Despite e-voting improvements, audits still needed for ballot integrity
E-voting technologies have gotten more reliable since 2000, Caltech-MIT Voting Technology Project says
Computerworld - Technology and process upgrades implemented since the controversial 2000 presidential election have made electronic voting machines more secure and reliable to use, the Caltech-MIT Voting Technology Project said in a report last week.
Even so, the only way to ensure the integrity of votes cast with the systems is to have mandatory auditing of the results and of all voting technologies used in an election, the 85-page report cautioned.
Rather than setting security standards for election equipment, the better approach for safeguarding ballot integrity is to hand-count a sufficiently large and random sample of the paper records of votes cast electronically, it said. "The 2000 United States presidential election put a spotlight on the fragility and vulnerability of voting technology," the report said. "It became clear that providing robust, accurate, and secure voting systems remained an important open technical problem" for the United States.
The Voting Technology Project is a joint initiative between MIT and Caltech. It was launched originally to investigate the causes of the voting problems in Florida in 2000 and to make recommendations based on the findings.
Some progress has been made since 2000, said Michael Alvarez, professor of political science at Caltech and co-director of the Voting Technology Project. The antiquated lever-activated punch-card voting systems that led to the infamous hanging chad fiasco in Florida have been mostly replaced with newer, more reliable optical scan and electronic voting systems, he said.
In the upcoming Nov. 6 elections, nearly three out of five counties will use optical-scan technology, with the rest relying on some form of direct-record electronic systems. A very small number of counties will use purely hand-counted paper ballots.
In the past 10 years, there has also been a move away from all-electronic voting systems to electronic systems that support a voter verifiable paper ballot trail, the report noted. That trend has been driven largely by security concerns related to direct-record electronic (DRE) voting machines from companies such as Diebold.
DRE machines processed and stored all ballots electronically and offered little way for voters and election officials to determine for certain whether votes were being recorded and counted correctly. Studies conducted by numerous researchers over the past few years have shown DRE systems to be highly vulnerable to all sorts of tampering and compromises because of their poor design and engineering.
Because of such concerns, much attention has been paid to ensure that votes cast electronically this year have a paper record that can be counted and verified manually if needed. States such as California in particular have led the effort to get voting machine vendors to implement better security. The report pointed to California's decertification of all DRE machines in 2007 as one example of such efforts.
Post-election auditing technologies and approaches have also improved substantially since 2000, thanks mainly to efforts by security researchers and cryptographers, Alvarez said. This year, he said, at least half of all states will conduct post-election audits based on sound statistical principles. Others, including California, have been conducting pilot risk-limiting audits to identify potential issues before votes are cast.
Another big improvement since 2000 is the growing use of centralized statewide voter registration databases. Those databases have enabled quicker voter identification and have given states a better way to address vote loss due to registration problems, Alvarez said. Voter registration databases have also made it easier for state election officials to roll out early voting facilities, he said.
In 2000, between 4 million to 6 million votes were lost nationwide because of voting equipment and ballot problems and because of voter registration problems. But thanks to new technologies and improved processes implemented since then, the number of lost votes is expected to be dramatically lower.
Even so, concerns remain. The increased interest in Internet voting and voting by mail is worrisome, Alvarez noted. Both methods are inherently insecure and vulnerable to tampering and fraud. The federal system to certify electronic voting technologies to specific security standards has also been costly to implement and not particularly effective, he said.
When voters go to the polls this year they will see little that is new in terms of technology Alvarez said. "We haven't had an opportunity to improve voting technology" because of the recession, he said. "The problem that states and counties have had with public finances have made it difficult for election officials to invest in new technologies. We will hopefully see that change as public finances improve."
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His email address is email@example.com.
- NYC wants its old mechanical-lever voting machines back
- Twitter a big winner in 2012 presidential election
- E-voting machine swaps Obama vote for Romney; taken offline
- Ruling expected shortly in Ohio e-voting lawsuit
- Update: Lawsuit filed in Ohio over software updates to vote tabulation machines
- States rebut RNC complaints about e-voting systems
- Despite e-voting improvements, audits still needed for ballot integrity
- Obama, Romney cite Apple, tech issues in debate
- Twitter becomes new debate spin room
- IT offshoring: Romney vs. Obama
Read more about Government IT in Computerworld's Government IT Topic Center.
- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
If you like your iPhone, you can keep your iPhone. Period.
President Obama has revealed that he's not permitted to carry an iPhone. It's too insecure for the job, he says. Instead, he's stuck with a BlackBerry. Well, someone's got to have one still. However, it turns out that the Pentagon has also outlawed non-BlackBerry smartphones. In IT Blogwatch, bloggers joke that 2006 called and they want their smartphones back.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Mitigating DDoS Attacks with F5 Technology
- This document examines various DDoS attack methods and the application of specific ADC technologies to block attacks in the DDoS threat spectrum while...
- The DDoS Threat Spectrum
- Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- Defending Against Denial of Service Attacks
- By utilizing end-user interviews, this whitepaper explores a deeper understanding of DDoS defense plans and reveals the knowledge gaps around the Denial of...
- Strategic Solutions for Government IT
- This paper outlines why F5 is the optimum partner to help achieve the levels of security, performance and availability that are vital to...
- Accelerating Speed to Market in the Highly Competitive Automotive Industry
- This White Paper discusses how an Enterprise Project Portfolio Management solution optimizes project analysis, management, reporting and risk mitigation processes to accelerate new... All Government IT White Papers
- Modernizing SAP environments with minimum risk - a path to Big Data Hear from top IDC analyst, Richard Villars, about the path you can start taking now to enable your organization to get the benefits...
- The Power of the Citrix Mobility Solution, XenMobile Does everything become a smartphone? Or does the smartphone begin to do everything? How can we afford to support BYOD? Rather, how can...
- BYOD Happens: How to Secure Mobility How to navigate the journey of securing mobility, including the BYOD corruption of IT, the top ten mobility strategies, and the mobility management...
- HR and Finance Were made for Each Other View now >>
- The Value of Human Capital for Finance Professionals View now >>
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 12, 2013.