USACM Concerns in Evoting Press Release

Download PDF

 

acm

Association for Computing Machinery

Advancing Computing as a Science & Profession

Contact: Cameron Wilson

(202) 659-9711 begin_of_the_skype_highlighting              (202) 659-9711      end_of_the_skype_highlighting

cameron.wilson@acm.org

SECURITY EXPERTS SEE GAPS IN TESTING, CERTIFYING OF E-VOTING

SYSTEMS

 

Wagner And USACM Propose Recommendations to Assure Reliable Elections

Washington, DC, July 19, 2006 – David Wagner, a well-known researcher in information

security and electronic voting, testified today that the federal qualification process for voting

machines is not working. At a Congressional hearing reviewing new federal voluntary standards

for voting equipment, Wagner, an associate professor of Computer Science at the University of

California, Berkeley, said that paperless voting machines are the systems most vulnerable to

security problems. The joint hearing was held by the U.S. House of Representatives Committee

on House Administration and the Committee on Science.

 

“We’ve seen security defects that allow a single person with insider access and some technical

knowledge could switch votes, perhaps undetected, and potentially swing an election,” he said.

“These problems should be weeded out by the independent testing process, but it is clear that this

system isn’t working.” He proposed several recommendations to make existing voting systems

as secure and reliable as possible for the upcoming election cycle.

 

The hearing examined whether the voluntary federal standards for voting equipment, issued in

2005, are likely to improve the accuracy and security of voting, and to see if states are likely to

adopt the standards. The hearing followed a recent report from the Government Accountability

Office that found widespread inconsistency in the use of federal technology standards.

“We have grave reservations about the safeguards in place with many of the computerized voting

technologies being used,” said Eugene Spafford, Chair of ACM’s Committee on Public Policy

(USACM). “New federal standards and a certification process hold promise for addressing some

of these problems, but more must be done to ensure the integrity of our elections in the face of

software and hardware errors as well as the possibility of undetectable tampering,” he said.

Spafford, who directs the Center for Education and Research in Information Assurance and

Security (CERIAS) at Purdue University, released a letter to Congress urging further actions to

ensure that voting is accurate, secure and error-free. They include:

 

A formal feedback process for translating lessons learned into best practices

A more transparent testing process with results available to the public

Clear usability and security standards to minimize variances in designs

A mechanism for interim updates to reflect emerging threats

Voter verified paper trails to mitigate risks from software and hardware flaws

 

The full text of the letter is at

 

http://www.acm.org/usacm/Letters/USACM_Evoting_Comments.pdf

Wagner is a member of the California Secretary of State’s Voting Systems Technology

Assessment Advisory Board. He was also a member of the ACM Committee on Guidelines for

Implementation of Voter Registration Databases. The committee issued recommendations in

February 2006 to ensure that electronic records of information submitted by citizens registering

to vote are accurate, private, and secure. http://www.acm.org/usacm/VRD/

 

ABOUT ACM

ACM, the Association for Computing Machinery http://www.acm.org, is an educational and scientific society

uniting the world’s computing educators, researchers and professionals to inspire dialogue, share resources and

address the field’s challenges. ACM strengthens the profession’s collective voice through strong leadership,

promotion of the highest standards, and recognition of technical excellence. ACM supports the professional growth

of its members by providing opportunities for life-long learning, career development, and professional networking.

# # #

Related Articles