Three computer experts from Princeton University have found major security flaws in a popular electronic voting machine. Through analysis of the machine's hardware and software, the researchers believe that the Diebold AccuVote-TS voting machine, which is slated for use in 375 counties in the November 2006 elections, is vulnerable to criminal attacks.
In a paper
published yesterday, Ariel Feldman, J. Alex Halderman and Edward W. Felten explain and demonstrate how easy it is for criminals to introduce malicious software to the machine. In less then one minute, a virus can be introduced which will steal votes, spread from machine to machine through memory cards, and can hide its tracks. The software can even delete itself from the machines at the end of elections.
In a demonstration
, the researchers held a mock election between George Washington and the notorious Benedict Arnold. By adding the malicious vote-stealing software, an election which should have ended in a 4-1 win for Washington instead left Arnold ahead 3-2. Both the paper print out and the memory card showed the fraudulent results.
According to the paper, voting machines such as this, called Direct Recording Electronic (DRE), are nothing more then "general-purpose computers running specialized election software," of which computer scientists have been skeptical.
The main findings of the study:
- Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss.
- Anyone who has physical access to a voting machine, or to a memory card that will later be inserted into a machine, can install said malicious software using a simple method that takes as little as one minute. In practice, poll workers and others often have unsupervised access to the machines.
- AccuVote-TS machines are susceptible to voting-machine viruses -- computer viruses that can spread malicious software automatically and invisibly from machine to machine during normal pre- and post-election activity.
- While some of these problems can be eliminated by improving Diebold's software, others cannot be remedied without replacing the machines' hardware. Changes to election procedures would also be required to ensure security.