http://www

http://www.nytimes.com/2004/05/03/technology/03vote.html

May 3, 2004

Who Hacked the Voting System? The Teacher

By John Schwartz

BALTIMORE, April 29 - The fix was in, and it was devilishly hard to detect. Software within electronic voting machines had been corrupted with malicious code squirreled away in images on the touch screen. When activated with a specific series of voting choices, the rogue program would tip the results of a precinct toward a certain candidate. Then the program would disappear without a trace.

Luckily, the setting was not an election but a classroom exercise; the conspirators were students of Aviel D. Rubin, a professor at Johns Hopkins University. It might seem unusual to teach computer security through hacking, but a lot of what Professor Rubin does is unusual. He has become the face of a growing revolt against high-technology voting systems. His critiques have earned him a measure of fame, the enmity of the companies and their supporters among election officials, and laurels: in April, the Electronic Frontier Foundation gave him its Pioneer Award, one of the highest honors among the geekerati.

The push has had an effect on a maker of electronic voting machines, Diebold Inc., as well. California has banned the use of more than 14,000 electronic voting machines made by Diebold in the November election because of security and reliability concerns. Also, the company has warned that sales of election systems this year are slowing.

In April, the company said its first-quarter earnings rose 13 percent compared with the same quarter a year earlier. It also reported $29.2 million in revenue on nearly $500 million in sales in the latest period. But it lowered expectations for election systems sales for this year to a range of $80 million to $95 million from $100 million in sales a year earlier.

Professor Rubin took center stage in the national voting scene last July, when he published the first in-depth security analysis of Diebold's touch-screen voting software. The software had been pulled off an unprotected Diebold Internet site by Bev Harris, a publicist-turned-muckraker who posted the software and other documents she found as part of her campaign against what she calls "black box voting."

Professor Rubin and his colleagues at Hopkins and Rice University in Houston subjected the 49,000 lines of code to a deep review over a two-week period. Their report painted a grim picture: "Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts," they wrote. "We conclude that, as a society, we must carefully consider the risks inherent in electronic voting, as it places our very democracy at risk."

That shot across the bow was met with outrage from the industry and from election officials who had spent tens of millions of dollars on Diebold machines. Mr. Rubin was denounced as irresponsible and uninformed.

"I think when he's talking about computers, he's very good and knows what he's doing," said Britain J. Williams, a professor emeritus of computer science at Kennesaw State University in Georgia, and a consultant on voting systems. "When he's talking about elections, he doesn't know what he's talking about."

Typically, Professor Rubin decided to confront the issue of whether he had experience with elections by taking part in one. During the March presidential primary, he signed up to become an election judge and found himself sitting all day at a precinct in a church at Lutherville, Md., helping voters use the same Diebold touch-screen machines that he had criticized so roundly. He then went home and wrote a full account and posted it to the Internet.

Over the day, he wrote, "I started realizing that some of the attacks described in our initial paper were actually quite unrealistic, at least in a precinct with judges who worked as hard as ours did and who were as vigilant. At the same time, I found that I had underestimated some of the threats before."

Ultimately, he said, "I continue to believe that the Diebold voting machines represent a huge threat to our democracy."

When asked to comment on Professor Rubin's work, the company issued a statement that did not mention him by name. "Our collective goal should always be to provide voters with the assurance that their vote is important, voting systems are accurate and their individual vote counts," the company said.

While the debate has largely been constructive, Diebold said: "A key consideration in this dialogue, though, should be that the debate be positive and productive. We must not frighten voters or inadvertently provide any type of disincentive to voting, because at that point the dialogue itself begins to disenfranchise voters - the very thing this beneficial discussion is trying to prevent."

Professor Rubin is not the first person to take on the risks of high-tech voting.

Since Professor Rubin's paper came out last year, other reports have broadened and deepened his conclusions.

But Professor Rubin is in a class by himself, said David Jefferson, a computer scientists at Lawrence Livermore National Laboratory in California, who calls him "the most important figure in the United States in articulating the security problems with electronic and Internet voting."

The only damage Professor Rubin has sustained along the way is largely self-inflicted. Last August, he resigned from an unpaid technical advisory position for a voting company, VoteHere Inc., and turned in stock options that he had received but never redeemed.

Professor Rubin, 36, a child of two college professors, seems too soft-spoken to be a firebrand. But his quiet exterior conceals a deeply competitive streak: he has played soccer as a blood sport for most of his life, breaking both wrists and ankles repeatedly over the years. He still plays twice a week, he says, but now it is "a more social game, without slide tackles."

Born in Kansas, he grew up in Birmingham, Ala., Haifa, Israel, and Nashville, and got his computer science training at the University of Michigan, where he earned bachelor's, master's and Ph.D. degrees by 1994. In late 2002, he became the technical director of the Information Security Institute here at Hopkins.

Because of his passionate advocacy for his views, many people expect Professor Rubin to be something of a "smart aleck" in person, said Gerald Masson, the head of the institute. Instead, he said, "He comes across as someone who sincerely believes that what he's doing is right, and he has the technological depth to support it."

FAIR USE NOTICE

This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of political, democracy, scientific, and social justice issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner.