Cybersecurity expert says nationwide use of computerized voting poses risk

Many of the paperless computerized voting systems adopted in wake of the "hanging chad" presidential election controversy in 2000 have the potential to create more problems than they solve, according to an information security expert at Purdue University.

More than 30 percent of the electorate will use new technology to vote on Nov. 7. In addition to the new voting equipment, 49 states have introduced new statewide, computerized databases to determine who is eligible to vote. According to Eugene Spafford, executive director of the Center for Education and Research in Information Assurance and Security (CERIAS), the technology may be problematic, possibly causing a debacle reminiscent of the 2000 election.

"The problem with the 2000 elections that prompted the reforms was only with one type of paper-based ballot in a few jurisdictions," says Spafford. "That's hardly a cause to hurriedly and somewhat recklessly replace all of the equipment nationwide."

Spafford says some vendors may have exaggerated when they told election officials the new direct recording electronic systems were extensively tested and cheaper than alternatives and immune to failure.

"No mention was made of the limitations of the software testing or the obstacles to creating bug-free software," Spafford said. "No mention was made of the significant costs of local testing and of securely storing the new machines. Furthermore, there are some unanticipated bugs or failures that cannot be resolved because there are no actual ballots to recount."

Examples include software that won't count votes cast above a certain number or machines that reset to zero after a power failure.

One reason the machines were pushed into use is because they were supposed to be easier for people with disabilities to use without assistance. However, Spafford says that, in reality, some of the systems are more difficult for people with certain disabilities to use. For example, blind voters cannot use touch screen systems whereas they could use older lever-style machines labeled with Braille. Voters with palsy disorders such as Parkinson's Disease often lack the coordination to successfully use touch screen systems.

Spafford and his professional colleagues question why so many jurisdictions felt compelled to adopt paperless ballots when businesses, banks, racetracks, lottery systems and other entities successfully count millions of paper documents each day.

Despite possible problems, Spafford urges everyone to vote on Tuesday.

"Even in the worst-case scenario, there may only be localized problems," he said. "The only sure way that a vote won't be counted is if it isn't cast!"

Spafford has served as an information security consultant to the White House, the Pentagon and Congress and is a sought-after expert on computer security and privacy issues. He has been repeatedly honored for his professional work, most recently with the Association for Computing Machinery' Outstanding Contribution to Security award.

Source: Purdue University, by Jim Schenke