Ed Felten on e-voting: What can go wrong
Voting machines of all stripes have remarkably similar flaws and though geographically scattered, inaccurate tallies of votes are not likely to flip a whole presidential election, there is a "nightmare scenario" that could. Meanwhile on the state level, security issues have already popped up in the wake of various states' deployments of direct-recording electronic (DRE) voting machines.
Edward Felten, a go-to expert witness on some of the major security and software issues of our time, tackles these and other e-voting topics in the following interview.
Felten is professor of computer science and director of the Center for Information Technology Policy at Princeton University in New Jersey, a state where he has given testimony in a class-action lawsuit involving voting machines. The suit, Gusciora v. McGreevy, was filed in 2004 and charges that DREs are illegal. It cites state law concerning accurate vote counting, but will not be resolved before the November elections.
Felten has been actively involved in a variety of major security and software cases and issues. In 2006, he and several students were able to hack into a Diebold Election Systems (now Premier Election Solutions) voting machine, and reported on the results. Felten was also involved in the U.S. government's antitrust case against Microsoft.
The IDG News Service interviewed Felten in his Princeton office a week before the 2008 presidential election. A Sequoia AVC Advantage voting machine, bought on the Internet and studied by his colleagues, was parked in a conference room around the corner. An edited transcript of the interview follows:
IDGNS: The New Jersey voting machine case revolves around Sequoia machines; you also hacked into a Diebold machine a few years ago and reported your findings. Are there different types of problems to expect depending on the machine manufacturer?
Felten: It's actually been remarkable how similar the problems have been from one manufacturer to another. There have been quite a few machines studied now by independent computer scientists. You see a lot of the same problems across the board.
IDGNS: What are those problems?
Felten: You see issues with the security and reliability of the machines, and that basically all comes down to the fact that the machines are computers and store the records of votes only in electronic memories that the voter can't see. And so there's a problem of how you can be sure that the software is recording correctly, in the way that the voter wanted them to be.
IDGNS: How hard was it to hack into the Diebold machine?
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
election
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
