Feds urged to set electronic voting standards

While political scientists likely will find additional evidence of voting problems in last week's presidential election, it is unlikely to overturn the outcome. But that should not dissuade government officials and others from doing all they can to improve a system full of vulnerabilities before the next election, an e-voting expert said Tuesday.

"We have all kinds of evidence of machines misbehaving," Dan Wallach, an assistant professor of computer science at Rice University in Houston, said at a computer-security conference sponsored by the Computer Security Institute. "[But] what really keeps me awake at night is the notion of undetectable tampering."

Wallach said he favors optical-scanning machines, which he said are more accurate than electronic punch-card systems. But paper receipts are essential to ensure that votes are tallied the way they were cast, he said.

If software is buggy, there is no fallback for counting votes, as seen in some precincts last week. Right now, Americans must use a "faith-based system," trusting that their votes are properly recorded somewhere, he added.

Currently, only three independent testing authorities are given the voting machines' software code, which some critics argue is counterintuitive for an open election system. The authorities release only a decision that a system meets Federal Election Commission standards.

Those standards need to be raised, Wallach said, adding that a more complex method of certification is needed and that the code needs to be more secure.

He said a vendor "absolutely" could hack into a system and described various ways that fraud could be perpetrated and concealed. Voters and election officials also could tamper with systems, he said, and logic and accuracy tests of voting machines could be faked.

Voting methods are subject largely to state laws, and systems vary by state and even county. Federal or state legislation is needed to outline e-voting "best practices," Wallach said.

He proposed several improvements, including printing optically scanned paper ballots on special paper that is physically placed in ballot boxes by voters, or using a Brazilian system of letting voters see paper ballots beneath glass but not touch them.

Some ways of checking the veracity of last week's voting were employed. For instance, several states used forms of "parallel voting," in which voting machines were randomly pulled in some precincts and tested during the day.

Wallach also recommended using special voting computers less susceptible to hacking than the ordinary computers used for tabulations.

He said there is "a lot of political pressure" from disaffected Democrats to change the system. But he added that voting is "not a partisan issue" and that many election officials are "explicitly nonpartisan."

He said additional funding might be needed to make the changes because much of the money under a 2002 federal election law already has been spent on the existing, flawed machines. But he said there are ways to engineer cheaper -- and better -- machines.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.