http://www.zipflog.com/ZipFlog/86

As much as people want to mistrust machines, I would be even more mistrustful of fake voters and fraudulent voter registration that now appears to be standard operating procedure in many states.

That said, if you look at how close more elections have become on all levels - national to local - you see how closely divided the country and the electorate has been moving. The Bush elections were a clear example; regardless of whether you voted for or against him, the fact that most people agree or disagree with his policies 45% vs. 55% of the time reflects the way most elections have ended. Right down to our local politicians, most people will agree that they seem to only vote 55% of the way you would vote on issues.

With the advances in technology, I envision a day when you'll be notified when needed about the issues you personally care about. In an instant, you would vote yea or nay on each issue, all without the necessity to pray your elected official votes the way you want: Get home from work, log in to your issues and vote, and then sit down for dinner!

With such a prospect looming in the near future, do you think that it's in your politician's best interests to improve and embrace electronic voting?

There may be something I am missing here, but running checksums against the OS image before tabulation begins might offer a means to determine a machine has been compromised before it has been plugged into the central tabulation network. Its a matter of auditing the integrity of the kernel and determining if the kernel image is different than a central image. A process like this would be offloaded to another machine that is the security gate between an unknown machine and the vote tabulation network and the security machine would check the machine language of the OS on the voting machine before clearing it through to the tabulation network. Any machines with compromised kernels would be disqualified. Of course, this does not assure that the votes tabulated on a single machine would count in the election, but if this is a question of bad apples, its possible to sort the bad from the good before introducing the bad apple into the bushel. Widespread tampering would compromise the election anyway, but at least the general electronic voting network would be more secure. The trick here is to allow the auditing machine to image the entire kernel and to disable the OS on the target machine during the scan so that the infection is not transferred to the scanner. Its certainly not a simple peer-to-peer or LAN arrangement so would require significant expertise in the tabulation center to implement, but it would help to assure the election commission and to firewall potential treats from the central network. Plugging in an untested machine into a secure network is an exceptionally bad idea in the first place and even a second year CS major would know better.

The problem with scanning the kernel of a voting machine after it has been used is that there is no guarantee that the kernel you are scanning is the same as the one used whilst voting is taking place.
Someone with physical access to the machine could simply load whatever that wanted into memory irrespective of what is stored on any internal media.
The machines really want to be very purpose built. Executing signed code in place from ROM, probably with a system of integrity checks between each vote. Also restricting as much physical access as possible is always good.

Noel, I was looking at it from the viral point of view and the effect it could have on the vote tabulation system as argued by the article. Your argument is sound as there is no guarantee that what happens in the voting stations is secure and that the votes tabulated are actual votes. That is a whole different kettle of fish and another argument against pure electronic voting. The part that makes me most suspicious is the intentional lack of paper trail whether it be a periodic system report to chits printed for the individual voter. Purpose built architecture must be implemented in order to make it a secure and constitutional substitution for ballot voting. So far the electronic voting model has left me entirely underwhelmed.

I've always wondered why the US seems so infatuated with mechanical and electronic voting machines. Mechanical ones obviously have problems (ie: 2000 presidential election) and the new electronic ones are not at all transparent to the common voter - who may well not have any faith in them.

Really, what is wrong with a paper ballot? We use them in Australia, so do a lot of other countries. They work, they are always there to be verified and ordinary fold believe their vote will really be counted.

I know it takes a lot of labour to count but it's only once every 4 years, and it's critical to your democracy flourishing that everyone has confidence in the elections.

Anyone in the US got an opinion?

Great article. Thanks for the information.