Public, security experts' e-voting views differ sharply

Computerworld - Security experts are substantially more skeptical about e-voting than the public, but their greatest worry is system and programming errors, not malicious hacker attacks, according to a survey released this week by the Ponemon Institute.

The study, conducted in July and early August, aimed to measure public opinion about electronic voting systems and then compare the results with those of security experts -- both IT pros and hackers.

"The degree of difference was just startling," said Larry Ponemon, adjunct professor of ethics and privacy at Carnegie Mellon University and director of the independent institute bearing his name.

The Tucson, Ariz.-based institute collected 2,933 usable responses nationwide from the public, both online and by postal mail, and surveyed 100 attendees at the Black Hat and Defcon hacking/security conferences.

Six out of 10 Black Hat/Defcon attendees had an unfavorable view of e-voting, while only 17% of the public did (22% of experts and 28% of the public were undecided).

Ponemon expected the public to be less concerned about e-voting problems than the hackers. However, in all the studies he has conducted comparing views of experts in various fields with those of the public at large, "I have not really seen differences of this magnitude before," he said.

Twenty percent of the experts cited system and programming errors as their top concern, followed by attempts to influence the outcome of an election (17%). A potential breach of security by hackers and cybercriminals ranked third (15%) as a potential e-voting worry among the Black Hat/Defcon attendees.

Among the public, the top worry was a decline in voter turnout because of fear or distrust of e-voting systems (18%), followed by human errors and privacy violations (15% each).

A number of citizen and political groups as well as security experts have criticized electronic voting systems, charging that they are unreliable and insecure. Many have called for a "paper trail" so that results can be recounted via hard-copy backups. System vendors insist that their machines are reliable and argue that critics are touting unlikely worst-case scenarios as probabilities (see our e-voting special coverage page). The president of the Information Technology Association of America, Harris Miller, told Computerworld that some of the criticism is less about electronic voting machines than "a religious war about open-source software vs. proprietary software" (see story).

In the Ponemon Institute survey, 83% of the experts said e-voting is either less or much less secure against election tampering than traditional paper ballot machines, compared with just 19% of the general public. Almost half (49%) of the experts said electronic voting systems were less likely to record and report their votes accurately, vs. 21% of the public.