Presidential and Congressional elections are about a month away, so this is a good time to revisit the state of voting machine security.
Most of the online security news concerning the election focuses on the hacking of Republican Vice Presidential nominee Sarah Palin's e-mail. That is far from the most important issue, however.
The background is ominous. At the beginning of the year, I conducted an interview with Brad Friedman, a voting rights advocate who runs a site that covers electronic voting security. Friedman painted a frightening picture of poorly engineered systems that were a step or two behind corporate security and therefore behind the hackers and crackers with whom corporate IT staffs battle every day.
The problems persist. Frightening material is available in this Scoop piece that details studies on e-voting by The Computer Security Group at the University of California Santa Barbara. The piece includes a video showing how easily a Sequoia voting system can be hacked. The story says that a machine serving an entire county can be compromised in about 3 seconds by a person with access and a USB thumb drive. The hack could be undetectable.
Scary scenarios are common when it comes to electronic voting, and no place is more frightening than Ohio. The state was ground zero for alleged electronic voting irregularities during the 2004 presidential election. AlterNet this week posted a long interview Friedman conducted with Ohio Secretary of State Jennifer Brunner. Brunner defeated Kenneth Blackwell for the position, which includes voting oversight. Blackwell, who was the director of George Bush's Ohio campaign effort, was a controversial figure in 2004. Brunner told Friedman of changes she has made in the voting system in the state, directives she is issuing and other plans she has to make voting more transparent and secure than it is alleged to have been during the previous election.
Sequoia and Diebold -- now called Premier Election Solutions -- are two of the major providers of electronic voting machines. Diebold/Premier recently acknowledged a 10-year-old flaw in its system. Bruce Schneier describes the problem and links to details of a lawsuit brought by Brunner against the firm. The McClatchy story to which Schneier links describes investments in what the piece terms insecure and unreliable touch-screen systems in Alaska, California, Florida, Iowa, Maryland, Tennessee and New Mexico.
Identity theft also is a problem. NewsFactor Network reports that thieves are trying to obtain sensitive information from people under the guise of voter registration efforts. This is done via both phone and spam e-mails. The writer notes that in general the young are the most vulnerable to identity theft, and that strongly correlates to first-time voters.
The electorate in the United States is fairly evenly split between Democrats and Republicans, virtually guaranteeing that elections will be close. It seems that some steps have been taken since 2004, but that they are inadequate. It's a shame that the problems that have become so obvious during the past two presidential elections -- not to mention other races -- haven't led authorities to truly address the issues.