The New York Times

July 28, 2007


Scientists’ Tests Hack Into Electronic Voting Machines in California and Elsewhere



Computer scientists from California universities have hacked into three electronic voting systems used in California and elsewhere in the nation and found several ways in which vote totals could potentially be altered, according to reports released yesterday by the state.


The reports, the latest to raise questions about electronic voting machines, came to light on a day when House leaders announced in Washington that they had reached an agreement on measures to revamp voting systems and increase their security.


The House bill would require every state to use paper records that would let voters verify that their ballots had been correctly cast and that would be available for recounts.


The House majority leader, Representative Steny H. Hoyer, Democrat of Maryland, and the original sponsor of the bill, Representative Rush D. Holt, Democrat of New Jersey, said it would require hundreds of counties with paperless machines to install backup paper trails by the presidential election next year while giving most states until 2012 to upgrade their machines further.


Critics of the machines said that some of the measures would be just stopgaps and that the California reports showed that security problems needed to be addressed more urgently.


The California reports said the scientists, acting at the state’s request, had hacked into systems from three of the four largest companies in the business: Diebold Election Systems, Hart InterCivic and Sequoia Voting Systems.


Thousands of their machines in varying setups are in use.


The reports said the investigators had created situations for each system “in which these weaknesses could be exploited to affect the correct recording, reporting and tallying of votes.”


Voting experts said the review could prompt the California secretary of state, Debra Bowen, to ban the use of some of the machines in the 2008 elections unless extra security precautions were taken and the election results were closely audited.


Matthew A. Bishop, a professor of computer science at the University of California, Davis, who led the team that tried to compromise the machines, said his group was surprised by how easy it was not only to pick the physical locks on the machines, but also to break through the software defenses meant to block intruders.


Professor Bishop said that all the machines had problems and that one of the biggest was that the manufacturers appeared to have added the security measures after the basic systems had been designed.


By contrast, he said, the best way to create strong defenses is “to build security in from the design, in Phase 1.”


The reports also said the investigators had found possible problems not only with computerized touch-screen machines, but also with optical scanning systems and broader election-management software.


Professor Bishop and state officials cautioned that the tests had not taken into account the security precautions that are increasingly found in many election offices. Limits on access to the voting systems and other countermeasures could have prevented some intrusions, Professor Bishop and the officials said.


Industry executives said that the tests had not been conducted in a realistic environment and that no machine was known to have been hacked in an election. The executives said they would present more detailed responses on Monday at a public hearing.


Ms. Bowen said yesterday that it was vital for California to have secure machines for its presidential primary in February. She said she would announce by next Friday what actions she would take.


The findings could reverberate in Washington, where the full House still has to vote on the measure and the Senate plans to take up a similar bill this year.


Concerned about security, House and Senate Democratic leaders said they wanted to require a shift to paper ballots and other backup records to increase confidence that votes would be accurately counted.


State and local officials have argued that it is too late to make many of the changes without creating chaos next year. Advocates for the blind and other disabled voters say better equipment needs to be developed to enable them to vote without help from poll workers, as federal law requires.


In trying to balance all the concerns, Mr. Hoyer and Mr. Holt decided to delay the most sweeping change, a requirement that every ballot be cast on an individual durable piece of paper, from next year to 2012.


To ensure that all machines would have some paper backup, they agreed to require hundreds of counties in 20 states to at least add cash-register-style printers to their touch-screen machines for 2008 and 2010. New York, which has delayed replacing its lever machines, would have to buy a new system by November 2008.


Advocates for the disabled praised the compromise. For many disabled people to vote independently, the advocates said, the touch-screen machines need to be modified to include audio files that can read back the completed ballots, while the ballot-marking devices used with the optical scanning systems have to be changed to feed ballots automatically.


Ralph G. Neas, president of People for the American Way, a group that helped broker the deal, said the bill offered hope for an end to “unaccountable, unverifiable and inaccessible voting.”


Mr. Holt said the measure could “keep the country from going through another election where Americans doubt the results.”


Critics say the California findings suggest that Congress should press for a quicker shift from the touch screens to optical scanning, in which voters mark paper ballots. Advocates of those systems say that the paper ballots would be less vulnerable to manipulation than the paper trails generated by the touch-screen computers and that they would hold up better for manual recounts.


Copyright 2007 The New York Times Company