy, procedure, and technology, is at high risk of compromise." Another analysis from the group Raba Technologies confirmed the flaws found in previous analyses. William Arbaugh, a University of Maryland assistant professor of computer science who participated in the test, graded the system an "F". "I was really surprised with the totality of the problems we found. Just about everywhere we looked, we found them. We could have done anything we wanted to," Arbaugh said. "We could change the ballots (before the election) or change the votes during the election." Finnish computer security researcher Harri Hursti was able to demonstrate how he could modify votes recorded by Diebold Optical Scan voting systems. He also determined that the system was susceptible to remote attacks. Due to these flaws and others some have called for an "open source" e-voting application. Such a system would allow anyone to audit the code for correctness and thereby provide a higher level of assurance than a closed source system. What challenges do these issues pose for democracy? Should we be using electronic voting systems while they are still considered insecure? Should voting systems be based on an open standard or should they be proprietary? How would you fix this? Avi Rubin "Analysis of an Electronic Voting System" http://avirubin.com/vote.pdf(Links to an external site.) Bruce Schneier "The Problem with Electronic Voting Machines" http://www.schneier.com/blog/archives/2004/11/the_problem_wit.html(Links to an external site.) Black Box Voting http://www.blackboxvoting.org/(Links to an external site.) Electronic Voting - Overview and Issues http://www.igs.berkeley.edu/library/htElectronicVoting2004.html(Links to an external site.) Harri Hursti Report: http://www.blackboxvoting.org/(Links to an external site.)BBVreport.pdf

Everest Report: http://www.patrickmcdaniel.org/pubs/everest.pdf