CNET también está disponible en español.

Ir a español

Don't show this again

HolidayBuyer's Guide
Tech Industry

E-voting jitters abound

Security expert Herbert Thompson says secure e-voting depends on further advances in software engineering. Until then--keep your fingers crossed.

Thanks to government initiatives like the Help America Vote Act, many counties have received extra funds to buy new e-voting machines for the 2004 presidential election.

However, serious concerns have surfaced about the absence of voter-verified paper receipts with many touch-screen voting systems.

Boone County in Indiana is home to roughly 43,000 people. One can imagine the surprise of election officials then when their tabulation software reported that 140,000 votes were cast in the 2003 Boone County elections--more than seven times the number of registered voters. In a separate event, Palm Beach County in Florida had to postpone a pre-election test on Oct. 12 when one of the computers that tabulates election results crashed during a routine procedure.

These are samples of the series of technical glitches that have plagued some of the new electronic voting machines.

Votes cast on paperless machines make the possibility of a recount moot and that is a double-edged sword for election officials. On one hand, it eliminates messy and controversial recounts. No one wants a repeat of the 2000 Florida "hanging" and "pregnant" chad fiasco. On the other hand, the lack of a way to recount votes has raised fears about the accuracy and integrity of the results produced by the machines.

The biggest concern is that some component of the voting machines can fail during an election, possibly wiping out any record of the votes already cast.
The biggest concern is that some component of the voting machines can fail during an election, possibly wiping out any record of the votes already cast. Another worry is that the software may behave differently than expected, like internally recording a vote for one candidate when the voter actually selected a different candidate. Tampering concerns are also acute as many voter advocacy groups and academics have raised the possibility of someone hacking one of the touch-screen machines.

Many citizens' rights groups have argued that these risks can be greatly reduced by having a paper receipt so that a voter can verify that his or her vote was recorded properly. These receipts would then be deposited into a box that could form the basis of a recount. Many of the touch-screen machines that will be used in November, though, will be paperless.

Researchers and activists are also worried about problems at the back end, where voting data is collected and tabulated. The most popular tabulation software--the Global Election Management System made by Diebold--came under scrutiny in 2002 when a journalist found a copy on an unsecured Diebold Web site. The software runs on the Microsoft Windows platform and is used to combine results from various voting and counting machines.

Concerns were raised about the architecture of some versions of the program that allow anyone with physical access to the machine to tamper with vote data without the need for a password.

The problems with e-voting, however, may just be symptoms of the broader state of software engineering.
While concerns over what may happen next week on election night are high, the biggest storm could come in the weeks and months that follow. Political groups are already planning for lawsuits that will challenge the integrity of the election process. The technical glitches during demonstrations, the primaries and pre-election tests may be ample ammunition for the impending legal fights.

The problems with e-voting, however, may just be symptoms of the broader state of software engineering. The craft of software development has not yet evolved into a true "engineering" discipline. There is no generally accepted and regulated body of knowledge. There are few components with known tolerances and precisely describable and immutable behaviors on which to build. This casts doubts on things like certification processes and "guarantees" about software quality, reliability or security.

Eventually this will change and we'll have e-voting systems that are provably reliable and secure. But very few people would suggest that we are at that point today. All of this begs the question: Is the technology ready for something as precarious as e-voting without a paper-receipt safety net? The answer, it seems, will end up coming from a panel of federal judges months after the election results are in.