Q&A: Felten on e-voting and what can go wrong

Princeton prof says security, reliability are the key concerns with e-voting machines

Voting machines of all stripes have remarkably similar flaws, and although inaccurate tallies of votes are unlikely to flip a whole presidential election, there is a "nightmare scenario" in which they could. Meanwhile, on the state level, security issues have already popped up in the wake of various states' deployments of direct-recording electronic (DRE) voting machines.

Edward Felten, a go-to expert witness on some of the major security and software issues of our time, tackles these and other e-voting topics in the following interview.

Felten is professor of computer science and director of the Center for Information Technology Policy at Princeton University in New Jersey, a state where he has given testimony in a class-action lawsuit involving voting machines. The suit, Gusciora v. McGreevy, was filed in 2004 and charges that DREs are illegal. It cites state law concerning accurate vote counting but will not be resolved before the November elections.

Felten has been actively involved in a variety of major security and software cases and issues. In 2006, he and several students were able to hack into a Diebold Election Systems (now Premier Election Solutions) voting machine and reported on the results. Felten was also involved in the U.S. government's antitrust case against Microsoft Corp.

The IDG News Service interviewed Felten in his Princeton office a week before the 2008 presidential election. A Sequoia AVC Advantage voting machine, bought on the Internet and studied by his colleagues, was parked in a conference room around the corner. An edited transcript of the interview follows:

The New Jersey voting machine case revolves around Sequoia machines; you also hacked into a Diebold machine a few years ago and reported your findings. Are there different types of problems to expect depending on the machine manufacturer? It's actually been remarkable how similar the problems have been from one manufacturer to another. There have been quite a few machines studied now by independent computer scientists. You see a lot of the same problems across the board.

What are those problems? You see issues with the security and reliability of the machines, and that basically all comes down to the fact that the machines are computers and store the records of votes only in electronic memories that the voter can't see. And so there's a problem of how you can be sure that the software is recording correctly, in the way that the voter wanted them to be.

How hard was it to hack into the Diebold machine? It's something that anybody who has technical skill could do, something that, say, any of our computer science majors here would have the technical skill to do. What we showed was all that someone would need is physical access to a machine or to one of the removable memory cards that it uses for about a minute, and then the machines were susceptible to computer viruses of the same general type you see on PCs.

I'd be curious to know what poll observers can do in those states where there is e-voting with no paper audit trail -- for example, right here in New Jersey -- to find out if voters are experiencing problems. One thing to do obviously is to just be alert and look for behaviors that aren't supposed to happen: to check the records that the machines do make at the beginning and the end of the day and make sure that everything is as it should be, and that the numbers add up and are consistent and so on, but especially just watching to see if anything unusual happens and then recording what does happen. There's one more thing actually that is important to do, and that is to make sure the machines are guarded -- that the machines are not left unprotected so that someone could get access to them.

The Democrats apparently have an army of lawyers fanning out across the country. What, if anything, can they do if there are claims of e-voting problems in those states where there is no paper trail? It depends on the nature of the problems. Some kinds of problems might be evident, if there are votes that are missing, that are garbled in the electronic records. That would be something that is evident, and then you would have a fight about what would be done to remedy the problem. Other kinds of potential problems might take more technical investigation to get to the bottom of, and you could imagine scenarios where there has to be some kind of investigation to figure out, as best you can, what actually happened.

How widely do you expect postelection audits to be conducted in states where there is e-voting with a paper trail? In a lot of places, we won't have postelection audits unless there's some recount declared or some other reason to suspect something is wrong, and I think that's unfortunate, because I think that if you're going to keep the paper and electronic records of each vote, you ought to do at least some checking to make sure that they're consistent. A paper record that you never look at doesn't do much as a quality-control mechanism.

Do you think random checks are necessary? Random checks, random audits for sure are valuable. Most of the plausible postelection audit systems involve some kind of randomness. Just because it's superexpensive to recount all of the ballots by hand, it's something you only want to do when it's absolutely necessary. But if you pick randomly and pick randomly in the right way, you can still have high confidence that if there is a problem that's big enough to affect an election result, you could find it.

1 2 Page 1
Page 1 of 2
  
Shop Tech Products at Amazon