Will The Next Election Be Hacked?

The widespread glitches didn't deter Secretary of State J. Kenneth Blackwell — who also chaired Bush's re-election campaign in Ohio — from cutting a deal in 2005 that would have guaranteed Diebold a virtual monopoly on vote counting in the state. Local election officials alleged that the deal, which came only a few months after Blackwell bought nearly $10,000 in Diebold stock, was a violation of state rules requiring a fair and competitive bidding process. Facing a lawsuit, Blackwell agreed to allow other companies to provide machines as well. This November, voters in forty-seven counties will cast their ballots on Diebold machines — in a pivotal election in which Blackwell is running as the Republican candidate for governor.

Electronic voting machines also caused widespread problems in Florida, where Bush bested Kerry by 381,000 votes. When statistical experts from the University of California examined the state's official tally, they discovered a disturbing pattern: "The data show with 99.0 percent certainty that a county's use of electronic voting is associated with a disproportionate increase in votes for President Bush. Compared to counties with paper ballots, counties with electronic voting machines were significantly more likely to show increases in support for President Bush between 2000 and 2004." The three counties with the most discrepancies — Broward, Palm Beach and Miami-Dade — were also the most heavily Democratic. Electronic voting machines, the report concluded, may have improperly awarded as many as 260,000 votes to Bush. "No matter how many factors and variables we took into consideration, the significant correlation in the votes for President Bush and electronic voting cannot be explained," said Michael Hout, a member of the National Academy of Sciences.

Charles Stewart III, an MIT professor who specializes in voter behavior and methodology, was initially skeptical of the study — but was unable to find any flaw in the results. "You can't break it — I've tried," he told The Washington Post. "There's something funky in the results from the electronic-machine Democratic counties."

Questions also arose in Texas in 2004. William Singer, an election programmer in Tarrant County, wrote the secretary of state's office after the vote to report that ES&S pressured officials to install unapproved software during the presidential primaries. "What I was expected to do in order to 'pull off' an election," Singer wrote, "was far beyond the kind of practices that I believe should be standard and accepted in the election industry." The company denies the charge, but in an e-mail this month, Singer elaborated that ES&S employees had pushed local election officials to pressure the secretary of state to accept "a software change at such a last minute there would be no choice, and effectively avoid certification."

Despite such reports, Texas continues to rely on ES&S. In primaries held in Jefferson County earlier this year, electronic votes had to be recounted after error messages prevented workers from completing their tabulations. In April, with early voting in local elections only a week away, officials across the state were still waiting to receive the programming from ES&S needed to test the machines for accuracy. Calling the situation "completely unacceptable and disturbing," Texas director of elections Ann McGeehan authorized local officials to create "emergency paper ballots" as a backup. "We regret the unacceptable position that many political subdivisions are in due to poor performance by their contracted vendor," McGeehan added.

In October 2005, the government Accountability Office issued a damning report on electronic voting machines. Citing widespread irregularities and malfunctions, the government's top watchdog agency concluded that a host of weaknesses with touch-screen and optical-scan technology "could damage the integrity of ballots, votes and voting-system software by allowing unauthorized modifications." Some electronic systems used passwords that were "easily guessed" or employed identical passwords for numerous systems. Software could be handled and transported with no clear chain of custody, and locks protecting computer hardware were easy to pick. Unsecured memory cards could enable individuals to "vote multiple times, change vote totals and produce false election reports."

An even more comprehensive report released in June by the Brennan Center for Justice, a nonpartisan think tank at the New York University School of Law, echoed the GAO's findings. The report — conducted by a task force of computer scientists and security experts from the government, universities and the private sector — was peer-reviewed by the National Institute of Standards and Technology. Electronic voting machines widely adopted since 2000, the report concluded, "pose a real danger to the integrity of national, state and local elections." While no instances of hacking have yet been documented, the report identified 120 security threats to three widely used machines — the easiest method of attack being to utilize corrupt software that shifts votes from one candidate to another.

Computer experts have demonstrated that a successful attack would be relatively simple. In a study released on September 13th, computer scientists at Princeton University created vote-stealing software that can be injected into a Diebold machine in as little as a minute, obscuring all evidence of its presence. They also created a virus that can "infect" other units in a voting system, committing "widespread fraud" from a single machine. Within sixty seconds, a lone hacker can own an election.