WASHINGTON - Just four months before November's elections, vulnerabilities persist in electronic voting machines used nationwide, a group of computer experts told House lawmakers on Wednesday.
The experts are concerned that this fall's elections may be plagued by hackers, fraud and computer malfunctions. Some argue for the return of the paper ballot as a backup to verify voters' intentions.
But election commissioners who plan to rely on electronic balloting insisted that their machines work well. They said sufficient security measures and fallbacks are in place to assure that electronic voting is accurate.
Nearly 50 million Americans are expected to vote using touch-screen machines this fall. Many states and counties moved to electronic voting machines after the contested 2000 election results from Florida.
"No matter how you cut this, voters are concerned about their votes being counted," said Rep. Juanita Millender McDonald, D-Calif., a member of the House Administration Committee, which has oversees voting systems.
"Given the gravity of the security failings the computer security community has documented ... it is irresponsible to move forward without addressing them," said Avi Rubin, a professor at the Johns Hopkins University Information Security Institute in Baltimore. The institute's doctoral candidates found significant design and programming flaws in software for Diebold voting machines, a popular system.
The general problem, according to Rubin, is that there's no way for election officials to be sure that electronic machines are free of malicious code designed to manipulate election results.
"I don't think computers are ready for this responsibility," Rubin said.
A big problem, Rubin said, is that companies are reluctant to share their "source code," the proprietary software that controls voting and tabulating results, so their software can be checked independently. "We need more public scrutiny," Rubin said.
Next Tuesday the U.S. Election Assistance Commission, founded in the aftermath of the 2000 vote to help states ensure fair elections, will try to come up with ways to reduce security vulnerabilities and make source codes available to independent testers.
Earlier this year, California Secretary of State Kevin Shelley banned the use of a Diebold system in some counties after he determined software problems "jeopardized" election results.
Election officials dismissed the criticism from computer experts Wednesday. "Although any electronic voting system is hypothetically `hackable,' I am confident that the likelihood of this occurring is extraordinarily remote," said Linda Lamone, the Maryland state administrator of elections.
Lamone outlined a dozen challenges a hacker would have to overcome. Chief among them are obtaining a working knowledge of the software's specific programming language and gaining physical access to computer servers and voting machines.
"There has not been one single case of election fraud due to tampering with a voting system's hardware or software," she said.
Election officials who use electronic systems credited them with reducing the number of voters disenfranchised by previously used mechanical systems. Georgia's director of elections, for example, reported a statewide undercount averaging 4.8 percent in the state's 1998 Senate election, when mechanical systems predominated. The percentage dropped to .87 using electronic machines, she said.
Computer experts worry that because most electronic voting machines lack a paper trail, it would be impossible to do an accurate recount in a contested election, Rubin said. He is advocating a return to paper ballots as a backup to verify a voter's intent.
The federal voting commission is looking into guidelines for paper verification. California's state election commissioner has ordered its voting machines to have paper records by 2006.
Printed ballots create other problems because election workers must guarantee their security and confidentiality, election officials said.
© 2004 Knight-Ridder