The electronic voting system believed to be developed by Diebold has serious weaknesses that could lead to election fraud, according to computer researchers at The Johns Hopkins University and Rice University. The researchers claim the system could “easily” allow someone to cast multiple votes in the same election.
The researchers reached their findings after analyzing computer code believed to be for Ohio-based Diebold Election Systems’ electronic voting equipment. The code, which included modifications made through 2002, was posted anonymously to a public Web site earlier this year.
Last year, approximately 33,000 Diebold voting stations, which allow ballots to be cast via a 15-inch touch-screen monitor, were used in elections in Georgia, California, Kansas and other locations. The researchers stressed there was no evidence that anyone has used the flaws in the program to tamper with an election.
But the researchers said they uncovered vulnerabilities in the system that could be exploited by an individual or group intent on tampering with election results. In particular, they pointed to the use of a “smart card,” containing a tiny computer chip, that each eligible voter receives.
The card, inserted into the electronic voting machine, is designed to ensure that each person casts only one ballot. The researchers believe a voter could hide a specially programmed counterfeit card in a pocket, withdraw it inside the booth and use it to cast multiple votes for a single candidate.
Repeated attempts by Internetnnews.com to contact Diebold for comment were unsuccessful.
“A 15-year-old computer enthusiast could make these counterfeit cards in a garage and sell them,” said Avi Rubin, technical director of the Information Security Institute at Johns Hopkins and one of the researchers involved in the study. “Then, even an ordinary voter, without knowing anything about computer code, could cast more than one vote for a candidate at a polling place that uses this electronic voting system.”
The security flaws were discovered this summer after Rubin assigned Adam Stubblefield, 22, and Yoshi Kohno, 25, two computer science doctoral students at the institute, to review the voting software code found on the Web. The students analyzed only those files that were publicly accessible and did not attempt to breach others that were protected by passwords.
The researchers, joined by Dan Wallach, an assistant professor of computer science at Rice University, were able to reconstruct the electronic voting terminal in a Johns Hopkins computer lab and detected the security problems.
Although the researchers have not independently verified the current or past use of the code by Diebold or that the code they analyzed is actually Diebold code, they stated in their technical paper that “the copyright notices and code legacy information in the code itself are consistent with publicly available systems offered by Diebold and a company it acquired in 2001, Global Election Systems.
Also, the researchers claim, the code itself compiled and worked as an election system consistent with Diebold’s public descriptions of its system.”
They chose to make their findings public because of concerns that election fraud will almost certainly occur if weaknesses in the electronic voting system are not addressed before many more jurisdictions move to this method of picking public officials.
“Many of the attacks are very simple,” Kohno said. “It is unfortunate to find such flaws in a system potentially as important as this one,” Stubblefield said. “When people vote in the United States, they have to believe the election is fair.”
The issue is important, Rubin said, because problems related to Florida’s punch card ballots during the 2000 Presidential election have prompted many cities and states to consider computer screen voting systems as a better alternative. But Rubin, who has conducted extensive research into electronic voting and has been selected to review the security of a federal electronic voting proposal, said the move to high-tech balloting should not be conducted in haste.
“People are rushing too quickly to computerize our method of voting before we know how to do it securely,” he said. “Even without access to the protected files, we’ve determined this system is fundamentally flawed. There will be no easy fix for this.”