Papering Over E-voting Problems
January 26, 2004
By MARK HALL
The politically paranoid got even more nervous last year when researchers at Johns Hopkins University analyzed the code inside AccuVote-TS machines built by Diebold Inc. and found it flawed.
Avi Rubin, technical director for the Johns Hopkins' Information Security Institute in Baltimore, which evaluated the Diebold source code, says the company's developers used Data Encryption Standard, an outdated encryption technology, and "then they used it wrongly."
North Canton, Ohio-based Diebold has attacked the report as "inaccurate" and suggested that Rubin is biased because he consulted with a Diebold competitor. A Diebold spokesman also says that the researchers ignored local election certification processes that help secure the systems.
But Douglas Jones, a professor who studies election technology at the University of Iowa in Iowa City, says those processes are neither rigorous nor well enforced, especially when it comes to certifying technology.
He points to a study of Diebold systems in California that found that every county that used the systems ignored the proper procedures for certifying and registering the machines.
Both Rubin and Jones say the best way to ensure secure and accurate automated voting is with a paper audit trail. Indeed, some states have moved to provide election officials with a printed ballot for audit purposes. Voters could check the paper ballot by viewing it through a glass window.