The Real Scoop on Security of E-voting
By Eric Lazarus, Brennan Center for Justice at NYU
July 25, 2006
I am the principal investigator for a report called "The Machinery of Democracy: Protecting Elections in an Electronic World," published by the Brennan Center for Justice at New York University School of Law. In the otherwise excellent article "Concerns About Fraud Potential Continue to Plague Users of Electronic Voting Machines"
, Marc L. Songini quotes professor Michael Shamos as stating that a "fundamental premise" of our study is that it is "easy to rig a machine to throw an election."
However, this was not the premise of our study. Rather, a result of our analysis was that it is, if not easy, very practical to use Trojan horse attack methods to manipulate the results of an election, given the current technology and security processes used in most jurisdictions around the country. Just as importantly, our study shows that there are straightforward and effective means to defend against such threats.
Our study was conducted by some of the most knowledgeable and respected individuals in the world of information security and voting technology, including the scientists who developed drafts of voting system standards for the U.S. government. Our conclusions were reached after a year of detailed analysis. They were then vetted by a wide
variety of industry experts.
In our report, we covered in some detail how an attacker could develop a Trojan horse, insert it into the voting machine, elude detection during inspection and testing, and control it so that vote totals were changed on Election Day.
Shamos has previously implied that there is some step that requires omniscient abilities to accomplish this type of attack; after a year of study, it is clear that no such step exists.
....................
more at:
http://www.votetrustusa.org/index.php?option=com_content&task=view&id=1572&Itemid=26