E-Voting Made Scary
UCSB’s Giovanni Vigna Gives Timely Talk on Why Electronic Voting Is Frighteningly Insecure
By Matt Kettmann, The Santa
Barbara Independent
Thursday, October 23, 2008
For full story see…
E-Voting Made Scary
With the big ballot showdown on November 4 looming, a few dozen people on the UC Santa Barbara campus spent their Thursday, October 23, lunch hour digesting some pretty frightening news: Electronic voting machines — the officially appointed wave of our democratic future, being touted as safe, sane, and secure — are entirely vulnerable to election-altering attacks, ranging from the highly technical to the surprisingly simple.
The messenger of doom was Giovanni Vigna, the golden-locked, Italian-born professor who runs UCSB’s Computer Security Group, which is considered one of the best places on the planet to learn about programming and hacking. Vigna, along with his mentor Dick Kemmerer and a team of sharp students, were hired in 2007 by the states of California and Ohio to test the security of electronic voting machines. In both cases, the machines — specifically, made by Sequoia Voting Systems in California and ES&S in Ohio — failed to stand up to even the most basic physical breaches, such as the unlocking of supposedly secure doors by using a screwdriver and a finger. The vulnerabilities witnessed from the computer hacking side were even more startling, showing that just one corrupt voting official or poll worker could, with the right amount of motivation, infect a state’s entire voting system within seconds by introducing a specially crafted computer virus to entirely change an election’s result.
Though the results of 2007’s tests came out last year, Vigna’s work has received a recent boost in buzz, certainly because of the upcoming election, but also due to YouTube videos of the simulated attack methods that went viral. (See those videos here, or just watch them on this page below.) And with reports this week of election machines in two states flipping early voters’ choices for president — Barack Obama votes were being cast for John McCain in West Virginia, with the opposite happening in Tennessee — Vigna’s talk on Thursday was right on time.
“Outsourcing the people who count your votes is not, in my opinion, a good idea,” Vigna told the crowd. “At this point, all bets are off.”
Vigna’s research has not uncovered any record of bias for one party or the other, just negligence. He believes that the machines were made hastily to get under a deadline imposed by the Help America Vote Act of 2002, which sought to improve voting machine reliability after thousands of electronic votes were discounted in the 2000 election. But because they were made so fast, not enough care was taken to ensure complete security, which is why there are so many ways to physically attack the system. “It’s really a problem keeping these things physically secure,” said Vigna, adding that the most important data-holding devices have to pass through many hands, thereby multiplying the chances for someone to act maliciously. As well, Vigna said, oftentimes these machines are housed overnight in the garages of poll workers, which aren’t necessarily the safest places to be.
For full story see…
E-Voting Made
Scary