Interesting report that isn't exactly a ringing endorsement of DRE's, though it does bend over backwards to cut them a liittle slack.
Poorly tranferred to a pdf format, footnotes meant to be placed at the bottom of the page appear in the middle of some paragraphs.
What a pain. But still a good read.
Here is the title, a few excerpts, and the link:
Congressional Research Service - The Library of Congress
CRS Report for Congress
Election Reform and Electronic Voting Systems (DREs):
Analysis of Security Issues
November 4, 2003
Eric A. Fischer
Senior Specialist in Science and Technology
Domestic Social Policy Division
-snip-
Page 1
With DREs, unlike document-ballot systems, the voter sees only a representation of the ballot; votes are registered electronically. Some computer security experts believe that this and other features of DREs make them more vulnerable to tampering than other kinds of voting systems, especially through the use of malicious computer code. While there are some differences of opinion among experts about the extent and seriousness of those security concerns, there appears to be an emerging consensus that in general, current DREs do not adhere sufficiently to currently accepted security principles for computer systems, especially given the central importance of voting systems to the functioning of democratic government.
-snip-
Page 7
Lever machines also do not have an independent document ballot. That has led some observers to distrust those machines, but most who use them appear confident that tests and other procedural safeguards render them sufficiently safe from tampering. Is the same true for DREs? Some computer experts think not, arguing that the software could be modified in ways that could alter the results of an election and that would be very difficult to detect. This concern appears to stem largely from three factors:
! Malicious computer code, or malware, can often be written in such a way that it is very difficult to detect.
-snip-
Page 22
There appears to be an emerging consensus among computer scientists that current DREs, and to a lesser extent other computer-assisted voting systems, do not adhere sufficiently to currently accepted security principles for computer systems, especially given the central importance of voting systems to the functioning of democratic government.77 However, election administrators and those with related expertise tend to express more confidence in the systems as they are currently realized.78
-snip-
Page 26
Even if new guidelines and certification procedures can be developed that include state-of-the-art security features, some observers believe that this will not be sufficient. They point to three problems: (1) Given the time required to develop and implement new voting system guidelines and to test and certify systems under them, systems reflecting such guidelines will not be in place for several years, whereas the threat from cyber attacks is present and growing. (2) Over reliance on any one line of defense, such as security standards, runs counter to the recommended use of defense in depth. (3) The use of standards does nothing about the reduced observability and transparency that characterizes computerized voting systems99 in contrast to more traditional systems, and therefore cannot sufficiently address concerns about public confidence in the integrity of computer-assisted voting. Some experts also believe that certification and procedural controls, including auditing, can never guarantee security of a voting system.100 This problem, they say, is further complicated by the need for ballot secrecy, which is not an issue, for example, in computerized financial transactions.
-snip-
Page 28
Some observers believe that the potential security problems associated with the lack of transparency and observability in vote casting and counting with DREs cannot be resolved through the use of security procedures, standards, certification, and testing. They assert that the only reliable approach is to use ballots that voters can verify independently of the DRE and that these ballots become the official record for any recounts.
-snip/more-
Watch out, it's a pdf:
<
http://www.aapd-dc.org/dvpmain/paperballot/downloads/CRS%20Analysis%20of%20DRE%2003.pdf>