When Maryland decided to buy 16,000 AccuVote-TS voting machines, there was considerable opposition. Critics charged that the new touch-screen machines, which do not create a paper record of votes cast, were vulnerable to vote theft. The state commissioned a staged attack on the machines, in which computer-security experts would try to foil the safeguards and interfere with an election.They were disturbingly successful. It was an "easy matter," they reported, to reprogram the access cards used by voters and vote multiple times. They were able to attach a keyboard to a voting terminal and change its vote count. And by exploiting a software flaw and using a modem, they were able to change votes from a remote location.
Election boxes easy to mess with
For a week, the computer whizzes laid abuse - both high- and low-tech - on the six new briefcase-sized electronic voting machines sent over by the state.One guy picked the locks protecting the internal printers and memory cards. Another figured out how to vote more than once - and get away with it. Still another launched a dial-up attack, using his modem to slither through an electronic hole in the State Board of Elections software. Once inside, he could easily change vote totals that come in on Election Day.
"My guess is we've only scratched the surface," said Michael A. Wertheimer, who spent 21 years as a cryptologic mathematician at the National Security Agency.
"We know this much: The system counts correctly. ... If you cast a vote, it's counted. That is really good news," Aro said.Yet the review found that it is possible to vote multiple times, break into machines and disrupt results or get voters to select the wrong candidates. It's also possible to dial in to election headquarters and alter results or wipe out all of them.
| If you used: | You favored Kerry over Dean by: |
| Diebold | 58.1% |
| ES&S | 35% |
| Hand-counted ballots | 4% |
[Note: I just got this in and don't have any links for it yet. If anyone knows one, please send it along.]