Vernon Ehlers, chairman of the House Administration Committee, is meeting today with critics of paperless electronic voting, internetnews.com has learned.
Ehlers is meeting with representatives of Common Cause and other reform groups this afternoon, ostensibly to prepare for a hearing he has called on security flaws in electronic voting machines and the verification of vote results on September 28, said a person familiar with the situation.
Ehlers’ office would not confirm this meeting by press time.
Election watchdogs and computer scientists have been highly critical of the use of touch-screen electronic machines that cannot be audited using a paper trail.
They claim that there is no way to detect whether votes cast on those machines have been tampered with unless a verifiable paper trail can be produced.
Electronic voting machines do include paper trail capabilities where required by state or local laws, but critics argue that the Federal government should require a paper trail for all such machines.
Ehlers, a Michigan Republican, noted during a hearing
on election systems this summer that he was disturbed by possible security flaws in these types of machines.
His concern could have only deepened yesterday with the revelations contained in a new Princeton University study.
A study published yesterday by the Center for Information Technology Policy at Princeton University reported “serious” security flaws in a touch-screen voting machine made by Diebold Election Systems.
The report concluded that a political operative could easily infect a Diebold AccuVote-TS voting machine with malicious software and steal votes with little or no risk of detection.
The study authors demonstrated an actual attack on an electronic voting
machine currently in use.
Diebold AccuVote machines are the most widely-deployed touch screen
electronic voting platform in the United States, the company confirmed.
The machines will be used in at least 357 counties, representing
approximately 10 percent of registered voters across the country.
According to the study, anyone with just one minute of access to a voting
machine can introduce malware that can modify all of the records, audit logs
and counters kept by the voting machine, so that even careful forensic
examination of these records will find nothing amiss.
The report also claims that such a malicious virus can spread from machine
to machine during normal pre- and post-election activity.
Diebold director of marketing Mark Radke disputed many of the assertions in
this report.
According to Radke, the study authors used an older version of the Diebold
machine that doesn’t take into account new security enhancements, such as
encryption and digitally signed memory cards.
He also said that a virus would not be able to spread from machine to
machine because the devices are not networked.
“They don’t understand the architecture of the systems,” Radke told
internetnews.com.
However, Edward Felten, director of the Center for Information Technology
Policy and professor of computer science at Princeton, said that the study
does not assume that the machines are networked.
He also claimed that the new safeguards still don’t ensure security.
“Just because they use a digital signature, just because they use
encryption, that’s a check-box approach that doesn’t pass muster in any
security analysis,” he said.
Felten also noted that encryption doesn’t prevent an attack of the kind used
in the study because the encryption key is present in the machine.
“The malicious software has the full run of the computer. It has access to
everything,” he said.
Felten added his name to the growing list of computer experts arguing in
favor of a paper trail.
“The paper trail is the strongest safeguard that’s available,” he said.
Diebold machines do include paper trail capabilities where required by applicable law.