Government Technology

    Digital Communities
    Industry Members

  • Click sponsor logos for whitepapers, case studies, and best practices.
  • McAfee

E-Vote: Ohio Election Systems Have Critical Security Failures, Says Secretary of State



December 17, 2007 By

Ohio's electronic voting systems have "critical security failures" which could impact the integrity of elections in the Buckeye State, according to a review of the systems commissioned by Secretary of State Jennifer Brunner.

"The results underscore the need for a fundamental change in the structure of Ohio's election system to ensure ballot and voting system security while still making voting convenient and accessible to all Ohio voters, " Secretary Brunner said Friday in unveiling the report.

"In an era of computer-based voting systems, voters have a right to expect that their voting system is at least as secure as the systems they use for banking and communication," she said.

The Report

The Evaluation & Validation of Election-Related Equipment, Standards & Testing report, known as EVEREST, is a comprehensive review of voting systems revealing startling findings on voting machines and systems used in Ohio and throughout the country. The Ohio study tested the systems for:

  • Risks to vote security
  • System performance, including load capacity
  • Configuration to currently certified systems specifications
  • Operations and internal controls that could mitigate risk.

The $1.9 million study, paid for using federal funds, was structured to allow two teams of scientists, corporate and academic, to conduct parallel assessment of the security of the state's three voting systems -- Election Systems & Software (ES&S), Hart Intercivic and Premier Election Solutions (formerly Diebold) -- in both voting and board of elections environments. Separate research was conducted on each voting system's performance, configuration and operations and internal controls management. A bipartisan team of 12 election board directors and deputy directors advised the study and evaluated all reports, participating with the secretary in making recommendations for change.

While some tests to compromise voting systems took higher levels of sophistication, fairly simple techniques were often successfully deployed.

"To put it in every-day terms, the tools needed to compromise an accurate vote count could be as simple as tampering with the paper audit trail connector or using a magnet and a personal digital assistant," Brunner said.

The researchers in the Ohio study didn't address the issue of probability of attack, leaving that to the determination of state and local officials. The researchers commented that with the lack of technical measures in voting system design, its integrity "is provided purely by the integrity and honesty of election officials."

"It's a testament to our state's boards of elections officials that elections on the new HAVA mandated voting systems have gone as smoothly as they have in light of these findings," Brunner said.

Testers looking at the performance of the voting systems used in Ohio and in many locales throughout the country, identified numerous risks to election integrity ranging from minor to severe, according to the review.

Also, those examining how voting systems were configured in the field found risks such as the use of materials like memory storage and printer paper that had not been certified by the voting system manufacturers; a lack of standardized equipment testing and that revisions to voting system software for all systems and counties were not documented or tracked, the review said.

Recommendations
Secretary Brunner has presented recommendations and options to address these findings to Gov. Ted Strickland and legislative leaders for their consideration. Among the top recommendations are:

  • Eliminating points of entry creating unnecessary voting system risk by moving to central counting of ballots
  • Eliminating Use of direct recording electronic (DREs) and precinct-based optical scan voting machines that tabulate votes at polling locations
  • Utilizing the AutoMark voting machine for


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Digital Cities & Counties Survey: Best Practices Quick Reference Guide
This Best Practices Quick Reference Guide is a compilation of examples from the 2013 Digital Cities and Counties Surveys showcasing the innovative ways local governments are using technological tools to respond to the needs of their communities. It is our hope that by calling attention to just a few examples from cities and counties of all sizes, we will encourage further collaboration and spark additional creativity in local government service delivery.
Wireless Reporting Takes Pain (& Wait) out of Voting
In Michigan and Minnesota counties, wireless voting via the AT&T network has brought speed, efficiency and accuracy to elections - another illustration of how mobility and machine-to-machine (M2M) technology help governments to bring superior services and communication to constituents.
Why Would a City Proclaim Their Data “Open by Default?”
The City of Palo Alto, California, a 2013 Center for Digital Government Digital City Survey winner, has officially proclaimed “open” to be the default setting for all city data. Are they courageous or crazy?
View All