With the advancement of technology the voting system is now revolutionized by the adoption of electronic voting systems in the U.S. Despite this fast paced adoption of “direct recording electronic” (DRE) voting systems and the advantages it poses in terms of efficiency and convenience it comprises of several disadvantages such as the possibility of the presence of security relevant flaws that make the system susceptible to exploitation by unscrupulous voters or by malicious insiders. The certification of these DRE Systems is implemented without any through security checks which further compromises its integrity a fact that is further strengthened due to the absence of cryptographic techniques and the poor general software engineering quality of its construction.
An analysis of the AccuVote-TS version 4, tree in the CVS repository one of Diebold’s voting systems which are in use in 37 states, and are the second largest and the fastest growing vendor of electronic voting machines, show signiﬁcant and wide-reaching security vulnerabilities so much that voters can easily program their own smartcards to simulate the behavior of valid smartcards used in the elections. The device running the vote collection, also known as, the Diebold voting terminal, the ballot definition and voter cards, key parts of the election process are all susceptible to manipulation by measures such as exploiting the lack of cryptography, reverse engineering smartcard protocol, casting multiple votes by the use of several active smart cards and circumventing the administrator pin.
If those prevalent flaws weren’t enough election configuration and election data are prone to considerable problems. These were in shape of two main vectors for accessing and attacking the voting system’s data. first by physical access to the device storing the data and second via man-in-the-middle attacks as the data is transported over some network. Other area’s that are prove to be vulnerable are the system configuration, ballot definitions, impersonation of legitimate voting terminals and that of audit logs.
The article astounds me as far as the existence of numerous vulnerabilities that compromise the electronic voting system are concerned. Perhaps the digital age with its advancement, convenience and speed have come at a cost. That cost being that of the existence of new methods of manipulation and exploitation of voting practices.
This voting system in all agreement is highly unsuitable for the use in a general election. In such a case it would be most appropriate to use a voter-verifiable audit trail’ as the article suggests mostly because it allows verification as the computerized voting system prints out a paper ballot that can be read and confirmed by the voter.
Kohno.T., Stubblefied.A., Rubin.A, Wallach.D. (2004). Analysis of an electronic voting system. IEEE Symposium on Security and Privacy. 1081-6011/0.