E Voting Machine Distrust
The big three voting machine folks need to start spinning some PR here, ever since 2000, with the election of George Bush by a decision of the Supreme Court; electronic voting machines have come under increasing scrutiny.
Just about every information security and hack and pen test group has said that the machines are way too easy to hack, and could alter the outcome of an election. The latest report from UC Davis shows that e-voting machines are susceptible to hacking, hacking that can alter the outcome of an election.
Given the acrimony around election results in 2000 and 2004, Diebold and others need to figure out what they are going to do next. While it is a matter of public relations, the trust that the public formerly had in electronic voting machines is shot, its gone. Without some very serious responses from the e-voting machine manufactures, demonstrating why their machines are safe, or better yet, running a neutral 3rd party test, or running demonstrated anti hacking tests in their own right, public trust is not likely to be restored. Too much bad press, too many security folks saying they are hack able, and nothing but the word of a corporation to say otherwise.
That is what makes it interesting, the idea that the manufactures have lost public trust in their machines. While security experts had direct physical access to the systems in a way that would be hard to replicate in a voting booth, the idea of the trusted insider doing something evil is also not unfounded. Too many companies have had serious security issues because of trusted insiders, there is nothing that would make anyone think that a trusted insider in the election process might not do something evil.
The voting machine folks need to start gaining public and government trust, they need to demonstrate why the security folk’s findings are flawed in a point-by-point, item by item repeat of the testing, and why that testing is invalid, cannot happen, or returned a false result. More transparency is very much in order here to restore public trust; it is up to anyone making an e-voting machine to start that process. In the mean time, security folks will continue to work out methods and attacks that will make the machines return results that will influence the outcome of an election.