Friday, May 12, 2006
Experts see new Diebold flaw - They call it worst security glitch to date in state's voting machines and a 'big deal'
Computer security experts say they have found the worst security flaw yet in the oft-criticized touch-screen machines that Maryland voters will use in this year's elections, leaving one computer scientist to warn that the state should have "stacks of paper ballots" on hand in case of a complete Election Day breakdown.
The machines, made by Diebold Elections Systems, are "much, much easier to attack than anything we've previously said," said Avi Rubin, a Johns Hopkins University computer science professor who first cast doubt on the reliability of the technology in a 2003 report.
"On a scale of one to 10, if the problems we found before were a six, this is a 10. It's a totally different ballgame," he said.
The new problem is being described as an intentional hole left in the system to allow elections workers to update voting software easily. Instead of using pass codes or other security protocols, anyone with access to a voting machine could install new software that could easily disable a precinct full of machines, Rubin said.
Diebold officials say they are aware of the situation and, although they say any problem can be avoided by keeping a close watch on voting machines, they are developing a permanent fix.
Still, said company spokesman David K. Bear, "it's one more what-if scenario. ... It's becoming somewhat ridiculous."
Maryland elections officials said they have known about the latest concerns for two weeks and will have an independent security consultant look into them next week to ensure that the state's Diebold machines are safe.
"We are taking steps," said state elections administrator Linda H. Lamone. She said she is confident that the problem will have little effect in Maryland because of strict rules about who is permitted to handle voting machines in the state. "Everyone that has access to them has to undergo a criminal background check," she said.
Before the Diebold machines were distributed statewide about two years ago, questions arose about whether hackers might be able to get into the automated-teller-like computers and alter their software, allowing multiple votes, vote-switching and other problems.
Computer experts, including Rubin, said security measures were insufficient and poorly designed. Activists pushed to add a paper ballot component to the machines in case a recount was needed.
Still, the state moved forward and nearly every voter in Maryland used a touch-screen machine in the 2004 presidential election. There were few complaints or problems.
Gov. Robert L. Ehrlich Jr. called on the state this year to abandon its touch-screen machines, saying he had no confidence in the technology, in part because lawmakers adopted other voting changes such as early voting.
He put money into his budget to pay for optical scan machines, which were used in the state for years before 2004. The General Assembly did not approve a voting machine switch during this year's session, which ended last month.
Rubin said he fears that the latest security problem could be serious enough to cause an Election Day "meltdown" that could put precincts of machines out of action. He recommends that counties have a pen-and-paper alternative on hand as insurance.
Joseph M. Getty, the governor's legislative and policy director, called the newly disclosed security flaw "not really a new problem."
"It's the same problem of vulnerability to outsiders," he said.
Getty said the latest Diebold problem bolsters the administration's case against early voting, which was approved by the legislature last year. He said any security risk can be minimized in one day of voting but is multiplied when machines are in public use for six days.
Michael Shamos, a computer science professor at Carnegie Mellon University and a Pennsylvania voting machine examiner, pushed his state, which will have a primary election next week, to lay out strict new rules for installing software and sealing machines for safety.
"It's a big deal. It's a very big deal," Shamos said. "The good part is it's very easy to fix. You have to repair it. You can't just do nothing. ... It's not just like leaving the key to your door under the mat. It's like leaving the key dangling from a string" from the door.
The temporary fix, Shamos said, involves reinstalling the proper software just before the election, preferably in a public setting, then locking the machines to keep them from being tampered with before voting begins.
In 2004, Shamos testified on behalf of the state of Maryland in a suit filed by a citizens group asking a court to compel the state to address possible security problems and give voters the option of using paper ballots instead of the new machines. The state won.
"If I had known about this problem then, I wouldn't have had good things to say," he said.
The latest security hole was discovered by Finnish computer scientist Harri Hursti, who was doing work in Utah for Black Box Voting Inc., a nonprofit group that has focused on computerized voting.
Most computer scientists don't want to disclose too many details about the problem because they fear that would provide hackers with the tools needed to cause havoc during an election. They waited many weeks before making their findings public.
"We were worried the threat was so serious that if the details were to get out, someone could actually do it," Rubin said.