Sunday, October 24, 2004
Avi on e-voting
DDJ contributing editor Jack Woehr talks to Avi Rubin, the world's leading authority on electronic voting and software engineering.
You need (free) registration to read the article.
Here are some key extracts
DDJ: As someone who has been an election judge for various cities and counties since the 1980s, it seems to me that you don't have to have much insecurity to have a potential for cheating, not only in electronic voting, but in any kind of voting system.
AR: The fundamental problem with electronic voting systems is that the machine does whatever it was programmed to do. If the machine was programmed to count the votes that people put in, and there are no bugs in the program (which is very unlikely for a very large system) then it just might do that. But if I were building the machine, I could make it so that anyone I wanted to win would win. I could do it in such a way that there is no way anyone would know that I did it. You could do it in a way that it would just make it somewhat more likely that the candidate you wanted to win would win.
DDJ: We've had several elections here in Colorado with electronic voting machines and the results seem quite plausible.
AR: That's one comment I hear that irks me: "They seem to working well." If you are concerned about functionality, sure, but if you're concerned about security... If the threat model is that some attacker is taking some small percentage of the vote and shifting the result, you cannot observe them and say that they are working well. You just don't know.
Apparently the interview is reprinted from the 2004 IEEE Symposium on Security and Privacy.